Standardize webhook abilities
What does this MR do and why?
I'm about to introduce a new ability to configure custom roles which can manage webhooks.
But at the moment the abilities are a bit confusing. We have a separate destroy ability, but nothing for reading/administering.
This MR first aligns things so we have a read_
and admin_
ability.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Before | After |
---|---|
How to set up and validate locally
- Ensure as a project maintainer you can still manage project webhooks (and with any lower role you cannot)
- Ensure as a group owner you can still manage group webhooks (and with any lower role you cannot)
- Ensure as an admin you can still manage system webhooks