Re-enable registration

[solebared]

Why

Culminating chunk of a series of changes that allows us to re-open user registration.
Also serves to track the state of all related tasks and changesets.

What

Removes the devise override we implemented to block user registration.

Prerequisite changesets and tasks

• Bring the pundit branch up-to-date with main: Adding Pundit, applies to User and Person models #514
• Resolve any outstanding issues in Adding Pundit, applies to User and Person models #514 and merge (also see the list of scenarios tested)
• Drop pundit shared spec contexts: Drop pundit rspec shared contexts #833
• Come up with solution to secure all admin-only controllers: Solution to secure admin-only resources #835
• Extract restful controllers out of AdminController actions: Make admin controllers restful #836
• Secure all admin-only controllers: Add simple auth to all admin-only controllers #837
• Disable pundit verification on fully public controllers: Open fully public controllers #841
• Introduce pundit UserContext: Introduce pundit user context #838
• Introduce Context model: Introduce context #844
• Roll ?admin=false logic into ApplicationPolicy: Admin param #849
• Toggle NavBar buttons based on user roles: Show/hide buttons on NavBar based on user role #850
• Add policies for remaining controllers:
  • AnnouncementsController Secure and consolidate announcements endpoints #845
  • CommunityResourcesController Secure and consolidate community_resource endpoints #848
• Change ContributionController#respond -> show, and combine the views, remove respond button from everywhere Reworking contributions show respond #851 (reviewed)
• Extract restful actions out of ContributionsController and authorize it Make contributions restful and authorized #858
• Re-enable user registration: Re-enable registration #840 (reviewed)

Pre-Merge Checklist

• All new features have been described in the pull request
• Security & accessibility have been considered
• High quality tests have been added, or an explanation has been given why the features cannot be tested
• New features have been documented, and the code is understandable and well commented
• Entry added to CHANGELOG.md if appropriate
• All outstanding questions and concerns have been resolved
• Any next steps that seem like good ideas have been created as issues for future discussion & implementation

Testing and Security

Once all the prerequisites are complete, we will need a full manual test of the whole site.

Next Steps

• As we find issues during testing, we should identify gaps in our automated suite
• Change user roles to only include roles we are actively using right now: unset neighbor admin sys_admin
• Review user roles admin: extracted to Admin needs to be able to set roles on other users #843
• Would also like to merge the following, though they aren't necessary:
  • Rename acting_user accessor in policies #834 Rename acting_user: needs review and discussion
  • Remove unused spec/support modules #822 Remove unused spec modules: needs review

Outstanding Questions, Concerns and Other Notes

• ?