Fix tiering with complex permissions and rodsusers running tiering rules (4-3-stable)

[alanking]

Addresses #164
Addresses #189
Addresses #273
Addresses #293

A few notes with this change:

1. Leaving in draft for now since I need to run the full test suite and make sure things are working when built against true-blue 4.3.3 packages. The build hook currently requires you to provide iRODS packages so I want to make extra sure I haven't been testing against tip of 4-3-stable or something that is not bit-for-bit identical to 4.3.3 iRODS packages.
2. I didn't change any of the internal interfaces (e.g. removing the user and zone parameters from function signatures), but we can update those if desired. Felt like a bit of a clean-up maneuver, distracting from the meat of the change.
3. "Run all storage tiering ops as admin" is not quite accurate as updating access_time metadata is not being done by rodsadmins in this change. That will come in a later change to address Downloading a read-only file via python client gives irods.exception.CAT_NO_ACCESS_PERMISSION: failed to set access time for [file] #175 and CAT_NO_ACCESS_PERMISSION and USER_PACKSTRUCT_INPUT_ERR on open/read/close activity #203. The reason it is not included in this change is that this one is already quite big and testing for the updating of access_time for the read-only case is going to require yet more changes, so it felt better to leave those off of this PR. Can update that commit message if desired.
4. The tests provided here are very basic and may not be comprehensive. I made sure to hit the use cases in the linked issues, at least.

[alanking]

Re-built with 4.3.3 packages downloaded from packages.irods.org and saw all the tests pass. Marking ready for review.

[korydraughn]

Looking real good.

[alanking]

All tests passed

[FifthPotato]

Looks good. Just a few things from me!

[MartinFlores751]

Few comments on my part. Some repeat questions about use of make(), mostly for understanding.

[alanking]

Everything builds, just need to run tests again. Will watch for additional comments

[alanking]

All tests passed.

[korydraughn]

Good. Is there anything else left to do for this PR?

[alanking]

If there are no additional review comments, I think it's in a good spot as a stake in the ground. There are some things which were raised in the review which have been captured in issues and will (probably) be addressed before release.

[korydraughn]

Squash it and format it.

[alanking]

Squashed. Formatting satisfied

[korydraughn]

Is the commit message for 2dc3f29 still good. I'm mostly looking at the mention of proxy_connection::make having two overloads, but the names being different following @MartinFlores751's comments.

Also, are both proxy_connection::make member functions used in the code or is the new rodsadmin function used exclusively?

[alanking]

Is the commit message for 2dc3f29 still good. I'm mostly looking at the mention of proxy_connection::make having two overloads, but the names being different following @MartinFlores751's comments.

Hmm... true, that did change. Will update.

Also, are both proxy_connection::make member functions used in the code or is the new rodsadmin function used exclusively?

I think all instances have switched to using the new one.

[korydraughn]

I think all instances have switched to using the new one.

Consider marking it deprecated to guard against future usage.

[alanking]

I wouldn't say that its usage is discouraged... It still works, after all. It's just that the plugin is no longer using it because we're going in a different direction (admin only everywhere). Considering it's in a private header file specific to this plugin and it may just get removed in the very near future anyway (#296 (comment)), I don't think we need to mark it deprecated. Thoughts?

[trel]

agreed - we'll be torching it before a release most probably.

[korydraughn]

Pound it.

[alanking]

Removed mention of overloads from commit message and #'d. Please eyeball message before I merge

[korydraughn]

Merge it!