Provide grants for test setup

Will look into this next week

Hi Chad

The test data does not currently contain a grants file for OpenLDAP, the only thing we have at the moment is the informal group structure documented in documentation.notes.txt and groups.csv. The reason is that the test infrastructure in 7 relied on a separate test server implementation which simulated said data. If you were willing to provide a more complete example for OpenLDAP I'd very much appreciate it if we could get rid of those notes (and ideally directly add it to the Docker example).

Are you considering contributing your tests to this module or are you planning to just use them internally? I just want to give you a heads up that due to the dependency on a running LDAP server and the LDAP extension that I won't be merging any integration tests which cannot be run on drupal.org by itself, which has neither. Thus, the communication to OpenLDAP would have to be mocked and that's a significant effort, which is why I've for now focused on unit tests but any support here would be much appreciated.

Full working docker example has been committed to docs.

I'm reopening this since the current grants are insufficient (i.e. they are too lenient and do not present a clean test case).

Ideally, we'd have an exact profile for:
- service_account
- user
- anon_user

(Pure anon is probably pointless.)

Also, the service account profile should receive grants for modifying groups so this can be tested as well.

Help would be appreciated, I find the olcAccess schema rather incomprehensible.