Indicate user was banned only when auto-ban setting is enabled
Resolves: https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/46
What does this MR do and why?
Update the email sent to application admins and namespace owners to indicate that the user was auto-banned only when auto-ban setting is enabled.
Screenshots or screen recordings
auto-ban enabled | auto-ban disabled |
---|---|
![]() |
![]() |
How to set up and validate locally
Validate that email contains correct contents when a user exceeds application-wide projects download throttling threshold
- Configure application-wide projects download throttling:
$ rails console > ApplicationSetting.first.update({ max_number_of_repository_downloads: 1, max_number_of_repository_downloads_within_time_period: 60, auto_ban_user_on_excessive_projects_download: true })
- Create a private top-level group and two projects under the group
- Add a user as a developer to the group
- Execute
Users::Abuse::ExcessiveProjectsDownloadBanService
for each project> rails console > user = User.find(<id_of_developer_user>) > project1 = Project.find(<id_of_first_project>) > project2 = Project.find(<id_of_second_project>) > Users::Abuse::ExcessiveProjectsDownloadBanService.execute(user, project1) => {:banned=>false} > Users::Abuse::ExcessiveProjectsDownloadBanService.execute(user, project2) => {:banned=>true}
- Check the sent email in http://localhost:3000/rails/letter_opener
- Validate that the email indicates the user was auto-banned
- Unban the user
> rails console > User.find(<id_of_developer_user>).unban => true
- Disable auto-banning
$ rails console > ApplicationSetting.first.update({ auto_ban_user_on_excessive_projects_download: false })
- Execute
Users::Abuse::ExcessiveProjectsDownloadBanService
for each project> rails console > user = User.find(<id_of_developer_user>) > project1 = Project.find(<id_of_first_project>) > project2 = Project.find(<id_of_second_project>) > Users::Abuse::ExcessiveProjectsDownloadBanService.execute(user, project1) => {:banned=>false} > Users::Abuse::ExcessiveProjectsDownloadBanService.execute(user, project2) => {:banned=>false}
- Check the sent email in http://localhost:3000/rails/letter_opener
- Validate that the email does not indicate the user was auto-banned
Validate that email contains correct contents when a user exceeds namespace-wide projects download throttling threshold
- Create a private top-level group and two projects under the group
- Configure namespace-wide projects download throttling:
$ rails console > group = Group.find(<id_of_your_group>) > group.namespace_settings.update({ unique_project_download_limit: 1, unique_project_download_limit_interval_in_seconds: 60, auto_ban_user_on_excessive_projects_download: true })
- Add a user as a developer to the group
- Execute
Users::Abuse::GitAbuse::NamespaceThrottleService
for each project> rails console > user = User.find(<id_of_developer_user>) > project1 = Project.find(<id_of_first_project>) > project2 = Project.find(<id_of_second_project>) > Users::Abuse::GitAbuse::NamespaceThrottleService.execute(project1, user) => {:banned=>false} > Users::Abuse::ExcessiveProjectsDownloadBanService.execute(project2, user) => {:banned=>true}
- Check the sent email in http://localhost:3000/rails/letter_opener
- Validate that the email indicates the user was auto-banned
- Unban the user
> rails console > ::Namespaces::NamespaceBan.destroy_all
- Disable auto-banning
$ rails console > group = Group.find(<id_of_your_group>) > group.namespace_settings.update({ auto_ban_user_on_excessive_projects_download: false })
- Execute
Users::Abuse::GitAbuse::NamespaceThrottleService
for each project> rails console > user = User.find(<id_of_developer_user>) > project1 = Project.find(<id_of_first_project>) > project2 = Project.find(<id_of_second_project>) > Users::Abuse::GitAbuse::NamespaceThrottleService.execute(project1, user) => {:banned=>false} > Users::Abuse::ExcessiveProjectsDownloadBanService.execute(project2, user) => {:banned=>false}
- Check the sent email in http://localhost:3000/rails/letter_opener
- Validate that the email does not indicate the user was auto-banned
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Michael Kozono