Add REST endpoints for Activity (create/edit/delete)

[brylie]

Activities are linked to Circles. Members of a given Circle should be able to create new activities. The Circle Coordinator(s) should be able to delete activities.

Permissions matrix

Role	Create	Read	Update	Delete
Anonymous	x	x	x	x
Registered	x	x	x	x
Circle Member	yes	yes	yes	x
Circle Coordinator	yes	yes	yes	yes

## Design goals
- [ ] `Circle` member(s) can create a `Circle` `Activity` via a POST request
- [ ] `Circle` member(s) can update a `Circle` `Activity` via a PUT request
- [ ] `Circle` coordinator(s) can delete a `Circle` `Activity` via a DELETE request
- [ ] All above endpoints raise `403 Forbidden` for unauthorized users
- [ ] `Circle` members and coordinators can view a `Circle` `Activity` via a `GET` request

[ErnstBas]

Hello @brylie, I would like to work on this, could please assign it to me?