Refactor user authorization check for a single project to avoid querying all user projects

What does this MR do?

Refactor user authorization check for a single project to avoid querying all user projects

Are there points in the code the reviewer needs to double check?

Is there any alternative to duplicating the logic of Users#authorized_projects on Project#authorized_for_user?

Why was this MR needed?

Users#authorized_projects is slow, and we are calling it unnecessarily when we are already scoped to a single project.

What are the relevant issue numbers?

#18586 (closed) (but it doesn't close it, it doesn't actually changes Users#authorized_projects, so it's still slow, but it does reduce it's uses)

Does this MR meet the acceptance criteria?

• CHANGELOG entry added
• Documentation created/updated
• API support added
• Tests
  • Added for this feature/bug
  • All builds are passing
• Conform by the style guides
• Branch has no merge conflicts with master (if you do - rebase it please)
• Squashed related commits together