backends: Implementation of restricting certain backends by plan.

Only affects zulipchat, by being based on the BILLING_ENABLED setting.

The restricted backends in this commit are
- AzureAD - restricted to Standard plan
- SAML - restricted to Plus plan, although it was already practically
  restricted due to requiring server-side configuration to be done by us

This restriction is placed upon **enabling** a backend - so
organizations that already have a backend enabled, will continue to be
able to use it. This allows us to make exceptions and enable a backend
for an org manually via the shell, and to grandfather organizations into
keeping the backend they have been relying on.

zerver/lib/server_initialization.py

@@ -14,7 +14,7 @@ from zerver.models import (
 )
 from zerver.models.clients import get_client
 from zerver.models.users import get_system_bot
-from zproject.backends import all_implemented_backend_names
+from zproject.backends import all_default_backend_names
 
 
 def server_initialized() -> bool:
@@ -41,11 +41,10 @@ def create_internal_realm() -> None:
     create_system_user_groups_for_realm(realm)
     set_default_for_realm_permission_group_settings(realm)
 
-    # We create realms with all authentications methods enabled by default.
     RealmAuthenticationMethod.objects.bulk_create(
         [
             RealmAuthenticationMethod(name=backend_name, realm=realm)
-            for backend_name in all_implemented_backend_names()
+            for backend_name in all_default_backend_names()
         ]
     )