models: refactor search visibility methods.

Refactor how model visibility works in index actions:

* Call `visible` in the controller instead of in model `search`
  methods. This decouples model visibility from model searching.

* Explicitly pass CurrentUser when calling `visible`. This reduces
  hidden dependencies on the current user inside models.

* Standardize on calling the method `visible`. In some places it was
  called `permitted` instead.

* Add a `visible` base method to ApplicationModel.

app/models/user_feedback.rb

@@ -21,7 +21,7 @@ class UserFeedback < ApplicationRecord
   scope :undeleted, -> { where(is_deleted: false) }
 
   module SearchMethods
-    def visible(viewer = CurrentUser.user)
+    def visible(viewer)
       viewer.is_moderator? ? all : undeleted
     end
 
@@ -32,7 +32,6 @@ class UserFeedback < ApplicationRecord
     def search(params)
       q = super
 
-      q = q.visible
       q = q.search_attributes(params, :user, :creator, :category, :body, :is_deleted)
       q = q.text_attribute_matches(:body, params[:body_matches])