Allow any GitLab user to search for nuget packages in public registries

Context

In GitLab package registry, there's a project-level setting that can allow anyone to pull from the package registry, regardless of project visibility.

That works fine for the project-level endpoints. However, it's not supported for the group-level endpoints.

In Allow anyone to pull public NuGet packages on g... (!155119 - merged), we started to add the support for this setting on the group-level endpoints. We chose NuGet Repository to start with.

In NuGet Repository, we have three group-level endpoints that we need to support the setting in:

• Metadata Service ➡ Done in !155119 (merged)
• Version Metadata Service ➡ Done in !155119 (merged)
• Search Service ➡ Done in this MR

What does this MR do?

• Modify Packages::Nuget::SearchService & Packages::FinderHelper so that they use the correct database query to fetch packages in public registries.
• Add related specs.
• Some cleanup.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before	After

How to set up and validate locally

1. Make sure you have a private project in a private group to use it as the package registry.

2. Open rails console:

   # Enable the ~"feature flag"
   Feature.enable(:allow_anyone_to_pull_public_nuget_packages_on_group_level)
   
   # Enable `package_registry_allow_anyone_to_pull_option` application setting
   ApplicationSetting.last.update(package_registry_allow_anyone_to_pull_option: true)
   
   # Enable Allow anyone to pull from Package Registry in the private project from step 1
   Project.find(<id>).project_feature.update(package_registry_access_level: ::ProjectFeature::PUBLIC)
   
   # Create an external user that we are sure they dont have access to the group or project
   user = FactoryBot.create(:user, :external)
   # Keep the username of the user, we will use it later
   user.username
   
   # Create PAT for the external user, we will use it later
   pat =  FactoryBot.create(:personal_access_token, user: ext).token
   
   # stub file upload
   def fixture_file_upload(*args, **kwargs)
     Rack::Test::UploadedFile.new(*args, **kwargs)
   end
   
   # Create a nuget package in the private project from step 1
   package = FactoryBot.create(:nuget_package, project_id: <private_project_id>)
   # Keep the package name, we will use it later
   package.name

3. Add the private group as your nuget source feed:

   nuget sources add -name private-group -source http://gdk.test:3000/api/v4/groups/<group_id>/-/packages/nuget/index.json -username < external_user_username > -password < PAT > -StorePasswordInClearText

4. We can now try searching for the package using NuGet CLI (make sure you have nuget installed):

   nuget search -Source private-group

   We should see the package name we created previously appears as a result.

5. On master, if we tried to search for packages in the private group/project, a 404 (Not Found) response will be returned.

Related to #467396 (closed)