[meta] Implement and extend protected branches API

What

• The EE API should include access levels user_id/group_id on GET requests (https://gitlab.com/gitlab-org/gitlab-ee/issues/4152)
• The EE API should allow access levels to be set per user or group (https://gitlab.com/gitlab-org/gitlab-ee/issues/4131)
• Implement updating API in both CE and EE (https://gitlab.com/gitlab-org/gitlab-ce/issues/40434)

Original description

This is split from https://gitlab.com/gitlab-org/gitlab-ce/issues/30102, as @ericy_ts implemented CRUD except the U part in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12756

We haven't implemented it yet because CE and EE are much different here. In CE, we could only have one access level, so it's simple. However in EE, there could have multiple access level. For the creating API, we should probably also extend it in EE so that it could also take multiple access levels.

The complication locates in app/services/protected_branches/api_update_service.rb in the EE repository.

Related

• https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12756#note_35838570
• https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12756#note_34698248
• https://gitlab.com/gitlab-org/gitlab-ee/issues/1075