This change helps system administrators who want to replicate
GitLab backup files without needing root permissions.

Until now, a user needed to first sign in with his LDAP identity and then manually
link his/her account with an omniauth identity from their profile.
Only when this is done can the user authenticate with the omniauth provider and at
the same time benefit from the LDAP integration (HTTPS authentication with LDAP
username/password and in EE: LDAP groups, SSH keys etc.).
This feature automates the process by looking up a corresponding LDAP person when a
user connects with omniauth for the first time and then automatically linking the LDAP
and omniauth identities (of course, like the existing allow_single_sign_on setting,
this is meant to be used with trusted omniauth providers).
The result is identical to a manual account link.

Add config initializers for other omniauth settings.

Add an option to automatically sign-in with an Omniauth provider without showing the GitLab sign-in page

This is useful when integrating with existing SSO environments and we want to use a single Omniauth provider for
all user authentication.

Add new global application settings for default project and snippet
visibility levels.

By imposing this rule we avoid having to demand that 'ldapmain' exists
in the settings initializer.

Closes #1305

successful Git over HTTP authentication.

Add logging when a ban goes into effect for debugging.

Issue #1171

Add checkboxes to the application settings page for restricted
visibility levels, and remove those settings from gitlab.yml.