Refactor and consolidate rebase permission checks

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

The following discussion from !49800 (merged) should be addressed:

• @stanhu started a discussion: (+1 comment)

  This condition block is cribbed from the API and the controller:

  1. authorize_push_to_merge_request!: https://gitlab.com/gitlab-org/gitlab/blob/9c56cf2ee7e3c129115e29285c68a5f0b931b598/lib/api/merge_requests.rb#L100-109
  2. check_user_can_push_to_source_branch!: https://gitlab.com/gitlab-org/gitlab/blob/54a319fe3e3820499afd0ad0cbcaa6ca36e506b2/app/controllers/projects/merge_requests_controller.rb#L441-447

  We should probably consolidate this into the service itself, though the controller does this check before it even runs the service. I wonder if this refactor should be in a follow-up issue/merge request?

Quick actions have their own copied permission checks: https://gitlab.com/gitlab-org/gitlab/-/blob/a9cda936ee790dea6679b7691e05710a9a0aed48/lib/gitlab/quick_actions/merge_request_actions.rb#L48-57