🔒️ Fix a wrong permission role

A wrong role assigned to PluginManager LIST permission as
introduced in 1.8.0 causes a privilege escalation,
allowing read-only and user group the same rights as
the MANAGE permission:

- enabling/disabling plugins
- uninstalling plugins
- listing installed plugins incl. their details
- retrieving plugin notices
- deleting orphaned plugin settings

src/octoprint/plugins/pluginmanager/__init__.py

@@ -228,7 +228,7 @@ def get_additional_permissions(self):
                 "name": "List plugins",
                 "description": gettext("Allows to list installed plugins."),
                 "default_groups": [READONLY_GROUP, USER_GROUP, ADMIN_GROUP],
-                "roles": ["manage"],
+                "roles": ["list"],
             },
             {
                 "key": "MANAGE",