Support assigning an Organization to a User namespace

This is related to #411832 (closed) . In order to track the work related to User namespaces, this issue was created

When we create a user, we also create an User Namespace. This namespace should have an Organization. On all code paths that create a user, we need to decide what organization that will be.

From !144049 (comment 1787226472)

1. Make organization an optional argument (def assign_personal_namespace(organization=nil))
2. Then, create a few MR's that will take care of passing the organization_id from the controller (or api method) (often Current.organization but there are also other options)
3. Release MR that adds a personal_namespace_require_org derisk feature flag
   1. If disabled, we do not require organization_id in call to user.assign_personal_namespace
   2. If enabled, we require organization_id in call to user.assign_personal_namespace
4. Gradually roll out
5. Clean up feature flag

Code paths

In these code paths, we create Users. These need to adapted. It will be straightforward (adding a organization_id to the call to the Service that creates the user)

• Calls to assign_personal_namespace

  • some Fixtures
  • Users::Internal
  • Users::BuildService

• Users::CreateService (all of these are addressed in !145956 (merged))

  • app/controllers/admin/users_controller.rb
  • ee/app/services/users/service_accounts/create_service.rb
    • ee/lib/api/service_accounts.rb
    • ee/app/services/namespaces/service_accounts/create_service.rb
      • ee/lib/api/group_service_accounts.rb

• Users::AuthorizedCreateService

  • app/services/resource_access_tokens/create_service.rb # Use organization of project or group !146360 (merged)
    • app/controllers/concerns/access_tokens_actions.rb
      • app/controllers/groups/settings/access_tokens_controller.rb
      • app/controllers/projects/settings/access_tokens_controller.rb
    • ee/app/services/product_analytics/cube_data_query_service.rb
      • ee/app/graphql/resolvers/product_analytics/state_resolver.rb
      • ee/app/models/concerns/product_analytics_helpers.rb # used in state resolver
      • ee/lib/api/analytics/product_analytics.rb
    • ee/app/services/projects/register_suggested_reviewers_project_service.rb
      • ee/app/workers/projects/register_suggested_reviewers_project_worker.rb
        • ee/app/services/ee/projects/update_service.rb
    • ee/lib/api/internal/suggested_reviewers.rb
    • lib/api/resource_access_tokens.rb
  • ee/app/services/security/orchestration/create_bot_service.rb # Use organization of project !146632 (merged)
    • ee/app/workers/security/orchestration_configuration_create_bot_worker.rb
      • ee/app/services/ee/projects/create_service.rb
      • ee/app/services/security/orchestration/assign_service.rb
      • ee/app/workers/security/orchestration_policy_rule_schedule_namespace_worker.rb
      • ee/app/workers/security/orchestration_policy_rule_schedule_worker.rb
  • ee/lib/gitlab/auth/smartcard/certificate.rb
    • ee/app/controllers/smartcard_controller.rb Self-managed, use default organization !146745 (merged)
  • ee/lib/gitlab/auth/smartcard/ldap_certificate.rb
    • ee/app/controllers/smartcard_controller.rb
  • lib/api/users.rb !146786 (merged)