api_raw_object: Apply mailmaps and remove auth restriction
This endpoint bypassed mailmaps in order to return the original raw object to the IPFS bridge.
This information is privileged, hence the special permission required to return it. However, we do not want to want to return objects without their display names to the bridge either, so this is a moot.
Instead, this returns the object with mailmaps/display names applied. This means checksums won't match, making the IPFS bridge (or client?) error when they check it. This isn't great, but better than displaying private information. And IPFS bridge/clients need to support objects not matching their checksums anyway, because we have plenty of those.
As a consequence, the permission is no longer required, because this only returns public data, now.
The swh.web.api.raw_object
had a secondary effect: removing throttling
on this endpoint. This effect is removed; regular throttle scopes should
be used instead (this endpoint's scope is swh_raw_object
).
If we need to return objects without mailmaps applied in the future, we could introduce a parameter to this endpoint (gated behind a similar permission)
Required by https://gitlab.softwareheritage.org/swh/infra/sysadm-environment/-/issues/4850