Following discussion in grafana/grafana-enterprise#1292, removing
org-scoped users scopes to make it clear that the local organization is
the default and the alternative to that is a global scope (for a select
few endpoints)
* Access control: Combine permissions through predefined roles
When certain permission is required for built-in role, instead of adding those permissions to the existing predefined roles, we need to have granular predefined roles with those permissions.
* Better copy...
* Adding and fixing tests
* Remove duplicated permission
* Expose user permissions to the frontend
* Do not include empty scope
* Extend ContextSrv with hasPermission() method
* Add access control types
* Fix type error (make permissions optional)
* Fallback if access control disabled
* Move UserPermission to types
* Simplify hasPermission()
* Move db package WIP
* Implement OSS access control
* Register OSS access control
* Fix linter error in tests
* Fix linter error in evaluator
* Simplify OSS tests
* Optimize builtin roles
* Chore: add comments to the exported functions
* Remove init from ossaccesscontrol package (moved to ext)
* Add access control as a dependency for http server
* Modify middleware to receive fallback function
* Middleware: refactor fallback function call
* Move unused models to enterprise
* Simplify AccessControl type
* Chore: use bool IsDisabled() method instead of CanBeDisabled interface
