Add tighter control on project owner management

[imnasnainaec]

Resolves #3114

• Adds a single controller function, ChangeOwner, for changing the Owner of a project;
• Prevents all other role-updating functions from adding/removing project owners.
  • The one exception is that CreateUserRole can be used to create a project's first owner (when the project is initially created), but can no longer be used to add a second owner.

---

This change is 

[codecov]

Codecov Report

Attention: Patch coverage is 85.29412% with 10 lines in your changes missing coverage. Please review.

Project coverage is 74.71%. Comparing base (f34f053) to head (56056e0).
Report is 1 commits behind head on master.

Files with missing lines	Patch %	Lines
Backend/Controllers/UserRoleController.cs	86.56%	5 Missing and 4 partials ⚠️
...nts/ProjectUsers/CancelConfirmDialogCollection.tsx	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #3194      +/-   ##
==========================================
+ Coverage   74.59%   74.71%   +0.12%     
==========================================
  Files         280      280              
  Lines       10773    10838      +65     
  Branches     1299     1314      +15     
==========================================
+ Hits         8036     8098      +62     
  Misses       2370     2370              
- Partials      367      370       +3     

Flag	Coverage Δ
backend	83.92% <86.56%> (+0.11%)	⬆️
frontend	66.63% <0.00%> (+0.02%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[hahn-kev]

if this fails doesn't that mean there will be 2 owners? is this work being done in some kind of db transaction?

[imnasnainaec]

@hahn-kev You are correct that this failing could result in two owners. The primary motive for this pr was an edge case that could result in 0 owners. While much of this pr is also avoiding multiple owners, I think it's a less critical problem for that unlikely event to happen.

Though perhaps some sort of grouped/pipeline transaction would be the right way to do this. I'll poke at that idea.

[imnasnainaec]

One could use Transactions (https://www.mongodb.com/docs/drivers/csharp/current/fundamentals/transactions/) to make multiple changes and commit them all at once, but it appears to me to require a major refactor of how we interface with the database.

[imnasnainaec]

@hahn-kev Thanks for introducing me to transactions.

[hahn-kev]

You're welcome.

Yeah transactions are definitely the way to go when you want all your changes to either fail or succeed together.

[imnasnainaec]

Reviewable status: 0 of 5 files reviewed, 1 unresolved discussion (waiting on @hahn-kev and @imnasnainaec)

---

Backend/Controllers/UserRoleController.cs line 373 at r2 (raw file):

Previously, hahn-kev (Kevin Hahn) wrote…

You're welcome.

Yeah transactions are definitely the way to go when you want all your changes to either fail or succeed together.

Since transactions are not supported in Standalone MongoDB deployments, we'll hold off implementing them until some other month after we've switched to Replica Set deployment.

[jasonleenaylor]

The transactions will wait. This is a good step in the meantime.

Reviewed 4 of 5 files at r2, 1 of 1 files at r3, all commit messages.
Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @hahn-kev)