Allow explicitly trusting users for spam bypass (!123430) · Merge requests · GitLab.org / GitLab

Ethan Urie requested to merge eurie-allow-trusting-users into master Jun 12, 2023

What does this MR do and why?

See https://gitlab.com/gitlab-org/gl-security/security-engineering/security-automation/spam/spamcheck/-/issues/17

There are legitimate users who get blocked by Spamcheck. Trust & Safety wants the ability to explicitly trust users to bypass Spamcheck blocking.

This uses the UserCustomAttributes to indicate a user's allowed to create spam-like objects because we trust them.

UI to expose this ability will be in a follow-up MR.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Jun 21, 2023 by Vasilii Iakliushin

Allow explicitly trusting users for spam bypass

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports