This can be done trough the API for the current user, or on the
profile page.

This is in preparation for modifying importers to assign e-mails for
only confirmed emails.

Partially addresses #47424.

It's probably duplicated during resolving a conflict?

This reverts commit 1915c9f0.

Signed-off-by: Rémy Coutable <remy@rymai.me>

First N+1: we may have loaded a user's notification settings already, but not
have loaded their sources. Because we're iterating through, we'd potentially
load sources that are completely unrelated, just because they belong to this
user.

Second N+1: we do a separate query for each user who could be subscribed to or
unsubcribed from the target. It's actually more efficient in this case to get
all subscriptions at once, as we will need to check most of them.

We can fix both by the slightly unpleasant means of checking IDs manually,
rather than object equality.

Signed-off-by: Rémy Coutable <remy@rymai.me>

Closes #32258.

ObjectStore uploader requires presence of associated `uploads` record
when deleting the upload file (through the carrierwave's after_commit
hook) because we keep info whether file is LOCAL or REMOTE in `upload`
object.

For this reason we can not destroy uploads as "dependent: :destroy" hook
because these would be deleted too soon. Instead we rely on
carrierwave's hook to destroy `uploads` in after_commit hook.

But in before_destroy hook we still have to delete not-mounted uploads
(which don't use carrierwave's destroy hook). This has to be done in
before_Destroy instead of after_commit because `FileUpload` requires
existence of model's object on destroy action.

This is not ideal state of things, in a next step we should investigate
how to unify model dependencies so we can use same workflow for all
uploads.

Related to #45425

When terms are enforced, but the user has not accepted the terms
access to the API & git is rejected with a message directing the user
to the web app to accept the terms.

* Show 2fa badge on a group members page
* Make group members page UI consistent with project members page
* Fix ambiguous sql in User.with/without_two_factor methods

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

When a user accepts, we store this in the agreements to keep track of
which terms they accepted. We also update the flag on the user.

This commit fixes the error:

```
  1) Admin::UsersController DELETE #user with projects deletes the user and their contributions when hard delete is specified
     Failure/Error: Users::DestroyService.new(current_user).execute(delete_user, options.symbolize_keys)

     NoMethodError:
       undefined method `symbolize_keys' for "{\"hard_delete\"=>\"true\"}":String
     # ./app/workers/delete_user_worker.rb:8:in `perform'
     # ./lib/gitlab/sidekiq_status/server_middleware.rb:5:in `call'
     # ./config/initializers/forbid_sidekiq_in_transactions.rb:35:in `block (2 levels) in <module:NoEnqueueingFromTransactions>'
     # ./app/models/user.rb:913:in `delete_async'
     # ./app/controllers/admin/users_controller.rb:148:in `destroy'
     # ./lib/gitlab/i18n.rb:50:in `with_locale'
     # ./lib/gitlab/i18n.rb:56:in `with_user_locale'
     # ./app/controllers/application_controller.rb:327:in `set_locale'
     # ./spec/controllers/admin/users_controller_spec.rb:28:in `block (3 levels) in <top (required)>'

Finished in 6.81 seconds (files took 13.9 seconds to load)
1 example, 1 failure
```

In `arel 7.0` (`7.1.4` version is used for rails5) there were introduced
some changes that break our code in the `User#manageable_groups` method.

The problem is that `arel_table[:id].in(Arel::Nodes::SqlLiteral)` generates
wrong `IN ()` construction. The selection for `IN` is missing:

=> "\"namespaces\".\"id\" IN (0)"

That caused such spec errors for the `rails5` branch:

```
4) User groups with child groups #manageable_groups does not include duplicates if a membership was added for the subgroup
    Failure/Error: expect(user.manageable_groups).to contain_exactly(group, subgroup)

      expected collection contained:  [#<Group id:232 @GROUP29>, #<Group id:234 @group29/group30>]
      actual collection contained:    []
      the missing elements were:      [#<Group id:232 @GROUP29>, #<Group id:234 @group29/group30>]
    # ./spec/models/user_spec.rb:699:in `block (5 levels) in <top (required)>'
    # ./spec/spec_helper.rb:188:in `block (2 levels) in <top (required)>'
    # /var/lib/gems/2.3.0/gems/rspec-retry-0.4.6/lib/rspec/retry.rb:112:in `block in run'
    # /var/lib/gems/2.3.0/gems/rspec-retry-0.4.6/lib/rspec/retry.rb:101:in `loop'
    # /var/lib/gems/2.3.0/gems/rspec-retry-0.4.6/lib/rspec/retry.rb:101:in `run'
    # /var/lib/gems/2.3.0/gems/rspec-retry-0.4.6/lib/rspec_ext/rspec_ext.rb:12:in `run_with_retry'
    # /var/lib/gems/2.3.0/gems/rspec-retry-0.4.6/lib/rspec/retry.rb:30:in `block (2 levels) in setup'
```

This commit changes `User#manageable_groups` in the way to drop the usage of
`Arel::Nodes::SqlLiteral` and adds usage of raw SQL query.
This change should be updated when we're migrated to Rails 5.2 because arel
was fixed in `9.0.0` (which is used in Rails 5.2).

This reverts the addition of the "goldiloader" Gem and all use of it.
While this Gem is very promising it's causing a variety of problems on
GitLab.com due to it eager-loading too much data in places where we
don't expect/can handle this. At least for the time being this means we
have to go back to manually fixing N+1 query problems, but at least
those should not cause a negative impact on availability.

Goldiloader is great, but has several issues with has_many :through relations:

* https://github.com/salsify/goldiloader/issues/12
* https://github.com/salsify/goldiloader/issues/14
* https://github.com/salsify/goldiloader/issues/18

Rather than try to figure out which applies in each case, we should just do the
drudge work of manually disabling autoloading for all relations of this type. We
can always use regular preloading for specific cases, but this way we avoid
generating invalid queries through Goldiloader's magic.

Goldiloader (https://github.com/salsify/goldiloader) can eager load
associations automatically. This removes the need for adding "includes"
calls in a variety of different places. This also comes with the added
benefit of not having to eager load data if it's not used.

Use project_authorizations instead of members to calculate manageable CI projects to speed up query (#41981)

Closes #37462.

The merge request counter in the UI was not decreasing when a merge
request was deleting.

This was just due to the cache not being
refreshed on a delete action.

fixes: https://gitlab.com/gitlab-org/gitlab-ce/issues/44458