* EZP-28917: As a Developer I want API to manipulate User Tokens

* EZP-28917: Implemented integration tests for User Token APIs

* EZP-28917: Implemented checking for user / password policy

It allows Users w/o content / edit policy to update their password

BC: If User has content / edit policy, but no user / password policy, updating password works as well