Avoid incorrectly unblocking SAML users via `required_groups`
What
Update SAML sign in to only unblock users that could have been blocked by SAML.
Why
Manually blocked users were incorrectly getting unblocked on SAML sign in. This was because we were blocking them as ldap_block but unblocking indiscriminately whenever the required_groups condition was met.
Related
The feature was introduced in https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/3223.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/45525
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Tests added for this feature/bug
Edited by James Edwards-Jones