Comment 3 for bug 1562175

When putting the object that has a versioned container we are using a pre-authed request to move it before checking whether the user is authorised. On Deletes it's fine because we we attempt to auth before doing anything.

There are 2 ways we can solve this:

 1. We could either do the same for the PUT object. that is authenticate before we do anything. Or;
 2. just make sure we use make_subrequest rather then make_pre_authed_request, and the former copies the swift.authorize and so it gets authed at the proxy.

The 2nd option however means there would be a change in version_writes behaviour. The 2nd option would mean when giving someone the ACL to write a container that gets versioned, the user also needs an ACL on the versions_container also.

Because of that, he is a patch for option 1 with updated unit and functional tests. Like the DELETE method, this patch checks to see that the user has writes the container before pre-auth requesting to move the object in the container.