fix: private user information available only for admin and the user

[jvillafanez]

Description

Private user information will only be available for the people with full account privileges (likely the admin) or for the user himself. Any other user (such as space admins) will only be able to access to public information.

The public information is: the userId, the displayname, the user type and the identity. The mail won't be shown by default, unless the graph service is configured to do so. To do that, the "mail" must be part of the displayed attributes in the OCIS_USER_SEARCH_DISPLAYED_ATTRIBUTES env var.

Affected operations are: "GetUsers", "GetUser" and "PatchUser". Note that the behavior of each operation remains the same.

IMPORTANT: The "onPremisesSamAccountName" will appear as empty instead of not appearing at all.

{"displayName":"manirello","id":"94bf9bfd-5f0e-4825-807c-93cd4196e0b4","onPremisesSamAccountName":"","userType":"Member"}

Related Issue

• Fixes <issue_link>

Motivation and Context

How Has This Been Tested?

• test environment:
• test case 1:
• test case 2:
• ...

Screenshots (if appropriate):

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Technical debt
• Tests only (no source changes)

Checklist:

• Code changes
• Unit tests added
• Acceptance tests added
• Documentation ticket raised:

@LukasHirt could you check if there is any additional attribute that you need?

[update-docs]

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

[LukasHirt]

I could not find anything in web depending on an attribute that would not be returned after this change so it should be fine for us.