Fix expose of readme_url and forks_count

What does this MR do and why?

This MR will restrict the expose of readme_url and forks_count only when the user has access to the project repository.

How to set up and validate locally

1. Create a public project and change permissions to restrict repository access only to members
2. Login with a user who is not a member of this project
3. Run the local development server

gdk start

4. Verify you don't see the readme_url and forks_count fields in the following URLs(Replace project_name and project_id):

http://127.0.0.1:3000/api/v4/search?scope=projects&search=:project_name

http://127.0.0.1:3000/api/v4/projects/:project_id/

5. Request membership for the project and accept the request by going to the admin panel
6. Now visits the above links, you should be able to see the readme_url and forks_count fields
7. Visit the above links as a non-authenticated user.
8. Verify you don't see the readme_url and forks_count fields

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.

Related to #37979