Add missing attributes to ipasudorule.

This patch adds the following attributes to ipasudorule:

    - order
    - sudooption
    - runasuser
    - runasgroup

It also fixes behavior of sudocmd assigned to the the sudorule, with the
adittion of the attributes:

    - allow_sudocmds
    - deny_sudocmds
    - allow_sudocmdgroups
    - deny_sudocmdgroups

README-sudorule and tests have been updated to comply with the changes.

playbooks/sudorule/ensure-sudorule-sudocmd-is-present.yml

@@ -8,7 +8,12 @@
   - ipasudorule:
       ipaadmin_password: MyPassword123
       name: testrule1
-      cmd:
+      allow_sudocmd:
       - /sbin/ifconfig
+      deny_sudocmd:
       - /usr/bin/vim
+      allow_sudocmdgroup:
+      - devops
+      deny_sudocmdgroup:
+      - users
       action: member