Add RBAC to action-alias help api.

[nzlosh]

No description provided.

[cognifloyd]

These st2-specific x-* keys are odd.

[cognifloyd]

I see x-permissions above. I wonder why that isn't triggering the permission check.

[nzlosh]

@cognifloyd You're right, the x-parameters aren't required. RBAC is being applied to the help/match endpoints using x-permission. Closing this PR as redundant.

[nzlosh]

I just tested further, the RBAC tests inside the function calls for help/match aren't required because they're checked earlier in the router functions. However, the openapi spec does require x-parameters to be present in the specification for the requester_user to be handled correctly. Without the x-parameters the following error is encountered:

2023-11-18 10:59:36,539 140126632707184 DEBUG resolvers [-] ActionAliasPermissionsResolver._user_has_global_permission: Checking user permissions (user_db={'id': '64f1b454654977b68c7d2738', 'is_s
ervice': False, 'name': 'errbot', 'nicknames': {}},permission_type='action_alias_help',resolver='ActionAliasPermissionsResolver')
2023-11-18 10:59:36,540 140126632707184 DEBUG resolvers [-] ActionAliasPermissionsResolver._user_has_global_permission: Found a matching grant via system role (user_db={'id': '64f1b454654977b68c7
d2738', 'is_service': False, 'name': 'errbot', 'nicknames': {}},permission_type='action_alias_help',resolver='ActionAliasPermissionsResolver')
2023-11-18 10:59:36,541 140126632707184 ERROR router [-] Failed to call controller function "help" for operation "st2api.controllers.v1.actionalias:action_alias_controller.help": 'NoneType' objec
t has no attribute 'name'
Traceback (most recent call last):
  File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2common/router.py", line 632, in __call__
    resp = func(**kw)
  File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2api/controllers/v1/actionalias.py", line 110, in help
    aliases_resp = super(ActionAliasController, self)._get_all(**kwargs)
  File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2api/controllers/resource.py", line 717, in _get_all
    requester_user=requester_user,
  File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2api/controllers/resource.py", line 194, in _get_all
    limit = validate_limit_query_param(limit=limit, requester_user=requester_user)
  File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2api/controllers/resource.py", line 792, in validate_limit_query_param
    user_is_admin = rbac_utils.user_is_admin(user_db=requester_user)
  File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2rbac_backend/utils.py", line 201, in user_is_admin
    is_system_admin = RBACUtils.user_is_system_admin(user_db=user_db)
  File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2rbac_backend/utils.py", line 221, in user_is_system_admin
    return RBACUtils.user_has_role(user_db=user_db, role=SystemRole.SYSTEM_ADMIN)
  File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2rbac_backend/utils.py", line 239, in user_has_role
    user_role_dbs = rbac_service.get_roles_for_user(user_db=user_db)
  File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2rbac_backend/service.py", line 85, in get_roles_for_user
    queryset = UserRoleAssignment.query(user=user_db.name)
AttributeError: 'NoneType' object has no attribute 'name'