add test and fix for anyone functionality

[dylancwood]

Thanks for making this useful repo available!

Background

When assigning permissions to models, it is possible to use .anyone instead of assigning permissions to a specific (type of) user. Example:

var Post = backbone.Model.extend();
Post.authorize.anyone.to.read.when(function(user) {
  //return true if the user is friends with the author
  return user.get(friends).indexOf(this.author) >= 0;
}

This works very well when multiple user-types get limited access to a resource based on the same criteria.

Problem

When anyone is used in the authorization chain, then no rules are ever matched for any users. Here is a screenshot of the results from a test that I added to test/integration/can.js

Cause

resolver.js filters out roles that do not have the same user as the current user.

Solution

allow rules to be matched if the rule's user is the same as the current user, or if it not truthy.

Discussion

I've also added a couple of tests to illustrate the problem and solution.

[bendrucker]

PR is much appreciated. This lib could definitely use some love and a 1.0. Will look at getting this merged this week and then touching up everything else as well.