Fix test_object_copy_canned_acl

[alexvanin]

This test sets canned ACL to the object.

def test_object_copy_canned_acl():
    bucket_name = get_new_bucket()
    client = get_client()
    alt_client = get_alt_client()
    client.put_object(Bucket=bucket_name, Key='foo123bar', Body='foo')

    copy_source = {'Bucket': bucket_name, 'Key': 'foo123bar'}
    client.copy_object(Bucket=bucket_name, CopySource=copy_source, Key='bar321foo', ACL='public-read')
    ## check ACL is applied by doing GET from another user
    alt_client.get_object(Bucket=bucket_name, Key='bar321foo')  # <- FAILED HERE

    metadata={'abc': 'def'}
    copy_source = {'Bucket': bucket_name, 'Key': 'bar321foo'}
    client.copy_object(ACL='public-read', Bucket=bucket_name, CopySource=copy_source, Key='foo123bar', Metadata=metadata, MetadataDirective='REPLACE')

    # check ACL is applied by doing GET from another user
    alt_client.get_object(Bucket=bucket_name, Key='foo123bar')

ACL is not processed during object copying, therefore alt client fails with

layer/object.go:710     error was transformed   {"request_id": "46f7588e-02a7-47ff-94ff-6d26354983bd", "error": "access denied: access to operation SEARCH is denied by extended ACL check: bearer token is not signed by the container owner"}
handler/util.go:25      could not find object   {"request_id": "46f7588e-02a7-47ff-94ff-6d26354983bd", "method": "GetObject", "bucket_name": "yournamehere-sdcore7ma75qo04d-1", "object_name": "bar321foo", "error": "AccessDenied: 403 => Access Denied."}

[alexvanin]

Let's see if we can access other containers without bearer token and access our containers with bearer token.

[alexvanin]

Probably we need to wait for SDK update, because it will have a token method to check if container ID is related to the token. Based on this method, we can decide whether we attach bearer token or not.

[alexvanin]

Reopen to do this after tree-service branch rebase: #487 (comment)