Changes to permission checks for nodes, experiments, and images.
In addition to the usual checks, project_root and group_root (in the project) get the same permission as if they were in the subgroups with group_root permission. This means they can swap/terminate/reboot etc in subgroups even though they are not members of the subgroups. There is still some copy problems with files, but leaving that till later to deal with.
Showing with 61 additions and 40 deletions