Redefine group permissions
The way group permissions are handled is very inconsistent (almost everyone has the read
permission and checks are done in views and controllers... it's a mess). Also, the :modify
permission on projects is used for some reason... It should be done in abilities instead.
This has caused multiple issues, such as #663 (closed) and #319 (closed).