refactor: restructure permission handling and enhance Guard functionality

- Introduced a new `createGuard` function to streamline the creation of Guard instances with permissions and roles.
- Updated tests in `authorize.spec.ts` to reflect changes in permission checks, ensuring they now return undefined for denied permissions.
- Added new `Permission` and `Policy` classes to improve type safety and flexibility in permission management.
- Refactored middleware and controller files to utilize the updated permission structure, including context handling for permissions.
- Created a new `SystemController.spec.ts` file to test the integration of the new permission system within the SystemController.
- Removed legacy permission handling from core security files, consolidating permission logic within the new structure.

app/src/core/utils/runtime.ts

@@ -61,3 +61,12 @@ export function invariant(condition: boolean | any, message: string) {
       throw new Error(message);
    }
 }
+
+export function threw(fn: () => any) {
+   try {
+      fn();
+      return false;
+   } catch (e) {
+      return true;
+   }
+}

app/src/core/utils/schema/index.ts

@@ -1,3 +1,5 @@
+import { Exception } from "core/errors";
+import { HttpStatus } from "bknd/utils";
 import * as s from "jsonv-ts";
 
 export { validator as jsc, type Options } from "jsonv-ts/hono";
@@ -58,8 +60,9 @@ export const stringIdentifier = s.string({
    maxLength: 150,
 });
 
-export class InvalidSchemaError extends Error {
+export class InvalidSchemaError extends Exception {
    override name = "InvalidSchemaError";
+   override code = HttpStatus.UNPROCESSABLE_ENTITY;
 
    constructor(
       public schema: s.Schema,