Grant roles / permissions to users

[csharpfritz]

We should define some initial roles for SharpSite and allow administrators to assign those to users:

• [ ] System Admin
• [ ] Editor
• [ ] Writer

A system admin can do anything on the application

An editor cannot change application configuration, but can read / write any and all content

A writer can only read / write posts

[yudjinn]

A common approach to this can be done by making a Role a collection of CRUD operations. For example:

• System Admin - User CRUD
• Editor, Writer - User RUD self, R other
• None - User C

Then gates for getOtherUser(id) can check that the asking session's user has "R" perm for other users (likely through middleware or something)