Investigation: additional auth check/filters when doing joins in mongoDB

[Ramzay]

Example: we retrieve the user associated to the connector (withUser)

The user is allowed to read the connector BUT we don't check if the user is allowed to READ the user associated to the connector.

Due to the above limitation we don't show the user entity for Basic user, even if the logged user is the one using the connector ! But in the future we would like to use auth definition to know if the attached user entity is readable (OwnUser)

Idea: retrieve auth filter for user/site/siteArea and do a left join (if possible with mongo)