Tenant Permissions : added the possibility to specify tenants via parameter

[peternied]

Description

This is a continuation of #819 with many thanks to @chrousto

The idea would be that this user :

new-user:
  hash: "*************"
  reserved: false
  hidden: false
  opendistro_security_roles:
  - "role-tenant1"
  attributes:
    attribute1: "tenant1"
  static: false

Would only have access to the tenant tenant1 if the role role-tenant1 was defined like this :

role-tenant1:
 reserved: false
 hidden: false
 cluster_permissions:
 - "read"
 - "cluster:monitor/nodes/stats"
 - "cluster:monitor/task/get"
 tenant_permissions:
 - tenant_patterns:
   - ${attr.internal.attribute1}
   allowed_actions:
   - "kibana_all_write"
 static: false
_meta:
 type: "roles"
 config_version: 2

Issues Resolved

• Feature Request : parameter substitution in tenant patterns. #817

Testing

Integration tests have been created for this feature

Check List

• New functionality includes testing
• New functionality has been documented
• Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[codecov-commenter]

Codecov Report

❌ Patch coverage is 90.00000% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 60.90%. Comparing base (94cc878) to head (75ccda8).
⚠️ Report is 1456 commits behind head on main.

Files with missing lines	Patch %	Lines
...pensearch/security/securityconf/ConfigModelV7.java	90.00%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##               main    #1813      +/-   ##
============================================
+ Coverage     60.87%   60.90%   +0.02%     
- Complexity     3215     3216       +1     
============================================
  Files           256      256              
  Lines         18012    18019       +7     
  Branches       3211     3213       +2     
============================================
+ Hits          10965    10974       +9     
+ Misses         5467     5464       -3     
- Partials       1580     1581       +1     

Files with missing lines	Coverage Δ
...pensearch/security/securityconf/ConfigModelV7.java	62.76% <90.00%> (+0.28%)	⬆️

... and 2 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[peternied]

@cliu123 Did you have any other comments around this pull request that need to be addressed?

[cliu123]

Most of the changes look great to me! I missed the do...while in last review though. This can be merged when it gets fixed.

[peternied]

@DarshitChanpura @cliu123 could I get another review?