feat: add structured policy support with ruleType and params

[shadrach68]

• closes Introduce a richer policy model with JSON rule parameters #16

Task Summary

This PR replaces the current string-only policy rule model with a structured policy representation. By migrating to a ruleType + optional JSON params model, the policy engine is now equipped to support more advanced parameters (e.g., minimum role sets, expiry grace periods) without making the rule evaluations opaque.

Background / Context

Previously, AccessPolicy.rule was a fixed string union stored as a plain string in Prisma. This supported simple access scenarios but lacked extensibility for resource-specific constraints. This update preserves backwards compatibility for legacy string rules while establishing the foundation for future structured configuration.

Acceptance Criteria

• Existing PUBLIC, MEMBERS_ONLY, ADMINS_ONLY, and CONTRIBUTORS_OR_ADMINS rules continue to work.
• Policy records can store typed rule parameters via the optional params JSON field.
• Unsupported or malformed policy configurations safely fall back to a DENY decision.
• Policy explanations include relevant parameter details.
• Migration and seed data are updated to reflect the new schema.
• Tests cover legacy and structured policy formats, including malformed configurations.

Files / Areas to Change

• apps/access-api/prisma/schema.prisma
• apps/access-api/prisma/seed.ts
• apps/access-api/prisma/migrations/
• apps/access-api/src/services/memberService.ts
• packages/shared-types/src/index.ts
• packages/policy-engine/src/index.ts
• packages/policy-engine/test/policy.test.ts

Testing Requirements

• npm run typecheck passes
• npm run test passes
• New behaviour covered by tests (malformed params, unsupported rules, structured params preserved)

[Lakes41]

Do resolve conflicts