fix: check execute privilege before calling pg_stat_file in multixact_size

The multixact_size metric checks if pg_stat_file() exists but not
whether the monitoring user has EXECUTE permission on it. On managed
databases like Supabase, the function exists but is restricted to
superusers, causing "permission denied for function pg_stat_file".

Add has_function_privilege() check to the can_local CTE so the
local_probe_xml branch is skipped when the user lacks permission.

https://claude.ai/code/session_01SzJxzZNQjDQphaHyaX3RU7

Author: claude

config/pgwatch-prometheus/metrics.yml

@@ -2397,7 +2397,9 @@ metrics:
             exists (select from pg_proc where proname = 'pg_stat_file') as has_pg_stat_file_func
         ),
         can_local as (
-          select (has_pg_ls_dir_func and has_pg_stat_file_func) as ok from env
+          select (has_pg_ls_dir_func and has_pg_stat_file_func
+            and has_function_privilege('pg_stat_file(text,boolean)', 'execute')
+          ) as ok from env
         ),
         -- Use query_to_xml to safely execute Aurora-specific multixact query.
         -- Aurora uses aurora_stat_file() function instead of rds_tools.pg_ls_multixactdir().