API v2 should not include the user's role in the responses

[kzalys]

Currently all API v2 operations that return the User entity, include the user's role in the response.

The user's role is specific to hs_auth's internal implementation and hs_auth's consumers should not depend on the user's role, permissions should be checked via the GetAuthorizedURIs operation. As such, we should update the API v2 responses to omit the role whenever a User is returned.

[kzalys]

The user entity: https://github.com/unicsmcr/hs_auth/blob/master/entities/user.go

To resolve this issue, it would be enough to omit the Role field from JSON responses. We are already doing something similar for the user's password already: https://github.com/unicsmcr/hs_auth/blob/master/entities/user.go#L27 (via the json:"-" directive). So to complete this issue we'd need to:

• Omit the user's role from JSON responses similar to how we do it for the user's password
• Create unit tests like the ones we have for omitting the user's password: https://github.com/unicsmcr/hs_auth/blob/master/entities/user_test.go