Hide information in campaigns based on repository permissions

Created by: mrnugget

This implements part 1/2 of https://github.com/sourcegraph/sourcegraph/issues/10809 by incorporating repository permission in the read-path of the campaigns resolvers and hiding information from users that don't have access to associated repositories.

The PR also depends on https://github.com/sourcegraph/src-cli/pull/213, which will be merged and released after this PR in a src-cli minor version release. After that release I'll bump the min-required src-cli in sourcegraph.

What this PR does, in concrete terms:

• Split up the Patch and ExternalChangeset types in the GraphQL schema into Patch/HiddenPatch and ExternalChangeset/HiddenExternalChangeset. The types should implement the same interface but the "hidden" variants hide most information besides their own ID and the campaign they're associated with.
• In every ChangesetsConnection return a HiddenExternalChangeset when the user doesn't have access to the underlying repository.
• In every PatchesConnection return a HiddenPatch when the user doesn't have access to the underlying repository.
• In ChangesetByID,PatchByID return a hidden changeset/patch if the user doesn't have access to the repository. Note: This is a slight variation from the original task in the ticket, since we don't return a 404, but I think this makes far more sense, since we expose the "hidden" types with IDs.
• In Campaign.status.errors filter out the errors if the user doesn't have access to the underlying repositories.
• In Campaign.diffStat do not include stats for patches/changesets the user doesn't have access to.
• In PatchSet.diffStat do not include stats for patches the user doesn't have access to.

In a follow-up PR I'm going to incorporate repository permissions into the mutations of the API.

Note: Merging is safe, since permission levels are already in place and we still have the admin check around campaigns.

Screenshots