NSFS | NC | add option to set account supplemental groups

[nadavMiz]

Explain the changes

supplemental groups are additional groups an account can be part of besides his main group (gid). add option to set a users supplemental groups through the nsfs cli. see Supplementary group IDs in https://man7.org/linux/man-pages/man7/credentials.7.html. having addition groups allows account to access files and directory that allow access to one of the accounts supplemental groups (similar to main group access ). supplementary group IDs are used mainly for adding permissions. for other purposes the accounts main GID will be used (for example determining the group of a file created by the account). note that this enables access only on file system level, s3 commands will still require bucket policy permissions. in the same manner account will still be block from accessing the file system even if it has bucket policy permissions

1. add option to set account supplemental groups:
2. supplemental groups can be added by nsfs cli either by passing a single positive number (202) or string of comma separated positive number ("200,101")
3. supplemental groups can be added using from_file as wither one of the previously mentioned types or as an array of positive numbers ([212,313])
4. supplemental groups will be saved as part of the account configuration in the section nsfs_account_config
5. set supplemental groups as part of setting the user id for both linux and darwin (see os_linux.cpp and os_darwin.cpp)
6. add tests for both adding and updating account configuration (including from_file, and anonymous access)
7. change documentation to include data about supplemental_groups option

Issues: Fixed #7274

Testing Instructions:

1. sudo npx jest test_nc_nsfs_account_cli.test.js
2. sudo npx jest test_nc_nsfs_anonymous_cli.test.js
3. sudo node ./node_modules/mocha/bin/mocha src/test/unit_tests/test_nsfs_access.js
4. sudo NC_CORETEST=true node ./node_modules/mocha/bin/mocha src/test/unit_tests/test_nsfs_integration.js

• Doc added/updated
• Tests added

[shirady]

I added my comments (without the native files).

I would list things that you can add in this PR:

• Tests for the noobaa-cli that combines the supplemental groups with the --from_file flag.
• Tests for the noobaa-cli that combines the supplemental groups with the --anonymous flag
• Update the S3Ops.md about permission - currently only UID, GID is mentioned.

not relevant

[shirady]

extra space

Suggested change

	- `supplemental_groups` - In addition to the account main GID, an account can have supplementary group IDs that are used to determine permissions for accessing files. These GIDs are validated against a files group (GID) permissions.
	- `supplemental_groups` - In addition to the account main GID, an account can have supplementary group IDs that are used to determine permissions for accessing files. These GIDs are validated against a files group (GID) permissions.

[shirady]

Could you add a comment about this change?

[shirady]

Why is it here and not after the nb_native().fs.mkdir?
Why the fs.promises.chown is on full_path_non_root1 and not full_path_non_root2?