Leverage user_interacted_projects in TodosFinder

In TodosFinder, we have the below method to limit found todos on projects that are public or otherwise visible to the user. We use Project.public_or_visible_to_user which proved to generate bad plans in the past.

  def by_project(items)
    if project?
      items.where(project: project)
    else
      projects = Project.public_or_visible_to_user(current_user)

      items.joins(:project).merge(projects)
    end
  end

My assumption is that a user gets to see todos only from projects

1. the user is authorized to see or
2. public or internal projects the user interacted with in the past (e.g. joined the project).

As such, we may be able to leverage user_interacted_projects here with something along the lines of:

    authorized = current_user
      .project_interactions
      .joins(:project_authorizations)
      .where(project_authorizations: { user: current_user })
      .select(:id)

    visible = target_user
      .project_interactions
      .where(visibility_level: [Gitlab::VisibilityLevel::INTERNAL, Gitlab::VisibilityLevel::PUBLIC])
      .select(:id)

    Gitlab::SQL::Union.new([authorized, visible]).to_sql