Plan:Certify ### Problem to solve Limiting the visibility of internal notes to Reporter and above (and not Authors that don't belong to the project and Guests) gives organizations assurance that information in these notes will only be visible to members of their org. By default, [Internal notes](https://docs.gitlab.com/ee/user/discussions/#add-an-internal-note) should not be displayed to `Guest Users` even if they created the issue. Internal notes should be reserved to a `Reporter+` user. `Guest Users` should not be able to create or view any internal notes * [ ] as part of the fix, narrow also permission check in `users_that_can_read_internal_notes` to use rather `can_read_confidential_note` instead of `reporter_access` - https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90073/diffs#note_1000963762 ### Steps to reproduce 1. Create an issue as a `Guest` user 2. Post an internal note from another `Reporter+` user 3. Check if the `Guest` user see the internal notes from the `Reporter+` user 4. With the `Reporter+` user, reply to the `Guest` user internal note 5. Check if the `Guest` user see the reply from the `Reporter+` user  ### Example Project https://gitlab.com/madou-stories/support-team/customers/bank-a/-/issues/2 ### What is the current *bug* behavior? 1. The `Guest` user **see the internal notes** from others 2. The `Guest` user **see the replies** of their internal notes ### What is the expected *correct* behavior? * Guest users cannot create or view any internal notes * Assignees of issues cannot create or view internal notes unless already reporter+ * Authors cannot create or view internal notes unless already reporter+ ### Relevant logs and/or screenshots <!-- Paste any relevant logs - please use code blocks (```) to format console output, logs, and code as it's tough to read otherwise. --> ### Output of checks <!-- If you are reporting a bug on GitLab.com, write: This bug happens on GitLab.com --> #### Results of GitLab environment info <!-- Input any relevant GitLab environment information if needed. --> <details> <summary>Expand for output related to GitLab environment info</summary> <pre> (For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:env:info`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`) </pre> </details> #### Results of GitLab application Check <!-- Input any relevant GitLab application check information if needed. --> <details> <summary>Expand for output related to the GitLab application check</summary> <pre> (For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:check SANITIZE=true`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true`) (we will only investigate if the tests are passing) </pre> </details> ### Possible fixes <!-- If you can, link to the line of code that might be responsible for the problem. -->