SAML SSO for GitLab.com hides Issues/Todos in Dashboards
Current plan
Implement a banner at the top of the respective pages if a user has an Group SAML identity and no active session, like we do on the Todos page.
Original description
When a user is a member of a group with SAML SSO for GitLab.com enabled, and hasn't visited a group-level page yet, the issues related to that group are hidden.
Steps to reproduce for GitLab team members
- Add a issue to https://gitlab.com/internal-handbook/internal-handbook.gitlab.io/-/issues/
- Logout
- Login again but do not visit any internal handbook related page (Important so that you don't get the SSO prompt / authentication)
- Head over to https://gitlab.com/dashboard/issues?sort=due_date&state=opened&assignee_username\[\]={YOUR_USERNAME}
- The count of the open issues assigned to you would be different than the actual issues visible
Proposal
Similar to the proposal mentioned <del data-sourcepos="19:40-19:47">here</del> let the user know that their SAML SSO session has expired and ask the user to sign in again to see the issue
- Show issues in the Dashboard even if there is no valid SSO session. The information in the Dashboard is minimal and viewing the full Issue requires a valid SSO session.
- Show todos in the Dashboard even if there is no valid SSO session. This means we can also remove the "hint" code added to address https://gitlab.com/gitlab-org/gitlab/-/issues/389379+
Edited by Drew Blessing