When a user without a SSO session attempted to access anything in a SAML
group, previously GitLab would redirect the user back to the dashboard
and lose the original link. This was happening because the
wasn't being used since the
SessionsController#create took over. To
fix this, we have to do things:
RelayStatein the Devise session helper before the session is created.
ApplicationController#after_sign_in_path_forwill run and retrieve this value.
RelayStateis the right value. Previously this value would be set to the path of the project (e.g. mygroup/project), but this drops the full path that was being accessed. Now we retain the entire path so the
redirectparameter is passed on to the IdP properly.
Relates to #247674 (closed)