This is an exclusive-or of the jrd-security-role-uniqueness branch, which attempted to constrain users and groups to have distinct names. This branch enables operators to define names that overlap by creating distinct places in core metadata for grants for users vs groups.
riak-admin will (for grant/revoke only, although that list of commands could be extended trivially) support user/<user> and group/<group> syntax to disambiguate grants or revokes when names are not unique. The tool will mandate the use of that syntax when name conflicts occur, although at the moment the tools have not been updated to illustrate the syntax or to explicitly ask for it.
The user/ or group/ prefixes have also been used internally when generating a list of permissions so that the print-user command can identify which permissions apply to the user vs any group by the same name.
Explicitly allow a name to be reused under both role types by maintai…
…ning distinct grant namespaces in core metadata
Was swallowing errors from revoke
Superseded by #534, closing