Pull mirroring stores a "mirror_user", which is used to attribute
changes performed by the mirroring option and, in some cases, for
checking permissions. In general, the mirror user should be the user
who set up the pull mirror. However, **changes** to mirror attributes
do not reset the mirror_user at present.

This property allows a mirror to be changed by one project maintainer,
and for the changes to be wrongly attributed to another maintainer. In
the worst case, this could lead to permissions bypasses or credential
theft.

To mitigate this, we remove the ability to specify who the mirror user
will be, and ensure it is always set to the ID of the user who modifies
the pull mirroring settings. The only exception is if you're an admin
user making changes via the API - in this circumstance, we allow the
mirror_user_id to be set arbitrarily. This preserves an API endpoint
that may be widely used.