[FEAT] Investigate alternative authorization model

[anderseknert]

While the policy model provided by the Backstage permissions framework works great, it would also be interesting to explore models where OPA has more say in the decisions being made. More specifically, I'd like to see an implementation where OPA doesn't merely pass conditional queries back to the plugins, but overrides the decision-making entirely, and side-steps the plugin's ownership of permissions in favor of the decoupled, externalized model that's more commonly seen in OPA integrations. Both approaches have their pros and cons, of course, and we'll want to document how these differ as part of this.

We got some helpful suggestions on how to accomplish this in the Backstage Discord (thanks @vinzscam!), like overriding the PermissionEvaluator interface with our own client implementation, so let's start there.