Remove `root` Flag

[nagem]

Currently, the root flag serves two purposes in core: 1) Allow system administrators to do some system level tasks (remove groups or modify site-level rules, etc) 2) Allow system administrators access to all data, not just data they have explicit permission to.

Proposed Changes

• [ ] Users with the System Administrator role should be able to perform all actions that are allowable for that role without having to "elevate" their permission with a root query parameter.
• [ ] System Administrators are also frequently normal users of the system and should be able to toggle the results of list views to show data they have explicit permissions for and all data in the system
• [ ] Direct access to objects (GET api/<cont_name>/<cont_id>) by System Administrators that do not have access should be an allowed action without requiring additional query params

[ehlertjd]

Are there any cases where admin users might not want to see the admin view of data? (e.g. see the list of projects for groups that I belong to)

[nagem]

@ehlertjd Yes, I believe what you're asking is this proposed change:

System Administrators are also frequently normal users of the system and should be able to toggle the results of list views to show data they have explicit permissions for and all data in the system

Admin users should be able to request only their data or all data from list endpoints (probably through use of a query param like all/all_data=true). I assume the default would be to show only their data.

[ehlertjd]

Makes sense, thanks. I was looking for that detail for the SDK.