Validate syncgroup spec (e.g. prefixes) before joining

[asadovsky]

@ivanpi-mtv and @bprosnitz reported this issue as part of the Syncbase usability fixit.

• Benj wrote: "It seems that whenever you Join you would want to call GetSpec() in advance to confirm that the syncgroup is syncing data that you are ok with syncing, so maybe the flow for joining should include this."
• Ivan wrote: "joining a syncgroup safely currently requires carefully whitelisting admin permissions on key ranges"

It seems to me (Adam) that when an application joins a syncgroup, it would typically have a specific expectation of what data will be stored within this syncgroup (e.g. game or presentation data), how the ACLs will be configured on data within this syncgroup, and so forth.

Perhaps the concern here is specific to apps where users directly control the ACLs on data within the syncgroup, e.g. file manager? Or perhaps the concern is about malicious actors? @ivanpi-mtv or @bprosnitz, care to elaborate?

[asadovsky]

Assigning to myself for tracking. @ivanpi-mtv or @bprosnitz, could you elaborate on the concern?