This workflow focuses on the process when action is required by the Support team on behalf of the user.
There are two main situations where action may need to be taken on behalf of the user:
Following our Security Policy on Access to Repositories, actions should always be taken by the user whenever possible.
For example, users should be deleting their own projects, but if they encounter an error every time they access the settings page, then staff can intervene with permission.
If in doubt, please surface this to a manager or escalate via an issue.
In cases where Support needs to take action on the project or group, such as for troubleshooting purposes, Support should do two things:
If an issue is created for other team members, please include a note that the user has provided permission for the specified action.
If a user has lost access to their account, all other options (e.g. SSH recovery codes, password reset) should be exhausted first.
Before taking any action, ensure that you have verified the account owner using the Account Ownership Verification workflow.
If ownership is verified, then:
Before any actions are taken, please request explicit permission from the user to take the required action on their account. Be as specific as possible so that there is no confusion.
Some sample phrases:
Could you please provide permission for staff to … ?
or
Could you please confirm that you would like us to … ?
For example:
Could you please provide permission for staff to re-run one or more pipelines in project
xyz
to investigate the issue you've described?
Could you please confirm that you would like us to add
example@email.address
to your account and make it the primary email address?
Once permission is confirmed by the user, then you may proceed.