feat(authorization): rewrite core checks with legacy authorized_users model

Replace the hierarchical RBAC role lookups in user_has_permission /
user_has_global_permission with the pre-2020 authorization model:

  * superuser  -> always allowed
  * StaffOnly / Delete actions  -> require is_staff
  * SuperuserOnly  -> require is_superuser (already handled above)
  * View / Edit / Add / Import  -> climb the
        Product_Type <- Product <- Engagement <- Test <- Finding
    chain looking for membership in obj.authorized_users; staff users
    bypass for non-View actions.

Object-shape carriers (Risk_Acceptance, Endpoint, Cred_Mapping,
Product_Member, Group, etc.) delegate to their wrapped product /
product_type, except for self-deletion of one's own membership row,
which any user is allowed to do.

Configuration permissions (user.has_perm("dojo.X")) preserved as-is —
they're already a Django auth-perm pass-through that doesn't depend on
RBAC.

Public surface preserved:
  user_has_permission(user, obj, permission)
  user_has_global_permission(user, permission)
  user_has_configuration_permission(user, codename)
  user_*_or_403(...) wrappers
  user_is_superuser_or_global_owner(user)  -> now just is_superuser
  get_roles_for_permission / role_has_permission / role_has_global_permission
                                            -> empty / False stubs
  get_product_member / get_groups / etc.    -> None / empty stubs

The stubs let the 117 transitional call sites compile while Track B
step DefectDojo#13 simplifies them. Pro deployments that need real RBAC continue
to use pro.authorization.services, which Pro's apps.ready() shadows
into this module at startup.

Verified: superuser/anon/staff branches return correct values against
bare_bones fixture data.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: devGregA