add permissions to allow non root ceph configuration
Do not only allow root@pam to admin ceph server as some user do not
want to allow root logins and users with the Sys.Modify permission
should be able to modify ceph related stuff.
We use basically the following permissions:
Sys.Modify:
for any delete, add, modify action (POST, PUT, DELETE)
Sys.Audit and Datastore.Audit:
for any status/information view action (GET)
Sys.Log:
for viewing the Ceph log (was already implemented)
We have two exceptions creating and destroying osds. Those may only
be done by 'root@pam' for security reasons.
Also show users with any of those capabilities the ceph tab in the
web GUI.