Move ACL table for API way from engine database schema to new GroupProviderAcl db schema

[surfnet-niels]

Probably for historic reasons, the table that stores the ACL information for API, service_provider_group_acl, (allowing access to group & peson information for SPs) is currently stored in the ENGINE database. This is pretty weird and creates unneeded interdependencies.

I propose to move the ACL table for API way from engine database schema to a new db schema GroupProviderAcl to unlink interdependencies
Some quick initial checking against Engine suggests the table is not in use in Engine:

10:55:00-boy@boy-mbp-2013:~/Sites/SURFnet/vm/OpenConext-engineblock$ grep -rin 'service_provider_group_acl' .
./database/patch/patch-0013.sql:2:CREATE TABLE service_provider_group_acl (
./library/EngineBlock/Group/Acl/GroupProviderAcl.php:19: $statement = $db->prepare('SELECT gp.identifier, spga.allow_groups, spga.allow_members FROM service_provider_group_acl spga, group_provider gp WHERE spga.group_provider_id = gp.id and spga.spentityid = ?');

10:56:59-boy@boy-mbp-2013:~/Sites/SURFnet/vm/OpenConext-engineblock$ grep -rin 'GroupProviderAcl' . | grep -v .idea
Binary file ./.git/index matches
./library/EngineBlock/Group/Acl/GroupProviderAcl.php:3:class EngineBlock_Group_Acl_GroupProviderAcl

This was previously identified in engine as well, see
OpenConext/OpenConext-engineblock#81

next to a change in API to use the DB at the new location, an additional change is required in Manage, which provides the GUI form managing the group ACL information:
OpenConext/OpenConext-manage#6