* Add a new byFlag resource filter feature to support filtering
using flags.
False by default since only system applications use it.
* Add filter definitions to flag pkg resource.
* Add support for using []string inside byValue filters.
It allows filtering for specific rules and also the rules which are applied to the resource, and not to a specific resource.
Introduces generic methods for RuleSet and FindRules method to access_control generation template.
- stricter rule checking when multiple roles have permissions on same
resource
- tracking (prev: evaluation) is refactored to stand out less than
previous solution
- performance optimization on certain situations (earlier fn return)
It moves role permission cloning under /system/roles from /system/permissions, since cloning action copies all rules, and it can not be limited per-component and also shifted all respective service methods to role service and removed Rbac rule cloning methods from access-control template.
Changes:
- Boot initialization follows standard impl
- Improved DAL connection management (adding, reloading, removing)
- Cleaner and more detailed logging
- Primary store connection is now reused when added to DAL
- Introduces new role for data-privacy-officer(Role allows user to manage data privacy requests)
- along with a new system resource for data privacy requests and its access control
- Routes as per access control to create data privacy request, list request and filter it based on their kind and status, update data privacy request status, and create/list comments on data privacy request
