Owner Adding LDAP Group Links for 'admin' group can Result in 404
Summary
When managing the LDAP groups associated with a group containing the word 'admin' as a non-admin user, a 404 will occur
Steps to Reproduce
- Create a new group called 'gitlab-admin'
- Add a non-admin user to the group members as an Owner
- Log in as same non-admin user
- Navigate to 'gitlab-admin' group
- Proceed to change the LDAP groups associated with 'gitlab-admin' group
- Click 'Add Synchronisation'
Expected result
LDAP link created and redirected to 'gitlab-admin' group show page
Actual result
LDAP link created and 404 results
Additional Information
The presence of the word 'admin' within the group name causes this bug due to the following condition in the Groups::LdapGroupLinksController: https://gitlab.com/gitlab-org/gitlab-ee/blob/7d6759719999d4009f9b1b2db993275d97d280e9/app/controllers/groups/ldap_group_links_controller.rb#L14
Due to the word 'admin' we attempt to redirect back to the admin group page rather than the regular show page. The 404 results due to a failed authorisation check against the user to access the admin page: https://gitlab.com/gitlab-org/gitlab-ee/blob/7d6759719999d4009f9b1b2db993275d97d280e9/app/controllers/admin/application_controller.rb#L9-11
Relevant Zendesk ticket: https://gitlab.zendesk.com/agent/tickets/30856