Review security roles and permission according to new simple scheme

[dilshat]

We need to review and adjust roles and permission according to new simplified security scheme:
Standard user can create and manage environments only.
She can execute commands on containers of environments to which she has access (ownership or sharing permission).
She can use tools that operate on environments and containers only.

Admin user can manage peer overall.
He can register peer on Hub. Approve RH agents. View monitoring metrics. Evict tenant users and their environments.
Admin can not create or manage environments. For this he must create a standard user.

Also we should elaborate on which tools admins will need to avoid getting into system shell to perform some actions.

Review all CLI REST and UI for this

[dilshat]

For now it is implemented this way:
Admin user can still create own environments
Admin role by default has a new permission - Tenant-Management which allows him to view and destroy all environments on local peer (actually any user with this permission can do this)
Regular user is basically allowed to create and manage own environments only.
Related security bug will be fixed along #1443 (regular user must not be able to operate on something besides own environments)

[dilshat]

Implemented #1442 #1443