Add filter to secret list for acl secrets

CR(s) related to this bug should include the 'DocImpact:' and 'APIImpact:' flags, describing the API and documentation updates required.

The normal/existing GET /v1/secrets call returns a list of secret metadata for the same project-ID as the requesting client. It does NOT return the list of secret metadata that the requesting client is on the ACL for. This current behavior should NOT change per this bug.

Rather a modified GET request should be added, with the resulting GET call looking something like this:

GET /v1/secrets?acl-only=true&....other filter parameters as needed...

So if acl-only=true is specified, then the query ONLY returns a paged list of secret metadata that the requesting client is on the ACL for. Hence the query will have to search secrets for ACL matches for the requesting client. Note that this search mode does NOT ALSO return the list of secret metadata for the requestor's project-ID. This should ease the query/paging process.

If acl-only=false, or is not specified, then the current project-ID-ONLY based GET should be used.

Reviewed: https://review.openstack.org/222328
Committed: https://git.openstack.org/cgit/openstack/barbican/commit/?id=1941fbd6763df40ffa08ac97efc5a97131b62117
Submitter: Jenkins
Branch: master

commit 1941fbd6763df40ffa08ac97efc5a97131b62117
Author: Elvin Tubillara <email address hidden>
Date: Wed Sep 9 15:03:47 2015 -0500

    Add filter to secret list for acl secrets

    Adds a ACL only filter when getting the list of secrets. If
    'http://barbican:9311/v1/secrets/acl_only=true' is given then
    the list of secrets returned should only contain secrets that the
    user is on the ACL for (regardless of project).
    If acl_only is false or is not given, then
    the default project based behaviour will be used.

    DocImpact
    APIImpact
    Change-Id: I8e511d29b77ce15d2000ee2876a12cf6a95771c6
    Closes-Bug: #1459780