This solves https://dev.gitlab.org/gitlab/gitlabhq/issues/2646

1. This MR simplifies CI permission model:
    - read_build: allows to read a list of builds, artifacts and trace
    - update_build: allows to cancel and retry builds
    - admin_build: allows to manage triggers, runners and variables
    - read_commit_status: allows to read a list of commit statuses (including the status of a build, but doesn't allow to see a build details)
    - create_commit_status: allows to create a new commit status using API

2. I do make sure that the proper permissions are used in all places where the CI can be shown.

3. Add the `read_build` ability if user is anonymous or guest and allow_guest_to_access_builds is enabled.

4. Add CI setting: public_builds.

5. The artifacts specific permission are removed, since they are covered by `*_build`.