Tighten up some policy interactions in Herald

Summary:
Ref T603. Herald is a bit of a policy minefield right now, although I think pretty much everything has straightforward solutions. This change:

  - Introduces "create" and "create global" permisions for Herald.
    - Maybe "create" is sort of redundant since there's no reason to have access to the application if not creating rules, but I think this won't be the case for most applications, so having an explicit "create" permission is more consistent.
  - Add some application policy helper functions.
  - Improve rendering a bit -- I think we probably need to build some `PolicyType` class, similar to `PHIDType`, to really get this right.
  - Don't let users who can't use application X create Herald rules for application X.
  - Remove Maniphest/Pholio rules when those applications are not installed.

Test Plan:
  - Restricted access to Maniphest and uninstalled Pholio.
  - Verified Pholio rules no longer appear for anyone.
  - Verified Maniphest ruls no longer appear for restricted users.
  - Verified users without CREATE_GLOBAL can not create global ruls.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7219

src/applications/base/controller/PhabricatorController.php

@@ -350,4 +350,23 @@ abstract class PhabricatorController extends AphrontController {
     return $view;
   }
 
+  protected function hasApplicationCapability($capability) {
+    return PhabricatorPolicyFilter::hasCapability(
+      $this->getRequest()->getUser(),
+      $this->getCurrentApplication(),
+      $capability);
+  }
+
+  protected function requireApplicationCapability($capability) {
+    PhabricatorPolicyFilter::requireCapability(
+      $this->getRequest()->getUser(),
+      $this->getCurrentApplication(),
+      $capability);
+  }
+
+  protected function explainApplicationCapability($capability, $message) {
+    // TODO: Render a link to get more information.
+    return $message;
+  }
+
 }