proposal: an improved permissions system

[harry-xi]

Why

The current permissions system can provide enough functionality to check and monitor the permissions of objects, but no one can know what permissions exist and what they are used for. So it is nearly impossible for anyone to manage permissions by hand, or to write a plugin to manage all permissions. So I think we can make some improvements.

How

Provide a mechanism to register permissions and record all permissions in this way.
For a better user experience and to reduce the magnitude of API changes (if they are really needed) I would suggest providing the following two permission registration methods

1. direct registration: add permissions directly to the registry, where it is supported to provide information such as a description of the permission.
2. registration in the method that gets the permission instance

Perm perm = Perm.of("aaa.bbb.ccc");

Use this as both a way to register and get an instance of the permission; if it exists, get the instance, and if it doesn't, register the permission
(in fact it can be used as an overload of the existing addPermission)

Some additions: This second route is primarily intended for permissions that are added or assigned when the server is initialized, and should not be used for runtime permission changes.