Enforce MANAGE_APPLICATIONS right on application management routes

[devin-ai-integration]

Summary

Adds enforcement of the MANAGE_APPLICATIONS instance-wide right (BitFlag 1) to application management routes. This right was declared in src/util/util/Rights.ts but never validated in the route handlers.

Routes updated:

• PATCH /applications/:application_id - modify application
• POST /applications/:application_id/delete - delete application
• POST /applications/:application_id/bot - create bot user
• POST /applications/:application_id/bot/reset - reset bot token
• PATCH /applications/:application_id/bot - modify bot

This follows the same pattern as PR #130 which enforced CREATE_APPLICATIONS, CREATE_CHANNELS, and CREATE_DMS rights.

Review & Testing Checklist for Human

• Verify MANAGE_APPLICATIONS is included in default user rights configuration - if not, this is a breaking change that will prevent users from managing their own applications
• Confirm the route middleware in src/api/util/handlers/route.ts properly validates the right parameter (same mechanism used in Enforce CREATE_APPLICATIONS, CREATE_CHANNELS, and CREATE_DMS rights #130)
• Test that a user WITH the MANAGE_APPLICATIONS right can still modify/delete their applications and manage bots

Recommended test plan: Create a test user, verify they have MANAGE_APPLICATIONS in their rights, then attempt to modify an application, delete an application, create a bot, reset a bot token, and modify a bot. All operations should succeed. Then test with a user lacking this right to confirm they receive MISSING_RIGHTS errors.

Notes

• Link to Devin run: https://app.devin.ai/sessions/22ae2ed9f2a94f96b394f1dff814e889
• Requested by: Erkin Alp Güney (@erkinalp)

[devin-ai-integration]

Original prompt from Erkin

# Enforce Application, DM, and Channel Creation Rights

## Background
The @erkinalp/anticensor codebase has a rights system defined in @anticensor/src/util/util/Rights.ts that declares 51 different rights flags. However, several critical rights are declared but never actually enforced in the code, creating security gaps where users can perform actions they shouldn't be allowed to. Specifically, the following rights exist but are not validated:

- `CREATE_APPLICATIONS: BitFlag(10)` - declared at line 48 of Rights.ts
- `CREATE_CHANNELS: BitFlag(11)` - declared at line 49 of Rights.ts  
- `CREATE_DMS: BitFlag(12)` - declared at line 50 of Rights.ts

## Task
Add rights enforcement for these three rights in their respective route handlers.

## Files to Modify

### 1. Application Creation - @spacebarchat-server/src/api/routes/applications/index.ts 

**Current code (starting at line 44):**
```typescript
router.post("/", route({
    requestBody: "ApplicationCreateSchema",
    responses: {
        200: {
            body: "Application",
        },
    },
}), async (req: Request, res: Response) => {

What to change:
Add a right: "CREATE_APPLICATIONS" parameter to the route configuration object. The route definition should look like:

router.post("/", route({
    right: "CREATE_APPLICATIONS",
    requestBody: "ApplicationCreateSchema",
    responses: {
        200: {
            body: "Application",
        },
    },
}), async (req: Request, res: Response) => {

This will automatically enforce the CREATE_APPLICATIONS right before allowing the application creation logic at line 58 to execute.

2. Guild Channel Creation - @anticensor/src/api/routes/guilds/#guild_id/channels.ts

Current code (starting at line 47):

router.post("/", route({
    requestBody: "ChannelModifySchema",
    permission: "MANAGE_CHANNELS",
    responses: {
        // ...
    },
}), async (req: Request, res: Response) => {

What to change:
Add a `rig... (2033 chars truncated...)

</details>

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring