Restrict the query of /raw/(swhid)/ Web API endpoint to privileged users

That endpoint can leak sensible information about authors in the archive so it has been decided to restrict its use to staff users and users with a specific permission.

---

Migrated from T4226 (view on Phabricator)