Fixed and improved various issue in admin module (especially the Role editing which was not working as expected.)

Added CMS_MODULE.permissions to allow module to declare the potential permissions.
Added support for CMS_LINK.is_forbidden, in relation with CMS_LOCAL_LINK.permission_arguments.
Split link "username (Logout)" into 2 links "username" and "logout".
Fixed/Changed the way auth modules alter the logout link based on "(Logout)" title, by safer solution based on `location' of the link.

Fixed usage of WSF_REQUEST.path_info by using percent_encoded_path_info which is not non unicode path info to be used most of the time.
Merged CMS_REPONSE.variables and CMS_REPONSE.values .
When possible, prefer usage of CMS_RESPONSE.user instead of CMS_REQUEST_UTIL.current_user (WSF_REQUEST) whenever it is possible.
When possible, prefer usage of CMS_RESPONSE.location, rather than usage of WSF_REQUEST.(percent_encoded_)path_info .
Code cleaning.

modules/auth/cms_authentication_module.e

@@ -111,8 +111,11 @@ feature -- Hooks configuration
 		local
 			lnk: CMS_LOCAL_LINK
 		do
-			if attached a_response.current_user (a_response.request) as u then
-				create lnk.make (u.name +  " (Logout)", "account/roc-logout" )
+			if attached a_response.user as u then
+				create lnk.make (u.name, "account" )
+				lnk.set_weight (97)
+				a_menu_system.primary_menu.extend (lnk)
+				create lnk.make ("Logout", "account/roc-logout")
 				lnk.set_weight (98)
 				a_menu_system.primary_menu.extend (lnk)
 			else
@@ -398,7 +401,7 @@ feature -- Handler
 			l_user_api := api.user_api
 
 			if req.is_post_request_method then
-				if attached current_user (req) as l_user  then
+				if attached r.user as l_user  then
 					r.set_value (api.user_api.user_roles (l_user), "roles")
 					if
 						attached {WSF_STRING} req.form_parameter ("password") as l_password and then