Introduce :read_ai_catalog_item ability (!196886) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

We have :admin_ai_catalog_item ability to determine whether someone can create/update, but we allow anyone to read at the moment

This MR introduces the :read_ai_catalog_item ability to determine whether users can read items

The MR also introduces a public flag for catalog items to support the desired permissions discussed in #553928 (closed)

A catalog item can be public regardless of whether the project is private or public
A public catalog item is visible to everyone
A private catalog item is only visible to members of the project with developer+ role

I've chosen not to start using the new ability in this MR as it will cause conflicts with some other WIP

Screenshots or screen recordings

Before	After

How to set up and validate locally

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited Jul 09, 2025 by Lee Tickett

Introduce :read_ai_catalog_item ability

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports