ipn/ipn{auth,server}: update ipnauth.Actor to carry a context

The context carries additional information about the actor, such as the
request reason, and is canceled when the actor is done.

Additionally, we implement three new ipn.Actor types that wrap other actors
to modify their behavior:
 - WithRequestReason, which adds a request reason to the actor;
 - WithoutClose, which narrows the actor's interface to prevent it from being
   closed;
 - WithPolicyChecks, which adds policy checks to the actor's CheckProfileAccess
   method.

Updates #14823

Signed-off-by: Nick Khyl <nickk@tailscale.com>

ipn/ipnserver/actor.go

@@ -118,6 +118,9 @@ func (a *actor) ClientID() (_ ipnauth.ClientID, ok bool) {
 	return a.clientID, a.clientID != ipnauth.NoClientID
 }
 
+// Context implements [ipnauth.Actor].
+func (a *actor) Context() context.Context { return context.Background() }
+
 // Username implements [ipnauth.Actor].
 func (a *actor) Username() (string, error) {
 	if a.ci == nil {