Provide option to disable Two-Factor Authentication

What does this MR do?

Add an application level setting for controlling the option to configure two factor authentication for all users. The three options for configuration include:

• -1 2FA is disabled & hidden for all users
• 0 no restrictions (default)
• 1 2FA is required for all users

Adding the new two_factor_auth_restriction variable, required migrating the require_two_factor_authentication variable using the following logic: true => 1, false => 0.

Are there points in the code the reviewer needs to double check?

N/A

Why was this MR needed?

We wanted the option to fully disable 2FA in order to avoid confusion in our instance where we only allow user's to login via CAS.

Screenshots (if relevant)

Does this MR meet the acceptance criteria?

• Changelog entry added, if necessary
• Documentation created/updated
• API support added
• Tests
  • Added for this feature/bug
  • All builds are passing
• Conform by the merge request performance guides
• Conform by the style guides
• Branch has no merge conflicts with master (if it does - rebase it please)
• Squashed related commits together

What are the relevant issue numbers?

• Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/35017
• https://gitlab.com/gitlab-org/gitlab-ce/issues/33508