feat: Control the allowed login methods via Super Admin (#12892)

- Control the allowed authentication methods for a chatwoot installation
via super admin configs. [SAML, Google Auth etc]
------
[Codex
Task](https://chatgpt.com/codex/tasks/task_e_6917d503b6e48326a261672c1de91462)

---------

Co-authored-by: Pranav <pranav@chatwoot.com>
Co-authored-by: Sivin Varghese <64252451+iamsivin@users.noreply.github.com>

app/models/installation_config.rb

@@ -23,6 +23,7 @@ class InstallationConfig < ApplicationRecord
 
   before_validation :set_lock
   validates :name, presence: true
+  validate :saml_sso_users_check, if: -> { name == 'ENABLE_SAML_SSO_LOGIN' }
 
   # TODO: Get rid of default scope
   # https://stackoverflow.com/a/1834250/939299
@@ -54,4 +55,11 @@ class InstallationConfig < ApplicationRecord
   def clear_cache
     GlobalConfig.clear_cache
   end
+
+  def saml_sso_users_check
+    return unless value == false || value == 'false'
+    return unless User.exists?(provider: 'saml')
+
+    errors.add(:base, 'Cannot disable SAML SSO login while users are using SAML authentication')
+  end
 end