Set up authorization enforcement in queries

[phavekes]

This issue is imported from pivotal - Originaly created at Oct 4, 2018 by Michiel Kodde

Queries emanating from the MW API need the means to express what authorization context should be applied to them when they are executed.

This story should entail the creation of helper classes that are used to create and apply this authorization context.

This should ty in with the changes that are proposed in #160546671

Sample query how the joining could be done:

SELECT i.id, i.name_id, i.common_name, i.institution, i.email, i.preferred_locale
FROM identity i
       LEFT JOIN institution_authorization AS ia ON (ia.institution_relation = i.institution AND
                                                     (ia.institution_role = \'USE_RA\' OR ia.institution_role = \'USE_RAA\'))
WHERE ia.institution = \'institution-a.example.com\'

GROUP BY i.id

[phavekes]

See:

1. https://github.com/OpenConext/Stepup-Middleware/pull/240
2. https://github.com/OpenConext/Stepup-Middleware/pull/239 (Michiel Kodde - Oct 8, 2018)

[phavekes]

Task "update postman collections" has been fixed on the parent branch:

https://github.com/OpenConext/Stepup-Middleware/commit/feb32c8dcefa34044c6e92a05821430214d3dc21 (Michiel Kodde - Oct 10, 2018)