RHDHPAI-1028: Reorganize RBAC for additional permissions

[michael-valdron]

ref: https://issues.redhat.com/browse/RHDHPAI-1028

Consolidates user groups into a new redhat-ai-dev-users Group referenced under redhat-ai-dev-view ClusterRoleBinding

Consolidates user groups into a new redhat-ai-dev-view-users Group to provide cluster-wide view permissions to specified users via redhat-ai-dev-view ClusterRoleBinding.

Add rhoai-workspace-edit RoleBinding

Adds rhoai-workspace-edit RoleBinding that references the redhat-ai-dev-users Group to edit anything under the rhoai-workspace.

Remove redhat-ai-dev-edit ClusterRoleBinding and redhat-ai-dev-edit-users Group

Removes redhat-ai-dev-edit ClusterRoleBinding and redhat-ai-dev-edit-users Group to narrow the permissions to redhat-ai-dev users to just the permissions needed. With the changes above, these larger scope of permissions are no longer needed.

Update authorization README file

Update authorization/README.md with the changes above.

[johnmcollier]

Thanks for taking this on Michael! I've left a couple comments.

Let's also hold off on merging til https://github.com/redhat-ai-dev/rosa-namespace-provisioner/ is updated, as we'll need the changes in it (granting edit permissions to user's in their personal namespace) first.

[johnmcollier]

Looks good, just one minor comment. But as I mentioned, let's hold off on merging til https://github.com/redhat-ai-dev/rosa-namespace-provisioner/ is updated

[michael-valdron]

Looks good, just one minor comment. But as I mentioned, let's hold off on merging til https://github.com/redhat-ai-dev/rosa-namespace-provisioner/ is updated

@johnmcollier Got the changes open here: redhat-ai-dev/rosa-namespace-provisioner#4

[michael-valdron]

@johnmcollier With redhat-ai-dev/rosa-namespace-provisioner#4 its safe to now merge this PR?

[johnmcollier]

LGTM let's merge