New manage_runner token scope needed to allow access to /runners/:id endpoints

Context: #460696 (comment 1896453665)

The gitlab_user_runners Terraform resource uses the POST /user/runners endpoint (gated with the create_runner scope) when creating the resource, and PUT /runners/:id (gated with the generic api scope) when updating the resource.

In order to avoid requiring the full api scope for the resource, the easiest/lowest-friction solution would be to require only a new manage_runner scope in the PUT /runners/:id/GET /runners/:id endpoints as well. The create_runner scope would be reserved for users who only require creating new runners with the PAT.