1 files changed, 17 insertions, 9 deletions

diff --git a/app/services/members/destroy_service.rb b/app/services/members/destroy_service.rb
index b77485ce744..e432016795d 100644
--- a/app/services/members/destroy_service.rb
+++ b/app/services/members/destroy_service.rb
@@ -4,7 +4,15 @@ module Members
   class DestroyService < Members::BaseService
     include Gitlab::ExclusiveLeaseHelpers
 
-    def execute(member, skip_authorization: false, skip_subresources: false, unassign_issuables: false, destroy_bot: false)
+    def execute(
+      member,
+      skip_authorization: false,
+      skip_subresources: false,
+      unassign_issuables: false,
+      destroy_bot: false,
+      skip_saml_identity: false
+    )
+
       unless skip_authorization
         raise Gitlab::Access::AccessDeniedError unless authorized?(member, destroy_bot)
 
@@ -15,10 +23,10 @@ module Members
       @skip_auth = skip_authorization
 
       if a_group_owner?(member)
-        process_destroy_of_group_owner_member(member, skip_subresources)
+        process_destroy_of_group_owner_member(member, skip_subresources, skip_saml_identity)
       else
         destroy_member(member)
-        destroy_data_related_to_member(member, skip_subresources)
+        destroy_data_related_to_member(member, skip_subresources, skip_saml_identity)
       end
 
       enqueue_jobs_that_needs_to_be_run_only_once_per_hierarchy(member, unassign_issuables)
@@ -47,7 +55,7 @@ module Members
       @recursive_call == true
     end
 
-    def process_destroy_of_group_owner_member(member, skip_subresources)
+    def process_destroy_of_group_owner_member(member, skip_subresources, skip_saml_identity)
       # Deleting 2 different group owners via the API in quick succession could lead to
       # wrong results for the `last_owner?` check due to race conditions. To prevent this
       # we wrap both the last_owner? check and the deletes of owners within a lock.
@@ -61,23 +69,23 @@ module Members
       end
 
       # deletion of related data does not have to be within the lock.
-      destroy_data_related_to_member(member, skip_subresources) unless last_group_owner
+      destroy_data_related_to_member(member, skip_subresources, skip_saml_identity) unless last_group_owner
     end
 
     def destroy_member(member)
       member.destroy
     end
 
-    def destroy_data_related_to_member(member, skip_subresources)
+    def destroy_data_related_to_member(member, skip_subresources, skip_saml_identity)
       member.user&.invalidate_cache_counts
-      delete_member_associations(member, skip_subresources)
+      delete_member_associations(member, skip_subresources, skip_saml_identity)
     end
 
     def a_group_owner?(member)
       member.is_a?(GroupMember) && member.owner?
     end
 
-    def delete_member_associations(member, skip_subresources)
+    def delete_member_associations(member, skip_subresources, skip_saml_identity)
       if member.request? && member.user != current_user
         notification_service.decline_access_request(member)
       end
@@ -86,7 +94,7 @@ module Members
       delete_project_invitations_by(member) unless skip_subresources
       resolve_access_request_todos(member)
 
-      after_execute(member: member)
+      after_execute(member: member, skip_saml_identity: skip_saml_identity)
     end
 
     def authorized?(member, destroy_bot)