rate limits: add /rate_limits endpoint.

Allow users to view their own rate limits with /rate_limits.json.

Note that rate limits are only updated after every API call, so this
page only shows the state of the limits after the last call, not the
current state.

app/controllers/rate_limits_controller.rb

@@ -0,0 +1,8 @@
+class RateLimitsController < ApplicationController
+  respond_to :html, :json, :xml
+
+  def index
+    @rate_limits = authorize RateLimit.visible(CurrentUser.user).paginated_search(params, count_pages: true)
+    respond_with(@rate_limits)
+  end
+end