Support group access for zoekt traversal ids

Access to Zoekt through the group is not fully supported.

This can be verified by

• Set group_access: true in visibility specs.
• Set group_access_shared_group: true in visibility specs

Also need to add specs to ensure custom roles with read_code ability work

• public/internal visibility level access at group level
• access with a custom role of read_code

The following discussion from !195676 (merged) should be addressed:

• @johnmason started a discussion: (+1 comment)

  Only two failures remaining in the group visibility spec! They both seem identical.

  Click to expand

  ➜  gitlab git:(jm-zoekt-traversal-id-query-builder) ./bin/rspec ee/spec/services/ee/search/group_service_blob_and_commit_visibility_spec.rb
  Run options: include {:focus=>true}
  ==> Go projects set up in 0.513 seconds...
  
  Test environment set up in 2.2397960000671446 seconds
  DEPRECATION WARNING: Project model aliases `approvals_before_merge` and has a method called `approvals_before_merge` defined. Starting in Rails 7.2 `fallback_approvals_required` will not be calling `approvals_before_merge` anymore. You may want to additionally define `fallback_approvals_required` to preserve the current behavior. (called from initialize at /Users/johnmason/gdk/gitlab/app/models/project.rb:1289)
  DEPRECATION WARNING: Namespaces::ProjectNamespace model aliases `parent_id` and has a method called `parent_id=` defined. Starting in Rails 7.2 `namespace_id=` will not be calling `parent_id=` anymore. You may want to additionally define `namespace_id=` to preserve the current behavior. (called from block (3 levels) in <main> at /Users/johnmason/gdk/gitlab/spec/factories/projects.rb:142)
  ...................F...............................F................................
  
  Failures:
  
    1) Search::GroupService#visibility visibility project_level: :public, feature_access_level: :private, membership: :guest, admin_mode: nil, expected_count: 1 when using zoekt for blobs behaves like search respects visibility respects visibility with access at group level
       Failure/Error: example.run
         blobs expected count to be 1 for guest, got 0: []
       Shared Example Group: "search respects visibility" called from ./ee/spec/services/ee/search/group_service_blob_and_commit_visibility_spec.rb:55
       # ./ee/spec/support/helpers/search_results_helpers.rb:20:in `block in expect_search_results'
       # ./ee/spec/support/helpers/search_results_helpers.rb:12:in `each'
       # ./ee/spec/support/helpers/search_results_helpers.rb:12:in `expect_search_results'
       # ./ee/spec/support/shared_examples/services/search_service_shared_examples.rb:61:in `block (2 levels) in <main>'
       # ./spec/spec_helper.rb:469:in `block (3 levels) in <top (required)>'
       # ./lib/gitlab/sidekiq_sharding/validator.rb:42:in `enabled'
       # ./spec/spec_helper.rb:468:in `block (2 levels) in <top (required)>'
       # ./spec/spec_helper.rb:463:in `block (3 levels) in <top (required)>'
       # ./spec/support/sidekiq_middleware.rb:9:in `with_sidekiq_server_middleware'
       # ./spec/spec_helper.rb:454:in `block (2 levels) in <top (required)>'
       # ./spec/spec_helper.rb:450:in `block (3 levels) in <top (required)>'
       # ./lib/gitlab/application_context.rb:100:in `with_raw_context'
       # ./spec/spec_helper.rb:450:in `block (2 levels) in <top (required)>'
       # ./spec/spec_helper.rb:421:in `block (3 levels) in <top (required)>'
       # ./lib/gitlab/ci/config/feature_flags.rb:38:in `ensure_correct_usage'
       # ./spec/spec_helper.rb:420:in `block (2 levels) in <top (required)>'
       # ./spec/support/sidekiq.rb:38:in `block (3 levels) in <main>'
       # ./spec/support/sidekiq.rb:18:in `gitlab_sidekiq_inline'
       # ./spec/support/sidekiq.rb:38:in `block (2 levels) in <main>'
       # ./spec/support/system_exit_detected.rb:7:in `block (2 levels) in <main>'
       # ./spec/support/redis.rb:18:in `block (3 levels) in <main>'
       # ./spec/support/database/prevent_cross_joins.rb:106:in `block (3 levels) in <main>'
       # ./spec/support/database/prevent_cross_joins.rb:60:in `with_cross_joins_prevented'
       # ./spec/support/database/prevent_cross_joins.rb:106:in `block (2 levels) in <main>'
       # ./ee/spec/support/search/zoekt.rb:123:in `block (2 levels) in <module:Search>'
  
