Improve handling of hidden merge requests on merge request dashboard

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Details

Expired SAML logins leads to incorrect counts of merge requests on the MR homepage as the ones that require authentication are hidden. It's not immediately clear that they are hidden due to the need to re-authenticate, because the banner is so far from the list and there's a message saying No merge requests match this list. .

Impact

• Recent investigation with a engineers revealed that every SAML user could potentially be experiencing this issue - a significant difference from our previous assumption that it primarily affected GitLab team members only.
• This represents a much broader impact than initially understood.

Proposal

Ideal experience would be to fix this issue everywhere, not just in the MR homepage, which is being explored in #571169.

If we need to do our own workaround:

• Handle this better by still displaying the merge request but redact any of the sensitive content, similar to what was implemented here !189180 (merged). (Currently not possible: The merge request homepage does not throw an error like on work items, the query the homepage does just simply filters out the data that can't be read by the current user.)