dev/core#2404 - Afform - Resolve ambiguity of omitted permissions

[totten]

Overview

This addresses some ambiguities/confusion in permission for Afform. The basic question -- if permission is omitted (in various ways -- unset, null, empty-string), then what is the effective permission?

https://lab.civicrm.org/dev/core/-/issues/2404

Before

1. If *.aff.json does not specify a permission -- or specifies a null permission -- then it uses a default (access CiviCRM).
2. If *.aff.json specifies permission as an empty-string, then the runtime generates errors.
3. When editing a form in the GUI, the "Permission" field provides an "x". Clicking "x" produces the text "Open access" and sets permission to an empty-string.
   
   

After

1. If *.aff.json does not specify a permission -- or specifies a null permission or empty-string permission -- then it uses a default (access CiviCRM).
2. When editing a form in the GUI, the "Permission" field cannot be removed. You must have some value.

Comments

There are a few differing ways one might go at this:

1. Apply a consistent default of access CiviCRM
2. Apply a consistent default of *always allow*
3. Apply inconsistent defaults (where null and empty-string produce different behaviors).

IMHO, option 1 is less bad than the others:

• Option 1 effectively takes a small number of forms that never worked as labeled -and gives valid but tighter permissions than expected.
• Option 2 effectively takes a small number of working forms that were semi-private -- and changes them to fully public.
• Option 3 will be more confusing over the long-term.

[civibot]

(Standard links)

• If this is your first pull-request for CiviCRM, please browse CONTRIBUTING.md for information about the development and testing processes.
• If you are reviewing this pull-request, you may wish to consult the test sites and the Review Standards (long template, short template).

[seamuslee001]

I tested this locally and confirmed that it works merging