Allow for configured API key to be used to write cache / proxied collections only -- or, allow for upload endpoint to require request-based key

[briantist]

Right now, you can supply the API key for Artifactory through a parameter/env var/config file, and/or by setting it in ansible-galaxy, where it will be sent along with the request.

However, you can't control which uses to apply the key to.

The scenario I am thinking about is this:

• A central instance of Galactory
• You want to set the API key on this running instance, so that it can populate the cache, and so that when proxying upstream, it can write the upstream collections into artifactory (making them local)
• Doing this however, means that anyone hitting this instance, anonymously, can directly upload collections too

What I think might be a good idea being able to have the configured key be used for cache and proxy writing, but disallow it for direct uploads, instead requiring a key be passed in with the request.

Also the local caching described in #4 is another possible (partial) side-workaround: if the central instance uses local storage for caching instead of artifactory, it does not need to be configured with a key at all, however that would prevent storing proxied collections, so it would only account for caching of API responses.