Add autocomplete attribute to most password fields

Add the appropriate 'new-password' or 'current-password' autocomplete
attributes to the most common password fields. This ensures browser
autocomplete and password managers understand whether the field is
for current password or new password.

Changelog: security

app/views/admin/sessions/_new_base.html.haml

 = form_tag(admin_session_path, method: :post, class: 'new_user gl-show-field-errors', 'aria-live': 'assertive') do
   .form-group
     = label_tag :user_password, _('Password'), class: 'label-bold'
-    = password_field_tag 'user[password]', nil, class: 'form-control', required: true, title: _('This field is required.'), data: { qa_selector: 'password_field' }
+    = password_field_tag 'user[password]', nil, class: 'form-control', autocomplete: 'current-password', required: true, title: _('This field is required.'), data: { qa_selector: 'password_field' }
 
   .submit-container.move-submit-down
     = submit_tag _('Enter Admin Mode'), class: 'gl-button btn btn-success', data: { qa_selector: 'enter_admin_mode_button' }

app/views/admin/users/_form.html.haml

@@ -39,12 +39,12 @@
           .col-sm-2.col-form-label
             = f.label :password
           .col-sm-10
-            = f.password_field :password, disabled: f.object.force_random_password, class: 'form-control gl-form-input'
+            = f.password_field :password, disabled: f.object.force_random_password, autocomplete: 'new-password', class: 'form-control gl-form-input'
         .form-group.row
           .col-sm-2.col-form-label
             = f.label :password_confirmation
           .col-sm-10
-            = f.password_field :password_confirmation, disabled: f.object.force_random_password, class: 'form-control gl-form-input'
+            = f.password_field :password_confirmation, disabled: f.object.force_random_password, autocomplete: 'new-password', class: 'form-control gl-form-input'
 
     = render partial: 'access_levels', locals: { f: f }
 

app/views/devise/passwords/edit.html.haml

@@ -7,10 +7,10 @@
       = f.hidden_field :reset_password_token
       .form-group
         = f.label _('New password'), for: "user_password"
-        = f.password_field :password, class: "form-control gl-form-input top", required: true, title: _('This field is required.'), data: { qa_selector: 'password_field'}
+        = f.password_field :password, autocomplete: 'new-password', class: "form-control gl-form-input top", required: true, title: _('This field is required.'), data: { qa_selector: 'password_field'}
       .form-group
         = f.label _('Confirm new password'), for: "user_password_confirmation"
-        = f.password_field :password_confirmation, class: "form-control gl-form-input bottom", title: _('This field is required.'), data: { qa_selector: 'password_confirmation_field' }, required: true
+        = f.password_field :password_confirmation, autocomplete: 'new-password', class: "form-control gl-form-input bottom", title: _('This field is required.'), data: { qa_selector: 'password_confirmation_field' }, required: true
       .clearfix
         = f.submit _("Change your password"), class: "gl-button btn btn-confirm", data: { qa_selector: 'change_password_button' }
 

app/views/devise/sessions/_new_base.html.haml

@@ -4,7 +4,7 @@
     = f.text_field :login, value: @invite_email, class: 'form-control gl-form-input top', autofocus: 'autofocus', autocapitalize: 'off', autocorrect: 'off', required: true, title: _('This field is required.'), data: { qa_selector: 'login_field' }
   .form-group
     = f.label :password, class: 'label-bold'
-    = f.password_field :password, class: 'form-control gl-form-input bottom', required: true, title: _('This field is required.'), data: { qa_selector: 'password_field' }
+    = f.password_field :password, class: 'form-control gl-form-input bottom', autocomplete: 'current-password', required: true, title: _('This field is required.'), data: { qa_selector: 'password_field' }
   - if devise_mapping.rememberable?
     %div
       %label{ for: 'user_remember_me' }

app/views/devise/sessions/_new_crowd.html.haml

@@ -4,7 +4,7 @@
     = text_field_tag :username, nil, { class: "form-control top", title: _("This field is required."), autofocus: "autofocus", required: true }
   .form-group
     = label_tag :password
-    = password_field_tag :password, nil, { class: "form-control bottom", title: _("This field is required."), required: true }
+    = password_field_tag :password, nil, { autocomplete: 'current-password', class: "form-control bottom", title: _("This field is required."), required: true }
   - if devise_mapping.rememberable?
     .remember-me
       %label{ for: "remember_me" }

app/views/devise/sessions/_new_ldap.html.haml

@@ -8,7 +8,7 @@
     = text_field_tag :username, nil, { class: "form-control gl-form-input top", title: _("This field is required."), autofocus: "autofocus", data: { qa_selector: 'username_field' }, required: true }
   .form-group
     = label_tag :password
-    = password_field_tag :password, nil, { class: "form-control gl-form-input bottom", title: _("This field is required."), data: { qa_selector: 'password_field' }, required: true }
+    = password_field_tag :password, nil, { autocomplete: 'current-password', class: "form-control gl-form-input bottom", title: _("This field is required."), data: { qa_selector: 'password_field' }, required: true }
   - if !hide_remember_me && devise_mapping.rememberable?
     .remember-me
       %label{ for: "remember_me" }

app/views/devise/shared/_signup_box.html.haml

@@ -53,6 +53,7 @@
       = f.password_field :password,
         class: 'form-control gl-form-input bottom',
         data: { qa_selector: 'new_user_password_field' },
+        autocomplete: 'new-password',
         required: true,
         pattern: ".{#{@minimum_password_length},}",
         title: s_('SignUp|Minimum length is %{minimum_password_length} characters.') % { minimum_password_length: @minimum_password_length }

app/views/profiles/two_factor_auths/show.html.haml

@@ -50,7 +50,7 @@
           - if current_password_required?
             .form-group
               = label_tag :current_password, _('Current password'), class: 'label-bold'
-              = password_field_tag :current_password, nil, required: true, class: 'form-control gl-form-input', data: { qa_selector: 'current_password_field' }
+              = password_field_tag :current_password, nil, autocomplete: 'current-password', required: true, class: 'form-control gl-form-input', data: { qa_selector: 'current_password_field' }
               %p.form-text.text-muted
                 = _('Your current password is required to register a two-factor authenticator app.')
           .gl-mt-3