Add state events to API

What does this MR do?

Adds an API to query resource state events.

MR to add menu item for documentation: gitlab-docs!975 (merged)

Queries

Sample query:

explain analyze SELECT "resource_state_events".* FROM "resource_state_events" WHERE "resource_state_events"."issue_id" = 520 order by id offset 0 limit 100

Explain analyze:

Limit  (cost=0.29..4.13 rows=100 width=84) (actual time=0.017..0.059 rows=100 loops=1)
  ->  Index Scan using resource_state_events_pkey on resource_state_events  (cost=0.29..769.76 rows=20009 width=84) (actual time=0.017..0.053 rows=100 loops=1)
        Filter: (issue_id = 520)
        Rows Removed by Filter: 18
Planning time: 0.085 ms
Execution time: 0.076 ms

Test in rails console:

[1] pry(main)> i = Issue.find(520)
  Issue Load (5.4ms)  SELECT "issues".* FROM "issues" WHERE "issues"."id" = 520 LIMIT 1
  Project Load (10.0ms)  SELECT "projects".* FROM "projects" WHERE "projects"."id" = 8 LIMIT 1
  Route Load (1.7ms)  SELECT "routes".* FROM "routes" WHERE "routes"."source_id" = 8 AND "routes"."source_type" = 'Project' LIMIT 1
=> #<Issue id:520 h5bp/html5-boilerplate#69>
[2] pry(main)> ResourceStateEventFinder.new(User.find(1), i).execute.order(:id).page(1).per(100)
  User Load (12.8ms)  SELECT "users".* FROM "users" WHERE "users"."id" = 1 LIMIT 1
  ProjectFeature Load (6.2ms)  SELECT "project_features".* FROM "project_features" WHERE "project_features"."project_id" = 8 LIMIT 1
  ApplicationSetting Load (2.2ms)  SELECT "application_settings".* FROM "application_settings" ORDER BY "application_settings"."id" DESC LIMIT 1
  ResourceStateEvent Load (3.2ms)  SELECT "resource_state_events".* FROM "resource_state_events" WHERE "resource_state_events"."issue_id" = 520 ORDER BY "resource_state_events"."id" ASC LIMIT 100 OFFSET 0
  User Load (0.6ms)  SELECT "users".* FROM "users" WHERE "users"."id" IN (1, 2)

Screenshots

Does this MR meet the acceptance criteria?

Conformity

• Changelog entry
• Documentation (if required)
• Code review guidelines
• Merge request performance guidelines
• Style guides
• Database guides
• Separation of EE specific content

Availability and Testing

• Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
• Tested in all supported browsers
• Informed Infrastructure department of a default or new setting change, if applicable per definition of done

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

• Label as security and @ mention @gitlab-com/gl-security/appsec
• The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
• Security reports checked/validated by a reviewer from the AppSec team