Pull out cf specific code from permissions model

• From Todo List: Separate Cloud Foundry code from the core modules. #3675 (comment)
• Split out to capture at top level

Review src/frontend/packages/store/src/reducers/current-user-roles-reducer. A lot of this is cf related. Need to understand if the generic permissions model depends on any. If not move over. If so need to understand how to make permissions model work with packages.

UPDATE: The currentUserRoles part of the store contains three seconds, two are core and one is specifically cf. Need to move this out of currentUserRoles such that we don't have two reducers for the same store section. The permissions model should be expanded to allow extensions to add their own permission checks (which look in new cf current user roles part of store)