Bug 37247: Fix subscriptions operation allowed without authentication

Bug 37247: Fix subscriptions operation allowed without authentication

Move close and reopen after get_template_and_user().
Also move Koha::Subscriptions->find(), not a good idea to run DB queries
before authentication.

Test plan :
1) Apply patch
2) Authenticate to staff interface
3) Go to an existing open subscription
4) Open a new browser tab and use it to log-out
5) Go to first tab and click on 'Close'
6) You get login page
7) Authenticate
8) Check subscription is not closed
9) Check you can close and reopen subscription

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>