Merge branch 'fix_stale_last_owner' into 'master'

Prevent stale data in LDAP group sync last owner check

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/17764

Customers were reporting that LDAP group sync would occasionally remove the last owner of a group. This didn't seem right (we have tests for this) so I dug in to see what was going on. Previously `owners` was a memoized method which was the reason for stale data. Now, it's an AR association and the same problem applies. The easiest solution is to reload the model before checking for last owner. 

See merge request !529

CHANGELOG-EE

@@ -3,6 +3,9 @@ Please view this file on the master branch, on stable branches it's out of date.
 v 8.10.0 (unreleased)
   - Rename Git Hooks to Push Rules
 
+v 8.9.5
+  - Prevent stale data in LDAP group sync last owner check.
+
 v 8.9.4
   - Improve how File Lock feature works with nested items. !497
 

lib/gitlab/ldap/group_sync.rb

@@ -304,6 +304,11 @@ module Gitlab
             next
           end
 
+          # Since we're removing users in this loop, `group.reload`
+          # before checking `last_owner?` to prevent stale owner information.
+          # Without a reload, this check would return a false negative.
+          group.reload
+
           # Check and update the access level. If `desired_access` is `nil`
           # we need to delete the user from the group.
           if desired_access.present?