This commit splits roles into two, user roles and list roles, both of which
are attached separately to a user.
List roles are collection of lists each with read|write permissions, while
user roles now have all permissions except for per-list ones.
This allows for easier management of roles, eliminating the need to clone and
create new roles just to adjust specific list permissions.
- Filter lists by permitted list IDs in DB get calls.
- Split getLists() handlers into two (one, all) for clarity.
- Introduce new `subscribers:get_by_list` permission.
- Tweak UI rendering to work with new per-list permssions.
