Provide optional checking of k8s permissions on a space or deployment

[stooke]

This issue covers an enhancement to WIT (and eventually to UI) to optionally check k8s permissions for k8s objects. The enhancements is optional due to the cost of interrogating Kubernetes.

The ideal way of doing this would be to reply to preflight requests correctly, but the goadesign tool used in WIT doesn't appear to allow this; also this is expensive in terms of time.

The basic proposal is to add a new optional parameter to several endpoints (currently 'qp=true') that causes WIT to interrogate k8s permissions for an object and return those permissions as an array of valid HTTP request types for that object.

The first proposed endpoint for this enhancement is /api/spaces/{spaceId}.
When the 'qp' parameter exists and is 'true', then the 'related links' object will have a new entry for the deployments endpoint, listing valid HTTP methods that reflect permissions available to the user.
The deployments endpoint is not a good example, because it doesn't allow anything other then GET even when the uses has full access to the k8s space.

{  
    "data":{  
        "attributes":{  
           ...
        },
        "id":"00000000-0000-0000-0000-000000000000",
        "links":{  
           ...
           "deployments":{  
                "href":"http://localhost:8080/api/deployments/spaces/00000000-0000-0000-0000-000000000000",
                "meta":{  
                    "methods":["GET"]
                }
            },
           ...
        },
        "relationships":{  
           ....
       },
       "type":"spaces"
    }
}

Associated PRs:
#2207 add authorization checking to k8s package
#2246 permissions API