Prevent showing repos in the merge request dropdown that are inacessible

What does this MR do and why?

As a follow-up to Show SAML message when reauthorization needed (!121879 - merged), this prevents any inaccessible branches (due to not being authorized with SAML) from being listed as an option on new merge requests.

How to set up and validate locally

1. Setup the GDK to use Group SAML with a specific group. For example: Flightjs (will use this going forward)
2. Login as a test user with SAML at (if you're using the method above with the gdk, the easiest way is to use one of the test users: user_1/user1pass at https://localhost:8443/simplesaml/saml2/idp/SSOService.php)
3. With root (in a private window), add user_1 as a member to Flightjs ("maintainer" level will do)
4. Back in user_1's window, create a private fork (user_1/User1Fork) of a your SAML-protected project (flightjs/Flight) in user_1's personal namespace
5. As user_1, visit https://gdk.localhost:3443/-/profile/password/edit (in GitLab - not the SAML interface) and set a password for user_1 so it can login to GitLab without SAML
6. Log user_1 out of GitLab, log out of any SAML windows, (maybe restart your SAML docker just to be sure) and then use another private window to login as user_1 to GitLab with the password (NOT SAML) you set in Step 5
7. As user_1, create a new MR from your fork (user_1/User1Fork) to the protected repo (flightjs/Flight)
8. Confirm protected repo (flightjs/Flight) does not appear in the dropdown list

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.

Related to #391765 (closed)