Move read_internal_note to project and group policies

Eugenia Grieffrequested to merge
376148-move-internal-note-policy into master

Related to #376148 (closed)

What does this MR do and why?

Since the required permissions to read internal notes were changed in !98588 (merged), we no longer depend on the note or issuable properties and can rely only on the user's role for the group/project.

This allows us to define read_internal_note ability at a higher level and avoid the risk of inconsistency between several definitions.

Old definitions New defitions
EpicPolicy ProjectPolicy
IssuablePolicy GroupPolicy #
NotePolicy

# Defining read_internal_note only at the project level wouldn't be enough because some resources using this policy only exist at the group level (i.e epics).

This MR doesn't change permissions, it only moves policies without affecting behaviour

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Eugenia Grieff

Merge request reports