Optimize LDAP sync/allowed queries
Zendesk issue: https://gitlab.zendesk.com/agent/tickets/15439
Anytime Gitlab::LDAP::Access.allowed?(user)
is called we're doing a crazy number of queries especially when it gets to the group link/admin group portion. In cases of smaller LDAP servers and cases where users are not in many groups you don't notice how inefficient it is. When you use this in an organization where there are 10's of thousands of users and thousands of groups this single method call can take minutes.
We need to profile and see what all is being queried. Then, how can we optimize that? We need to think not just about the single call but about having this method called over and over, once for each user. It's called once for each user both on LdapSyncWorker run and after sync_time
(default to 1 hour) when the user next makes a request to GitLab.
cc/ @jacobvosmaer