Create security model for torque-sites

Created by: frankduncan

Right now each site is haphazardly doing secure things based on however that was configured at startup. This needs to be formalized and organized.

We need to create a list of groups that users must go into, and then disable permissions for the standard mediawiki groups (user, bureaucrat, *, sysop, etc). Then we need to enable some permissions for the groups we set up, and make sure that all users are getting assigned at least one of them. We may want to keep user around in order to get some base permissions in case someone is not assigned a group by the admins.

The groups we want to set up include things like DecisionMaker (such as donors), Admins (LFC Staff, OTS Staff), PseudoDecisionMaker (liaisons to donors), etc. See https://github.com/OpenTechStrategies/torque/wiki/Meeting-Notes#2020-03-17-frankkarl-discussion-re-eo-and-usergroup-permissions for more information.

Then these need to be placed in their own files instead of just hacked into LocalSettings by ansible, so that we get better source control on them. They should also be centralized a la #53 (closed)