Send 403 for admin pages without being admin

Summary: I've also moved the response generation for 404 from
##AphrontDefaultApplicationConfiguration## to ##buildResponseString()##

Test Plan:
Visit /
Visit /mail/
Visit /x/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, vrana

Differential Revision: https://secure.phabricator.com/D1406

src/applications/files/controller/altview/PhabricatorFileAltViewController.php

@@ -1,7 +1,7 @@
 <?php
 
 /*
- * Copyright 2011 Facebook, Inc.
+ * Copyright 2012 Facebook, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -52,7 +52,7 @@ class PhabricatorFileAltViewController extends PhabricatorFileController {
     }
 
     if (!$file->validateSecretKey($this->key)) {
-      return new Aphront404Response();
+      return new Aphront403Response();
     }
 
     // It's safe to bypass view restrictions because we know we are being served

src/applications/files/controller/altview/__init__.php

@@ -7,6 +7,7 @@
 
 
 phutil_require_module('phabricator', 'aphront/response/400');
+phutil_require_module('phabricator', 'aphront/response/403');
 phutil_require_module('phabricator', 'aphront/response/404');
 phutil_require_module('phabricator', 'aphront/response/file');
 phutil_require_module('phabricator', 'applications/files/controller/base');