Add Domain User form allows user enumeration

[ShaneMcC]

Similar to #18 but a lot more annoying to solve as we store access in the DB keyed off the userid incase the user changes their email address.

[ShaneMcC]

Probably gonna implement this something like:

• Add a pendingAccess table (domainid, email, accessLevel, addedByUser, expiresTime, response)
• When adding access for someone, it adds it to this table and tells the person adding the access that if a user exists with that email, they will be told about the pending request and given X days to accept or reject.
• Find a user with email as their email and send them a message to let them know someone wants to share access to a domain.
• The domains page should show all pending requests (even if there is no matching user) that have either not been actioned, or have been rejected (so that rejecting doesn't give away that the user exists) and have not yet expired
• Allow a user with an email address of emailto accept/reject the request (if they haven't already rejected).
  • Accept should add the appropriate level into the main domain access table and notify addedByUser that the request was accepted (in case they forgot about the access request, to remind them that someone else now has access to the domain) and remove the pendingAccess request.
  • Reject should mark the request as rejected so that it can't be accepted, but shouldn't remove it until after the expiry date

I think. Will mull it over some more before actually implementing.