feat: Include oldObject and admission request metadata in expansion

[multimac]

What this PR does / why we need it: Update the expansion logic to propagate the oldObject and userInfo fields from the admission request (along with a few other fields)

I've been trying to set up a policy that allows users to edit fields of a specific workload resource (eg. a Deployment) but prevents them from modifying the Pod template within that resource, as that could allow them to alter the workload and lead to security issues (eg. modifying the container image that is executed)

Currently, the expansion logic only expands the object field, meaning it's not possibly to detect if a policy is operating on a CREATE or an UPDATE request, and act accordingly. Additionally, because it doesn't propagate the userInfo field, it's not possible to make policies that depend on which user made the change

Special notes for your reviewer: I've tried to add tests to pkg/expansion, but wasn't sure how to go about setting up a test in pkg/webhook to confirm all fields from the admission request are propagated as expected