Avoid or cache `root_ancestor` lookups when checking SSO enforcement

Why

When looking up SSO enforcement we need to check the saml_provider for the root group. This means that whenever accessing a resource, such as an issue or epic, we need to first find the root group. This adds additional SQL queries creating a performance penalty.

If we temporarily increase the SQL count in tests to fix https://gitlab.com/gitlab-org/gitlab-ee/issues/11535 then we need to make sure we resolve this.

What

Either cache the group.root_ancestor lookups per request cycle, store them permenantly, re-work the SamlProvider lookup to not need this, or find a way to avoid them.