Correct roles for AlertManagement tasks
What does this MR do?
This MR does these things:
- Gates the
<project>/-/alert_management
endpoint to developer+ - Groups the
read_alert_management
&read_alert_mangagement_alerts
actions intoread_alert_management_alert
(because there isn't a different use-case for each, and the new name aligns better with the existing naming convention) - Renames
update_alert_management_alerts
toupdate_alert_management_alert
for better consistency with action naming conventions - Moves
read_alert_management_alert
&update_alert_management_alert
to:developer
, per expected permissions for these features
A changelog is unneeded because this work is still behind a feature flag.
Related issue: #216053 (closed)
Screenshots
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry
- [-] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides - [-] Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
- [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Rémy Coutable