feat(assembly): history

Questa merge request contiene un quasi completo rewrite della struttura dell'assemblee, affinché siano molto più simili ad ogni altra, e affinché dal punto della sicurezza siano a prova di bomba, facendo ampio uso delle Laravel Policy.

• AssemblyPolicy: harden - bombproof
• VotationPolicy: harden - bombproof
• VotePolicy: harden - bombproof
• Assembly.date: cast to Laravel's Carbon, to easily format
• Assembly.title: introduce virtual attribute with formatted date
• AssemblyController#requestToObject(): simplify, thanks to new hardened AssemblyPolicy 'edit'
• AssemblyController#edit(): drop, because the default edit() from EditController is already nice, and already hardened thanks to the new AssemblyPolicy 'edit'.
• AssemblyController#partecipate(): harden, relying on AssemblyPolicy. so now you SHALL NOT PASS in closed assemblies, or assemblies in which you cannot vote.
• Votation: render Markdown question
• add an explicit entity, AssemblyUser, so to avoid automatic pivot stuff
• introduce Laravel query scopes everywhere to reduce (a lot) the code, and make everything more readable

Test Plan

Have a closed assembly at /assembly/1 and:

• visit closed or pending assembly as normal user. You cannot do anything. You see an info message.
• visit closed or pending assembly as administrator. You see a warning. You can update all fields but not vote.
• visit list /assembly as normal user: you cannot create an assembly
• visit list /assembly as admin: you can create an assembly
• be an admin and create a Votation with status=pending and 2 options
• visit an assembly with no votations opened: nobody can vote
• visit an assembly with an opened votation and vote: you can only vote once
• visit an assembly where you already voted: you cannot revoke your participation

Closes #178 (closed)