Fix hard-coded values in permission checks in user.rb

[halfghaninne]

Currently, a User has many Abilities through Permissions. Each Ability has a description. To check if a User has a given Ability, you can call the related method (ex: some_user.has_view_permission) and a method return_abilities_array is run. If that array includes a specific string associated with the ability, the method returns true. If not, it returns false.

It feels a bit sloppy to be comparing strings against strings, or at least potentially prone to error. Maybe something else -- enums? -- would be better.

I would love to have feedback on this approach and a suggestion for how to pivot, if needed.

[sumeetjain]

Enums make sense to me. It doesn't feel like Abilities need to be manageable from any interface outside the codebase itself (since adding an ability via Administrate won't accomplish anything, as no Permissions will relate to it).

Removing the Ability model entirely and just making an enum in Permission might be the way to go.

[halfghaninne]

Notes to self:

• [x] add enums to Permissions
  • [x] in model
  • [x] db migration
• [x] write migration to update previous Permission records
• [x] remove Ability model, controller, table, all associated files; remove association in Permissions model/table
• [x] revise methods that perform permission checks accordingly (right now, I'm thinking these are all in the User model, but they may be scattered in the application)