MergeRequest#number_of_potential_approvers doesn't exclude blocked users

Similarly to gitlab-org/gitlab-ce#21650, it seems that blocked users are note excluded from MergeRequest#number_of_potential_approvers:

def number_of_potential_approvers
  has_access = ['access_level > ?', Member::REPORTER]
  wheres = [
    "id IN (#{overall_approvers.select(:user_id).to_sql})",
    "id IN (#{project.members.where(has_access).select(:user_id).to_sql})"
  ]

  if project.group
    wheres << "id IN (#{project.group.members.where(has_access).select(:user_id).to_sql})"
  end

  User.where("(#{wheres.join(' OR ')}) AND id NOT IN (#{approvals.select(:user_id).to_sql}) AND id != #{author.id}").count
end

Simple fix is to change the last line to:

User.where(state: :active).where("(#{wheres.join(' OR ')}) AND id NOT IN (#{approvals.select(:user_id).to_sql}) AND id != #{author.id}").count

This is a very minor security issue since the worst-case scenario would be that the MR gets 'stuck' in a state where it can't be approved since we think there are enough approvers when there are not (e.g. we require 2 approvals but the project has only a developer and a blocked developer).

/cc @nick.thomas