Generalise authorisation hooks for DAST On-Demand scan mutations

The following discussion from !37536 (merged) should be addressed:

• @craigmsmith started a discussion:

  Note: I'm starting to notice that all the on-demand scans call authorize :run_ondemand_dast_scan, authorized_find! and raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)

  I don't think it requires a change in this MR but once !37382 (merged) has been merged WDYT about creating an OnDemandScanMutation or possibly renaming authorized_find! to authorized_find_project! and moving it to ResolvesProject?