latest script should also re-check permissions

[haarg]

When permissions are updated, we don't automatically reflect that in the authorized flag on existing releases. If a user makes a release that isn't authorized, then acquires permissions, then re-indexed on PAUSE, we don't notice that they are authorized. This is the most common case for authorized flags needing to be updated. Since this will normally coincide with the release appearing in 02packages, we could re-check the permissions on releases when the latest script goes to upgrade release to 'latest' status.

[mickeyn]

We have a permission type indexed (the cron runs every 10 minutes) that we can check against.

Was quickly playing with it - here's a draft for a permission check of a package we may be able to use -

           # check authorized from the permission index                                                  
            my $permissions = $self->es->search(
                index  => 'cpan',
                type   => 'permission',
                body   => { query => { term => { "module_name" => $module->package } } },
                fields => [qw< owner co_maintainers >],
            );
            my $authorized =  grep { $_ eq $dist->cpanid }
                map { @$_ } values %{ $permissions->{hits}{hits}[0]{fields} };