Rudder

Now that we have set-up the fundations for being able to RBAC on node (view only for now) in #23727, we need to actually do it.

The main ideas are:

- nodes can belong to a tenants (they can have a "tenant" attribute with an alpha-num identier)
- user can be associated to none, a list of, or all tenants access
- rudder filter out nodes accordingly to these two parameters, so that an user associated to tenant "zoneA" can only view nodes with the attribte "tenant=zoneA"

The feature will be enabled in a plugin, but some changes need to happen in rudder core too.
This isse is a main entry point and will redirect toward all sub-stories.