As removing users is an action that can't be undone, it's more secure to ask for a password confirmation in the UI.
This will prevent accidentally removing users and will make it e.g. impossible to use an active session of someone else to remove users without knowing his password.
Note: This PR also improves the error handling of bulk requests in AjaxHandler. When e.g. removing multiple users, this is done in a bulk request. If an error occurs (like incorrect password), an error notification was previously created containing each error response of the bulk request. This could e.g. cause that the incorrect password error was show hundreds of times in the error notification. With the changes in this PR, the error messages will be counted and only printed once (together with the count).
I noticed the password confirmation dialog 'No' button is missing it's formatting.
(plugins/CorePluginsAdmin/vue/src/PasswordConfirmation.vue line 37, the no button link is missing the btn-flat class)
Not caused by this PR but maybe could be fixed here?
I wasn't sure, if that was done on purpose before. But I'll push a change nevertheless. Guess it looks better if the button is displayed correctly.