fix: avoid setting user profile to public when updating via API

What does this MR do?

Remove default value for private_profile from users API parameters, this is properly handled in the user model. This default was causing in API PUT requests to always set the profile to public if an explicit value was not given in the json parameters, instead of ignoring it.

Adapted the specs to check both cases:

• If the json field is not provided, ignore it and do not modify the model stored value
• If the json field is provided:
  • If value is nil, set to false in the model
  • Otherwise update the model with the boolean value provided

Fixes #202070 (closed)

🛠 with ❤ at Siemens

/cc @bufferoverflow @rpaik

Screenshots

Does this MR meet the acceptance criteria?

Conformity

• Changelog entry
• Documentation (if required)
• Code review guidelines
• Merge request performance guidelines
• Style guides
• [-] Database guides
• [-] Separation of EE specific content

Availability and Testing

• Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
• [-] Tested in all supported browsers
• [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

• [-] Label as security and @ mention @gitlab-com/gl-security/appsec
• The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
• [-] Security reports checked/validated by a reviewer from the AppSec team