bd3fe40ac7
- UserRole enum: Admin (full), Viewer (read-only), AppUser (minimal) - can_access() method checks RPC method against role permissions - Role field on User struct with serde default (backward-compatible) - Viewer: read system/federation/DWN/identity/backup/container status - AppUser: system.stats, node.did, container list, password change Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>