Refactor file permissions #630
Description
I think the confusion in general comes from the fact that _get_record(...) doesn't only do what's on the label, but also performs a permission check... Would it make sense to fix that and extract and repeat the logic in each service call to make things a bit more explicit/clear? Unfortunately, I see that we override _get_record(...) in rdm-records, to perform an extra permission check for deleted records. This should be done in the permissions class, and we shouldn't need can_read_deleted_files in the first place...