Add behavioral tests for solver write-permission gate in admin_settle_action and admin_cancel_action

[coderabbitai]

Context

This issue was raised during review of PR #708 (Add read and read-write dispute solver permissions) in comment #708 (comment), requested by @grunch.

Problem

PR #708 introduced write-permission enforcement in admin_settle_action (src/app/admin_settle.rs, lines 53–54) and admin_cancel_action (src/app/admin_cancel.rs, lines 76–77) via solver_has_write_permission. The only test currently covering this path is a structural check that verifies CantDoReason::NotAuthorized exists as an enum variant; it does not exercise the authorization boundary end-to-end.

Goal

Add behavioral tests that:

1. Call admin_settle_action with a read-only solver fixture and assert the handler returns MostroCantDo(CantDoReason::NotAuthorized).
2. Call admin_settle_action with a read-write solver fixture and assert successful execution (no CantDo error).
3. Repeat steps 1–2 for admin_cancel_action.

These tests require non-trivial fixtures (in-memory SQLite pool seeded with dispute + solver rows, mock LND connector, valid Nostr key pairs), which is why they were deferred from PR #708.

Acceptance Criteria

• At least one test per action (admin_settle_action, admin_cancel_action) that covers the read-only rejection path.
• At least one test per action that covers the read-write success path (or reaches the next meaningful gate without a permission error).
• Tests use the existing test helpers/fixtures in the Mostro codebase where possible.
• cargo test passes with all new tests included.

References

• PR Add read and read-write dispute solver permissions #708: Add read and read-write dispute solver permissions #708
• Closes issue Add solver permission levels: read-only and read-write for dispute resolution #707 (parent feature)
• Relevant files: src/app/admin_settle.rs, src/app/admin_cancel.rs, src/db.rs (solver_has_write_permission)