Some more checks in the API regarding who is allowed to do what.
    
    Rename _check_issue_access_repo_commiter to _check_private_issue_access
    since this is what the method does, it checks only for private issue if
    the user has enough rights to access it.
    
    Create a _check_ticket_access which is used in some of the endpoints to
    ensure the user either has commit access if the ticket is private or has
    ticket access if the ticket is public.
    
    Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>