Add a GraphQL mutation to update multiple project members

What does this MR do and why?

Adds a GraphQL mutation to make it easier for the project admins to update project members in bulk. And also moves the common code to a concern.

This fixes another error where the access levels of members with minimal access were not getting updated. It was because the members with minimal access were not included when finding direct members and the Only access level of direct members can be updated. error was raised. The fix is in eecd1fef

Sample mutation

Input

mutation {
  projectMemberBulkUpdate(input: {
    projectId: "gid://gitlab/Project/116"
    accessLevel: DEVELOPER
    expiresAt: "2023-09-10 08:00:00"
    userIds: [
      "gid://gitlab/User/119",
      "gid://gitlab/User/121"
    ]
  }) {
    projectMembers {
      id
      accessLevel {
        integerValue
        stringValue
      }
      expiresAt
    }
    errors
  }
}

Output

{
  "data": {
    "projectMemberBulkUpdate": {
      "projectMembers": [
        {
          "id": "gid://gitlab/ProjectMember/322",
          "accessLevel": {
            "integerValue": 30,
            "stringValue": "DEVELOPER"
          },
          "expiresAt": "2023-09-10"
        },
        {
          "id": "gid://gitlab/ProjectMember/323",
          "accessLevel": {
            "integerValue": 30,
            "stringValue": "DEVELOPER"
          },
          "expiresAt": "2023-09-10"
        }
      ],
      "errors": []
    }
  }
}

How to set up and validate locally

1. http://localhost:3000/-/graphql-explorer
2. Run the above sample mutation and check the roles of project members.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.

Related to #388920 (closed)