12 files changed, 69 insertions, 26 deletions

diff --git a/app/services/concerns/spam_check_methods.rb b/app/services/concerns/spam_check_methods.rb
index 53e9e001463..939f8f183ab 100644
--- a/app/services/concerns/spam_check_methods.rb
+++ b/app/services/concerns/spam_check_methods.rb
@@ -22,15 +22,18 @@ module SpamCheckMethods
   # a dirty instance, which means it should be already assigned with the new
   # attribute values.
   # rubocop:disable Gitlab/ModuleWithInstanceVariables
-  def spam_check(spammable, user)
+  def spam_check(spammable, user, action:)
+    raise ArgumentError.new('Please provide an action, such as :create') unless action
+
     Spam::SpamActionService.new(
       spammable: spammable,
-      request: @request
+      request: @request,
+      user: user,
+      context: { action: action }
     ).execute(
       api: @api,
       recaptcha_verified: @recaptcha_verified,
-      spam_log_id: @spam_log_id,
-      user: user)
+      spam_log_id: @spam_log_id)
   end
   # rubocop:enable Gitlab/ModuleWithInstanceVariables
 end
diff --git a/app/services/issues/create_service.rb b/app/services/issues/create_service.rb
index 043d80002f7..c0194f5b847 100644
--- a/app/services/issues/create_service.rb
+++ b/app/services/issues/create_service.rb
@@ -15,7 +15,7 @@ module Issues
     end
 
     def before_create(issue)
-      spam_check(issue, current_user)
+      spam_check(issue, current_user, action: :create)
       issue.move_to_end
 
       # current_user (defined in BaseService) is not available within run_after_commit block
diff --git a/app/services/issues/update_service.rb b/app/services/issues/update_service.rb
index d59bc0cc970..8d22f0edcdd 100644
--- a/app/services/issues/update_service.rb
+++ b/app/services/issues/update_service.rb
@@ -18,7 +18,7 @@ module Issues
     end
 
     def before_update(issue, skip_spam_check: false)
-      spam_check(issue, current_user) unless skip_spam_check
+      spam_check(issue, current_user, action: :update) unless skip_spam_check
     end
 
     def after_update(issue)
diff --git a/app/services/snippets/create_service.rb b/app/services/snippets/create_service.rb
index 434541a9097..7b477621da3 100644
--- a/app/services/snippets/create_service.rb
+++ b/app/services/snippets/create_service.rb
@@ -13,7 +13,7 @@ module Snippets
 
       @snippet.author = current_user
 
-      spam_check(@snippet, current_user)
+      spam_check(@snippet, current_user, action: :create)
 
       if save_and_commit
         UserAgentDetailService.new(@snippet, @request).create
diff --git a/app/services/snippets/update_service.rb b/app/services/snippets/update_service.rb
index 9b61559295b..6cdc2c374da 100644
--- a/app/services/snippets/update_service.rb
+++ b/app/services/snippets/update_service.rb
@@ -14,7 +14,7 @@ module Snippets
       end
 
       update_snippet_attributes(snippet)
-      spam_check(snippet, current_user)
+      spam_check(snippet, current_user, action: :update)
 
       if save_and_commit(snippet)
         Gitlab::UsageDataCounters::SnippetCounter.count(:update)
diff --git a/app/services/spam/spam_action_service.rb b/app/services/spam/spam_action_service.rb
index 731afb631b5..b745b67f566 100644
--- a/app/services/spam/spam_action_service.rb
+++ b/app/services/spam/spam_action_service.rb
@@ -7,9 +7,11 @@ module Spam
     attr_accessor :target, :request, :options
     attr_reader :spam_log
 
-    def initialize(spammable:, request:)
+    def initialize(spammable:, request:, user:, context: {})
       @target = spammable
       @request = request
+      @user = user
+      @context = context
       @options = {}
 
       if @request
@@ -22,7 +24,7 @@ module Spam
       end
     end
 
-    def execute(api: false, recaptcha_verified:, spam_log_id:, user:)
+    def execute(api: false, recaptcha_verified:, spam_log_id:)
       if recaptcha_verified
         # If it's a request which is already verified through reCAPTCHA,
         # update the spam log accordingly.
@@ -40,6 +42,8 @@ module Spam
 
     private
 
+    attr_reader :user, :context
+
     def allowlisted?(user)
       user.respond_to?(:gitlab_employee) && user.gitlab_employee?
     end
@@ -75,7 +79,7 @@ module Spam
           description: target.spam_description,
           source_ip: options[:ip_address],
           user_agent: options[:user_agent],
-          noteable_type: target.class.to_s,
+          noteable_type: notable_type,
           via_api: api
         }
       )
@@ -85,8 +89,14 @@ module Spam
 
     def spam_verdict_service
       SpamVerdictService.new(target: target,
+                             user: user,
                              request: @request,
-                             options: options)
+                             options: options,
+                             context: context.merge(target_type: notable_type))
+    end
+
+    def notable_type
+      @notable_type ||= target.class.to_s
     end
   end
 end
diff --git a/app/services/spam/spam_verdict_service.rb b/app/services/spam/spam_verdict_service.rb
index cdd699c6ee9..68f1135ae28 100644
--- a/app/services/spam/spam_verdict_service.rb
+++ b/app/services/spam/spam_verdict_service.rb
@@ -5,11 +5,12 @@ module Spam
     include AkismetMethods
     include SpamConstants
 
