[DOCS] Add JSDoc to permission types and RBAC interfaces

[itigges22]

Description

Current State

The permission system is MovaLab's most critical subsystem (~40 permissions, context-aware checks, caching). The types exist in lib/permissions.ts and lib/rbac-types.ts but lack JSDoc comments, making it hard for new contributors to understand the permission model.

Files to document

• lib/permissions.ts - The ~40 permission enum values
• lib/rbac-types.ts - PermissionContext, UserWithRoles, etc.
• lib/permission-checker.ts - Core permission evaluation functions

Desired Outcome

/**
 * Permission to view projects the user is assigned to.
 * Context-aware: Requires user to be in project_assignments table.
 * Override: VIEW_ALL_PROJECTS bypasses assignment check.
 */
VIEW_PROJECTS = 'view_projects',

/**
 * Context for permission evaluation. When checking project permissions,
 * include projectId to verify user assignment.
 *
 * @example
 * hasPermission(user, Permission.EDIT_PROJECT, { projectId: 'uuid' })
 */
export interface PermissionContext {
  projectId?: string;
  accountId?: string;
  departmentId?: string;
}

How to get started

1. Read CLAUDE.md section "Permission System Deep Dive" to understand the model
2. Start with lib/permissions.ts - document each permission enum
3. Document which permissions have "ALL" overrides
4. Add @example tags showing proper usage

Acceptance Criteria

• All permissions in lib/permissions.ts have JSDoc comments
• All interfaces in lib/rbac-types.ts have JSDoc comments
• Public functions in lib/permission-checker.ts have JSDoc with @example