Add CSRF token requirement to PUT/PATCH/DELETE endpoints in metastore

[akaroleff]

For POST, PUT, PATCH and DELETE methods in the DKAN REST API, we should be adding a CSRF token requirement to the Drupal routes. This means that for any routes like this, we should have:

requirements:
     _access_rest_csrf: 'TRUE'

May be challenging to reflect this in the Swagger docs, will involve some research and experimentation on that front.