update canRequestProjects check to include list,create

This patch adds a check to see if the user cannot list
`projectrequests`,
in addition to create `projectrequests`. This warning showed up
previously
only when a user did not have a `self-provisioner` role, however, it
faield to show up if the user did have a `self-provisioner` role but
was unable to list `projectrequests`.

Author: juanvallejo

pkg/cmd/cli/cmd/login/loginoptions.go

@@ -250,19 +250,32 @@ func (o *LoginOptions) canRequestProjects() (bool, error) {
 	}
 
 	sar := &authorizationapi.SubjectAccessReview{
+		Action: authorizationapi.Action{
+			Namespace: o.DefaultNamespace,
+			Verb:      "list",
+			Resource:  "projectrequests",
+		},
+	}
+
+	listResponse, err := oClient.SubjectAccessReviews().Create(sar)
+	if err != nil {
+		return false, err
+	}
+
+	sar = &authorizationapi.SubjectAccessReview{
 		Action: authorizationapi.Action{
 			Namespace: o.DefaultNamespace,
 			Verb:      "create",
 			Resource:  "projectrequests",
 		},
 	}
 
-	response, err := oClient.SubjectAccessReviews().Create(sar)
+	createResponse, err := oClient.SubjectAccessReviews().Create(sar)
 	if err != nil {
 		return false, err
 	}
 
-	return response.Allowed, nil
+	return (listResponse.Allowed && createResponse.Allowed), nil
 }
 
 // Discover the projects available for the established session and take one to use. It