Update `Gitlab::Git::TagPolicy` to check if the current user can create tags

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Close this issue

The tag policy currently checks if the user can

      rule { can?(:admin_tag) & (~protected_tag | can?(:maintainer_access)) }.enable :delete_tag

Firstly this is written slightly strangely. The logical grouping should be (can?(:admin_tag) & ~protected_tag) | can?(:maintainer_access)

We also need to remove the maintainer_access condition and switch it out for a check that ensures the user is allowed to create the tag via the protected tag settings

Edited Oct 14, 2025 by 🤖 GitLab Bot 🤖

Update Gitlab::Git::TagPolicy to check if the current user can create tags

Update `Gitlab::Git::TagPolicy` to check if the current user can create tags