Implementing Granular User Permission Controls for Secrets API endpoints

What does this MR do and why?

This merge request implements a permissions system for GitLab's Secrets Management feature. The key components include:

1. User Authentication Module:
   • Updates the existing SecretsManagement::SecretManagerClient to authenticate a specific user.
2. Permission Management:
   • Enhances SecretPermission model with improved validation for roles and member roles
   • Updates permission handling to track who granted permissions
   • Adds internal permissions like 'list' and 'scan'
3. User-based Access Control:
   • Implements UserClientHelper to create authenticated clients for users
   • Updates services to use user-specific clients for operations like creating, reading, updating, and deleting secrets
   • Modifies the project secrets manager provisioning to set up proper user authentication
4. Default Owner Permissions:
   • Automatically creates owner-level permissions during provisioning
   • Ensures project owners have full access to secrets by default
5. Testing:
   • Adds comprehensive tests for the new permission system
   • Includes test fixtures for JWT authentication

The implementation allows for fine-grained access control to secrets based on user roles, group membership, and custom member roles, with proper validation to ensure permissions are only granted to users with appropriate access to the project.

References

Issue Link: #524412 (closed)

Screenshots or screen recordings

Before	After

How to set up and validate locally

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.