Use read_repository scope on read-only files endpoints

We should use read-only scope instead of the general API one on those endoints.

Related to https://gitlab.com/gitlab-org/gitlab-ee/issues/5493

More details - https://gitlab.com/gitlab-org/gitlab-ee/issues/5493#note_121057899