[WiP] feature: restrict access to sites by user roles

[robinboening]

This introduces role-based access control for Alchemy::Site objects. Sites can now define an accessible_by whitelist in config/alchemy/site_layouts.yml, limiting which user roles may access and edit content for each site.

If accessible_by is not set, all roles retain access (backward compatible).

Access checks integrate with CanCanCan and restrict site selection and page/content management accordingly.

Checklist

• [ x] I have followed Pull Request guidelines
• [x ] I have added a detailed description into each commit message
• I have added tests to cover this change

P.S. this PR covers a very simple and first version of this feature. It's currently missing tests. Issue #3421 is the starting point of the discussion on this.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 97.14%. Comparing base (7711d16) to head (4954524).
⚠️ Report is 142 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #3425   +/-   ##
=======================================
  Coverage   97.13%   97.14%           
=======================================
  Files         279      279           
  Lines        7369     7387   +18     
=======================================
+ Hits         7158     7176   +18     
  Misses        211      211           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

This pull request has not seen any activiy in a long time.
Probably because of missing tests or a necessary rebase.
This PR will be closed in 7 days if no further activity happens.