Give Site Administrator permission to add users to groups

[wesleybl]

The addMember method requires the user to have the Manage Users permission but the Site Administrator does not have this permission. Then we use the addPrincipalToGroup method, which does not require this permission.

fixes #1750

[mister-roboto]

@wesleybl thanks for creating this Pull Request and helping to improve Plone!

TL;DR: Finish pushing changes, pass all other checks, then paste a comment:

@jenkins-plone-org please run jobs

To ensure that these changes do not break other parts of Plone, the Plone test suite matrix needs to pass, but it takes 30-60 min. Other CI checks are usually much faster and the Plone Jenkins resources are limited, so when done pushing changes and all other checks pass either start all Jenkins PR jobs yourself, or simply add the comment above in this PR to start all the jobs automatically.

Happy hacking!

[netlify[bot]]

✅ Deploy Preview for plone-restapi canceled.

Name	Link
🔨 Latest commit	cc46fe1e766dd01dbfdc5ce5d0c40f88f7bdf622
🔍 Latest deploy log	https://app.netlify.com/sites/plone-restapi/deploys/65da408b32add90008f37588

[wesleybl]

@jenkins-plone-org please run jobs

[jensens]

While this fixes the immediate problem, I would question question why the two methods have different permissions - and if it would not be better to fix it there than working around here?

[wesleybl]

@jensens this is the same solution used in the Classic UI. See @davisagli 's opinion on using Manage Users:

https://github.com/plone/plone.restapi/pull/1712#discussion_r1377057545

[jensens]

@jensens this is the same solution used in the Classic UI. See @davisagli 's opinion on using Manage Users:

#1712 (comment)

got it, indeed.