feat(backend/permission): allow node viewer/manager more read permissions

Node viewer/manager can now read /projects/<id>/users/ and
/audit/project-permission/ endpoints. Only information corresponding
to their node is available.