Merge branch '212213-cablett-allowlist-gitlab-team-member' into 'master'

Allowlist GitLab team members on gitlab.com See merge request gitlab-org/gitlab!31052

Merge branch '212213-cablett-allowlist-gitlab-team-member' into 'master'
Allowlist GitLab team members on gitlab.com See merge request gitlab-org/gitlab!31052
7dcbe647 · Igor Drozdov · 0c6f4618 · 1c9105e2 · 7dcbe647 · 7dcbe647
Commit 7dcbe647 authored May 06, 2020 by Igor Drozdov
3 changed files
--- a/app/services/spam/spam_action_service.rb
+++ b/app/services/spam/spam_action_service.rb
@@ -28,6 +28,7 @@ module Spam
        # update the spam log accordingly.
        SpamLog.verify_recaptcha!(user_id: user.id, id: spam_log_id)
      else
+        return if allowlisted?(user)
        return unless request
        return unless check_for_spam?

@@ -39,6 +40,10 @@ module Spam

    private

+    def allowlisted?(user)
+      user.respond_to?(:gitlab_employee) && user.gitlab_employee?
+    end
+
    def perform_spam_service_check(api)
      # since we can check for spam, and recaptcha is not verified,
      # ask the SpamVerdictService what to do with the target.

--- a/changelogs/unreleased/212213-cablett-allowlist-gitlab-team-member.yml
+++ b/changelogs/unreleased/212213-cablett-allowlist-gitlab-team-member.yml
+---
+title: Skip spam check for GitLab team members on gitlab.com
+merge_request: 31052
+author:
+type: added
--- a/spec/services/spam/spam_action_service_spec.rb
+++ b/spec/services/spam/spam_action_service_spec.rb
@@ -73,11 +73,13 @@ describe Spam::SpamActionService do
  describe '#execute' do
    let(:request) { double(:request, env: env) }
    let(:fake_verdict_service) { double(:spam_verdict_service) }
+    let(:allowlisted) { false }

    let_it_be(:existing_spam_log) { create(:spam_log, user: user, recaptcha_verified: false) }

    subject do
      described_service = described_class.new(spammable: issue, request: request)
+      allow(described_service).to receive(:allowlisted?).and_return(allowlisted)
      described_service.execute(user: user, api: nil, recaptcha_verified: recaptcha_verified, spam_log_id: existing_spam_log.id)
    end

@@ -121,6 +123,16 @@ describe Spam::SpamActionService do
          issue.description = 'SPAM!'
        end

+        context 'if allowlisted' do
+          let(:allowlisted) { true }
+
+          it 'does not perform spam check' do
+            expect(Spam::SpamVerdictService).not_to receive(:new)
+
+            subject
+          end
+        end
+
        context 'when disallowed by the spam verdict service' do
          before do
            allow(fake_verdict_service).to receive(:execute).and_return(DISALLOW)