FIX: Wrong scope used for notification levels user serializer (#13039)

This is a recent regression introduced by https://github.com/discourse/discourse/pull/12937 which makes it so that when looking at a user profile that is not your own, specifically the category and tag notification settings, you would see your own settings instead of the target user. This is only a problem for admins because regular users cannot see these details for other users.

The issue was that we were using `scope` in the serializer, which refers to the current user, rather than using a scope for the target user via `Guardian.new(user)`.

However, on further inspection the `notification_levels_for` method for `TagUser` and `CategoryUser` did not actually need to be accepting an instance of Guardian, all that it was using it for was to check guardian.anonymous? which is just a fancy way of saying user.blank?. Changed this method to just accept a user instead and send the user in from the serializer.

app/serializers/basic_user_serializer.rb

@@ -23,6 +23,10 @@ class BasicUserSerializer < ApplicationSerializer
     object[:user] || object.try(:user) || object
   end
 
+  def user_is_current_user
+    object.id == scope.user&.id
+  end
+
   def categories_with_notification_level(lookup_level)
     category_user_notification_levels.select do |id, level|
       level == CategoryUser.notification_levels[lookup_level]
@@ -30,7 +34,7 @@ class BasicUserSerializer < ApplicationSerializer
   end
 
   def category_user_notification_levels
-    @category_user_notification_levels ||= CategoryUser.notification_levels_for(scope)
+    @category_user_notification_levels ||= CategoryUser.notification_levels_for(user)
   end
 
   def tags_with_notification_level(lookup_level)
@@ -40,6 +44,6 @@ class BasicUserSerializer < ApplicationSerializer
   end
 
   def tag_user_notification_levels
-    @tag_user_notification_levels ||= TagUser.notification_levels_for(scope)
+    @tag_user_notification_levels ||= TagUser.notification_levels_for(user)
   end
 end