API for assignment of roles to users

[ian-ross]

There is a mechanism for assignment and de-assignment of roles to user accounts.

[oliverroick]

I drafted an API design for user role management for organizations and projects. @Cadasta/cadasta-dev, I would like someone to cross-check if it makes sense, especially the bulk operations.

[seav]

@oliverroick, currently, the roles given as examples are from the default set of user roles in #8. If there will be custom roles or new default user roles in the future, do we assume that these role identifiers ("org_admin", "manager", "collector") will not conflict with other fields like "projects", "id", and "name"? Would it be better to add a namespace, or restructure the JSON to make this clearer?

[seav]

@oliverroick, I've added a bunch of comments to the document you shared

[ian-ross]

@seav Thanks for those comments. I've responded to most of them, but I'll be moving all that API documentation onto GitHub on Monday, which might make discussions easier.

[ian-ross]

@seav Oh, and to answer your question about the JSON field names: this fixed roles approach is a temporary measure before we develop a more sophisticated editable roles approach, so the namespacing shouldn't be a problem.

[oliverroick]

This is implemented and ready for review. I'll rebase and open a PR as soon as the main project backend functionality is in master.

[ian-ross]

I've reviewed this. It looks fine, although it will need another look before finally merging to make sure everything is OK after merging the main projects API.