API: forking a project raises 409 instead of 403 if you don't have permissions
Summary
POST /projects/fork/:id should return 403 if the requesting user does not have permission to fork. Instead, it returns 409
Steps to reproduce
POST /api/projects/:id/fork as a user with insufficient permissions
Expected behavior
HTTP 403 Unauthorized header
Actual behavior
HTTP 409 Conflict
Possible fixes
Detect the type of error and respond appropriately. This would be helpers if Projects::ForkService / CreateService returned a [project, reason]
tuple, or perhaps raised an EPERM that could be caught.