Access not restricted when user is moved to different LDAP group.

Moving a user from an LDAP group to a different LDAP group with less permissions on that same GitLab group, doesn't change the users access to that group. The other way around works fine, i.e. moving the user to a less restricted LDAP group.

I moved a user from an LDAP group with developer permissions to an LDAP group with reporter permissions on that same GitLab group. When viewing the group user still shows as being Developer, and can also still push code.

Logging out and back in doesn't help. The only was is for a user to click the "Leave" button on the group and then log in again.

This was previously discussed in https://gitlab.com/gitlab-org/gitlab-ee/issues/159 with @dblessing.

Admin message

Admin message

Access not restricted when user is moved to different LDAP group.