feat(core): Add credential runtime checks and prevent tampering in manual run (#4481)

* ✨ Create `PermissionChecker`

* ⚡ Adjust helper

* 🔥 Remove superseded helpers

* ⚡ Use `PermissionChecker`

* 🧪 Add test for dynamic router switching

* ⚡ Simplify checks

* ⚡ Export utils

* ⚡ Add missing `init` method

* 🧪 Write tests for `PermissionChecker`

* 📘 Update types

* 🧪 Fix tests

* ✨ Set up `runManually()`

* ⚡ Refactor to reuse methods

* 🧪 Clear shared tables first

* 🔀 Adjust merge

* ⚡ Adjust imports

packages/cli/test/integration/shared/testDb.ts

@@ -322,6 +322,10 @@ export async function createUser(attributes: Partial<User> = {}): Promise<User>
 	return Db.collections.User.save(user);
 }
 
+export async function createOwner() {
+	return createUser({ globalRole: await getGlobalOwnerRole() });
+}
+
 export function createUserShell(globalRole: Role): Promise<User> {
 	if (globalRole.scope !== 'global') {
 		throw new Error(`Invalid role received: ${JSON.stringify(globalRole)}`);