[DRAFT] [Feature] Introduces resource sharing and access-control

[DarshitChanpura]

companion PR: opensearch-project/OpenSearch#16030

Description

Introduces a new authorization mechanism to control access to resources defined by plugins.

This PR also introduces a sample resource plugin to show the APIs in action.

• Category : New feature
• Why these changes are required?
  • At present, plugins have implemented in-house authorization mechanisms for a lack of centralized framework. This PR introduces a centralized way to offload resource permissions check to security plugin. Plugins will leverage the java APIs introduced in core.

Issues Resolved

• Related to [Proposal] Resource Permissions and Sharing #4500

Testing

• automated and manual testing

Check List

• New functionality includes testing
• New functionality has been documented
• New Roles/Permissions have a corresponding security dashboards plugin PR
• API changes companion pull request created
• Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[nibix]

This GuiceHolder pattern from the security plugin is IMHO only a hack to get access to dependencies which are available via dependency injection, but not via the createComponents() API in the Plugin interface. The un-hackish way to give plugins access to ResourceService would be to add it to the param list of createComponents().