[DRP] Add DRP action name to Fidesops Policy Model

[adriaaaa]

Requirements

1. MUST have the ability to specify a “DRP action” when creating or editing a policy

• Right now action will be equivalent to the right column from the spec. here: https://github.com/consumer-reports-digital-lab/data-rights-protocol#301-supported-rights-actions and we should only focus on access and delete.

2. MUST require that a given DRP action is only used once (this ensures a 1:1 match from DRP actions to Fidesops policies)
3. MUST validate the action against the list of valid actions defined in the DRP specification
4. SHOULD NOT require that DRP actions are defined; it is valid to have multiple Fidesops policies defined but none mapped to a DRP action
5. SHOULD NOT ascribe any specific behaviour to this DRP action, it is purely to translate between standards-based DRP actions and the user-defined policies in Fidesops

Implementation Notes

• includes ingesting - the whole flow to associating an action with a policy
• SQLAlchemy will allow us to specify that the DRP action field as unique.
• validating the action can be db-level validation
• see full requirements here

[eastandwestwind]

@adriaaaa one bit of clarification- by "focus", do you mean we should only support access and deletion rights for now? i.e not access:categories, for example?

[adriaaaa]

• https://github.com/consumer-reports-digital-lab/data-rights-protocol#301-supported-rights-actions

@eastandwestwind that is correct. The DRP spec hasn't defined the access:categories and access:specific schema or sematics yet, see this github issue