WIP: Prototype/experiment for GroupSAML SSO Enforcement
What does this MR do?
I've been experimenting locally with a prototype for https://gitlab.com/gitlab-org/gitlab-ee/issues/5291
So far it mostly covers "SSO enforcement prevents access to basic group resources" but I'll probably update it as I experiment.
- Group level access enforcement through UI
- Project level access enforcement through UI
- Redirect to sign in page when UI access prevented
- Background SSO session required for non-UI access. This covers enforcement for git access over SSH, but might also work for API access.
- Displays a different error message when Git access requires a new SSO session.
This MR will be closed in favour of new MRs as progress is made.
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
- Changelog entry added, if necessary
- Documentation created/updated via this MR
- Tests added for this feature/bug
- Tested in all supported browsers
- Conforms to the code review guidelines
- Conforms to the merge request performance guidelines
- Conforms to the style guides
- Conforms to the database guides
- Link to e2e tests MR added if this MR has Requires e2e tests label. See the Test Planning Process.
EE specific content should be in the top level
- For a paid feature, have we considered GitLab.com plans, how it works for groups, and is there a design for promoting it to users who aren't on the correct plan?
- Security reports checked/validated by reviewer