Auto-ban spammers when reported by a GitLab employee
What does this MR do and why?
Describe in detail what your merge request does and why.
The MR adds a background job that runs when abuse reports are created. If an unpaid user is reported as a spammer by a GitLab employee the user will be automatically banned.
Related issues:
- https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/361
- https://gitlab.com/gitlab-com/gl-security/security-operations/trust-and-safety/tines-stories/-/issues/9
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
-
Ensure GDK is running with the environment variable
GITLAB_SIMULATE_SAAS=true
exported in the environment. -
As a regular create the
gitlab-com
group at the top level. -
Tail the relevant sidekiq logs
tail -f /path/to/GDK/gitlab/log/sidekiq.log | grep NewAbuseReportWorker
-
As the same user who created the
gitlab-com
group (or a regular user you added to that group) report abuse for another user (i.e. http://gdk.test:3000/cody_fay0). The user should be reported for creating spam. -
After submitting the report you should see the job queued and completed in the sidekiq logs.
-
Verify that the user is banned in the admin UI.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.