Comment 1 for bug 1346648

Some groundwork for this was laid in https://review.openstack.org/#/c/98737/, but it only covers the download_image check.

We should add broader use of the target keyword to our enforce calls in the v1 api and in the policy enforcement used by the v2 api.

But I suppose this is actually a feature request TBH.