Add access based recipient filtering of persons with personal contact information associated with an organsation

[SandGrainOne]

Description

Create a service responsible for authorization. Add logic to check that the person to receive the notification are allowed to represent the organization in the context of the given resource. If no resource or app has been given as context of the notification, then personal contact information should not be considered. All authorization requires a resource.

Perform a normal authorization request similar to the requests created by Storage when a user wants to access a resource.

Tasks

• [x] Create a new service class to handle Authorization
• [x] Create a method that can determine if a set of users are allowed to access given resource for given subject.
• [x] Unit tests
• [x] QA
• [x] Manual testing
• [x] Update architecture documentation with new dependency

Acceptance criteria

• [x] Service is available for use by logic in other services.

[acn-sbuad]

Satisfied the authorization logic works as expected after testing in AT and locally.