* for more context, see https://basecamp.com/1892446/projects/631155-devops/messages/4719963-strange-caching

* also replace the external-auth-related popping up of the signup form with jquery.
Presumably it takes care of the browser specific stuff.

Use the university profile page for courses and index if we are in a branded subdomain. N.B. THIS DOESN'T WORK WITH MIT_SSL_AUTH

* Save errors for courses that failed to load in modulestore
* global staff can see course errors on their dashboard
* put policy loading errors into the error trackers
* add has_access(user, 'global', 'staff'), which is equiv to user.is_staff for now

* apply policy per-course, even if multiple courses share course and org fields
* keep descriptors separate in xml store, so that if two such courses
  change the same module in different ways, it works.  Such edits will need to
  merged on CMS import...
* add get_instance(course_id, location) method to replace get_item(location).
  Update all the call sites
* tests, including a 2nd toy course with same course and org.

* All access control logic is now in access.py
* It exports a single method for general use: has_access(user, object, action)
 - possible actions depend on object type (e.g. 'see_exists', 'enroll', 'staff')
* Removed DARK_LAUNCH feature flag--it is now the default behavior
* Replaced check_course with three separate more focused functions that use has_access

Minor things:
* note on using pdb in testing
* moved time parsing helper into timeparse.py
* x_modules now have a .start attribute (None if not in metadata)

* if the course metadata have enrollment_start and/or enrollment_end,
  only allow normal users to enroll post start and pre end.
* If DARK_LAUNCH is on, staff can enroll outside the window

* will avoid newrelic complaining
* NOTE: Is this what we want post-ship?
  - need some way of notifying instructors of problems

* required some refactoring in create_account() view

* we appear to be fairly consistent in using is_staff and has_staff_access_to_course
* cleaned up some docstrings and little code things as I went
* fixed small bug in change_enrollment view (check for non-anon user)

* catch exceptions and return a 404 if course not found
* add Location.is_valid(), tests
* stub of jumpto/ view.

Django hardcodes the subject line for password reset emails. You're supposed
to be able to override it with a properly named template, but that didn't
make it into 1.3.1 (which is what we're deploying on now). We're not using
the Sites framework at this time, so this was the "fix".