feat: complete Android permission UX for camera, location and push

[xJeffx23]

Closes #78

Problem

The APK had no permission experience: features silently broke when denied, no rationale before the OS prompt,
no path to recover from permanent denial.

Changes

New files

• src/hooks/usePermission.ts — three hooks (camera, location, push) each handling prompt / granted / denied / permanently_denied
• src/components/PermissionGate.tsx — reusable gate: rationale screen → OS prompt → denied card → permanently-denied card
  with settings CTA → fallback slot
• src/components/PushPermissionBanner.tsx — non-blocking inline banner for merchants; inbox remains functional at all
  push states

Modified files

• useGeolocation.ts — check-only on mount (no auto OS dialog); rationale shown first via ExploreMap gate;
  appStateChange listener recovers state after settings
• useQRScanner.ts — already used check-before-request; confirmed correct
• ExploreMap.tsx — shows PermissionGate for prompt state on native before triggering OS dialog; zone-based search
  fallback when denied
• MerchantInbox.tsx — PermissionGate wraps scan area; manual QR paste fallback; appStateChange re-checks camera on
  return from settings
• AndroidManifest.xml — POST_NOTIFICATIONS declared; all hardware features required="false"
• Android build files — capacitor-push-notifications wired into Gradle

Acceptance criteria

• Denying camera does not crash the scanner → shows manual paste fallback
• Denying location shows zone-based search fallback
• Denying push keeps the inbox fully functional
• APK recovers permissions from system settings (appStateChange + app-settings: on Capacitor 8)

Test plan

• TypeScript: 0 errors (npx tsc --noEmit)
• Production build: clean (npm run build)
• Android — camera: rationale gate → OS dialog → denied → paste fallback
• Android — camera: permanently denied → Ir a Ajustes → grant → auto-recovers
• Android — location: rationale gate → OS dialog → denied → zone input
• Android — location: permanently denied → Ir a Ajustes → grant → auto-recovers
• Android — push: banner prompt → OS dialog → denied → inbox still loads trades
• Android — all: adb shell pm reset-permissions com.micopay.app between runs

Dependencies

Provides the permission infrastructure for:

• Fix QR role model and merchant scan completion #70 (QR scan completion) — camera permission layer ready
• Real P2P merchant discovery — replace hardcoded offers #73 (P2P merchant discovery) — location permission layer ready

If there is any point for improvement, please let me know and I will fix it.🚀

[drips-wave]

@xJeffx23 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits