adds test to check whether or not an email is sent to label subscribers after creating a new issue through the api

prevent authored awardable thumbs votes

prevent authored awardable thumbs votes

Closes #21043

This allows web hooks to have a URL back to entities without having to
generate it themselves.

Signed-off-by: NDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Added checks for 2FA to the API `/sessions` endpoint and the Resource Owner Password Credentials flow.

1. `GitPushService` was still using `{merge,push}_access_level_attributes` instead
   of `{merge,push}_access_levels_attributes`.

2. The branches API creates access levels regardless of the state of the
   `developers_can_{push,merge}` parameters. This is in line with the UI,
   where Master access is the default for a new protected branch.

3. Use `after(:build)` to create access levels in the
   `protected_branches` factory, so that `factories_spec` passes. It
   only builds records, so we need to create access levels on `build` as
   well.

1. Change a few incorrect `access_level` to `access_levels.first` that
   were missed in e805a647.

2. `API::Entities` can iterate over all access levels instead of just
   the first one. This makes no difference to CE, and makes it more compatible
   with EE.

!581 has a lot of changes that would cause merge conflicts if not
properly backported to CE. This commit/MR serves as a better
foundation for gitlab-org/gitlab-ee!581.

= Changes =

1. Move from `has_one {merge,push}_access_level` to `has_many`, with the
   `length` of the association limited to `1`. This is _effectively_ a
   `has_one` association, but should cause less conflicts with EE, which
   is set to `has_many`. This has a number of related changes in the
   views, specs, and factories.

2. Make `gon` variable loading more consistent (with EE!581) in the
   `ProtectedBranchesController`. Also use `::` to prefix the
   `ProtectedBranches` services, because this is required in EE.

3. Extract a `ProtectedBranchAccess` concern from the two access level
   models. This concern only has a single `humanize` method here, but
   will have more methods in EE.

4. Add `form_errors` to the protected branches creation form. This is
   not strictly required for EE compatibility, but was an oversight
   nonetheless.

- Refactored SpamCheckService into SpamService

- Removed unnecessary column from `SpamLog`
- Moved creation of SpamLogs out of its own service and into SpamCheckService
- Simplified code in SpamCheckService.
- Moved move spam related code into Spammable concern

- Merged `AkismetSubmittable` into `Spammable`
- Clean up `SpamCheckService`
- Added tests for `Spammable`
- Added submit (ham or spam) options to `AkismetHelper`

We’re being kept up to date the counter data but we’re not using it.
The only thing which is not real if is the number of projects that the 
user read changes the number of todos can be stale for some time.

The counters will be sync just after the user receives a new todo or mark any as done

Signed-off-by: NDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

DRY code + fix rubocop

Add more test cases

Append to changelog

DRY changes list

find_url service for merge_requests

use GET for getting merge request links

remove files

rename to get_url_service

reduce loop

add test case for cross project

refactor tiny thing

update changelog

The performance was greatly improved by removing two N+1 queries issues
for each endpoint.

For comparison:

1. `GET /projects/:id/members`

With two N+1 queries issues (one was already fxed in the following
snippet):

```
  ProjectMember Load (0.2ms)  SELECT "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND "members"."requested_at" IS
NULL  ORDER BY "members"."id" DESC  [["source_type", "Project"],
["source_id", 1], ["source_type", "Project"]]
  User Load (0.5ms)  SELECT "users".* FROM "users" WHERE "users"."id" IN
(5, 22, 16, 13)  ORDER BY "users"."id" DESC
  ActiveRecord::SchemaMigration Load (0.2ms)  SELECT
"schema_migrations".* FROM "schema_migrations"
  ProjectMember Load (0.3ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND "members"."requested_at" IS
NULL AND "members"."user_id" = $4  ORDER BY "members"."id" DESC LIMIT 1
[["source_type", "Project"], ["source_id", 1], ["source_type",
"Project"], ["user_id", 5]]
  ProjectMember Load (0.3ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND "members"."requested_at" IS
NULL AND "members"."user_id" = $4  ORDER BY "members"."id" DESC LIMIT 1
[["source_type", "Project"], ["source_id", 1], ["source_type",
"Project"], ["user_id", 22]]
  ProjectMember Load (0.3ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND "members"."requested_at" IS
NULL AND "members"."user_id" = $4  ORDER BY "members"."id" DESC LIMIT 1
[["source_type", "Project"], ["source_id", 1], ["source_type",
"Project"], ["user_id", 16]]
  ProjectMember Load (0.3ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND "members"."requested_at" IS
NULL AND "members"."user_id" = $4  ORDER BY "members"."id" DESC LIMIT 1
[["source_type", "Project"], ["source_id", 1], ["source_type",
"Project"], ["user_id", 13]]
```

Without the N+1 queries issues:

```
  ProjectMember Load (0.3ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND "members"."requested_at" IS
NULL  ORDER BY "members"."id" DESC LIMIT 20 OFFSET 0  [["source_type",
"Project"], ["source_id", 1], ["source_type", "Project"]]
  User Load (0.5ms)  SELECT "users".* FROM "users" WHERE "users"."id" IN
(5, 22, 16, 13)  ORDER BY "users"."id" DESC
```

2. `GET /projects/:id/access_requests`

With two N+1 queries issues:

```
  ProjectMember Load (0.3ms)  SELECT "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND ("members"."requested_at" IS
NOT NULL)  ORDER BY "members"."id" DESC  [["source_type", "Project"],
["source_id", 8], ["source_type", "Project"]]
  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" =
$1  ORDER BY "users"."id" DESC LIMIT 1  [["id", 24]]
  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" =
$1  ORDER BY "users"."id" DESC LIMIT 1  [["id", 23]]
  ActiveRecord::SchemaMigration Load (0.2ms)  SELECT
"schema_migrations".* FROM "schema_migrations"
  ProjectMember Load (0.1ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND ("members"."requested_at" IS
NOT NULL) AND "members"."user_id" = $4  ORDER BY "members"."id" DESC
LIMIT 1  [["source_type", "Project"], ["source_id", 8], ["source_type",
"Project"], ["user_id", 24]]
  ProjectMember Load (0.2ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND ("members"."requested_at" IS
NOT NULL) AND "members"."user_id" = $4  ORDER BY "members"."id" DESC
LIMIT 1  [["source_type", "Project"], ["source_id", 8], ["source_type",
"Project"], ["user_id", 23]]
```

Without the N+1 queries issues:

```
  ProjectMember Load (0.3ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND ("members"."requested_at" IS
NOT NULL)  ORDER BY "members"."id" DESC LIMIT 20 OFFSET 0
[["source_type", "Project"], ["source_id", 8], ["source_type",
"Project"]]
  User Load (0.5ms)  SELECT "users".* FROM "users" WHERE "users"."id" IN
(24, 23)  ORDER BY "users"."id" DESC
```
Signed-off-by: NRémy Coutable <remy@rymai.me>

Signed-off-by: NRémy Coutable <remy@rymai.me>

Also, mutualize AccessRequests and Members endpoints for Group &
Project.
New API documentation for the AccessRequests endpoints.
Signed-off-by: NRémy Coutable <remy@rymai.me>