Add configurable Trust Models

[zeripath]

Gitea's default signature verification model differs from GitHub. GitHub
uses signatures to verify that the committer is who they say they are -
meaning that when GitHub makes a signed commit it must be the committer.
The GitHub model prevents re-publishing of commits after revocation of a
key and prevents re-signing of other people's commits to create a
completely trusted repository signed by one key or a set of trusted
keys.

The default behaviour of Gitea in contrast is to always display the
avatar and information related to a signature. This allows signatures to
be decoupled from the committer. That being said, allowing arbitary
users to present other peoples commits as theirs is not necessarily
desired therefore we have a trust model whereby signatures from
collaborators are marked trusted, signatures matching the commit line
are marked untrusted and signatures that match a user in the db but not
the committer line are marked unmatched.

The problem with this model is that this conflicts with Github therefore
we need to provide an option to allow users to choose the Github model
should they wish to.

Signed-off-by: Andrew Thornton art27@cantab.net

[CirnoT]

Need to resolve conflicts too

[codecov-commenter]

Codecov Report

Merging #11712 into master will decrease coverage by 0.03%.
The diff coverage is 34.86%.

@@            Coverage Diff             @@
##           master   #11712      +/-   ##
==========================================
- Coverage   43.11%   43.08%   -0.04%     
==========================================
  Files         657      658       +1     
  Lines       72340    72448     +108     
==========================================
+ Hits        31189    31212      +23     
- Misses      36107    36183      +76     
- Partials     5044     5053       +9     

Impacted Files	Coverage Δ
models/migrations/migrations.go	2.46% <ø> (ø)
models/migrations/v152.go	0.00% <0.00%> (ø)
modules/auth/repo_form.go	42.34% <ø> (ø)
modules/git/repo_tree.go	40.00% <0.00%> (ø)
modules/repofiles/delete.go	48.62% <0.00%> (ø)
modules/repofiles/update.go	37.08% <0.00%> (ø)
modules/repository/generate.go	0.00% <0.00%> (ø)
modules/structs/repo.go	50.00% <ø> (ø)
models/gpg_key.go	53.33% <14.28%> (-1.49%)	⬇️
routers/repo/setting.go	14.95% <18.75%> (+0.10%)	⬆️
... and 28 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 89c94e2...17dd1c0. Read the comment docs.

[6543]

☝️ set trusted at the begining once and then overwrite it if a case matches ...

[6543]

make fmt (i think there is one /newline too mouch)