🐛(backend) fix wrong permission check on sub page duplicate action [DO NOT MERGE]

[lunika]

Purpose

A user with only read access to a document and its sub documents should not be able to duplicate a sub document in the document tree. To avoid this we have to compute the direct parent abilities to determine if it can create a new children. Doing so computes the abilities in cascade from the document to the root tree. To save some queries and not compute again and again the same ability, we create a abilities cache. The hard part is to invalidate this cache. The cache is invalidated if a related DocumentAccess instance is updated or deleted and also if the document link_reach or link_role is updated. To introspect the modification made on the model itself when the user saves it, we decided to use the library django-dirtyfields

Proposal

• [x] 🐛(backend) fix wrong permission checj on sub page duplicate action

Fixes #1329

[sampaccoud]

The philosophy behind the duplicate feature is: "if you can see it you can duplicate it". This is to avoid tricky copies which were raising bugs (media access, etc) and removing the possibility to link copies. So I don't think this is a bug and i think we should not merge this PR.

More generally on the implementation, heritage is more complex than looking at the parent and caching get_abilities is more complicated than proposed here. I think it would trigger tricky bugs, and complicate group sharing. Also, the heavy lifting is done in the queryset and the get_abilities method is not where the time is spent so I think we should cache higher in the view if one day we do. But that's far from necessary with our current traffic so let's keep it live until we face a problem ?