Fix column-privilege leak in error-message paths

 Fix column-privilege leak in error-message paths
 
 While building error messages to return to the user,
 BuildIndexValueDescription, ExecBuildSlotValueDescription and
 ri_ReportViolation would happily include the entire key or entire row in
 the result returned to the user, even if the user didn't have access to
 view all of the columns being included.
 
 Instead, include only those columns which the user is providing or which
 the user has select rights on.  If the user does not have any rights
 to view the table or any of the columns involved then no detail is
 provided and a NULL value is returned from BuildIndexValueDescription
 and ExecBuildSlotValueDescription.  Note that, for key cases, the user
 must have access to all of the columns for the key to be shown; a
 partial key will not be returned.
 
 Further, in master only, do not return any data for cases where row
 security is enabled on the relation and row security should be applied
 for the user.  This required a bit of refactoring and moving of things
 around related to RLS- note the addition of utils/misc/rls.c.
 
 Back-patch all the way, as column-level privileges are now in all
 supported versions.
 
 This has been assigned CVE-2014-8161, but since the issue and the patch
 have already been publicized on pgsql-hackers, there's no point in trying
 to hide this commit.