Comment 1 for bug 1163161

this needs keystone's cooperation since the tenant_id is checked by it
however, from api to db/sqlalchemy/api.py, all the policy checkes don't send req to keystone

the quota on non-exsist tenant will not cause security problem, just cause unnecessary SQL storage