SOAP API: apply access control to mci_account_get_array_by_id

The access controls are the same as the ones applied by
view_user_page.php, with the single addition of making the info
available if the user requests their own information.

This preserves the behaviour of the mc_login method call.

Fixes 0017243 (leak of user personal information)

Signed-off-by: Damien Regad dregad@mantisbt.org