Feature: Add all/any policy to AllowedTo

[mathquis]

The AllowedTo component requires all the specified permissions to be valid.

Maybe a performAny can be implemented to allow access if one or more of the specified permissions passes are valid.

What do you think?

Awesome lib by the way. Cheers.