[9.x] Fix view-only permission not allowing read-only access to records

[duncanmcclean]

This pull request fixes an issue where a user with only the view permission for a Runway resource could see the listing but got a "This action is unauthorized" error when clicking into an individual record.

This was happening because the edit screen authorized against the edit permission, rather than view. This differs from how entries work in Statamic core, where a view-only user can open an entry in read-only mode.

This PR fixes it by mirroring core's behaviour:

• EditRequest now authorizes view instead of edit, so view-only users can open a record. Saving still requires edit (via UpdateRequest), so they can't make changes.
• The edit screen's readOnly flag is now also true when the user can't edit the model, so the form renders in read-only mode (the "Read Only" badge shows and fields/save are disabled).
• ResourcePolicy::view() now returns true if the user can edit, matching core's EntryPolicy::view().

Fixes #827

[github-actions]

Released as part of v9.5.1.