Public project-level approval rules API

• Make new API public and documented
• Make some API deprecated

Description

The new approval rule system comes with some new API endpoints. They are private API for now. However we have to make them public (and fixed) in order to deprecate the old endpoints.

Rename endpoints for consistency

Currently we have:

• GET /projects/:id/merge_requests/:merge_request_iid/approvals (public, expose most of ApprovalState infos)
• GET /projects/:id/merge_requests/:merge_request_iid/approval_settings (private, provides all rule infos)
• GET /projects/:id/approval_settings (private, provides all rule infos)

I feel user might be confused between the two. Would renaming approval_settings to approval_rules makes sense for both MR and project level endpoints?