Event file list web view was incorrectly showing the symlinked
version of a file to external users, even when they didn't have
permission to view that version of the file.

We now use ValidateDestroyMixin rather than SafeDeleteMixin for
handling removal of events from a superevent.  Some additional
logic in other places was no longer needed.

Some of the search utilities were still in the separate
events and superevents apps, so we moved them to the search app
and tried to clean things up a bit.  It's still kind of a mess
and probably not worth doing a full cleanup until we rework
the search.

Allow queries on whether a superevent is publicly available or
not. Add documentation to the query help page.

Queries which directly include a superevent ID should not have the
default category restrictions (not Test & not MDC) applied since
the category is determined by the superevent ID prefix.

Create new CustomDecimalField for handling float inputs better
than they are handled in rest_framework.fields.DecimalField.

No need to have explicit view functions for a few basic views,
we just use the built-in TemplateView instead.

Some X509 certificate subjects which were obtained from the LIGO
LDAP were being truncated upon insertion into the database since
they were longer than the upper limit imposed here of 200 characters.
I asked the LIGO auth team for guidance as to whether there is any
kind of upper limit imposed at that level, but did not receive any
feedback.  So I am increasing it to 300 characters here and hoping
that is enough that we will never have to revisit this issue.  It will
also be necessary to clean up any certificates in the database which
are truncated.

Robot user group memberships are entirely managed within GraceDB and
should not be added/removed based on request header content.

RobotUser should only be used for robot user accounts.  It's a clunky
way of identifying robot accounts, but it's all we have for now.

Add access_managers and superevent_managers to ADMIN_MANAGED_GROUPS.
They will be removed in the near future, but for now, they should
be included here so that group memberships are not removed by the
ligoauth middleware.

Failover to lvalert_send now uses new LVALert Python API, rather
than forking a Process to call the lvalert_send script.

Upgrade to newest LVAlert package and fix some requirements.
There is a bug with sleekxmpp and certain versions of pyasn1-modules,
so we revert the version of that and pyasn1. We also remove some
requirements which are really dependencies of requirements.

The 'search' and 'latest' pages will now default to superevents
rather than events.

All calls to event.graceid() -> event.graceid.

Improve log messages for signoff creation. Bugfix for handling
whether alerts are issued for "sub-functions" or not. Some
minor organizational changes.

Enforce label protection through the API for applying labels,
removing labels, and creating events and superevents with labels
attached.  We also don't allow users to reapply a signoff request
label when a signoff status label is already applied (e.g., can't
apply ADVREQ when ADVNO already exists).

Add a boolean column called 'protected' to the Label model.
Protected labels will not be allowed to be directly applied, but
will be applied as a part of another process (like signoffs).
We also create a data migration which sets some existing labels
as protected (ADV(OK|NO), (H1|L1|V1)(OK|NO))

'EM_Superseded ' -> 'EM_Superseded'. This has been fixed manually on
all servers.  Note that it wasn't a problem on the production
server because that migration was "reworked" within the last year
and was not actually applied in production (it was 'faked').

New mixin for doing some kind of validation on the request data
or the instance before destroying it.

Want to see what is triggering this functionality, if it is
being triggered at all.

Fixing a bug in superevent queries by creation time:
using Combine on the expression resulted in incorrect args
being passed to construct a datetime object.