Skip to content

Display abuse report notes (frontend)

Hinam Mehra requested to merge anti-abuse/168-display-abuse-report-notes into master

What does this MR do and why?

  • Resolves sub-task 3 of https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/168 and follows-up from !134343 (merged)
  • Displays notes on an abuse report. The note can be a standalone note, or it can be a thread. Abuse report notes don't need to internal/confidential since abuse reports are only viewed by gitlab admins. There are also aren't any system notes for abuse report at the moment, but we might in the future.
  • Currently, it does not take care of any pagination / sorting. That will be addressed in a follow-up MR.

Screenshots or screen recordings

Before After
before Screenshot_2023-10-23_at_5.03.58_pm

How to set up and validate locally

  1. In the rails console, enable the feature flag abuse_report_notes 
> Feature.enable(:abuse_report_notes)
  1. Log-in as root and navigate to /admin/abuse_reports and click on any abuse report. If there aren't any abuse reports available, you can create one:
AbuseReport.create(user_id: User.last.id, reporter_id: User.first.id, message: "obvious spam")
  1. Note the abuse report ID from the URL. For instance if the URL is http://127.0.0.1:3000/admin/abuse_reports/20 then the ID is 20.
4. Navigate to http://127.0.0.1:3000/-/graphql-explorer and run the following query to create a note for the abuse report 


fragment AbuseReportNote on Note {
  id
  body
  bodyHtml
  createdAt
  resolved
  userPermissions {
    adminNote
  }
  discussion {
    id
    notes {
      nodes {
        id
      }
    }
  }
}

mutation createAbuseReportNote($input: CreateNoteInput!) {
  createNote(input: $input) {
    note {
      id
      discussion {
        id
        notes {
          nodes {
            ...AbuseReportNote
          }
        }
      }
    }
    errors
  }
}

# QUERY VARIABLES
{
    "input": {
        "noteableId": "gid://gitlab/AbuseReport/<ID from step 3>",
        "body": "Comment 1",
        "discussionId": null,
        "internal": false
    }
}
  1. Navigate back to the abuse report and refresh. You should see a comment added on the page under the Activity tab.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Hinam Mehra

Merge request reports