Fix/toolbar readonly guard

[AkaHarshit]

Summary

This PR fixes an issue where toolbar actions (delete / duplicate / paste / cut) ignored the layout.readOnly flag and continued to mutate the diagram.

Key Improvements

• Ensures toolbar actions fully respect layout.readOnly
• Introduces a shared canMutateDiagram() helper with test coverage
• Fixes clipboard schema import path for Node ESM compatibility

---

Steps to Reproduce

1. Open any diagram version so the read-only badge appears.
2. Select a table.
3. Click Delete in the toolbar.
4. ❗ The table still gets deleted, even though the diagram is read-only.

---

Root Cause

The toolbar logic referenced layout.readonly (incorrect lowercase o) instead of layout.readOnly.
This caused the guard to always fail, allowing destructive actions even in read-only mode.

---

Fix Implemented

🔧 Code Changes

• Added canMutateDiagram() in src/utils/permissions.js
• Rewired toolbar actions to use this shared guard
• Added node:test regression tests validating permission behavior
• Updated utils/clipboard.js schema imports to include .js extensions for ESM resolution

---

Before / After

State	Behavior
Before	Read-only diagrams could still be edited using toolbar destructive actions
After	Toolbar exits early; read-only diagrams remain fully protected

---

Breaking Changes

None.

---

Tests

npm test
npm run lint
npm run build

All tests pass successfully.

[vercel]

@AkaHarshit is attempting to deploy a commit to the dottle's projects Team on Vercel.

A member of the Team first needs to authorize it.