Minimal Access - Members are not listed in SAML

Summary

Members that are assigned with Minimal Access in root group are not listed at SAML SSO -> Members. This still applies if the member is assigned with higher privileges in a subgroup.

Steps to reproduce

  1. Activate SAML -> Maybe even enforce SAML
  2. Assign member with Minimal Access
  3. Assign member with higher privileges in Subgroup
  4. Member can sign in with SAML
  5. Member is not listed in SAML member list

Example Project

Sadly I can't give you an example project with SAML but if possible you can have a look our group https://gitlab.my.salesforce.com/0064M00000XYT8k

What is the current bug behavior?

User who are able to login through SAML are not listed in SAML member list.

What is the expected correct behavior?

All users that are able to login and linked with SAML are listed on the SAML member list

Relevant logs and/or screenshots

image

Output of checks

This bug happens on GitLab.com

Results of GitLab environment info

Expand for output related to GitLab environment info 
(For installations with omnibus-gitlab package run and paste the output of:
`sudo gitlab-rake gitlab:env:info`)

(For installations from source run and paste the output of:
`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)

Results of GitLab application Check

Expand for output related to the GitLab application check 
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true)


(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true)


(we will only investigate if the tests are passing)

Possible fixes