One common request we've had over the years is to mirror repository access control into Review Board. This is complicated by a few factors. Review Board has always used a single account to access the remote repository, and it caches aggressively to provide reasonable interactive performance, so we can't just rely on the repository access directly. In addition, it's not uncommon for repository users/usernames to not match up with Review Board users/usernames (especially when repositories are hosted on SaaS services). In order to make this possible, we're adding a new extension hook, `FileDiffACLsHook`. This hook is invoked when a user attempts to access a review request, and is run for each `DiffSet`/`FileDiff`. The result of this is cached per `DiffSet` to keep reasonable performance overall. People can then create an extension implementing this hook to do whatever access control they want, whether that's querying the repository or referencing external config files. Testing Done: - Implemented a sample extension that queried `p4 protect` information to do access control for Perforce repositories. This implementation is visible in the documentation for the hook. - Ran unit tests. Reviewed at https://reviews.reviewboard.org/r/11857/