People Directory to use CBAC instead of custom ”Directory access group” mechanism

[japsu]

There is a people directory / person search functionality at eg. https://kompassi.eu/organizations/tracon-ry/people that lets organizers make searches to people who have a relationship with the organization. As this considers PII, the access to said feature is controlled tightly and all access to it is logged in the event log.

A Django model called DirectoryAccessGroup grants a time-limited, feature specific access privilege to the directory of that organization to a group of users. The DirectoryAccessGroup mechanism predates CBAC by several years.

So remove the DirectoryAccessGroup functionality and make Directory use CBAC instead.

[japsu]

Closed via 4579a106b024798f85bd0cebec5ab65118f5a2d2