Users with ModifyTemplate in Queue A must also have ModifyTemplate in the
receiving queue when moving a template from one queue to another.  When
making a template global, the actor must have ModifyTemplate globally.

This stricter ACL checking prevents queue admins from moving arbitrary
templates into other queues in which they have no permissions.

Partially resolves CVE-2011-2084.  Ticket #50901.