Skip to content
Snippets Groups Projects
Commit a60e81ab authored by Jason Colyer's avatar Jason Colyer
Browse files

Break out Zendesk Global 2FA flow into its own form

parent a3d7369e
No related branches found
No related tags found
Loading
......@@ -1710,6 +1710,18 @@ So an example:
- a link to merge request 27 on project jcolyer/most_amazing_project_ever would
be: `jcolyer_most_amazing_project_ever_merge_requests_27`
</details>
<details>
<summary>2FA Removal ticket related</summary>
| Tag | What it means |
|----------------------------|---------------|
| `process_2fa_ticket` | The request was processed by the Ticket Processor |
| `2fa_user_not_entitled` | The self removal request was rejected |
| `2fa_owner_not_entitled` | The group owner request was rejected |
| `2fa_challenge_questions` | The self removal request was approved and sent the challenge questions |
| `2fa_snippet_verification` | The group owner request was approved and sent the snipper verification information |
</details>
## Zendesk US Federal common tags
......
......@@ -19,6 +19,7 @@ the variables passed to it from the Zendesk trigger.
Currently, the ticket processor actions on the following:
- [Process 2FA Removal tickets](#process-2fa-removal-tickets)
- [Autowork account blocked requests](#autowork-account-blocked-requests)
- [Autowork account locked requests](#autowork-account-locked-requests)
- [Autowork email suppression requests](#autowork-email-suppression-requests)
......@@ -28,6 +29,39 @@ Currently, the ticket processor actions on the following:
- [Add tags on Zendesk tickets when a STAR is made on them](#add-tags-on-zendesk-tickets-when-a-star-is-made-on-them)
- [Add ticket weighting values to Zendesk tickets](#add-ticket-weighting-values-to-zendesk-tickets)
### Process 2FA Removal tickets
This checks the request itself to determine the eligiblity status. Depending on
the determination, it adds a tag to the ticket (which will fire a corresponding
Zendesk trigger).
- If the request is to remove the requester's 2FA:
- The user has support entitlement for the request
- The tag `2fa_challenge_questions` is added, which causes the trigger
[Post 2FA challenge questions](https://gitlab.com/gitlab-com/support/zendesk-global/triggers/-/blob/master/2FA/Post%202FA%20challenge%20questions.md?ref_type=heads)
to fire
- The user does not have support entitlement for the request
- The tag `2fa_user_not_entitled` is added, which causes the trigger
[Close 2FA ticket due to user not entitled](https://gitlab.com/gitlab-com/support/zendesk-global/triggers/-/blob/master/2FA/Close%202FA%20ticket%20due%20to%20user%20not%20entitled.md?ref_type=heads)
to fire
- If the request is to remove another user's 2FA:
- Checks the following criteria
- Does the requester have support entitlement for the request?
- Is the domain of the requester's email an exact match for the domain of
the target's email?
- Does the requester have a gitlab.com account?
- Does the target have a gitlab.com account?
- Is the requester an `Owner` on a top-level paid namespace?
- Is the target a member under the top-level paid namespace?
- If it passed all checks:
- The tag `2fa_snippet_verification` is added, which causes the trigger
[Post 2FA snippet verification](https://gitlab.com/gitlab-com/support/zendesk-global/triggers/-/blob/master/2FA/Post%202FA%20snippet%20verification.md?ref_type=heads)
to fire
- If it fails any checks:
- The tag `2fa_owner_not_entitled` is added, which causes the trigger
[Close 2FA ticket due to owner not entitled](https://gitlab.com/gitlab-com/support/zendesk-global/triggers/-/blob/master/2FA/Close%202FA%20ticket%20due%20to%20owner%20not%20entitled.md?ref_type=heads)
to fire
### Autowork account blocked requests
This checks the account status of a gitlab.com user. Depending on the status,
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment