Authentication functions for views

[Zharktas]

This is related to #7131, current functionality is that views do various authentication checks to determine if user can see the view or not. These checks might be different than what the actual action is checking for some feature.

For example resource_delete action is calling package_show and package_update which both should be checked before the view is rendered additionally to resource_delete auth function.

Should we have separate auth functions for views themselves so that developers can control their auth functions without knowing the actual internals of CKAN ?

[bzar]

Such "view auth functions" should be implemented solely by calling the current "logic auth functions". Then they would not require additional overrides from site developers, since changes in the "logic auth functions" would propagate to them.

[amercader]

We discussed this and felt than rather than adding a new layer of auth functions at the views level we should aim for all endpoints to only call the logic auth functions needed, and if an endpoint is calling an auth function that is a bit too out of scope, like in #7137 is better to fix that particular case.