Empty subgroups are accessible, but not listed w/o replicating group sharing of the parent (sub)group

Summary

A user U is a member of some group X. The group X is added as a member of another group Y. The group Y has empty subgroups.

When the user U logs in and navigates to the group Y's page, only those subgroups of Y are shown in the Subgroups and projects section that have the user U or its group X as an explicit member OR are non-empty (i.e. have projects or subgroups).

But even those empty subgroups of Y that are not shown on the group Y's page are still accessible to the user U when navigated to directly.

Steps to reproduce

Consider an org model:

org_root/
- users/
  - group1/
- public/
  - subgroup1/
  - subgroup2/
  - subgroup3/
    - project3.1
- restricted/

create the org model as shown above
add user U to org_root/ with Minimal Access
add user U to /users/group1/ with Maintainer access
add /users/group1/ as a member to public/
add /users/group1/ as a member to public/subgroup2

Example Project

N/A

What is the current bug behavior?

When GitLab's page for /org_root/public/ is opened, only subgroup2/ and subgroup3/ entries are listed for the user U.

But despite subgroup1/ not being listed, it can still be opened directly by navigating to /org_root/public/subgroup1/.

What is the expected correct behavior?

All subgroups (including subgroup1) should be listed for the user U on the /org_root/public/'s page.

Relevant logs and/or screenshots

N/A

Output of checks

This bug happens on GitLab.com

Results of GitLab environment info

N/A

Results of GitLab application Check

Possible fixes

N/A

Edited Oct 30, 2021 by Dmitry Radzevich (MST)