Refactor usage of read_vulnerability policy

Switch from read_project_security_dashboard to read_vulnerability
Since it's a main policy. read_project_security_dashboard should
be used only for dashboard policy

ee/app/controllers/projects/security/dependencies_controller.rb

@@ -20,7 +20,7 @@ module Projects
       def can_access_vulnerable?
         return true unless query_params[:filter] == 'vulnerable'
 
-        can?(current_user, :read_project_security_dashboard, project)
+        can?(current_user, :read_vulnerability, project)
       end
 
       def can_collect_dependencies?

ee/lib/api/vulnerabilities.rb

@@ -38,7 +38,7 @@ module API
       end
       get ':id' do
         vulnerability = Vulnerability.find(params[:id])
-        authorize_vulnerability!(vulnerability, :read_project_security_dashboard)
+        authorize_vulnerability!(vulnerability, :read_vulnerability)
         render_vulnerability(vulnerability)
       end
 

ee/lib/api/vulnerability_findings.rb

@@ -53,7 +53,7 @@ module API
         success ::Vulnerabilities::OccurrenceEntity
       end
       get ':id/vulnerability_findings' do
-        authorize! :read_project_security_dashboard, user_project
+        authorize! :read_vulnerability, user_project
 
         vulnerability_occurrences = paginate(
           Kaminari.paginate_array(

ee/lib/ee/api/entities.rb

@@ -882,7 +882,7 @@ module EE
         private
 
         def can_read_vulnerabilities?(user, project)
-          Ability.allowed?(user, :read_project_security_dashboard, project)
+          Ability.allowed?(user, :read_vulnerability, project)
         end
       end