ext / Update multi modal authorization model for ext/Fintraffic

[solita-topip]

Summary

• Enhances the multi-modal stop place authorization model in ext/fintraffic to be more fine-grained: authorization for parent (multi-modal) stop places now checks the transport modes of child stops individually.
• Adds a configuration option tiamat.ext.fintraffic.auth.multiModal.disabled to allow disabling multi-modal stop place editing entirely. Multi-modal stop place support is enabled by default.
• Parent stop places now include transport modes collected from their children in the generated search key JSON (used by the read API).
• All changes are scoped to the ext/fintraffic package only.

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update (changes to documentation only)
• Other (please describe)

Issue

No linked issue. Change is relevant for ext/fintraffic package only.

The existing authorization model for multi-modal (parent) stop places was too strict. This change ensures that a user can only edit a parent stop place if they have the required permissions for all of its children's transport modes, improving access control granularity.

Unit tests

• All existing tests pass.
• New unit tests have been created for both the authorization logic (FintrafficAuthorizationServiceTest) and the search key generation (FintrafficSearchKeyServiceTest).

Documentation

N/A