Added filtering to recently-updated web-based search for events
and superevents, based on view permissions.

Fixed two bugs in web-based event log creation: first, attempts
to save an EventLog with a null filename, and attempted creation
of the 'lvem' tag with the wrong information, possibly resulting in
an IntegrityError due to duplicate tags.

Deleting unit tests for SupereventForm form, which no longer exists.

Moving a few base class throttles and fields from the events app up
one level so that they can be used elsewhere.

Many of the classes (permissions, mixins, etc.) in the superevents
API follow a general pattern of
    1. Abstract customized version of a DRF class
    2. Class-specific, customized version of #1
    3. (optional) Implemented, class-specific version of #2
We want all classes in #1 to either be in the root api directory
or the root versioned (api.v*) directory.  #2 and #3 classes should
be in api.v*.superevents. This commit just moves some of the classes
in #1 and #2 around so that they can eventually be used in the events
API.

Moved events.api and superevents.api into the new api app.
We want to have a versioned API, so these are now in
api.v1.events and api.v1.superevents, respectively. Part of this
change is that we require a custom reverse function (api_reverse)
for handling versioning. Much of the required code changes for this
migration include converting reverses to use this function and
changing relative imports appropriately.

Add the AnonymousUser from the guardian package to the 'public_users'
group. This will allow us to assign group permissions to
unauthenticated users.

Full unit test suite for user access - making sure that internal and
external users can only see/do what they are supposed to, based on
the defined permissions structure.

We no longer need group object permissions to be assigned
by default for superevent creation since all LVC users will have
table-level permissions to view all superevents.

Custom model, object, and parent object permission classes which
run a function to determine which permissions are required.

Added utility functions for hiding and exposing logs from
LV-EM and the public. They are triggered by log messages being
tagged or untagged.

Also added utilities for hiding/exposing superevents.

GetParentObject and SupereventParentMixin are now full viewsets
rather than just mixins.  They also get the parent object during
the initial phase of request processing, cache it, and are able to
check object permissions on the parent.

get_superevent_by_date_id_or_404 no longer takes a request
object as an argument (wasn't using it anyway).

I had been mistakenly using lookup_field for the lookup_url_kwarg.
This commit fixes that mistake to use both field properly. It also
lets us remove the customized GetObjectDefault mixin that was
trying to deal with this behavior.

Assigning permissions for viewing, creating, exposing/hiding, etc.
for superevents, logs, labels, etc. in the superevents app.

Created the 'access_managers' and 'superevent_managers' groups. These
groups will be given appropriate permissions for managing external
access to gracedb and creating/updating superevents, respectively.

The built-in DjangoObjectPermissionsFilter from DRF doesn't
accept global (table-level) permissions as higher-level than
object permissions. This filter replaces the built-in one
and sets the 'accept_global_perms' argument to True so that
global permissions are accepted when filtering objects based on
user view permissions.

Adding custom permissions for Superevent and Log objects
in the superevents app.  We also add *direct* foreign keys to
the permissions objects for performance.

Since we are still developing on the superevents branch,
it makes sense to squash the migrations set into a single one,
just to keep things nice and clean.

A new static method is attached to the Log base class,
which uses the VersionedFile method to split a versioned filename
into its filename and version components.

Added explicit methods for versioning a file name and
un-versioning a versioned file name to VersionedFile. These should
be used throughout the code so as to "NRY".

New custom model backend, which includes the table/object
permissions backend and does not authenticate.

New auth backend for permissions. Basic ModelBackend returns false
if user has table-level permissions, but an object is passed in.
This new backend establishes that if the user has table-level
permissions, those supersede the lack of row-level permissions on
a given object.

The "full_filename" property for Log objects is now called the
"versioned_filename" to improve clarity.

Removing use of the router for defining superevent list and
detail URLs, so that all of the possible URL/method combinations
are explicitly defined.

Since we use the preferred event to construct much of the VOEvent
for a superevent, we have to select the event's subclass (note that this
is done for events by the event_and_auth_required decorator, which calls
Event.getByGraceid).  This was preventing certain subclass-specific
attributes from being added to the VOEvents, like ProbHasNS,
ProbHasRemnant, etc.