[AC-2172] Member modal - limit admin access (#3934)

* update OrganizationUsersController PUT and POST
* enforces new collection access checks when updating members
* refactor BulkCollectionAuthorizationHandler to avoid repeated db calls

src/Sql/dbo/Stored Procedures/OrganizationUser_ReadWithCollectionsById.sql

@@ -9,11 +9,12 @@ BEGIN
     SELECT
         CU.[CollectionId] Id,
         CU.[ReadOnly],
-        CU.[HidePasswords]
+        CU.[HidePasswords],
+        CU.[Manage]
     FROM
         [dbo].[OrganizationUser] OU
     INNER JOIN
         [dbo].[CollectionUser] CU ON OU.[AccessAll] = 0 AND CU.[OrganizationUserId] = [OU].[Id]
     WHERE
         [OrganizationUserId] = @Id
-END
+END