Default capabilities when no capabilities record exists

[gmaclennan]

Description

Currently when no capabilities record exists for a device, we return "blocked" capabilities, which also says that sync is blocked. The behaviour we actually (probably) want depends on whether this is "own capabilities" or "other device capabilities":

1. An invited device that has not synced their capability record should be able to read and write their own data. They should not be able to read or write other devices' data.
2. An invited device that has not synced their capability record should be able to sync auth cores with others.
3. If no capabilities record exists for a device you are trying to sync with, you should allow syncing auth cores (to possibly receive a capabilities record).
4. If no capabilities record exists after syncing auth cores, then neither side should allow sync to proceed.

I think this means that we need:

• A new default capability record, returned when no record exists, that allows read/write own data, but not others, and allows sync of auth cores
• To enable (1) we need to break down the sync capability by namespace - it would only be enabled for auth namespace in the case above, allowed for all in other cases. In the future we might want to allow adding a "config editor" member, which can only sync the config (and auth) namespace, but not the data.

[EvanHahn]

Was this done in #319? It's been changed a bit since then but here's the code that looks like it does what this issue describes:

https://github.com/digidem/mapeo-core-next/blob/30e637ba74168d106e17d7b3de349abd97f51c74/src/roles.js#L99-L126

[gmaclennan]

Done in #319