Implement REST API: Get User Permissions Endpoint

[hassandotcms]

Description

Implement a REST endpoint to retrieve permissions for a user's individual role, grouped by assets (hosts/folders).

(This endpoint replaces the legacy DWR/AJAX functionality used in the DotAdmin Users > Permissions tab)

Acceptance Criteria

• GET /api/v1/users/{userId}/permissions endpoint accepts userId or email
  • Returns user's individual role permissions (not organizational roles)
  • Groups permissions by assets (hosts and folders)
  • For each asset, returns:
    • Asset metadata (id, name, type, path)
    • Available permission scopes based on asset type
    • Current permission settings by scope
    • Permission inheritance status
  • Only admins or the user themselves can access
  • Returns 403 if unauthorized, 404 if user not found
  • Response includes both hosts and folders where user has permissions
  • Follows existing ResponseEntityView wrapper pattern

Priority

None

Additional Context

No response