Remove fully-authenticated requirement

Additional testing revealed an issue with Github-based accounts.  When
such an account was logged in for a while, they eventually lost their
'fully-authenticated' status and would be forced to re-connect with
Github, which was an unexpected behavior. Furthermore, even if you went
through that process, you wouldn't become fully-authenticated
afterwards.

Instead of spending time to investigate this behavior, I've decided to
revert to the convention used by the 'change password' functionality,
which doesn't require this additional permission.

src/Packagist/WebBundle/Controller/UserController.php

@@ -299,7 +299,6 @@ class UserController extends Controller
      */
     public function enableTwoFactorAuthAction(Request $req, User $user)
     {
-        $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
         if ($user->getId() !== $this->getUser()->getId()) {
             throw new AccessDeniedException('You cannot change this user\'s two-factor authentication settings');
         }
@@ -363,7 +362,6 @@ class UserController extends Controller
      */
     public function disableTwoFactorAuthAction(Request $req, User $user)
     {
-        $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
         if (!($this->isGranted('ROLE_DISABLE_2FA') || $user->getId() === $this->getUser()->getId())) {
             throw new AccessDeniedException('You cannot change this user\'s two-factor authentication settings');
         }