create_entity() calls can_write_to_container() on both owner and container

[ismayil.khayredinov]

The whole container permissions issues is starting to become a pain.

First of all, I don't understand why this check halts entity create in create_entity:

	if (!can_write_to_container($user_guid, $owner_guid, $type, $subtype)) {
		return false;
	}

What does owner have to do with this???

Secondly, I think as we are moving to an ElggComment class, the entire can write to container will become a big pain. I think by default, any ElggObject should be able to serve as a container. ElggUsers and ElggGroups is a different thing, and I understand why the permissions checks are in place. With ElggObjects there is no reason to restrict writing to ElggObject container - this is in a way equivalent to canAnnotate().

[ewinslow]

This ticket is pretty unclear.

[brettp]

I think the bug he's trying to report is that in create_entity() the owner is checked as the container even if a different container_guid is set:

	if (!can_write_to_container($user_guid, $owner_guid, $type, $subtype)) {
		return false;
	}
	if ($owner_guid != $container_guid) {
		if (!can_write_to_container($user_guid, $container_guid, $type, $subtype)) {
			return false;
		}
	}

This does seem like a bug to me, so I'm updating the ticket to reflect that.

[cash]

The access system is brittle so I tend to avoid changing it in a minor release. Do we have a test case for when the current access doesn't work?