Support arbitrary policy enforcement in REST endpoints

[zachmullen]

Currently, anyone can upload any amount and size of file via S3FF; there is no way to enforce policies on who can access the REST endpoints for uploading and under what conditions. @brianhelba and I brainstormed a couple of ideas to address this:

1. Allow a downstream-defined permission_class to be set on the S3FF endpoints. Assuming that a permission class is capable of inspecting request parameters, a custom class could be used to enforce the presence of and validate a signed value representing pre-validation of an upload. It's probably sufficient (and maybe more straightforward) to just put this on the initialization endpoint, since I think it's impossible to use the other endpoints without doing a successful initialization.
2. A field could be added to UploadInitializationRequestSerializer that could be an opaque string, which could contain such a signature. E.g. state = serializers.CharField(required=False). We would turn on sending of the prepare signal, and pass that state value to signal handlers, who could then perform validation and raise an exception if needed.