refactor: add "survey admins" group #134
Description
Very low priority; we will only do this if someone asks for fine grained separation of admins role.
Currently admins can:
- Manage webhooks & addons (CRUD)
- Manage surveys (CRUD, set active/inactive)
- Manage users (delete) and groups (CRUD)
- Manage quotas
We can't delegate group management to non-admins because of the API permissions model and because it would require an ACL on each group, and potentially could lead to unwanted access if not managed properly.
We should not delegate quota or webhook or addon management to non-admins. We might want to make webhook and addon invocation logs available to the affected users.
The only thing left is survey management. This might be problematic because of API structure; survey management is built into the api as an admin function. Maybe we should refactor to classify surveys as normal objects with their own endpoint.