Nicole needed a way to get a logged-in user's roles without needing an admin account. However, the issue is that the GET user_roles endpoint requires "user-manager" role which blocks us from authorizing users to make edits to the metadata site.
This change drop the "user-manager" requirement on the GET user_roles endpoint and allow anyone to request a list of their own roles for their account. "user-manager" role is required if you want to know the role of other usernames still.
Nicole needed a way to get a logged-in user's roles without needing an admin account. However, the issue is that the GET user_roles endpoint requires "user-manager" role which blocks us from authorizing users to make edits to the metadata site.
This change drop the "user-manager" requirement on the GET user_roles endpoint and allow anyone to request a list of their own roles for their account. "user-manager" role is required if you want to know the role of other usernames still.