Reduce the output from the realm trace log (#2121)

This reduces the amount of lines logged with log level
'trace' from the DefaultRealm. This is done by concatenating
the single permissions and roles in a single line.

A log with the new layout looks something like this (the [...]
would list all further permissions in the real log output):

TRACE sonia.scm.security.DefaultRealm - authorization summary:
username   : scmadmin
roles      : user
scope      :
permissions: repository:*:ChTG0dBeUH , group:autocomplete , repository:*:[...]

In contrast, with the old layout it looks like this:

TRACE sonia.scm.security.DefaultRealm - authorization summary:
username   : scmadmin
roles      :
 - user
scope      :
permissions:
 - repository:*:ChTG0dBeUH
 - group:autocomplete
 - repository:*:5DTFWwBTiY
 - repository:*:ASTGBIVz11D
 - user:changeApiKeys:scmadmin
 - user:changePassword:scmadmin
 - user:changePublicKeys:scmadmin
 - user:readAuthorizedKeys,writeAuthorizedKeys:scmadmin
 - *
 - user:read:scmadmin
 - user:autocomplete
 - repository:*:4rT7VPex5J

scm-webapp/src/main/java/sonia/scm/security/DefaultRealm.java

@@ -43,6 +43,7 @@ import sonia.scm.plugin.Extension;
 
 import javax.inject.Inject;
 import javax.inject.Singleton;
+import java.util.Iterator;
 import java.util.Set;
 
 /**
@@ -163,8 +164,11 @@ public class DefaultRealm extends AuthorizingRealm {
 
   private void append(StringBuilder buffer, Iterable<?> iterable) {
     if (iterable != null) {
-      for (Object item : iterable) {
-        buffer.append(SEPARATOR).append(" - ").append(item);
+      for (Iterator<?> iter = iterable.iterator(); iter.hasNext(); ) {
+        buffer.append(iter.next());
+        if (iter.hasNext()) {
+          buffer.append(" , ");
+        }
       }
     }
   }