unified scheme for protecting other-resource access

[joel-bluedata]

KubeDirector has a high level of privilege, and as a kdcluster creator/editor you can ask it to do lots of things, including getting information and/or contents from other resources like secrets, configmaps, and other kdclusters. Depending on the type of resource and the kind of access we have a range of "are you allowed to do that checks" ranging from no-check, to checking the resource name prefix, to a full on SubjectAccessReview. This is confusing and makes it more probable that KD users will be allowed to do something that the deploying/configuring admin did not intend.

For the 1.0 release (or earlier) we should do a pass over this to have a more consistent scheme. Maybe "SubjectAccessReview in all cases" is the correct answer, maybe not, but let's decide.