Merge remote-tracking branch 'upstream/master' into no-ivar-in-modules

* upstream/master: (170 commits)
  support ordering of project notes in notes api
  Redirect to an already forked project if it exists
  Reschedule the migration to populate fork networks
  Create fork networks for forks for which the source was deleted.
  Fix item name and namespace text overflow in Projects dropdown
  Minor backport from EE
  fix link that was linking to `html` instead of `md`
  Backport epic tasklist
  Add timeouts for Gitaly calls
  SSHUploadPack over Gitaly is now OptOut
  fix icon colors in commit list
  Fix star icon color/stroke
  Backport border inline edit
  Add checkboxes to automatically run AutoDevops pipeline
  BE for automatic pipeline when enabling Auto DevOps
  I am certainly weary of debugging sidekiq but I don't think that's what was meant
  Ensure MRs always use branch refs for comparison
  Fix issue comment submit button disabled on GFM paste
  Lock seed-fu at the correct version in Gemfile.lock
  Improve indexes on merge_request_diffs
  ...

2 files changed, 7 insertions, 5 deletions

diff --git a/lib/api/v3/entities.rb b/lib/api/v3/entities.rb
index afdd7b83998..c17b6f45ed8 100644
--- a/lib/api/v3/entities.rb
+++ b/lib/api/v3/entities.rb
@@ -172,8 +172,8 @@ module API
         expose :id
         expose :default_projects_limit
         expose :signup_enabled
-        expose :password_authentication_enabled
-        expose :password_authentication_enabled, as: :signin_enabled
+        expose :password_authentication_enabled_for_web, as: :password_authentication_enabled
+        expose :password_authentication_enabled_for_web, as: :signin_enabled
         expose :gravatar_enabled
         expose :sign_in_text
         expose :after_sign_up_text
diff --git a/lib/api/v3/settings.rb b/lib/api/v3/settings.rb
index 202011cfcbe..9b4ab7630fb 100644
--- a/lib/api/v3/settings.rb
+++ b/lib/api/v3/settings.rb
@@ -44,8 +44,8 @@ module API
           requires :domain_blacklist, type: String, desc: 'Users with e-mail addresses that match these domain(s) will NOT be able to sign-up. Wildcards allowed. Use separate lines for multiple entries. Ex: domain.com, *.domain.com'
         end
         optional :after_sign_up_text, type: String, desc: 'Text shown after sign up'
-        optional :password_authentication_enabled, type: Boolean, desc: 'Flag indicating if password authentication is enabled'
-        optional :signin_enabled, type: Boolean, desc: 'Flag indicating if password authentication is enabled'
+        optional :password_authentication_enabled, type: Boolean, desc: 'Flag indicating if password authentication is enabled for the web interface'
+        optional :signin_enabled, type: Boolean, desc: 'Flag indicating if password authentication is enabled for the web interface'
         mutually_exclusive :password_authentication_enabled, :signin_enabled
         optional :require_two_factor_authentication, type: Boolean, desc: 'Require all users to setup Two-factor authentication'
         given require_two_factor_authentication: ->(val) { val } do
@@ -131,7 +131,9 @@ module API
         attrs = declared_params(include_missing: false)
 
         if attrs.has_key?(:signin_enabled)
-          attrs[:password_authentication_enabled] = attrs.delete(:signin_enabled)
+          attrs[:password_authentication_enabled_for_web] = attrs.delete(:signin_enabled)
+        elsif attrs.has_key?(:password_authentication_enabled)
+          attrs[:password_authentication_enabled_for_web] = attrs.delete(:password_authentication_enabled)
         end
 
         if current_settings.update_attributes(attrs)