Warn for permissions with read/write/search/compare and no attrs
    
    An ACI with rights of read, write, search and/or compare without
    attributes to apply the rights to is effectively a no-op. Allow
    the ACI to be created but include a warning. Ignore the add
    and delete rights. While they make no sense in the context of
    the other rights we should still warn that they are a no-op
    with no attributes.
    
    Use the existing make_aci() object method to create the
    message and update the add/mod callers to capture and add the
    message to the result if one is provided.
    
    When updating an existing ACI the effective attributes will
    not be included so fall back to the attributes in the resulting
    permission.
    
    Prior to checking for rights and attributes convert any deprecated
    names for older clients into the newer values needed by make_aci
    
    This is exercised by existing xmlrpc permission tests that
    create such permissions without attributes.
    
    https://pagure.io/freeipa/issue/9188
    
    Signed-off-by: Rob Crittenden <rcritten@redhat.com>
    Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
    Reviewed-By: Florence Blanc-Renaud <flo@redhat.com>