Redesign of whole security concept

[jochenwezel]

Major improvements shall be

• improved data integrity after deleting items sometimes left over some foreign-key-items
• performance, especially for
  • navigation data lookup
  • IsUserAuthorized checks
• Allow and Deny rules for memberships
• Allow and Deny rules for authorizations
• pave the way for (multiple) membership inheritance
  • inheritance of completely calculated membership sets, so that inheriting from a 2nd group with a deny rule for user A doesn't automatically deny user A being Allow-member of 1st group
• pave the way for (multiple) authorizations inheritance
  • inheritance of all Allow and Deny rules, so that inheriting from a 2nd security object with a deny rule for user A does automatically deny user A being authorized of 1st security object
• pave the way for splitting application objects into security objects + 0...n navigation items

[jochenwezel]

What was the purpose of the server IDs with negative numbers and the dependencies of related code? Do they point to changed database structure? If yes, code update is required.