Sync both default_branch_protection columns on API update

What does this MR do and why?

We are migrating default_branch_protection from an integer column to a jsonb column.

• The original column is default_branch_protection
• The new column is default_branch_protection_defaults

Right now, we have only added the new jsonb column. It is not yet exposed via the API and not yet being used.

In this commit, we are just syncing the existing column to the new one on API updates.

This is meant to accomplish a couple of things:

1. reduce the number of rows that will eventually need to be backfilled for the new column
2. allow us to eventually test some of the app code without exposing the new column in the API yet

How to set up and validate locally

for application settings

1. check the initial default_branch_protection and default_branch_protection_defaults settings

       curl --request GET \
            --header "PRIVATE-TOKEN: $TOKEN" \
            --url "localhost:3000/api/v4/application/settings" | json_pp | grep default_branch_protection

       # rails console for default_branch_protection_defaults as there is no API yet
       ApplicationSetting.pluck(:default_branch_protection_defaults)
       
       # => [{}]

2. update default_branch_protection via the API

       curl --request PUT \
            --header "PRIVATE-TOKEN: $TOKEN" \
            --url "localhost:3000/api/v4/application/settings?default_branch_protection=0"| json_pp| grep default_branch_protection

3. check default_branch_protection_defaults in the rails console again, it should have also updated with the same permissions

       # rails console for default_branch_protection_defaults as there is no API yet
       ApplicationSetting.pluck(:default_branch_protection_defaults)
       
       # => [{"allowed_to_push"=>[{"access_level"=>30}], "allow_force_push"=>true, "allowed_to_merge"=>[{"access_level"=>30}]}]

for group settings

1. check the initial default_branch_protection and default_branch_protection_defaults settings

       curl --request GET \
            --header "PRIVATE-TOKEN: $TOKEN" \
            --url "localhost:3000/api/v4/groups/35" | json_pp | grep default_branch_protection

       # rails console for default_branch_protection_defaults as there is no API yet
       Group.find(35).namespace_settings.default_branch_protection_defaults
       
       # => {}

2. update default_branch_protection via the API

       curl --request PUT \
            --header "PRIVATE-TOKEN: $TOKEN" \
            --url "localhost:3000/api/v4/groups/35?default_branch_protection=0"| json_pp| grep default_branch_protection

3. check default_branch_protection_defaults in the rails console again, it should have also updated with the same permissions

       # rails console for default_branch_protection_defaults as there is no API yet
       Group.find(35).namespace_settings.default_branch_protection_defaults
       
       # => [{"allowed_to_push"=>[{"access_level"=>30}], "allow_force_push"=>true, "allowed_to_merge"=>[{"access_level"=>30}]}]

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.

Related to #408309 (closed)