Investigate & refactor scope and authorised_only params in IssuableFinder

There are 2 parameters in IssuableFinder that should be investigated and refactored if possible.

• scope with possible values 'created-by-me', 'assigned-to-me', 'authored' or 'all' available in IssuableFinder. It seems, however, that this parameter is used only at one place (https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/api/issues.rb#L52).
• authorized_only - this parameter seems to be used only once (https://gitlab.com/gitlab-org/gitlab-ce/blob/master/app/models/dashboard_milestone.rb)

We check these values in https://gitlab.com/gitlab-org/gitlab-ce/blob/master/app/finders/issuable_finder.rb#L115

if current_user && params[:authorized_only].presence && !current_user_related?
    current_user.authorized_projects
elsif group
  GroupProjectsFinder.new(group).execute(current_user)
else
  projects_finder.execute(current_user, item_project_ids(items)
end

The idea would be that in case we try to retrieve issuables by assignee or author and that assignee/author is current_user authorized_projects should be returned

Initial idea: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9030#note_24620099

The current_user_related?check was introduces more than 2 years ago by @marin (https://gitlab.com/gitlab-org/gitlab-ce/commit/d3bdd3ba67dda8b8392770a2b6e4a7473ec4d42d) and scopes 'assigned-to-me' / 'created-by-me' were used at that time (now assignee/author param is used for this filter instead).

cc @smcgivern