docs: Describe changing default OPA permissions

[pktiuk]

Followup to discussion from: #6224

This issue is linked with: #3788 which introduced IAM, but not docummented some aspets.

Motivation and context

This is my small attempt to fill part of docs which describes how to change default permissions.

It would be great if @nmanovic would also fill part describing default groups.

How has this been tested?

Checklist

• I submit my changes into the develop branch
• I have added a description of my changes into the CHANGELOG file
• I have updated the documentation accordingly
• I have added tests to cover my changes
• I have linked related issues (see GitHub docs)
• I have increased versions of npm packages if it is necessary
  (cvat-canvas,
  cvat-core,
  cvat-data and
  cvat-ui)

License

• I submit my code changes under the same MIT License that covers the project.
  Feel free to contact the maintainers if that's a concern.

[pktiuk]

IDK why this CI check failed

Edit: I found this report

[nmanovic]

@pktiuk , thank you for the contribution.

[matt-pathr]

I have a server running cvat (version 2.4.1) for other annotators and need to audit access. Is there clarification on what the different roles are able to do? i found this page https://opencv.github.io/cvat/docs/administration/advanced/iam_system_roles/, but it says "By default CVAT users can be assigned to one of the following groups: admin, business, user and worker. Each of these groups gives a set of permissions. TBD" Can we get some clarification on the abilities/permissions of each group?