Unban banned users
What does this MR do and why?
This MR implements the second iteration of https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/42.
It adds the ability for a (top-level) group's owners to unban banned members of the group.
See rollout issue.
Screenshots or screen recordings
Screen_Recording_2022-07-15_at_2.39.03_PM
How to set up and validate locally
Set up
- Ensure you are running GDK with an Ultimate license. The following command should log
true
if this is set up correctlyecho "License.feature_available?(:unique_project_download_limit)" | rails c
- Turn on the feature flags:
echo "Feature.enable(:limit_unique_project_downloads_per_namespace_user)" | rails c
Validate
- Create a top-level group and invite another member as a non-owner to the group
- Ban the invited user in (1) by running the following in Rails console:
> group_id = ... # id of the group you created in (1) > group = Group.find(group_id) > user_id = ... # id of the user you invited to your group in (1) > user = User.find(user_id) > Users::Abuse::NamespaceBans::CreateService.new(namespace: group, user: user).execute
- Using the group owner user go to the group's members page
- Validate that you can see
Banned
tab and the banned user is in the table - Click on
Unban
button for the user and validate that the page refreshes displaying the messageUser was successfully unbanned.
- Validate the the page does display the
Banned
tab any more
database Query plan
SQL query
[21] pry(main)> User.find(3).namespace_ban_for(Group.find(89))
Group Load (1.0ms) ...
Namespaces::NamespaceBan Load (0.4ms) SELECT "namespace_bans".* FROM "namespace_bans" WHERE "namespace_bans"."user_id" = 3 AND "namespace_bans"."namespace_id" = 89 LIMIT 1 /*application:console,db_config_name:main,line:/ee/app/models/ee/user.rb:445:in `namespace_ban_for'*/
=> nil
#database-lab
Excerpt from https://gitlab.slack.com/archives/CLJMDRD8C/p1658113583247409
Click to expand
explain SELECT "namespace_bans".* FROM "namespace_bans" WHERE "namespace_bans"."user_id" = 1 AND "namespace_bans"."namespace_id" = 278964 LIMIT 1
Session: 11061
Plan with execution:
Limit (cost=0.15..3.17 rows=1 width=40) (actual time=0.065..0.066 rows=0 loops=1)
Buffers: shared hit=5
I/O Timings: read=0.000 write=0.000
-> Index Scan using index_namespace_bans_on_namespace_id_and_user_id on public.namespace_bans (cost=0.15..3.17 rows=1 width=40) (actual time=0.063..0.064 rows=0 loops=1)
Index Cond: ((namespace_bans.namespace_id = 278964) AN
[...SKIP...]
Recommendations:
Summary:
Time: 0.652 ms
- planning: 0.527 ms
- execution: 0.125 ms
- I/O read: 0.000 ms
- I/O write: 0.000 ms
Shared buffers:
- hits: 5 (~40.00 KiB) from the buffer pool
- reads: 0 from the OS file cache, including disk I/O
- dirtied: 0
- writes: 0
Public link to the plan
https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/11061/commands/39632
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Eugie Limpin