Resolve "Any Group Access Token bot users originating from shared groups should not count as licensed users"

What does this MR do and why?

Fix for #352777 (closed), this change affects only GitLab.com billing.

A group (say, Group A) or a project (Project P) can be shared to another group (lets call this Group X) via Project-Group sharing feature & Group-group sharing feature.

When this sharing is established, members from Group X will get access to other group or project, and because of this reason members of Group X needs to be billed on Project P's root ancestor or Group A's root ancestor.

However, if Group X has set up group access tokens, it will create and add a bot user in Group X (lets call this User B).

Due to the bug we currently have, this User B that is originally part of Group X is being billed in the shared project/group 's root ancestor, which should not happen, because our documentation guarantees that bot users are excluded from being billed everywhere.

This MR fixes this bug by excluding the bot users originating from shared groups in context of billing.

Screenshots or screen recordings

These are strongly recommended to assist reviewers and reduce the time to merge your change.

How to set up and validate locally

Reproduction steps are mentioned in #352777 (closed). This is gitlab.com specific, so local GDK should be run in GitLab SaaS mode for reproduce this.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.