JWT Authorization Concern (expertiza#140)

* Implemented authorization logic via Application controller

* Integration with courses controller requiring at least Instructor level authorization

* Made return values more consistent for definite role determination

* Tests for authorization concern

* Consistent parameter names

* Added tests for all_actions_allowed? method under auth concern

* Added tests for action_allowed? method under auth concern

* Added tests for authorize method under auth concern

* Correction in role for all_actions_allowed

* Fixes in auth spec description and courses tests

* Editing names of methods to make it more readable

---------

Co-authored-by: anshganatra <[email protected]>
Co-authored-by: kmalick <[email protected]>