Move ACL table for API way from engine database schema to new GroupProviderAcl db schema

[surfnet-niels]

Probably for historic reasons, the table that stores the ACL information for API, service_provider_group_acl, (allowing access to group & peson information for SPs) is currently stored in the ENGINE database. This is pretty weird and creates unneeded interdependencies.

I propose to move the ACL table for API way from engine database schema to a new db schema GroupProviderAcl to unlink interdependencies Some quick initial checking against Engine suggests the table is not in use in Engine:

10:55:00-boy@boy-mbp-2013:~/Sites/SURFnet/vm/OpenConext-engineblock$ grep -rin 'service_provider_group_acl' . ./database/patch/patch-0013.sql:2:CREATE TABLE service_provider_group_acl ( ./library/EngineBlock/Group/Acl/GroupProviderAcl.php:19: $statement = $db->prepare('SELECT gp.identifier, spga.allow_groups, spga.allow_members FROM service_provider_group_acl spga, group_provider gp WHERE spga.group_provider_id = gp.id and spga.spentityid = ?');

10:56:59-boy@boy-mbp-2013:~/Sites/SURFnet/vm/OpenConext-engineblock$ grep -rin 'GroupProviderAcl' . | grep -v .idea Binary file ./.git/index matches ./library/EngineBlock/Group/Acl/GroupProviderAcl.php:3:class EngineBlock_Group_Acl_GroupProviderAcl

This was previously identified in engine as well, see https://github.com/OpenConext/OpenConext-engineblock/issues/81

next to a change in API to use the DB at the new location, an additional change is required in Manage, which provides the GUI form managing the group ACL information: https://github.com/OpenConext/OpenConext-manage/issues/6