With new ACL conception, access control lists in NeoFS
defined as a required basic ACL and optional extended ACL.
Basic ACL must be set up in container structure. It is a bit
mask stored in 32-bit unsigned integer.
Seven nibbles represent seven object operations: get, put,
head, search, delete, range, range-hash.
Every nibble defines access rules for three targets: user,
owner, others and has permission bit for bearer token.
There is a permission bit for extended ACL and three unused
bits.
Basic NeoFS ACL applies access rules to request sender. Request
senders are combined in groups that calls `targets`.
Basic ACL rules may be applied to these targets:
1. User - request sender is the owner of the container,
used in the request.
2. System - request sender is the storage node
within the container used in the request or
inner ring node.
3. Others - request sender is none of the above.
Extended ACL rules may be applied for targets, provided with
extra information.
4. PubKey - request sender has provided public key.
