Allow role-based access control to features

[tmgodinho]

Implement a hierarchy of user roles such that some features are reserved for higher roles. For instance, index/unindex operations should only be performed by certified administrators. Namely:

• Each web service endpoint should be guarded by RBAC by binding core operations (search, force index, read/write core settings) to a variable list of roles;
• Operation-scoped RBAC should be configurable in the server settings (e.g. only "Healthcare" and "Admin" roles can search). Plugin-specific configurations will still remain in their respective settings file;
• The SDK should provide a means to get the roles linked to the authenticated user, and possibly whether they can perform a certain core operation.

[Enet4]

We have added RBAC awareness in our authorization services and web clients in version 2.3.0. What's left to do now is apply these restrictions on our web services.

[Enet4]

I have updated this issue with more information.