Overhaul permissions

Get rid of Permissible - too complex and inefficient. Replace with:
- a “Locked” trait which works similarly but only evaluates logic on
hydrated models.
- a “VisibleScope” trait which also works similarly but only scopes
queries

This is all we need, Permissible is overkill. There is only one
instance where we have to duplicate some logic
(Discussion::scopeVisiblePosts and Post::allow(‘view’, …)) but it’s
barely anything.

Haven’t decoupled for now, we can definitely look at doing that later.

Permissions table seeder slightly updated.

Also did a bit of a query audit, there’s still a lot to be done but
it’s much better than it was. Some relatively low-hanging fruit
detailed in EloquentPostRepository.

src/Core/Models/User.php

@@ -1,7 +1,6 @@
 <?php namespace Flarum\Core\Models;
 
 use Illuminate\Contracts\Hashing\Hasher;
-use Tobscure\Permissible\Permissible;
 use Flarum\Core\Formatter\FormatterManager;
 use Flarum\Core\Exceptions\InvalidConfirmationTokenException;
 use Flarum\Core\Events\UserWasDeleted;
@@ -14,10 +13,13 @@ use Flarum\Core\Events\UserAvatarWasChanged;
 use Flarum\Core\Events\UserWasActivated;
 use Flarum\Core\Events\UserEmailWasConfirmed;
 use Flarum\Core\Events\UserEmailChangeWasRequested;
+use Flarum\Core\Support\Locked;
+use Flarum\Core\Support\VisibleScope;
 
 class User extends Model
 {
-    use Permissible;
+    use Locked;
+    use VisibleScope;
 
     /**
      * The text formatter instance.