fix(mcp): address code review findings for RBAC tool visibility

- Fail closed (return only public tools) when credentials are invalid
  (PermissionError from bad API key, ValueError from unknown dev username);
  fail open only when no auth source is configured at all
- Extract _get_app_context_manager() to module level in auth.py so
  RBACToolVisibilityMiddleware reuses the same context-selection logic as
  mcp_auth_hook, preventing external g.user from being shadowed
- Add RBACToolVisibilityMiddleware to __main__.py stdio entry point via
  build_middleware_list() to keep all transports in sync
- Fix stale patch targets in test_tool_search_transform.py: update
  superset.mcp_service.server.user_can_view_data_model_metadata →
  superset.mcp_service.privacy.user_can_view_data_model_metadata
- Qualify write tool listings in instructions with "(requires write access)"
  and add a permissions preamble so read-only users are not confused by
  tools they cannot call

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>