Validate users permissions in CODEOWNERS

This feature has been merged behind the validate_codeowner_users feature flag. Rollout is tracked in: #519201 (closed)

Problem

There is no validation for CODEOWNERS feature if mentioned users actually have enough permissions to approve a merge request.

For example, the example below won't raise any errors

file1 @user_without_access_to_project
file2 @user_with_access_but_not_enough_permissions

Proposal

We can calculate permissions for the project based on members of the project:

1. Fetch all direct/indirect members with sufficient permissions
2. Fetch invited group members with sufficient permissions
3. Create a list of users eligible for an approval

When CODEOWNERS file includes a user-like record @user_without_access_to_project we can see if it's present in the list above. If it's missing, then the user doesn't have permissions to approve and we should display an error for this case.