security: make sure the admin of repo can only delete comments which are from the same repo.
- fixes IDOR issue
- protects against other people comment deletion by repo admins.
pull-requests: prepare the migration of pull request to pyramid.
- this is half the code because of problems found during porting
- partially moved the urls, and flipped the logic into pyramid code
- needs more work in core for full switch.