Exempt paid non-trial/enterprise users from identity verification
cc @gitlab-org/modelops/anti-abuse @gitlab-com/gl-security/security-operations/trust-and-safety
What does this MR do and why?
Implements https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/546
Users that are members of/have been invited to paid, non-trial namespaces or are claimed to an enterprise group by their email sign-up domain are treated as exempt from identity verification requirements the same as if a manual exemption had been created.
This is behind a default-off feature flag exempt_paid_namespace_members_and_enterprise_users_from_identity_verification
in case there is a necessity to quickly disable this behavior.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.