v1.1.1: require admin access for file pull API

This locks down the files "pull" API to require admin. Even though it's a read (GET), this meant any user could potentially read sensitive files.

Note that this version number is prior to any other tagged release of Pebble (the first tagged release was v1.2.0).

This addresses CVE-2024-3250.

Changes from 5842ea68c9c7 (the version currently used by Juju 2.9).