Currently, DB queries don't filter on project_id, so any user can
request all DB entries.
The proposal here is to filter if the table does support tenant_id
in it and if the user is not admin (based on Nova/Cinder/Oslo)
In order to automatically provide the correct is_admin flag, now
when creating the context we check if policy defines the user as
admin.
Closes-Bug: #1256117
Change-Id: I85c404f5a3365c6a9c575af52f1a116f8350f426
9fc6b17f87