Container Support

I was not able to finish the work on time; however, I came up with a few solutions that have pros and cons.

I attached some patch files (git diff) to this issue and they have the following significance:

1. dynamicload.patch - The permissions are loaded from RegistryAccessPolicy that is also used by the token server. This solution may impact the overall performance of the endpoint because it iterates through all repositories within the registry.
2. hardcoded.patch - Useful only when we will not allow administrators to modify the access policy. It follows the code snippet from https://docs.pulpproject.org/pulpcore/plugins/plugin-writer/concepts/rbac/queryset_scoping.html#manually-implementing-queryset-scoping.
3. guardian-hardcoded.patch - The simplest way of achieving the same result as in hardcoded.patch. It benefits from https://django-guardian.readthedocs.io/en/stable/api/guardian.mixins.html?highlight=queryset#guardian.mixins.PermissionListMixin.

In every scenario I used the permission pull/pull_containerdistribution. I am not sure whether this should be rather view_containerdistribution.

At the moment, all authenticated users are allowed to access the catalog endpoint (the first bullet point from the previous comment is therefore fulfilled).

PR: https://github.com/pulp/pulp_container/pull/265

Applied in changeset 8ca2f0e88462f78c76423cce8af838d8d3676e85.