Bug 14449: Add authentication check on retrieving item info when receiving

Bug 14449: Add authentication check on retrieving item info when receiving

The script catalogue/getitem-ajax.pl is called by acqui/orderreceive.pl
when item is receipt.
There is not auth check done, this means anybody can retrieve item info.

Test plan:
With the acquisition => order_receive permission, try to receive an
item.
It should work.

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Very easy to test.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>