UserViewSet returns too much information for regular users

[derneuere]

📝 Description of issue:

UserViewSet returns all users of an instance when you are logged in as a regular user. It also returns all information about these users. It should instead only return PublicUserSerializer for other users and UserSerializer for himself. Furthermore, it should also only show users which have public sharing enabled.

Maybe it makes even sense to add a second toggle for that, so that you can be not visible in public, but for all registered users instead.

https://github.com/LibrePhotos/librephotos/blob/b807d566b74dd4eb336441cb607786b8e781a746/api/views/user.py#L59

As this function is now problematic for the second time, it maybe makes sense to put the admin view of the users on a different view.