Fix token properties handling

[gctucker]

The API token properties have numerical flags, which makes it rather hard to debug (from models/token.py):

    The property lists (index - property description) is as follows:
    - 0: if the token is an admin token
    - 1: if the token is a superuser token
    - 2: if the token can perform GET
    - 3: if the token can perfrom POST and PUT
    - 4: if the token can perform DELETE
    - 5: if the token is IP restricted
    - 6: if the token can create new tokens
    - 7: if the token is a boot lab token
    - 8: if the token can upload (POST/PUT) files
    - 9: if the token is a test lab token

First of all, they could be replaced with a dictionary with strings and booleans such as:

{
  'admin': true,
  'superuser': false,
  #...
}

Then the "boot lab" property doesn't really mean much any more, and the "test lab" one is not enabled when creating a new lab token. So this all needs to be cleaned up and simplified. Also, errors from the backend are not very useful as they just say that some token didn't have the right permission. Showing the database object ID and the permission it's missing would help diagnose such issues.