fix(permission): enhance the strictness of permissions (#7705 close #7680)

* fix(permission): enhance the strictness of permissions

* fix: add initial permissions to admin

internal/bootstrap/data/user.go

@@ -26,12 +26,13 @@ func initUser() {
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			salt := random.String(16)
 			admin = &model.User{
-				Username: "admin",
-				Salt:     salt,
-				PwdHash:  model.TwoHashPwd(adminPassword, salt),
-				Role:     model.ADMIN,
-				BasePath: "/",
-				Authn:    "[]",
+				Username:   "admin",
+				Salt:       salt,
+				PwdHash:    model.TwoHashPwd(adminPassword, salt),
+				Role:       model.ADMIN,
+				BasePath:   "/",
+				Authn:      "[]",
+				Permission: 0xFF, // 0(can see hidden) - 7(can remove)
 			}
 			if err := op.CreateUser(admin); err != nil {
 				panic(err)