Function require_permission 

pub fn require_permission<S>(
    permission: impl Into<String>,
) -> impl Fn(State<S>, Request<Body>, Next) -> Pin<Box<dyn Future<Output = Response> + Send>> + Clone + Send + 'static
where
    Arc<dyn AuthClient>: FromRef<S>,
    S: Send + Sync + Clone + 'static,

Middleware factory that requires the authenticated user to have a specific permission.

Works identically to require_role but checks permissions instead of roles. Permissions are checked via both direct assignment and role membership.

Returns 401 if not authenticated, 403 if authenticated but missing the permission.