add owner role support (#1340)

This PR adds support to Owner roles.

The owner role has a similar access level as the admin, but it has the power to delete the account.

Besides that, the role has the following constraints:

- The role can only be transferred. So, only a user with the owner role can transfer the owner role to a new user
- It can't be assigned to users being invited
- It can't be assigned to service users

management/server/http/accounts_handler.go

@@ -40,7 +40,7 @@ func (h *AccountsHandler) GetAllAccounts(w http.ResponseWriter, r *http.Request)
 		return
 	}
 
-	if !user.IsAdmin() {
+	if !user.HasAdminPower() {
 		util.WriteError(status.Errorf(status.PermissionDenied, "the user has no permission to access account data"), w)
 		return
 	}

management/server/http/middleware/access_control.go

@@ -53,7 +53,7 @@ func (a *AccessControl) Handler(h http.Handler) http.Handler {
 			return
 		}
 
-		if !user.IsAdmin() {
+		if !user.HasAdminPower() {
 			switch r.Method {
 			case http.MethodDelete, http.MethodPost, http.MethodPatch, http.MethodPut:
 
@@ -63,7 +63,7 @@ func (a *AccessControl) Handler(h http.Handler) http.Handler {
 					return
 				}
 
-				util.WriteError(status.Errorf(status.PermissionDenied, "only admin can perform this operation"), w)
+				util.WriteError(status.Errorf(status.PermissionDenied, "only users with admin power can perform this operation"), w)
 				return
 			}
 		}