Enforce CREATE_APPLICATIONS, CREATE_CHANNELS, and CREATE_DMS rights

[devin-ai-integration]

Summary

Adds rights enforcement for three declared but previously unenforced instance-wide rights:

• CREATE_APPLICATIONS (BitFlag 10): Now enforced on POST /applications
• CREATE_CHANNELS (BitFlag 11): Now enforced on POST /guilds/:guild_id/channels (in addition to existing MANAGE_CHANNELS permission)
• CREATE_DMS (BitFlag 12): Now enforced on POST /users/@me/channels

These rights were declared in src/util/util/Rights.ts but never validated in their respective route handlers, creating security gaps where users could perform actions without the required instance-wide rights.

Review & Testing Checklist for Human

• Verify the rights CREATE_APPLICATIONS, CREATE_CHANNELS, and CREATE_DMS are properly defined in src/util/util/Rights.ts at bit positions 10, 11, and 12
• Confirm the route middleware in src/api/util/handlers/route.ts properly validates the right parameter
• Test that users without these rights receive appropriate MISSING_RIGHTS errors when attempting these actions
• Consider if default user rights include these flags - if not, this could be a breaking change for existing instances

Recommended test plan: Create a test user with limited rights (excluding these three), then attempt to create an application, guild channel, and DM channel. Verify each request fails with a rights error.

Notes

• Link to Devin run: https://app.devin.ai/sessions/22ae2ed9f2a94f96b394f1dff814e889
• Requested by: Erkin Alp Güney (@erkinalp)

[devin-ai-integration]

Original prompt from Erkin

# Enforce Application, DM, and Channel Creation Rights

## Background
The @erkinalp/anticensor codebase has a rights system defined in @anticensor/src/util/util/Rights.ts that declares 51 different rights flags. However, several critical rights are declared but never actually enforced in the code, creating security gaps where users can perform actions they shouldn't be allowed to. Specifically, the following rights exist but are not validated:

- `CREATE_APPLICATIONS: BitFlag(10)` - declared at line 48 of Rights.ts
- `CREATE_CHANNELS: BitFlag(11)` - declared at line 49 of Rights.ts  
- `CREATE_DMS: BitFlag(12)` - declared at line 50 of Rights.ts

## Task
Add rights enforcement for these three rights in their respective route handlers.

## Files to Modify

### 1. Application Creation - @spacebarchat-server/src/api/routes/applications/index.ts 

**Current code (starting at line 44):**
```typescript
router.post("/", route({
    requestBody: "ApplicationCreateSchema",
    responses: {
        200: {
            body: "Application",
        },
    },
}), async (req: Request, res: Response) => {

What to change:
Add a right: "CREATE_APPLICATIONS" parameter to the route configuration object. The route definition should look like:

router.post("/", route({
    right: "CREATE_APPLICATIONS",
    requestBody: "ApplicationCreateSchema",
    responses: {
        200: {
            body: "Application",
        },
    },
}), async (req: Request, res: Response) => {

This will automatically enforce the CREATE_APPLICATIONS right before allowing the application creation logic at line 58 to execute.

2. Guild Channel Creation - @anticensor/src/api/routes/guilds/#guild_id/channels.ts

Current code (starting at line 47):

router.post("/", route({
    requestBody: "ChannelModifySchema",
    permission: "MANAGE_CHANNELS",
    responses: {
        // ...
    },
}), async (req: Request, res: Response) => {

What to change:
Add a `rig... (2033 chars truncated...)

</details>

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring