settings: fix incorrect implementation of conditional user creation.

The change that implemented #3648 (7c099fef5e) was incorrect, and resulted
in disabling every user at startup.

The problem was twofold:
1. _.filter() on an object returns an array of the object's enumerable values
   and strips out the keys, see: https://stackoverflow.com/questions/11697702/how-to-use-underscore-js-filter-with-an-object
   To filter an object, the function that needs to be used is _.pick();

2. The logic condition on userProperties.password was plain wrong (it should
   have been an AND instead of an OR).

This change corrects 1) and 2), and writes more specific logs when something
goes wrong.

Closes #3661.

src/node/utils/Settings.js

@@ -637,14 +637,21 @@ exports.reloadSettings = function reloadSettings() {
      * This is used by the settings.json in the default Dockerfile to eschew
      * creating an admin user if no password is set.
      */
-    var filteredUsers = _.filter(exports.users, function(userProperties, username) {
+    var filteredUsers = _.pick(exports.users, function(userProperties, username) {
-      if ((userProperties.hasOwnProperty("password")) || userProperties.password !== null) {
+      if (userProperties.hasOwnProperty("password") === false) {
-        return true;
+        console.warn(`Removing user "${username}", because it has no "password" field.`);
+
+        return false;
       }
 
-      console.warn(`The password for ${username} is null. This means the user must not be created. Removing it.`);
+      if (userProperties.password === null) {
+        console.warn(`Removing user "${username}", because its password is null.`);
 
-      return false;
+        return false;
+      }
+
+      // This user has a password, and its password is not null. Keep it.
+      return true;
     });
 
     exports.users = filteredUsers;