-    def initialize(target:, request:, options:, verdict_params: {})
+    def initialize(user:, target:, request:, options:, context: {})
       @target = target
       @request = request
+      @user = user
       @options = options
-      @verdict_params = assemble_verdict_params(verdict_params)
+      @verdict_params = assemble_verdict_params(context)
     end
 
     def execute
@@ -27,7 +28,7 @@ module Spam
 
     private
 
-    attr_reader :target, :request, :options, :verdict_params
+    attr_reader :user, :target, :request, :options, :verdict_params
 
     def akismet_verdict
       if akismet.spam?
@@ -66,11 +67,23 @@ module Spam
       end
     end
 
-    def assemble_verdict_params(params)
-      return {} unless endpoint_url
-
-      params.merge({
-        user_id: target.author_id
+    def assemble_verdict_params(context)
+      return {} unless endpoint_url.present?
+
+      project = target.try(:project)
+
+      context.merge({
+        target: {
+          title: target.spam_title,
+          description: target.spam_description,
+          type: target.class.to_s
+        },
+        user: {
+          created_at: user.created_at,
+          email: user.email,
+          username: user.username
+        },
+        user_in_project: user.authorized_project?(project)
       })
     end
 
diff --git a/changelogs/unreleased/33185-add-missing-install-instruction.yml b/changelogs/unreleased/33185-add-missing-install-instruction.yml
new file mode 100644
index 00000000000..db82588bd04
--- /dev/null
+++ b/changelogs/unreleased/33185-add-missing-install-instruction.yml
@@ -0,0 +1,5 @@
+---
+doc: "doc: install: add missing exiftool dependency"
+merge_request: 33185
+author: Stefan Schrijvers
+type: fixed
diff --git a/doc/install/installation.md b/doc/install/installation.md
index b65aec31407..ebfec230818 100644
--- a/doc/install/installation.md
+++ b/doc/install/installation.md
@@ -208,6 +208,13 @@ sudo apt-get install -y postfix
 
 Then select 'Internet Site' and press enter to confirm the hostname.
 
+[GitLab Workhorse](https://gitlab.com/gitlab-org/gitlab-workhorse#dependencies)
+requires `exiftool` to remove EXIF data from uploaded images.
+
+```shell
+sudo apt-get install -y libimage-exiftool-perl
+```
+
 ## 2. Ruby
 
 The Ruby interpreter is required to run GitLab.
diff --git a/qa/qa/resource/repository/project_push.rb b/qa/qa/resource/repository/project_push.rb
index 17596601cf9..c46921ad0c7 100644
--- a/qa/qa/resource/repository/project_push.rb
+++ b/qa/qa/resource/repository/project_push.rb
@@ -9,8 +9,11 @@ module QA
         attr_accessor :project_name
         attr_writer :wait_for_push
 
+        attribute :group
+
         attribute :project do
           Project.fabricate! do |resource|
+            resource.group = group if @group
             resource.name = project_name
             resource.description = 'Project with repository'
           end
@@ -24,6 +27,7 @@ module QA
           @new_branch = true
           @project_name = 'project-with-code'
           @wait_for_push = true
+          @group = nil
         end
 
         def repository_http_uri
diff --git a/spec/services/spam/spam_action_service_spec.rb b/spec/services/spam/spam_action_service_spec.rb
index 13151c4c0a7..7b6b65c82b1 100644
--- a/spec/services/spam/spam_action_service_spec.rb
+++ b/spec/services/spam/spam_action_service_spec.rb
@@ -24,7 +24,7 @@ describe Spam::SpamActionService do
   end
 
   describe '#initialize' do
-    subject { described_class.new(spammable: issue, request: request) }
+    subject { described_class.new(spammable: issue, request: request, user: user) }
 
     context 'when the request is nil' do
       let(:request) { nil }
@@ -53,7 +53,7 @@ describe Spam::SpamActionService do
 
   shared_examples 'only checks for spam if a request is provided' do
     context 'when request is missing' do
-      subject { described_class.new(spammable: issue, request: nil) }
+      subject { described_class.new(spammable: issue, request: nil, user: user) }
 
       it "doesn't check as spam" do
         subject
@@ -78,9 +78,9 @@ describe Spam::SpamActionService do
     let_it_be(:existing_spam_log) { create(:spam_log, user: user, recaptcha_verified: false) }
 
     subject do
-      described_service = described_class.new(spammable: issue, request: request)
+      described_service = described_class.new(spammable: issue, request: request, user: user)
       allow(described_service).to receive(:allowlisted?).and_return(allowlisted)
-      described_service.execute(user: user, api: nil, recaptcha_verified: recaptcha_verified, spam_log_id: existing_spam_log.id)
+      described_service.execute(api: nil, recaptcha_verified: recaptcha_verified, spam_log_id: existing_spam_log.id)
     end
 
     before do
diff --git a/spec/services/spam/spam_verdict_service_spec.rb b/spec/services/spam/spam_verdict_service_spec.rb
index dfef87c9a7a..f6d9cd96da5 100644
--- a/spec/services/spam/spam_verdict_service_spec.rb
+++ b/spec/services/spam/spam_verdict_service_spec.rb
@@ -16,9 +16,10 @@ describe Spam::SpamVerdictService do
   let(:request) { double(:request, env: env) }
 
   let(:check_for_spam) { true }
-  let(:issue) { build(:issue) }
+  let_it_be(:user) { create(:user) }
+  let(:issue) { build(:issue, author: user) }
   let(:service) do
-    described_class.new(target: issue, request: request, options: {})
+    described_class.new(user: user, target: issue, request: request, options: {})
   end
 
   describe '#execute' do