Refactor initial_setup to play well with pluggable apps

[alexeyt]

Currently, we create monolithic authorizer roles like Administrator and Object Owner that know about all parts of the system, even parts that might not be enabled/installed. We also declare all authorizer methods in one central XML file, and all the setup code must live in one central directory. Thus, the problem on #13: we need to have knowledge of which apps are enabled in order for the setup of the monolithic role to happen correctly. We should refactor things so that each authorizer role pertains to objects in one app only, and let the code that defines that role live in the app itself.

[cchurch]

It might be possible to use signals for initial setup. The pr_services app's management command would simply send a series of initial setup signals. Any installed apps who have registered to receive those signals could then perform their portion of the setup. Having multiple signals (or the same signal, but with a integer argument) would allow for apps to run their setup routines in a certain order, in the case there are dependencies between setup steps.