security: Several actions available to users that should not have permission to do #74
Description
- If an operator user has only read access they can still ssh into containers for deployments they have only read.
- The UI also shows that they may be able to add or remove domains, disable or remove ssl
Those are just a few examples a wider audit needs to be done for protect forgotten endpoints or include new ones and update the UI as well.