chore(staff): Let staff access user details endpoint

[schew2381]

This endpoint is open to people viewing themselves, superuser, and staff

There is logic inside PUT and delete that changes depending on which mode you are. Right now:

1. PUT - Superuser can change users to be superuser or staff if they have users.admin
2. DELETE - Superusers can hard delete users if they have users.admin

We want to prevent superusers in the future from being able to do this, but allow staff because these actions are only performed through the _admin portal

When checking for users.admin, once the feature flag is removed we'll include an explicit check for is_active_staff to achieve this.

[codecov[bot]]

Codecov Report

Attention: 1 lines in your changes are missing coverage. Please review.

Comparison is base (2d13378) 80.11% compared to head (825b9ca) 81.40%.

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #64631      +/-   ##
==========================================
+ Coverage   80.11%   81.40%   +1.29%     
==========================================
  Files        5250     5251       +1     
  Lines      232144   232156      +12     
  Branches    45579    45580       +1     
==========================================
+ Hits       185973   188990    +3017     
+ Misses      40173    37282    -2891     
+ Partials     5998     5884     -114     

Files	Coverage Δ
src/sentry/api/endpoints/user_details.py	96.22% <100.00%> (+0.07%)	:arrow_up:
src/sentry/api/serializers/models/user.py	98.28% <66.66%> (ø)

... and 274 files with indirect coverage changes