added access control model and more stuff around access mgmt

backend/api/user_api.py

@@ -22,13 +22,17 @@ user_model = api_user.model('User', {
     'last_name': fields.String(required=True, description='The user\'s last name'),
     'email': fields.String(required=True, description='The user\'s email address'),
     'nickname': fields.String(required=False, description='The user\'s nick name'),
+    'role': fields.String(required=False, description='Role a user might have (in addition to group memberships)'),
+    'effective_permissions': fields.List(
+        fields.String(required=True), required=False, description="List of permissions (groups + (optional) role)."
+    ),
     'groups': fields.List(
         fields.Nested(api_user.model('user_group', {'id': fields.Integer(), 'name': fields.String()})),
         required=False, description='Group memberships.'),
 })
 
 user_update_parser = api_user.parser()
-user_update_parser.add_argument('email', type=inputs.email, required=False, nullable=False, store_missing=False)
+user_update_parser.add_argument('email', type=inputs.email(), required=False, nullable=False, store_missing=False)
 user_update_parser.add_argument('nickname', type=str, required=False, store_missing=False)
 user_update_parser.add_argument('first_name', type=str, required=False, store_missing=False)
 user_update_parser.add_argument('last_name', type=str, required=False, store_missing=False)