[FEAT]: Workspace should be able set visibility based on role

[dohsimpson]

What would you like to see?

Currently, workspace access is controlled on a per user basis (for default role users). This means that when a new default role user is created, they are greeted with an empty home page, where no workspace is accessible to them.

Ideally, workspace permission could be set on a role basis (in the current code, only default role needs to be allowed, manager / admin automatically has permission). This way, admin/manager does not need to manually add users to workspace that they intend to make public.