Allow read-only `node_modules` folder with more sophisticated type check

[cdauth]

I'm hardening the Docker image of my Node.js app by making the whole app owned by root but run it as another user so that it cannot modify itself. To make the cache work, only the node_modules/.cache/myapp folder is owned by the app user.

Currently, with the changes introduced by #10, find-cache-dir returns null if node_modules is not writable.

Here is how I think the permission check should work instead if node_modules is found:

• If node_modules/.cache/${name} exists: If it is writeable, return node_modules/.cache/${name}, otherwise return null
• Otherwise, if node_modules/.cache exists: If it is writeable, return node_modules/.cache/${name}, otherwise return null
• Otherwise: If node_modules is writeable, return node_modules/.cache/${name}, otherwise return null

As a workaround for now, I can specify the cache dir using the CACHE_DIR environment variable.

[sindresorhus]

This is an extreme edge-case, but a good pull request with tests would be accepted.