Skip to content

G
gitlab-ce
Commit 191e2093 authored by mc_rocha's avatar mc_rocha
Browse files
Options

Add a feature flag to control when we could prevent users to login 

We want to avoid preventing legit users from logging in.
This MR adds a feature flag to control when the login can be prevented.

Changelog: added
MR: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/84971
EE: true
parent 1e047ea2
Show whitespace changes
Inline Side-by-side
Showing with 87 additions and 60 deletions
config/feature_flags/development/arkose_labs_prevent_login.yml 0 → 100644
View file @ 191e2093
---
name: arkose_labs_prevent_login
introduced_by_url:
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/358838
milestone: '14.10'
type: development
group: group::antiabuse
default_enabled: false
ee/app/services/arkose/user_verification_service.rb
View file @ 191e2093
...@@ -122,6 +122,8 @@ module Arkose ...@@ -122,6 +122,8 @@ module Arkose
end end
def low_risk?(response) def low_risk?(response)
return true unless Feature.enabled?(:arkose_labs_prevent_login, default_enabled: :yaml)
risk_band = risk_band(response) risk_band = risk_band(response)
risk_band.present? ? risk_band != 'High' : true risk_band.present? ? risk_band != 'High' : true
end end
......
ee/spec/services/arkose/user_verification_service_spec.rb
View file @ 191e2093
...@@ -21,6 +21,7 @@ RSpec.describe Arkose::UserVerificationService do ...@@ -21,6 +21,7 @@ RSpec.describe Arkose::UserVerificationService do
end end
end end
context 'when feature arkose_labs_prevent_login is enabled' do
context 'when the user solved the challenge' do context 'when the user solved the challenge' do
context 'when the risk score is not high' do context 'when the risk score is not high' do
let(:arkose_ec_response) { Gitlab::Json.parse(File.read(Rails.root.join('ee/spec/fixtures/arkose/successfully_solved_ec_response.json'))) } let(:arkose_ec_response) { Gitlab::Json.parse(File.read(Rails.root.join('ee/spec/fixtures/arkose/successfully_solved_ec_response.json'))) }
...@@ -102,6 +103,7 @@ RSpec.describe Arkose::UserVerificationService do ...@@ -102,6 +103,7 @@ RSpec.describe Arkose::UserVerificationService do
end end
end end
end end
end
context 'when an error occurs during the Arkose request' do context 'when an error occurs during the Arkose request' do
it 'returns true' do it 'returns true' do
...@@ -109,5 +111,20 @@ RSpec.describe Arkose::UserVerificationService do ...@@ -109,5 +111,20 @@ RSpec.describe Arkose::UserVerificationService do
expect(subject).to be_truthy expect(subject).to be_truthy
end end
end end
context 'when feature arkose_labs_prevent_login is disabled' do
before do
stub_feature_flags(arkose_labs_prevent_login: false)
end
context 'when the risk score is high' do
let(:arkose_ec_response) { Gitlab::Json.parse(File.read(Rails.root.join('ee/spec/fixtures/arkose/successfully_solved_ec_response_high_risk.json'))) }
it 'returns true' do
allow(Gitlab::HTTP).to receive(:perform_request).and_return(response)
expect(subject).to be_truthy
end
end
end
end end
end end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7