fixes #11473 - remove re-init of domain select2 on env selection

After an environment was selected, the reloadOnAjaxComplete function
re-initialised every select2, but other dropdowns triggered
onContentLoad which excluded those with the without_select class....

Fixes #11579 - Reports show/destroy restricted by host authorization (CVE-2015-5233)

ReportsController 'show' and 'destroy' now perform a check to see if
the User is authorized to see the Host associated with the Report. In
case it's not, it returns 404, as to not give hints whether a Report...

Fixes #11031 - ignore identifiers of interfaces being destroyed

(cherry picked from commit 1e7822a586b6e4f288823df0b9419ef2749d6b8c)

Fixes #11621 - n+1 query on User Groups index

(cherry picked from commit dc6977673f9875e5d0c7542c586e1aca0db8b4ee)

fixes #9108 - parent parameters are now overrideable

(cherry picked from commit 221fd0504d1efc0b056fd93e0824b6fbc2b453e8)

Fixes #11663 - Empty lookup value not validated when use_puppet_default is checked

(cherry picked from commit baa21c791a8b8a3cbbc9f1a21a1cfe2448730800)

Fixes #11428 - External user groups refresh shouldn't be case sensitive

group_list in ldap_fluff returns a list of lowercase LDAP GIDs.
When AuthSourceLdap tries to run update_usergroups to refresh the external
user groups, it will try to match these lowercase gids with external user...

Fixes #11673 - accept integer value when setting the integer via API

(cherry picked from commit 6c05bd5b88b4d301bb44dd65787716a2d5635554)

Fixes #11650 - show global parameter value inherited from parent taxonomy

(cherry picked from commit be33e6e905c8d0315262a3a3a45459c3a098a29e)

fixes #11619 - only check template changes when persisted

(cherry picked from commit bf5f18013ad224a93d917d696d94952965a8968d)