Issue 332

[rhythnic]

What does this PR do?

• Use openapi-backend to provide the express routing middleware based on the openapi doc. The openapi-backend middleware validates all requests and delegates the request to a handler matching the operationId property from the openapi doc.
• Implement basic CRUD-based access permissions for users. Use middleware to ensure that the user associated with the session token has permission to perform the operation.

Do you have any concerns with this PR?

Implementing the company-based access rules turned out to be a lot of overhead. I ended up scrapping all company-related code. This target of this PR is a new v2 branch. I'll keep merging issues into v2, until it's ready to merge into master. This is that fastest way to get to v2, and since no demands are being made right now of v1, I decided faster would be better.

How can the reviewer verify this PR?

View. The v2 branch won't be operational until companies are removed from the rest of the code base and from the tests.

Any background context you want to provide?

CI/CD tests won't be passing for the v2 branch until companies are removed completely.

Screenshots or logs (if appropriate)

Questions:

• Have you connected this PR to the issue it resolves? #331 #328
• Does the documentation need an update? Will update docs prior to v2 release
• Does this add new dependencies? openapi-backend, js-yaml
• Have you added unit or functional tests for this PR? No