FIX: Don't create email invites when SSO is on or local logins are off (#11951)

A more general, lower-level change in addition to #11950.

Most code paths already check if SSO is enabled or if local logins are disabled before trying to create an email invite.
This is a safety net to ensure no invalid invites sneak by. 

Also includes:
FIX: Don't allow to bulk invite when SSO is on (or when local logins are disabled)
This mirrors can_invite_to_forum? and other email invite code paths.

app/models/invite.rb

@@ -39,6 +39,7 @@ class Invite < ActiveRecord::Base
 
   validate :ensure_max_redemptions_allowed
   validate :user_doesnt_already_exist
+  validate :ensure_no_invalid_email_invites
   attr_accessor :email_already_exists
 
   scope :single_use_invites, -> { where('invites.max_redemptions_allowed = 1') }
@@ -355,6 +356,16 @@ class Invite < ActiveRecord::Base
       end
     end
   end
+
+  def ensure_no_invalid_email_invites
+    return if email.blank?
+
+    if SiteSetting.enable_sso?
+      errors.add(:email, I18n.t("invite.disabled_errors.sso_enabled"))
+    elsif !SiteSetting.enable_local_logins?
+      errors.add(:email, I18n.t("invite.disabled_errors.local_logins_disabled"))
+    end
+  end
 end
 
 # == Schema Information