Add /-/actions endpoint to list registered actions

This adds a new endpoint at /-/actions that lists all registered actions
in the permission system. The endpoint supports both JSON and HTML output.

Changes:
- Added _actions() method to Datasette class to return action list
- Added route for /-/actions with JsonDataView
- Created actions.html template for nice HTML display
- Added template parameter to JsonDataView for custom templates
- Moved respond_json_or_html from BaseView to JsonDataView
- Added test for the new endpoint

The endpoint requires view-instance permission and provides details about
each action including name, abbreviation, description, resource class,
and parent/child requirements.

Closes #2547

Co-Authored-By: Claude <noreply@anthropic.com>

datasette/app.py

@@ -1554,6 +1554,20 @@ class Datasette:
     def _actor(self, request):
         return {"actor": request.actor}
 
+    def _actions(self):
+        return [
+            {
+                "name": action.name,
+                "abbr": action.abbr,
+                "description": action.description,
+                "takes_parent": action.takes_parent,
+                "takes_child": action.takes_child,
+                "resource_class": action.resource_class.__name__,
+                "also_requires": action.also_requires,
+            }
+            for action in sorted(self.actions.values(), key=lambda a: a.name)
+        ]
+
     async def table_config(self, database: str, table: str) -> dict:
         """Return dictionary of configuration for specified table"""
         return (
@@ -1819,6 +1833,12 @@ class Datasette:
             ),
             r"/-/actor(\.(?P<format>json))?$",
         )
+        add_route(
+            JsonDataView.as_view(
+                self, "actions.json", self._actions, template="actions.html"
+            ),
+            r"/-/actions(\.(?P<format>json))?$",
+        )
         add_route(
             AuthTokenView.as_view(self),
             r"/-/auth-token$",