refactor: implement module-driven permissions and relocate business logic

File Relocations:
- Delete app/config/ folder (empty after menu_registry removal)
- Move feature_gate.py → app/modules/billing/dependencies/
- Move theme_presets.py → app/modules/cms/services/

Module-Driven Permissions System:
- Add PermissionDefinition dataclass to app/modules/base.py
- Create PermissionDiscoveryService in tenancy module
- Update module definitions to declare their own permissions:
  - core: dashboard.view, settings.*
  - catalog: products.*
  - orders: orders.*
  - inventory: stock.*
  - customers: customers.*
  - tenancy: team.*
- Update app/core/permissions.py to use discovery service
- Role presets (owner, manager, staff, etc.) now use module permissions

This follows the same pattern as module-driven menus:
- Each module defines its permissions in definition.py
- PermissionDiscoveryService aggregates all permissions at runtime
- Tenancy module handles role-to-permission assignment

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

app/modules/catalog/definition.py

@@ -1,7 +1,12 @@
 # app/modules/catalog/definition.py
 """Catalog module definition."""
 
-from app.modules.base import MenuItemDefinition, MenuSectionDefinition, ModuleDefinition
+from app.modules.base import (
+    MenuItemDefinition,
+    MenuSectionDefinition,
+    ModuleDefinition,
+    PermissionDefinition,
+)
 from app.modules.enums import FrontendType
 
 module = ModuleDefinition(
@@ -11,7 +16,46 @@ module = ModuleDefinition(
     version="1.0.0",
     is_self_contained=True,
     requires=["inventory"],
-    # New module-driven menu definitions
+    # Module-driven permissions
+    permissions=[
+        PermissionDefinition(
+            id="products.view",
+            label_key="catalog.permissions.products_view",
+            description_key="catalog.permissions.products_view_desc",
+            category="products",
+        ),
+        PermissionDefinition(
+            id="products.create",
+            label_key="catalog.permissions.products_create",
+            description_key="catalog.permissions.products_create_desc",
+            category="products",
+        ),
+        PermissionDefinition(
+            id="products.edit",
+            label_key="catalog.permissions.products_edit",
+            description_key="catalog.permissions.products_edit_desc",
+            category="products",
+        ),
+        PermissionDefinition(
+            id="products.delete",
+            label_key="catalog.permissions.products_delete",
+            description_key="catalog.permissions.products_delete_desc",
+            category="products",
+        ),
+        PermissionDefinition(
+            id="products.import",
+            label_key="catalog.permissions.products_import",
+            description_key="catalog.permissions.products_import_desc",
+            category="products",
+        ),
+        PermissionDefinition(
+            id="products.export",
+            label_key="catalog.permissions.products_export",
+            description_key="catalog.permissions.products_export_desc",
+            category="products",
+        ),
+    ],
+    # Module-driven menu definitions
     menus={
         FrontendType.VENDOR: [
             MenuSectionDefinition(