BED-4965 - Owns/Owner Rework

[Mayyhem]

Description

This change was made to account for cases where the OWNER RIGHTS SID (S-1-3-4) is explicitly granted permissions on AD objects, which in some cases renders implicit owner rights non-abusable.

• Display Owner SID in entity panel
• Create OwnsLimitedRights, OwnsRaw, WriteOwnerLimitedRights, and WriteOwnerRaw edges during ingest
• Create Owns and WriteOwner edges during post-processing

Please refer to https://specterops.atlassian.net/wiki/spaces/BE/pages/750157858/Owns+WriteOwner for details.

Motivation and Context

This PR addresses: https://specterops.atlassian.net/browse/BED-4965

How Has This Been Tested?

Integration tests were written for post-processed edges. Ingest edges were tested manually.

A test environment including test cases for OWNER RIGHTS permissions was configured using a PowerShell script included in the linked Confluence page. After generating test data for two domains, one where implicit owner rights were blocked and another where they were not, tests included:

• uploading a collection from a prior SharpHound version (https://github.com/BloodHoundAD/SharpHound/releases/tag/v2.5.8)
• uploading a collection from a third party open-source tool (https://github.com/dirkjanm/BloodHound.py/tree/bloodhound-ce)
• uploading a collection from a SharpHound/Common version updated to collect two additional properties required for post-processing (BED-4965 - Owns/Owner Rework SharpHound#124 and BED-4965 - Owns/Owner Rework SharpHoundCommon#176)

... and confirming that expected ingest and post-processed edges were created or removed, where appropriate.

Also ran and passed:

• just test
• View > Testing > Go (all tests)
   
  This change does not account for inheritance hashes for ACEs but will require an update after that initiative is complete.

Screenshots (optional):

Types of changes

• Chore (a change that does not modify the application functionality)
• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Database Migrations

Checklist:

• I have met the contributing prerequisites
  • Assigned myself to this PR
  • Added the appropriate labels
  • Associated an issue: Issues and Pull Requests README #672
  • Read the Contributing guide: https://github.com/SpecterOps/BloodHound/wiki/Contributing
• I have ensured that related documentation is up-to-date
  • Open API docs
  • Code comments (GoDocs / JSDocs)
• I have followed proper test practices
  • Added/updated tests to cover my changes
  • All new and existing tests passed

[zinic]

Added a commit to the changeset that highlights a few requested fixes via FIXME comments. Additionally we'd ask that the following changes also be made:

Please adhere to the standard outlined here for your conditional statements: https://specterops.atlassian.net/wiki/spaces/DEVRES/pages/1507363/Golang+Coding+and+Formatting+Standards#GolangCodingandFormattingStandards-InlineallInitializerStatements