fix(signup): normalize account signup config checks (#13745)

This makes account signup enforcement consistent when signup is disabled
at the installation level. Email signup and Google signup now stay
blocked regardless of whether the config value is stored as a string or
a boolean.

This effectively covers the config-loader path, where `YAML.safe_load`
reads `value: false` from `installation_config.yml` as a native boolean
and persists it that way.

- Normalized the account signup check so disabled signup is handled
consistently across config value types.
- Reused the same check across API signup and Google signup entry
points.
- Added regression coverage for the disabled-signup cases in the
existing controller specs.

---------

Co-authored-by: Vishnu Narayanan <iamwishnu@gmail.com>

spec/controllers/devise/omniauth_callbacks_controller_spec.rb

@@ -106,6 +106,26 @@ RSpec.describe 'DeviseOverrides::OmniauthCallbacksController', type: :request do
       end
     end
 
+    it 'blocks signup if config is stored as boolean false' do
+      GlobalConfig.clear_cache
+      InstallationConfig.where(name: 'ENABLE_ACCOUNT_SIGNUP').delete_all
+      InstallationConfig.create!(name: 'ENABLE_ACCOUNT_SIGNUP', value: false, locked: false)
+
+      with_modified_env FRONTEND_URL: 'http://www.example.com' do
+        set_omniauth_config('does-not-exist-for-sure@example.com')
+        allow(email_validation_service).to receive(:perform).and_return(true)
+
+        get '/omniauth/google_oauth2/callback'
+
+        expect(response).to redirect_to('http://www.example.com/auth/google_oauth2/callback')
+        follow_redirect!
+        expect(response).to redirect_to(%r{/app/login\?error=no-account-found$})
+      end
+    ensure
+      InstallationConfig.where(name: 'ENABLE_ACCOUNT_SIGNUP').delete_all
+      GlobalConfig.clear_cache
+    end
+
     it 'allows login' do
       with_modified_env FRONTEND_URL: 'http://www.example.com' do
         create(:user, email: 'test@example.com')