fix: default permissions to true on API failure to prevent UI hiding

- When the permission check API call fails (timeout, network error, etc.),
  permissions now default to true instead of false
- This prevents UI elements like the WiFi tab from disappearing when the
  permission check has a transient failure
- The API still enforces access server-side, so no security impact
- Added __checkFailed flag to PermissionMap for observability

src/lib/permissions.spec.ts

@@ -51,12 +51,14 @@ describe("permissions helpers", () => {
     });
   });
 
-  it("defaults requested permissions to false on API error", async () => {
+  it("defaults requested permissions to true on API error and marks __checkFailed", async () => {
     mockCheckPermissions.mockRejectedValueOnce(new Error("request failed"));
 
     const result = await checkPermissions("token", ["a", "b"]);
 
-    expect(result).toEqual({ a: false, b: false });
+    expect(result.a).toBe(true);
+    expect(result.b).toBe(true);
+    expect(result.__checkFailed).toBe(true);
   });
 
   it("hasPermission returns true only for explicit true values", () => {