Currently, cluster permission checks whether a cluster action is
permitted and optionally in the context of a request. There are
scenarios where we would want to check whether the cluster action
is permitted, optionally in the context of a request and current
authentication. For example, management of API keys is only
restricted to the API keys owned by the current user. In this case,
along with the cluster action and API key request, the check
needs to perform whether the currently authenticated user is indeed
allowed to operate only on owned API keys.
With this commit, we are introducing one more context of the current
authentication that can be considered during permission evaluation.

Relates: elastic#40031

…based-permission-check

The permission checks that are dependent on actions and
optionally on request and/or on authentication, now
have a way to specify the predicates. By default
the implementation will tests all the predicates to be
successful for the operation to be allowed.
In case customization is required one has option to
implement `PermissionCheck`.

- Adds a permission check predicate interface that also
  allows implementers to specify behavior for `implies`.

…based-permission-check

…based-permission-check