This is the fourth in a series of tickets that adds authorization support for persistent volumes.
We need to add ACL authorization for the '/create-volume' and '/destroy-volume' HTTP endpoints. In other complementary work, authorization for frameworks performing CREATE and DESTROY operations is being added by
This will consist of adding authorization calls into the HTTP endpoint code in src/master/http.cpp, as well as tests for both failed & successful calls to '/create-volumes' and '/destroy-volumes' with authorization. We also must ensure that the principal field of Resource.DiskInfo.Persistence is being populated correctly.