Review: Allow Duplicate Email for Members (#16202)

* init

* Aligned default values on security settings.

* Added validator for security settings.

* Provide default implementation for get members by email.

* Refactored constructor of MemberController.

* Validate on unique member email only when configured to do so.

* Further code tidy and use of DI in constructor.

* Used new constructor in tests.

* Add unit test for modified behaviour.

* Removed validator for security settings (it's not necessary, I got confused with users and members).

* Spelling.

---------

Co-authored-by: Andy Butland <abutland73@gmail.com>

src/Umbraco.Core/Configuration/Models/SecuritySettings.cs

@@ -19,6 +19,8 @@ public class SecuritySettings
     internal const bool StaticAllowEditInvariantFromNonDefault = false;
     internal const bool StaticAllowConcurrentLogins = false;
     internal const string StaticAuthCookieName = "UMB_UCONTEXT";
+    internal const bool StaticUsernameIsEmail = true;
+    internal const bool StaticMemberRequireUniqueEmail = true;
 
     internal const string StaticAllowedUserNameCharacters =
         "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-._@+\\";
@@ -58,7 +60,14 @@ public class SecuritySettings
     /// <summary>
     ///     Gets or sets a value indicating whether the user's email address is to be considered as their username.
     /// </summary>
-    public bool UsernameIsEmail { get; set; } = true;
+    [DefaultValue(StaticUsernameIsEmail)]
+    public bool UsernameIsEmail { get; set; } = StaticUsernameIsEmail;
+
+    /// <summary>
+    ///     Gets or sets a value indicating whether the member's email address must be unique.
+    /// </summary>
+    [DefaultValue(StaticMemberRequireUniqueEmail)]
+    public bool MemberRequireUniqueEmail { get; set; } = StaticMemberRequireUniqueEmail;
 
     /// <summary>
     ///     Gets or sets the set of allowed characters for a username