RegistryNode: Design Role Based Access for User and Admin (and their differences)

[marcvanandel]

In the current design of Admin and User things are not fully clear and logical. This should be clarified and designed properly (better).

• a new user should be able to log on (by external identity provider integration)
• a newly created user should be pointed to the organizations available in the current Registry Node
• when a user creates a new Organization he should be Admin for the start
• only Admins can update the contact details of an Organization
• Users can request to be permitted to join an Organization
• Admins will receive a message (email) on a User request to join
• Admins can invite Users to join their Organization
• only Admins can permit users to be added to that Organization
• if there's only one Admin within an Organization he's not allowed to leave this Organization; (or should the first User who re-joins an 'empty' Organization become the first Admin as well?)
• Admins should be able to delete their Organizations - only when all devices are deleted?

Besides Admins and Users it might be required to have a more sophisticated rights system based on teams or departments within an Organization -> see #214