Users should have a primary role and custom permissions

[Alanaktion]

Instead of the current rank+role system, we should allow custom permissions and check for the permission existing on the current user instead of checking if their rank is high enough to perform an action. This would replace the Controller's _requireLogin() and _requireAdmin() functionality with something like _requirePermission(). This would involve the creation of a new user_permission table. This table would link extra permissions to a user by ID. The user's permissions should be loaded and stored in a F3 global with something like user_perms so they can be used easily at any point in the application flow.