Add `user/history` and `group/history` API endpoints so that Orthanc instances are able to track changes to user and group models and sync internal policies

One of the challenges with the user/group permission structure in Orthanc is that there is no trigger for pruning ACL grants for user or group instances that have been removed from Sonador's database. To solve that:

• history models (one for user, one for group) should be added to Sonador which provides an audit log of when user/group instances are added, updated, or removed. Events:
  • When a user or group is added, updated, or deleted.
  • When a group instance is removed from an imaging server instance.
    • When a group is unattached from a server, the imaging server should remove policies associated with the group and any users who lost access to the server as a result of the change in group status.
    • Users who do not have access to a server will not be able to exploit local Orthanc policies since access to the server is checked before looking for Orthanc local policies.
• Two API endpoints should be added to the application which allow for the audit history to be reviewed and searched by Orthanc instances so that they are able to compare their local permissions and grants against what user/group changes have been made in Sonador.
  • The API endpoints should be synchronized on a timer to remove old/obsolete policies for users/groups that no longer exist.
  • Stale permissions are not a security issue.
    • When a user/group is removed from Sonador, the UID associated with that user/group will also be removed and Sonador verifies that a user first has access to a server (via a group) before attempting to check local permission grants.
    • User and group IDs are verified before being committed, which means that it will not be possible to falsify grants.
    • Stale policies will only take up space in the database.