Support explicit repository permissions model

Created by: unknwon

This issue is for tracking support of explicit repository permissions model, please see RFC 40: Explicit Repository Permissions Model for background and design details.

Implementation Plan

PR: #6427

• Configuration
  • site.schema.json
  • Site alert for blocking all accesses when both permission models are configured
• Database migration
  • Migration scripts
  • Update Bitbucket Server Authz Provider to recognize provider column
• Package permsstore
  • (*store).LoadUserPermissions
  • (*store).LoadRepoPermissions
  • (*store).LoadPendingPermissions
  • (*store).UpsertRepoPermissions
  • (*store).UpsertPendingPermissions
  • (*store).RemoveRepoPermissions
  • (*store).RemovePendingPermissions
  • (*store).SetRepoPermissions
  • (*store).SetPendingPermissions
  • (*store).GrantPendingPermissions
  • Verify the design can be reused by Bitbucket Server Provider #6500
  • Verify the design is good for GraphQL APIs
  • Abstract some blocks to functions
  • Think about locking
  • Tests

---

• GraphQL APIs
  • Update schema.graphql
  • setRepositoryPermissionsForUsers
  • addRepositoryPermissionsForUsers
  • removeRepositoryPermissionsFromUsers
  • authorizedUserRepositories
  • usersWithPendingPermissions
  • Repository.authorizedUsers
  • Tests https://github.com/sourcegraph/sourcegraph/pull/6427#issuecomment-557392099
• Inject into authzFilter https://github.com/sourcegraph/sourcegraph/pull/6427#discussion_r349900524
  • Block all access when both permission models are configured (hooks.PreAuthMiddleware)
• Handle change of bind_id in site config
• Handle user deletion, also clean up pending permission for the user just in case
• Clean up TODO:s

---

Follow up:

• https://github.com/sourcegraph/sourcegraph/issues/6859
• https://github.com/sourcegraph/sourcegraph/issues/6845