When a user is added to a project that is already a member of, a status code 201 is now returned to
signal an idempotent operation. If something fails then instead of returning error code 404 different
more specific error codes are returned. Status code 400 (Bad request) is returned when a required
attribute, e.g. `access_level` is not given or 422 if there is a semantic error, e.g. should
the `access_level` have an unsupported value.

Specs are added to check these status codes.

fix the gitlab-shell clone url in master installation doc

A user must be part of the team to see a protected project. A test is given
to check that a 404 error is returned if the user can not see the project.

A few fixes in the notes URI pattern (`notes` instead of `:notes`), also updated
the information to status codes. If `body` attribute is missing from a POST request
a status code 400 (Bad request) is returned. This reflects the code changes from
the previous commit.

If a note is created with a POST request via API (`/projects/:id/notes`) status
code 400 is returned instead of 404. The resource itself exists but the request
is incomplete. Specs added to check different status codes when accessing, creating
and updating notes.

A few more tests added to check status code when creating or updating milestones.

If a milestone is created via API but no title given then status code 400 (Bad request)
is returned instead of 404. A small helper method handles the errors collection of a
milestone.

Creating a comment to an existing merge request via API without providing a note
returns a status code 400 now, suggesting a bad request. The reason for this
is the resource itself (MR) exists but the required property is not set.

Using the API library to create or update a merge request at the moment a 404 error is returned.
This is fine when the merge request in question does not exist, but does not provide good
information that for example a required attribute is missing.
A status code of 400 (Bad request) is returned when creating or updating a merge request
when either `source_branch` or `target_branch` is missing. A status code of 409 is returned
when `source_branch` and `target_branch` are the same. Tests are added for these cases.

Add groups api

Update step 5 "database" (Issue #2894)