allow authenticated-only access to projects

Currently harbor projects can be public or private.

The goal is to have an additional state allowing access to any authenticated user - similar to gitlab projects being internal.

This will match the feature we added using ingress rules, but much cleaner.