Comment 4 for bug 1709108

Alistair, if I wasn't clear, by "having trouble understanding the example", I meant not understanding this:

```
e.g.
create a project test and create a container c1 in that project account
create a user 'other' in keyctone with role 'not_admin' on project test
get a token for user other *scoped on prject test*
GET AUTH_test/c1/<an object> fails using the token -> fails, not permitted
set 'X-Container-Read = other' on c1
GET AUTH_test/c1/<an object> fails using the token -> ok
```

I'm assuming X-Container-Read should be "not_admin", not "other"?

Please continue your vacation. I'm sure I can manage by getting help from a different team member until your return.