Data manager API endpoint to accept and handle "valid_at" timestamp

Description

API calls from account-data-manager contain a valid_at timestamp. This should be checked against the API's database record for the user and ignored if earlier than the currently stored last updated date.

Records are needed for deleted users (even if yet to receive a create event) so that a last updated date can be recorded against them. Thus deletion events should cause soft-deletion of users.

Task list

• Add a deleted boolean to user records
• Add a valid_at timestamp to user records
• Add updated_at and created_at auto-time fields
• Update create, update and delete API endpoints to compare valid_at with valid_at stored in database
• Ignore changes earlier than those already applied
  • Log these events
• Delete API calls soft delete users instead of removing them from DB
• All (not ignored) API calls update the valid_at with the valid_at timestamp from the event

Acceptance criteria

• Out of order calls to API result in a consistent/appropriate state stored in DB (with tests to demonstrate different scenarios)

Links/references

• !69 (comment 758207)