feat(permissions): implement fine-grained permission control

[Lanfei]

Description / 描述

This PR introduces a comprehensive fine-grained permission control system, allowing administrators to configure path-level access control with user-specific read/write
permissions.

本 PR 引入了全面的细粒度权限控制系统，允许管理员配置路径级访问控制，支持基于用户的读写权限。

Key Changes / 主要变更

• Added user-level path permissions: Introduced read_users and write_users fields in Meta configuration, enabling administrators to specify which users can access specific
  paths.
  新增用户级路径权限：在 Meta 配置中引入 read_users 和 write_users 字段，使管理员能够指定哪些用户可以访问特定路径。
• Renamed permission for clarity: Changed the generic write permission to write_content to better reflect its purpose (create/upload/modify content).
  重命名权限以提高清晰度：将通用的 write 权限更改为 write_content，以更好地反映其用途（创建/上传/修改内容）。
• Refactored legacy write flag: Converted the Meta write field to write_content_bypass for backward compatibility with the historical behavior where paths could allow write
  operations without user permission checks.
  重构旧版写入标志：将 Meta 的 write 字段转换为 write_content_bypass，以向后兼容历史行为，即路径可以允许写入操作而无需用户权限检查。
• Updated UI components: Enhanced management interface with multi-select user picker for granular permission assignment, supporting recursive application to subdirectories.
  更新 UI 组件：增强管理界面，提供多选用户选择器进行细粒度权限分配，支持递归应用到子目录。
• Improved permission logic: Refactored permission checks across toolbar, context menu, and editor components to follow consistent pattern: (userCan(permission) || bypass) &&
  pathAllowed.
  改进权限逻辑：重构工具栏、右键菜单和编辑器组件中的权限检查，遵循一致的模式：(userCan(permission) || bypass) && pathAllowed。
• Code quality improvements: Replaced manual permission index lookups with cleaner userCan() helper function throughout the codebase.
  代码质量改进：在整个代码库中用更简洁的 userCan() 辅助函数替换手动权限索引查找。

Motivation and Context / 背景

The existing permission system only provided coarse-grained control at the user role level, making it difficult to implement scenarios where different users need different
access levels to the same directory, or administrators want to restrict certain paths to specific users only.

现有的权限系统仅提供用户角色级别的粗粒度控制，难以实现不同用户需要对同一目录具有不同访问级别，或管理员希望将某些路径限制为仅特定用户可访问的场景。

Relates to OpenListTeam/OpenList#2145

How Has This Been Tested? / 测试

Manual Testing / 手动测试:

• Verified that operations require both path-level and user-level permissions
  验证操作需要路径级和用户级权限
• Tested multi-select user picker in Meta management interface
  测试 Meta 管理界面中的多选用户选择器
• Confirmed toolbar buttons and context menu items are shown/hidden based on permissions
  确认工具栏按钮和右键菜单项根据权限显示/隐藏
• Verified recursive application to subdirectories
  验证递归应用到子目录

Test Scenarios / 测试场景:

• User with write_content permission + write: true → ✓ Can upload
  有 write_content 权限 + write: true → ✓ 可以上传
• User without write_content permission + write: true → ✗ Cannot upload
  无 write_content 权限 + write: true → ✗ 无法上传
• User without permission + bypass: true + write: true → ✓ Can upload (legacy behavior)
  无权限 + bypass: true + write: true → ✓ 可以上传（旧版行为）

Checklist / 检查清单

• I have read the https://github.com/OpenListTeam/OpenList/blob/main/CONTRIBUTING.md document.
  我已阅读 https://github.com/OpenListTeam/OpenList/blob/main/CONTRIBUTING.md 文档。
• I have formatted my code with go fmt or https://prettier.io/.
  我已使用 go fmt 或 https://prettier.io/ 格式化提交的代码。
• I have added appropriate labels to this PR (or mentioned needed labels in the description if lacking permissions).
  我已为此 PR 添加了适当的标签（如无权限或需要的标签不存在，请在描述中说明，管理员将后续处理）。
  Suggested labels / 建议标签: enhancement, frontend, permissions
• I have requested review from relevant code authors using the "Request review" feature when applicable.
  我已在适当情况下使用"Request review"功能请求相关代码作者进行审查。
• I have updated the repository accordingly (If it's needed).
  我已相应更新了相关仓库（若适用）。
  • https://github.com/OpenListTeam/OpenList - feat(permissions): implement fine-grained permission control OpenList#2145
  • https://github.com/OpenListTeam/OpenList-Docs - docs(meta): implement fine-grained permission control OpenList-Docs#310