Fix: reject api and git access if phone not verified (!849) · 合并请求 · gitlab-cn / GitLab

Martin Tan请求将1711-phone-verification-check合并到main-jh 8月 24, 2022

Upstream MR https://gitlab.com/gitlab-org/gitlab/-/merge_requests/96249

What does this MR do and why?

Reject access of API and Git if user phone not verified.

Proposal

extend global policy with phone verification
the default access policy should be kept as it is
the new policy only prevent api_access and git_access if phone is not verified with RealNameSystem enabled
add user access denied reason for phone verification

Changes

API/Git access will be denied if the account is created without phone verified before the real name system is enabled.

Screenshots or screen recordings

After enabled this feature

API Access Error	Git Access Error

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related #1711

由 Martin Tan 编辑于 9月 14, 2022

Fix: reject api and git access if phone not verified