[WIP] API Key auth

[kevinansfield]

refs #9865

• adds integrations and api_keys tables
• adds Admin API Client role
• adds Integration model
• adds ApiKey model
  • creates default secret if not given
  • hardcodes associated role based on key type
    • admin = Admin API Client
    • content = no role
• adds API Key authentication
• sets req.api_key and context.api_key for API key requests
• updates can-this and the Model.permissible functions to work with context.api_key
  • permissions providers.apiKey added to fetch role permissions associated with the api key
• sets up integrations and api_keys test fixtures

TODO:

• determine why post create/edit tests are failing with 422 'Value in [users.name] cannot be blank.'. Likely either or both:
  • API needs a user passed in because it can't retrieve it from context.user
  • created/updated_by is dependent on context.user
• invalid accesstoken test is throwing 500 rather than 401
• fix broken permissions tests
• add user model permissions tests for api keys being unable to assign Owner permissions
• review TODOs
  • how to handle invites created via api key
  • test for e-mail test not being trigger able via api key
  • review context.user usage in api/users.handlePermissions
  • log api key when making requests
  • always allow staticPages v2 Admin API requests (separate PR)
• review naming
  • API vs Api
  • api_key vs apiKey

Separate PRs:

• sync up middleware with session auth, rename authenticatePrivate
• how to handle "internal" clients (scheduler + backup)
• set created/updated/published_by columns to api key value
• update api_key.lastSeenAt value for authenticated api key requests
• integration and api_key routes and controllers

[kevinansfield]

This has been superseded by separate PRs. Closing.