Feature request: Dandiset reviewers

[bendichter]

I was speaking with Denise Cai at SfN and she requested a way to allows reviewers of a paper to have read-only access to a specific embargoed Dandiset. This feature has already been outlined in the embargo-full design doc:

dandi-archive/doc/design/embargo-full.md

Lines 20 to 37 in 5beddfa

	## Read-only access
	In the MVP, the only role a user can have on a dandiset is "Owner".
	There should be a new role, "Reviewer".
	Reviewers are allowed to access asset data on private and restricted embargoed dandisets.
	Reviewers are allowed to see private embargoed dandisets.
	Reviewers are not allowed to make any changes to embargoed dandisets.
	If a user is a reviewer on an embargoed dandiset, they do not have any permissions on other embargoed dandisets unless explicitly added to those dandisets as well.
	The web UI will show reviewer selection directly under owner selection.
	Reviewers are not acknowledged for unembargoed dandisets and will not show up in the web UI.
	This will be implemented as a new django-guardian role.
	All read endpoints for assets are permitted for users who are reviewers of the embargoed dandiset.
	All read endpoints for dandisets and versions will treat reviewers the same as owners.
	All write and upload endpoints are unchanged.

Has there been movement on this? I just wanted to pass along that users are requesting this feature.

[waxlamp]

@kabilar, @aaronkanzer and I were just discussing this today. There should be motion on this soon.