Shift around username/password editing

The username is now made more visible on the register screen,
encouraging the user to create a new username before they set
an SSH public key on their account.

Username and password were removed from most tabs and put into their
own HTTP Password tab, just below the SSH Public Keys.  We also now
have a clear password button, to permit erasing a password that was
assigned and isn't actually needed by the user.

The username can only be set once per account now, and once set is
not permitted to be changed.  This change simplifies our UI, but it
also sets the stage for supporting ${user} variables in access rules
for references, and renaming an account once it has branches owned by
it would complicate the account rename process.

Change-Id: I2c0f26bb4501b88faa451105dd3d74e3830e632c
Signed-off-by: Shawn O. Pearce <sop@google.com>

gerrit-common/src/main/java/com/google/gerrit/common/PageLinks.java

@@ -26,6 +26,7 @@ public class PageLinks {
   public static final String SETTINGS = "settings";
   public static final String SETTINGS_PREFERENCES = "settings,preferences";
   public static final String SETTINGS_SSHKEYS = "settings,ssh-keys";
+  public static final String SETTINGS_HTTP_PASSWORD = "settings,http-password";
   public static final String SETTINGS_WEBIDENT = "settings,web-identities";
   public static final String SETTINGS_MYGROUPS = "settings,group-memberships";
   public static final String SETTINGS_AGREEMENTS = "settings,agreements";

gerrit-common/src/main/java/com/google/gerrit/common/data/AccountSecurity.java

@@ -49,6 +49,10 @@ public interface AccountSecurity extends RemoteJsonService {
   void generatePassword(AccountExternalId.Key key,
       AsyncCallback<AccountExternalId> callback);
 
+  @SignInRequired
+  void clearPassword(AccountExternalId.Key key,
+      AsyncCallback<AccountExternalId> gerritCallback);
+
   @SignInRequired
   void myExternalIds(AsyncCallback<List<AccountExternalId>> callback);