feat: Implement module permissions system with database-driven access control

- Added `users_permissions` table for managing user permissions.
- Created `PermissionRepository` for handling permission logic.
- Refactored `controls\Users::permissions()` to utilize the new database structure.
- Introduced AJAX endpoint for saving user permissions.
- Enhanced user management UI with permission checkboxes.
- Added vacation management template for handling employee absences.
- Implemented tests for `PermissionRepository`.

tests/Domain/Users/PermissionRepositoryTest.php

@@ -0,0 +1,32 @@
+<?php
+
+require_once __DIR__ . '/../../../autoload/Domain/Users/PermissionRepository.php';
+
+use Domain\Users\PermissionRepository;
+
+function assert_perm( $expected, $actual, $message )
+{
+  if ( $expected !== $actual )
+    throw new Exception( $message . " (expected " . var_export( $expected, true ) . ", got " . var_export( $actual, true ) . ")" );
+}
+
+function run_permission_repository_tests()
+{
+  // Test MODULES constant
+  $modules = PermissionRepository::MODULES;
+  assert_perm( true, in_array( 'tasks', $modules ), 'MODULES should contain tasks' );
+  assert_perm( true, in_array( 'finances', $modules ), 'MODULES should contain finances' );
+  assert_perm( 6, count( $modules ), 'MODULES should have 6 entries' );
+  assert_perm( false, in_array( 'zaplecze', $modules ), 'MODULES should not contain zaplecze' );
+
+  // Test DEFAULTS constant
+  $defaults = PermissionRepository::DEFAULTS;
+  assert_perm( 1, $defaults['tasks'], 'tasks should default to 1' );
+  assert_perm( 0, $defaults['finances'], 'finances should default to 0' );
+  assert_perm( 0, $defaults['crm'], 'crm should default to 0' );
+
+  // Test defaults() returns full module array
+  $result = PermissionRepository::defaults();
+  assert_perm( 6, count( $result ), 'defaults() should return 6 modules' );
+  assert_perm( 1, $result['tasks'], 'defaults() tasks should be 1' );
+}