Protected packages: Add basics for package delete protection

What does this MR do and why?

Protected packages: Add basics for package delete protection

This MR introduces the basics for the package delete protection, e.g. database migration, data model, etc.

The scope of the basic functionality was discussed in the epic, see &5574

This MR is the foundation of upcoming MRs that complete further aspects of the feature, e.g.:

• Protected packages: Integrate delete protection... (!179931 - merged)
• Add field to REST API + GraphQL (MR in progress)
• Refine documentation (MR in progress)

Changelog: added

🛠️ with ❤️ at Siemens

References

Please include cross links to any resources that are relevant to this MR This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

MR Checklist (@gerardo-navarro)

• Changelog entry added, if necessary
• Documentation created/updated via this MR
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Tested in all supported browsers
• Conforms to the code review guidelines
• Conforms to the merge request performance guidelines
• Conforms to the style guides
• Conforms to the javascript style guides
• Conforms to the database guides

Screenshots or screen recordings

This MR focusses on changing / preparing the data model for the integration of the delete protection by adding the new column minimum_access_level_for_delete to the table packages_protection_rules, see !179739 (diffs) .

This MR does not include UX or frontend in order to keep the MR focussed.

How to set up and validate locally

1. Open the rails console (rails c) and execute the following snippet

Packages::Protection::Rule.create(
  project: Project.find_by_full_path('flightjs/Flight'),
  package_name_pattern: '@flightjs/flight',
  package_type: :npm,
  minimum_access_level_for_push: :maintainer,
  minimum_access_level_for_delete: :owner
)

2. Use one of the scope method .for_delete_exists to check if there is a matching package delete protection rule; this scope method is used in upcoming to complete package delete protection, see !179931 (diffs).

Project
  .find_by_full_path('flightjs/Flight')
  .package_protection_rules
  .for_action_exists?(
    action: :delete,
    access_level: Gitlab::Access::MAINTAINER,
    package_name: '@flightjs/flight',
    package_type: :npm
  )
# => true

Project
  .find_by_full_path('flightjs/Flight')
  .package_protection_rules
  .for_action_exists?(
    action: :delete,
    access_level: Gitlab::Access::OWNER,
    package_name: '@flightjs/flight',
    package_type: :npm
  )
# => false