Unit tests for Authentification

[cburchert]

This should check at least:

• Can a user login(receives a token and it is correctly added to database)
• Do all kinds of passwords work as intended(unicode, chinese weird characters, shellcodes)
• Does a user get admin access (g.resource_admin_access) correctly based on his permissions and the requested resource(or because he is root)
• Is the correct user logged in (g.logged_in_user)
• Can a user change his password with PATCH
• Can a newly created user log in(does his password hash correctly?)
• Is the _author field correctly set for all items
• Does a GET request by an owner return the correct dataset
• Does a GET request by an owner return the correct dataset for an indirect owner(via relationship)
• Does a POST request by a future owner work
• Does a POST request by an indirect owner work

[cburchert]

Some work done here. Still left:

• Check correct role - permission mapping
• Can change password
• Is _author always correct
• Check whether owner works for indirect owners

[cburchert]

Tests for indirect owners implemented, cleared many bugs. Authentification is now completed. fb654e182e9906fd722a7d4cc20682b0cec3e7b7

[cburchert]

Can change password implemented in 41ac9a16f1e337866c32953fe2210808ca3e82da.

[cburchert]

role-permission mapping is tested. _author checking is retarded, so won't do.