Add tracking to the phone_verification_for_low_risk_users experiment
What does this MR do and why?
Add tracking to the phone_verification_for_low_risk_users experiment
- when finishing registration
- when creating a namespace
- when banning a user
Issue: https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/264
How to set up and validate locally
-
Enable identity verification and the experiment in the console (the Arkose Labs public and private API keys can be found in the 1Password Engineering Vault entry named ArkoseLabs API keys > GITLAB - DEVELOPMENT - REGISTRATION FLOW):
Feature.enable(:phone_verification_for_low_risk_users) Feature.enable(:identity_verification) Feature.enable(:identity_verification_phone_number) Feature.enable(:arkose_labs_signup_challenge) ApplicationSetting.current.update(email_confirmation_setting: 2, require_admin_approval_after_user_signup: false) ApplicationSetting.current.update(arkose_labs_public_api_key: '***', arkose_labs_private_api_key: '***', arkose_labs_namespace: 'client') -
Create a new account on http://localhost:3000/users/sign_up
-
Update the arkose risk score of the new user to
LowUser.last.custom_attributes.by_key(UserCustomAttribute::ARKOSE_RISK_BAND).update(value: 'Low') -
Refresh the page (
http://localhost:3000/users/identity_verification) and verify the user needs to verify both phone number and email:
-
Open Snowplow Micro page on http://localhost:9091/micro/good and verify assignment event has been tracked
-
Repeat after creating a group during registration and after banning
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.