Design of Permissions Model

[gtfierro]

We may want to restrict the amount of the Brick graph that is exposed to a given user.

This is probably the most straightforward way of accomplishing this:

The security principal is a private key; a key maps to a set of permissions.
A key can create new keys with a subset of its permissions. A key can revoke keys it created. There will be a "master" key for an instance of HodDB.

A set of permissions is the set of nodes/edges in a Brick graph that are allowed to be returned for the key making the request. The set is defined as the union of a number of Brick queries. When a key makes a query, the returned results are the intersection of the permission set and the query results. obviously, the permission set can be computed just once whenever the underlying graph changes and cached for further use.