add readonly mode

[robkooper]

tested with create spaces/datasets/files but might be missing special cases. fixes #405

Description

A request was made to be able to mark users as read-only. They should not be able to create new spaces, or anything else. All they can do is view things.

Use 2 users, an admin user and set the second user to readonly

See if the readonly user can do any write operations, create spaces/datasets/collections/files/tags/comments etc.

Review Time Estimate

• Immediately
• Within one week
• When possible

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• My change requires a change to the documentation.
• I have updated the CHANGELOG.md.
• I have signed the CLA
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING document.
• I have added tests to cover my changes.
• All new and existing tests passed.

[max-zilla]

tested this, was able to create a dataset using Create Dataset button on the explore page when logged in as user with status set to ReadOnly (db.social.users.update({ "_id" : ObjectId("64248e486635dbcac3f867ab")}, {$set: {"status": "ReadOnly"}});)

[max-zilla]

Still some buttons on Explore UI that allow creation of new resources.

[lmarini]

Found a few more links in a couple of places:

• Dashboard at the top Create Space / Dataset Collection
• Dashboard My Spaces tab and My Collection tab
• Profile page, Spaces and Collections tabs (might be same template as dashboard)
• Selections, Delete All / Tag all

Left two other comments inline.

[lmarini]

I think we need to add this logic to controllers.SecuredController.PermissionAction to lock pages like /datasets/new