Follow-up from !18530: Consider renaming User#full_private_access?
The :full_private_access
ability was renamed to :read_all_resources
as part of !18530 (merged), but the method User#full_private_access?
instance method was left to keep the size of the MR manageable. Consider refactoring it.
The following discussion from !18530 (merged) should be addressed:
-
@reprazent started a discussion: (+3 comments) Now that this is an ability, perhaps we should take the opportunity to rephrase.
Now it means "read all resources", which is allowed for
admin
s andauditor
s (those are the conditions we check). For admin we also enable writing for most resources, but we never do for auditors. So I think we should try to have the ability describe what it's enabling/disabling.So perhaps rephrasing the ability to
read_all_resources
makes more sense? But let's keepUser#full_private_access
as a method name.What do you think?
/cc @reprazent @ifarkas