feat: Permissions dialog

[BackSlasher]

What does this PR do?

Fixes #3261

Happy for feedback/pushback, implemented the way I would I have liked it, but it doesn't mean it fits everyone.

First, fixed small bug in TUI, causing edit-cancel to exit the dialog

Created a "permissions" dialog that shows the permissions from:

1. session level ("allow always" in the dialog)
2. project level (in opencode.json)
3. global level (in ~/.config/opencode/opencode.json)
4. "default" (hardcoded, agent specific)

1-3 are editable (CRUD) in the dialog. 2-3 show confirmations prompts when writing. Changes are persisted to the relevant files. Small hint on how execute perms work with wildcards

Added debug command to show permissions for a quicker feedback loop.

How did you verify your code works?

Tested locally with the following:

$ cat ~/.config/opencode/opencode.json
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "read": {
      "*.password": "deny",
      "*.key": "deny",
      "credentials.json": "deny"
    },
    "bash": {
      "dnf *": "deny",
      "yum *": "deny",
      "apt *": "deny"
    },
    "webfetch": "deny",
    "external_directory": {
      "/var/*": "deny",
      "/etc/*": "deny",
      "/sys/*": "deny"
    }
  }
}

$ cat opencode.json 
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "read": {
      "*": "allow",
      "*.secret": "deny",
      ".env*": "ask",
      "node_modules/**": "allow"
    },
    "edit": {
      "*": "allow",
      "package.json": "ask",
      "*.lock": "deny"
    },
    "bash": {
      "ffeff*": "ask",
      "rm *": "deny"
    },
    "glob": "allow",
    "grep": "allow",
    "webfetch": "allow",
    "websearch": "ask",
    "codesearch": "allow",
    "todowrite": "allow",
    "todoread": "allow",
    "question": "allow",
    "external_directory": {
      "/tmp/*": "allow",
      "/home/*": "ask"
    }
  }
}

Screenshots from bun dev: When editing When editing a non-session permission, after pressing enter