Multi-inheritance RBAC (backend)

[mike12345567]

Description

As required for the new RBAC experience roles need a way to reference multiple other roles, meaning that more complex flows of roles can be created.

The main difference within this is the inherits type of a role can be string | string[] - the string format will apply to old roles and built-ins, while the array will be used for new roles to reference a set of roles below them.

With this, there is a high chance of role loops (this was possible previously as you could set two roles to inherit each other, however this would be un-unusable since it doesn't reference any built in (so essentially two public roles). The API has been updated to protect against loops, as well as providing a function in shared-core that can check for loops given a list of roles.

A general pass around prefixing has been performed, making sure that roles always take their external format when returned from the API as well as storing the roles with their complete prefixed format in the DB.

Finally, a few new test cases have been added:

1. Checks for the accessible endpoint which lists the roles a user has access to, making sure this works with multi-inheritance.
2. Checks for screen access, making sure that only the screens a user can access based on their routing.roleId are returned.
3. Checks for role loops in the role save API, i've also updated this test case to Typescript.
4. Checks for resource permissions, confirming that resources can be accessed based on role multi-inheritance.

[qa-wolf]

QA Wolf here! As you write new code it's important that your test coverage is keeping up.
Click here to request test coverage for this PR!