Let group owners exclude users from "Git abuse rate limit" (!93336) · Merge requests · GitLab.org / GitLab

Eugie Limpin requested to merge unique_project_download_limit_allowlist into master Jul 27, 2022

What does this MR do and why?

Resolves https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/36 and https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/38.

This MR adds user allowlist input field to a top-level group's "Git abuse rate limit" settings page. This allows group owners to exclude users from being auto-banned when they exceed the allowed maximum number of project downloads set for the group.

Changelog

This MR does not have a changelog since the changes are behind a feature flag that is disabled by default.

Screenshots or screen recordings

Screen_Recording_2022-07-27_at_4.52.56_PM

How to set up and validate locally

Set up

Ensure you are running GDK with an Ultimate license. The following command should log true if this is set up correctly
```
echo "License.feature_available?(:unique_project_download_limit)" | rails c
```

Turn on the feature flag:

echo "Feature.enable(:limit_unique_project_downloads_per_namespace_user)" | rails c

Validate

Create a top-level group (or use an existing one)
Using the group owner as user, navigate to the groups Settings > Reporting page
Validate that you can set and save the settings with Excluded users

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Aug 11, 2022 by Eugie Limpin

Let group owners exclude users from "Git abuse rate limit"