Record mutations (create, update, delete) no longer require admin role.
Authorization rules:
- admin: full access (unchanged)
- system mcp-agent: create/delete any record
- system account α: create/delete records named α only
- human users: read-only (unchanged)
Zone mutations remain admin-only. Both REST and gRPC paths enforce the
same rules. Update checks authorization against both old and new names.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Cover all REST handlers with httptest-based tests using real SQLite:
zones (list, get, create, update, delete), records (list, get, create,
update, delete with validation/conflict cases), requireAdmin middleware
(admin, non-admin, missing context), and utility functions (writeJSON,
writeError, extractBearerToken, tokenInfoFromContext).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
