Add self-service non-admin user RBAC

[gerrod3]

This should allow users to update their password without needing admin permission.

📜 Checklist

• Commits are cleanly separated with meaningful messages (simple features and bug fixes should be squashed to one commit)
• A changelog entry or entries has been added for any significant changes
• Follows the Pulp policy on AI Usage
• (For new features) - User documentation and test coverage has been added

See: Pull Request Walkthrough

[mdellweg]

I wonder if we could add this to the login viewset in a useful way.

That would mean the users viewset keeps being admins only, and users only ever interact with the login. We could even use a serializer that asks for the old, the new and a confirmation of the new password (when thinking about ui...), still allowing an admin to just (re-)set a users password.

[josephtate]

Yes, this looks like "just enough"

[gerrod3]

@mdellweg I did your suggestion, put it as a patch call to /login. Let me know if you have any concerns