Changes to WordCamp and Meetup REST API endpoints

[timiwahalahti]

WordCamp Central REST API leaked some Meetup and WordCamp information.

This PR closes the /wordcamps endpoint from enumeration, which has been the way to see details for WordCamps with non-public statuses (like declined).

This PR also changes the way how /meetups endpoint works. Previously that endpoint returned an empty array, now it's similar to /wordcamps endpoint and returns all Meetups with public status. The /meetups endpoint also suffered from leakage by enumeration, which is prevented now.

Fixes #661 Fixes #610

How to test the changes in this Pull Request:

WordCamps

1. Create new WordCamp application and decline that
2. Copy the ID of that application
3. Navigate to https://central.wordcamp.test/wp-json/wp/v2/wordcamps/{ID} and you should receive an error message
4. Check some declined WordCamp applications on production, and you will see the details

Meetups

1. Create new Meetup applications, one declined and one active in the chapter
2. Navigate to https://central.wordcamp.test/wp-json/wp/v2/meetups, and you should see only the active one
3. Copy the ID of the declined application and navigate to https://central.wordcamp.test/wp-json/wp/v2/meetups/{ID}, and you should receive an error message
4. Check production https://central.wordcamp.org/wp-json/wp/v2/meetups and you get an empty array
5. Check some declined Meetup applications on production, and you will see the details

[pkevan]

It looks like the conflicts in public_html/wp-content/plugins/wcpt/wcpt-meetup/meetup-loader.php change some of the permissions, but not sure if it's solved completely (probably not), would you mind taking a look @timiwahalahti to confirm?