[midPoint-git] [Evolveum/midpoint] 131cb4: Fix handling autz of so-called elaborate items

[mederly]

  Branch: refs/heads/master
  Home:   https://github.com/Evolveum/midpoint
  Commit: 131cb46d39005f4869759000cb78707bddde195b
      https://github.com/Evolveum/midpoint/commit/131cb46d39005f4869759000cb78707bddde195b
  Author: Pavol Mederly <mederly at evolveum.com>
  Date:   2023-04-03 (Mon, 03 Apr 2023)

  Changed paths:
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/SchemaTransformer.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/schema/transform/TransformableItemDefinition.java
    M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityBasic.java
    M model/model-intest/src/test/resources/security/role-self-task-owner.xml
    M model/model-intest/src/test/resources/security/task-useless-administrator.xml
    M model/model-intest/src/test/resources/security/task-useless-jack.xml

  Log Message:
  -----------
  Fix handling autz of so-called elaborate items

When an item is marked elaborate, it is considered as too complex to be
fully processed by various mechanisms in midPoint, including
authorizations processing.

However, the original implementation needlessly skipped _any_ autz
processing for these items, allowing the access even if it was obviously
denied.

This commit fixes this by doing at least item-level authorization checks
for these elaborate items. Only the "deep dive" is disabled for them.

This resolves MID-8635.