refactor(auth): unify authorization patterns with MANAGE_OWN_PROFILE permission

Issue #2: The profile route used a custom role-based check instead
of the permission-based pattern used everywhere else.

Changes:
- Add MANAGE_OWN_PROFILE permission to backend Permission enum
- Add permission to ROLE_REGULAR role definition
- Update profile routes to use require_permission(MANAGE_OWN_PROFILE)
- Remove custom require_regular_user dependency
- Update frontend Permission constant and profile page
- Update invites page to use permission instead of role check
- Update profile tests with proper permission mocking

This ensures consistent authorization patterns across all routes.

frontend/app/profile/page.tsx

@@ -7,6 +7,7 @@ import { Header } from "../components/Header";
 import { useRequireAuth } from "../hooks/useRequireAuth";
 import { components } from "../generated/api";
 import constants from "../../../shared/constants.json";
+import { Permission } from "../auth-context";
 import {
   layoutStyles,
   cardStyles,
@@ -121,7 +122,7 @@ function toFormData(data: ProfileData): FormData {
 
 export default function ProfilePage() {
   const { user, isLoading, isAuthorized } = useRequireAuth({
-    requiredRole: constants.roles.REGULAR,
+    requiredPermission: Permission.MANAGE_OWN_PROFILE,
     fallbackRedirect: "/audit",
   });
   const [originalData, setOriginalData] = useState<FormData | null>(null);