inherit require 2fa for all subgroups and projects

What does this MR do?

Me as a group owner, I want the require 2FA property to be inherited across all my subgroups and projects. So in this MR the set of users is extended to include all users of sub-groups and projects (of the group or subgroups).

If the decision was taken, that a group needs to have two factor authentication, this indicates that high security requirements are needed. as there is the possibility to have subgroups and projects in a group, it is quite plausible that this high security requirements also apply for this subgroups and projects. So it would be much more intuitive when the 2FA requirement is propagated to the subgroups and all projects. It seems wrong that people added in subgroups or on project level do not need tho have 2FA.

Does this MR meet the acceptance criteria?

• Changelog entry added, if necessary
• Documentation created/updated via this MR
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Tested in all supported browsers
• Conforms to the code review guidelines
• Conforms to the merge request performance guidelines
• Conforms to the style guides
• Conforms to the database guides
• Link to e2e tests MR added if this MR has Requires e2e tests label. See the Test Planning Process.
• Security reports checked/validated by reviewer

The development of this MR is sponsored by @ siemens (/cc @bufferoverflow).