feat(permissions) : add role-based UI guards and readonly mode for viewers

- Add usePermissions composable (isAdmin, canEdit, canView)
- Password-protected profile login with modal on profiles page
- Disable all form fields for ROLE_VIEWER across edit/create pages
- Show navigation buttons (Modifier/Consulter) for all roles, hide delete for viewers
- Add readonly prop to ModelTypeForm for category pages
- Disable modal fields (sites, constructeurs) for viewers
- Guard /admin routes in middleware

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

app/pages/product-catalog.vue

@@ -153,6 +153,7 @@
                     Modifier
                   </NuxtLink>
                   <button
+                    v-if="canEdit"
                     type="button"
                     class="btn btn-ghost btn-xs text-error"
                     @click="confirmDelete(row.product)"
@@ -179,6 +180,8 @@ import { useUrlState } from '~/composables/useUrlState'
 import DocumentThumbnail from '~/components/DocumentThumbnail.vue'
 import { isImageDocument, isPdfDocument } from '~/utils/documentPreview'
 
+const { canEdit } = usePermissions()
+
 useHead(() => ({
   title: 'Catalogue des produits',
 }))