    2) Search::GroupService#visibility visibility project_level: :internal, feature_access_level: :private, membership: :guest, admin_mode: nil, expected_count: 1 when using zoekt for blobs behaves like search respects visibility respects visibility with access at group level
       Failure/Error: example.run
         blobs expected count to be 1 for guest, got 0: []
       Shared Example Group: "search respects visibility" called from ./ee/spec/services/ee/search/group_service_blob_and_commit_visibility_spec.rb:55
       # ./ee/spec/support/helpers/search_results_helpers.rb:20:in `block in expect_search_results'
       # ./ee/spec/support/helpers/search_results_helpers.rb:12:in `each'
       # ./ee/spec/support/helpers/search_results_helpers.rb:12:in `expect_search_results'
       # ./ee/spec/support/shared_examples/services/search_service_shared_examples.rb:61:in `block (2 levels) in <main>'
       # ./spec/spec_helper.rb:469:in `block (3 levels) in <top (required)>'
       # ./lib/gitlab/sidekiq_sharding/validator.rb:42:in `enabled'
       # ./spec/spec_helper.rb:468:in `block (2 levels) in <top (required)>'
       # ./spec/spec_helper.rb:463:in `block (3 levels) in <top (required)>'
       # ./spec/support/sidekiq_middleware.rb:9:in `with_sidekiq_server_middleware'
       # ./spec/spec_helper.rb:454:in `block (2 levels) in <top (required)>'
       # ./spec/spec_helper.rb:450:in `block (3 levels) in <top (required)>'
       # ./lib/gitlab/application_context.rb:100:in `with_raw_context'
       # ./spec/spec_helper.rb:450:in `block (2 levels) in <top (required)>'
       # ./spec/spec_helper.rb:421:in `block (3 levels) in <top (required)>'
       # ./lib/gitlab/ci/config/feature_flags.rb:38:in `ensure_correct_usage'
       # ./spec/spec_helper.rb:420:in `block (2 levels) in <top (required)>'
       # ./spec/support/sidekiq.rb:38:in `block (3 levels) in <main>'
       # ./spec/support/sidekiq.rb:18:in `gitlab_sidekiq_inline'
       # ./spec/support/sidekiq.rb:38:in `block (2 levels) in <main>'
       # ./spec/support/system_exit_detected.rb:7:in `block (2 levels) in <main>'
       # ./spec/support/redis.rb:18:in `block (3 levels) in <main>'
       # ./spec/support/database/prevent_cross_joins.rb:106:in `block (3 levels) in <main>'
       # ./spec/support/database/prevent_cross_joins.rb:60:in `with_cross_joins_prevented'
       # ./spec/support/database/prevent_cross_joins.rb:106:in `block (2 levels) in <main>'
       # ./ee/spec/support/search/zoekt.rb:123:in `block (2 levels) in <module:Search>'
  
  Finished in 57.28 seconds (files took 13.87 seconds to load)
  84 examples, 2 failures
  
  Failed examples:
  
  rspec './ee/spec/services/ee/search/group_service_blob_and_commit_visibility_spec.rb[1:1:10:2:1:1:2]' # Search::GroupService#visibility visibility project_level: :public, feature_access_level: :private, membership: :guest, admin_mode: nil, expected_count: 1 when using zoekt for blobs behaves like search respects visibility respects visibility with access at group level
  rspec './ee/spec/services/ee/search/group_service_blob_and_commit_visibility_spec.rb[1:1:26:2:1:1:2]' # Search::GroupService#visibility visibility project_level: :internal, feature_access_level: :private, membership: :guest, admin_mode: nil, expected_count: 1 when using zoekt for blobs behaves like search respects visibility respects visibility with access at group level
  
  Randomized with seed 51133
  
  [TEST PROF INFO] Time spent in factories: 00:04.264 (7.07% of total time)