Implements repo filtering based on user permissions by utilizing a double negation strategy (more context in #21788 (closed)).
This implementation matches the security model of Sourcegraph exactly as is today, and will simply not return results to users that are unauthorized to see a particular repo.
