Ban user state and UI [RUN ALL RSPEC] [RUN AS-IF-FOSS]

Merged Serena Fang requested to merge shadowban-user-state-ui into master

What does this MR do?

Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/327353

Introduces banned user state and UI. Adds the option to ban a user to the Admin Area > Users > (user's name) page. Clicking "Ban user" currently only blocks the user. In future iterations, banning a user will also hide their comments and issues from other users, as described in the epic proposal.

ban is behind a feature flag, ban_user_feature_flag, which will be removed when work on the ban feature is complete. Rollout issue: #330667


Testing with feature flag

# to enable banning:
pry(main)> Feature.enable(:ban_user_feature_flag)
=> true

# to disable banning: 
[84] pry(main)> Feature.disable(:ban_user_feature_flag)
=> true

Screenshots (strongly suggested)

With ban_user_feature_flag enabled:

Banning a user:

image

image

Banned user tab:

Screen_Shot_2021-05-11_at_4.39.14_PM


With ban_user_feature_flag disabled:

Screen_Shot_2021-05-11_at_4.45.18_PM

The "Banned" tab no longer appears, but you can still filter by banned to find users that were banned before the feature flag was disabled.

Screen_Shot_2021-05-11_at_4.42.09_PM

Banned users can be unbanned, but cannot be re-banned until the feature flag is enabled again.

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

Does this MR contain changes to processing or storing of credentials or tokens, authorization and authentication methods or other items described in the security review guidelines? If not, then delete this Security section.

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Serena Fang