Begin of the insertion**As** an OpenProject API client
**I want**End of the insertion Begin of the deletion descriptionEnd of the deletion to be Begin of the insertionable to lock and unlock user through the APIv3
**so that** I can perform timely account administration for externally (i.e., through OmniAuth strategies) authenticated users.

-----

With OmniAuth, we now have external services authenticate
users in an asnychronous manner. With this change, proper means
to manage the status based from these services become a necessity.
Particularly, deleting and locking users based on outer events are
a requirement for timely account administration.

As the API (v3) already provides the functionality to remove user
accounts, this commit suggests an extension to provide locking
and unlocking user accounts through the API.

Given the current api organization, I suggest the following solution:

1. PATCHing the user resource `/api/v3/users/{id}` with a flag the corresponds to the lock status
2. Adding a resource `/api/v3/users/{id}/lock`, for which POST performs the lock and DELETE removes it.

The discussion leading up to this work package: https://community.openproject.org/topics/3706End of the insertion Begin of the deletion added laterEnd of the deletion