The following discussion from !156664 should be addressed: - [ ] @jwoodwardgl started a [discussion](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/156664#note_1958884317): > **thought:** This check should come first. If this deploy key user is _not_ the current user then there's no point firing database queries in the `can?(:read_project, project)` call. > > I will add this in another MR