FE - Add visual indicators for content imported by direct transfer

Release notes

Problem

GitLab allows copying content of GitLab groups and projects between GitLab instance and within one instance between groups with direct transfer method. This allows for potential security issue with imported content. Imported content is not easily identifiable which could lead to abuse.

Proposed solution

This issue covers the ~fronted portion. backend work will be tracked in #424454 (closed)

The proposed solution, a defense-in-depth measure, is to add:

• a database identifier that servers frontend
• a visual indicator to imported records that authorship can be attributed to. For Direct Transfer that would be:
  • notes
  • issues
  • merge requests
  • epics
  • designs
  • snippets
  • user profile activity

This would allow users to quickly identify imported content and help to prevent abuse. It would allow Administrators to more easily clean up abuse, see comment, and give users a signal that the comment / MR / activity they are looking at wasn't made on this instance but was imported from elsewhere.

UI Proposal

Full proposal can be found here.

Figma File can be found here. ✨

Example console commands

If an Administrator notices weird imports, they could delete imported records by using commands like:

Notable.where(imported: true).destroy_all

Open questions

• What would be best visual indicator? Icon/badge?
• Should visual indicator have a tooltip with information like "This element was imported"?
• Should the information contain the date of import? (wouldn't that be too crowded and also requiring additional calls to DB?)

Intended users

Personas are described at https://about.gitlab.com/handbook/product/personas/

• Sidney (Systems Administrator)
• Alex (Security Operations Engineer)

Feature Usage Metrics

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.