Some ideas instead of throwing a 404 for CI jobs
Currently if someone doesn't have enough access or authorization to cancel a CI job (for example), and that person attempts to cancel it, Gitlab throws a 404 error.
It would be better if Gitlab doesn't even give the unauthorized user the ability to initiate the process in the first place, in this example, Gitlab should not even show that user the "Cancel" button.
Or another idea, if that's not possible, just show a small red banner on top that notifies the user that they are not allowed to do that action.