Refactor provider admin subrole to employee role

[DmyMi]

Refactor provideradminsubrole into a completely new role - employee.

Any user who has an employee role must have corresponding information stored in #1532 model (and related #1527 & #1531).

For now every employee should have access to every workshop in their provider.

Notes:

• [ ] Think about storing extra information about the given employee in the token, e.g. their provider id so we make less roundtrips to database on every request.
• [x] Need to remove unnecessary permissions in the permission seed for provider admin
• [x] Need to remove all check for deputy in code (e.g., for now only provider will be able to change their own info)
• [x] Remove all subroles