feat(nns/sns): Add allowed_viewers variant case into canister_status responses

[jasonz-dfinity]

Why

Currently, the management canister can return the LogVisibility::AllowedViewers variant for the canister status of a canister under NNS/SNS root control. Although it's currently impossible for NNS/SNS root to change the log visibility of any canister under their control into this variant, it's still possible for a canister with this variant to be brought under its control. When the canister_status is called in this case, the canister_status call made by root to the management canister will fail at decoding the response. This PR aims to improve that.

What

• Add the allowed_viewers variant into LogVisibility where it's part of the canister_status response (not when it's part of update_settings). Since the response from SNS/NNS root also uses this enum, this change also affects NNS/SNS root response types.
• Update NNS/SNS Root canister_status response types

Why It's Safe

We need to reason about the data flow in such sequence (true for both NNS/SNS Root, and will refer to them as Root below), when Root::canister_status is called:

1. Root gets canister_status response from the management canister as bytes
2. Root decodes the response into CanisterStatusResultFromManagementCanister
3. Root converts CanisterStatusResultFromManagementCanister to CanisterStatusResult or CanisterStatusResultV2
4. Root encodes CanisterStatusResult or CanisterStatusResultV2 into bytes
5. Clients of root (using root.did) decodes the response according to .did

We can then reason about the above data flow in several cases:

• When the log_visibility of the canister is controllers/public, there is no change.
• When the log_visibility of the canister is allowed_viewers and the client uses the old root.did:
  • Root will successfully decode the response from the management canister (step 2), while it fails before this PR
  • The step 4 will result in CanisterStatusResult or CanisterStatusResultV2 having the allowed_viewers variant
  • The client using the old root.did (no allowed_viewers) will not understand the variant, but since log_visibility : opt LogVisibility, it will decode it to log_visibility : null
• When the log_visibility of the canister is allowed_viewers and the client uses the new root.did, the client will be able to see allowed_viewers

[github-actions]

If this pull request affects the behavior of any canister owned by
the Governance team, remember to update the corresponding
unreleased_changes.md file(s).

To acknowldge this reminder (and unblock the PR), dismiss this
code review by going to the bottom of the pull request page, and
supply one of the following reasons:

1. Done.

2. No canister behavior changes.

[max-dfinity]

NCR. Maybe "CanisterStatusLogVisibility"?