Approval rule override to only allow adding but not removing approvers

Currently the approval rule system allows merge request author to override a rule with completely different set of approvers. The proposal is to make this more restrictive, so user can only add more approvers, but not remove project level approvers.

Rationale

Enforced Restrictiveness

The current rule isn't very restrictive, as author can replace approvers with friends of his own, bypassing the check.

Lower Implementation Complexity

This allows possible implementation which has a much simpler data structure, and easier to query.

Currently, we hit a block when trying to implement Filter merge requests by individual approvers. This is because we need to query for rules belong to both the project level and the merge request level. However the result also need to exclude project rules being overwritten to have approvers being removed.

The basic query involves 4 unions, but the ability to remove approvers would make this query much more complex. Currently we are considering creating a caching intermediate table in order to make the query simpler, but by allowing "only adding approvers", we can avoid this all together.

Override may be superseded by code owner approval rules

The existing override may no longer be necessary. For example, currently in GitLab we allow MR authors to override to add gl-database members as approvers when migrations are involved. However this will be solved once code owner approval rule is functional. Is there still another use case for override?