Rejecting the MIDI permission should use NotAllowedError, not SecurityError

[rebane2001]

https://webaudio.github.io/web-midi-api/#dom-navigator-requestmidiaccess

At the moment a SecurityError (The operation is insecure.) is thrown when a user rejects a permissions prompt for MIDI access requested through the requestMIDIAccess() method, but it would make more sense to use a NotAllowedError (The request is not allowed by the user agent or the platform in the current context, possibly because the user denied permission.) for this.

[mjwilson-google]

Thank you for the links, and yes I think you are correct. My guess is that NotAllowedError wasn't available when that part of the spec was first written.

One possible risk of changing this is if developers are relying on checking the specific error type to find out if the permission has been denied.

It's clear from the description of the error types that NotAllowedError is the best fit, so I'll set this as ready for editing.