Group invite model

Closes #4 (closed)

• Adds a Group User Invite model to store invite info (just meta data off of GroupUser)
• Add to group user api view a is invite pending field
• Always add user to a group without waiting for acceptance - just note it's pending. We need this due to end to end crypto.
• Adds some test that don't use the python passit sdk. This makes them much easier to use and check the permissions well. I want to do this more going forward. They just won't be able to do any real crypto stuff - since all the ciphertext is fake.

Pending questions:

Should we even allow a client to view the group key ciphertext before accepting? I could imagine a possible attack vector sending random users json data via group invites. However we need to watch for this in groups where people accept the invite anyway - so it might just be smoke hiding this from the api.

This will require significant sdk and frontend changes to support showing this.