container: Replace AccessGroup with BasicACL

With new ACL conception, access control lists in NeoFS
defined as a required basic ACL and optional extended ACL.

Basic ACL must be set up in container structure. It is a bit
mask stored in 32-bit unsigned integer.

Seven nibbles represent seven object operations: get, put,
head, search, delete, range, range-hash.

Every nibble defines access rules for three targets: user,
owner, others and has permission bit for bearer token.

There is a permission bit for extended ACL and three unused
bits.

container/service.proto

@@ -42,8 +42,8 @@ message PutRequest {
     // Rules define storage policy for the object inside the container.
     netmap.PlacementRule rules               = 4 [(gogoproto.nullable) = false];
 
-    // Container ACL.
-    AccessGroup Group                        = 5 [(gogoproto.nullable) = false];
+    // BasicACL of the container.
+    uint32 BasicACL                          = 5;
 
     // RequestMetaHeader contains information about request meta headers (should be embedded into message)
     service.RequestMetaHeader Meta           = 98 [(gogoproto.embed) = true, (gogoproto.nullable) = false];

container/types.proto

@@ -18,18 +18,7 @@ message Container {
     uint64 Capacity            = 3;
     // Rules define storage policy for the object inside the container.
     netmap.PlacementRule Rules = 4 [(gogoproto.nullable) = false];
-    // Container ACL.
-    AccessControlList List     = 5 [(gogoproto.nullable) = false];
-}
-
-message AccessGroup {
-    // Group access mode.
-    uint32 AccessMode         = 1;
-    // Group members.
-    repeated bytes UserGroup  = 2 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false];
-}
-
-message AccessControlList {
-    // List of access groups.
-    repeated AccessGroup List = 1 [(gogoproto.nullable) = false];
+    // BasicACL with access control rules for owner, system, others and
+    // permission bits for bearer token and extended ACL.
+    uint32 BasicACL            = 5;
 }