Step 3: Version Control for Snippets: Implement access rights checking for git requests (MVP)

Important: All the new functionality must be implemented behind the feature flag :version_snippets. Besides, it has to be scoped for projects. Therefore, instead of checking if the feature flag is enabled or not (Feature.enabled?(:version_snippets)), we will check if the feature flag is enabled for specific projects (Feature.enabled?(:version_snippets, project)). This way, for testing purposes, we can enable the feature flag on the project gitlab-org/gitlab for example, instead of enabling it globally.

This issue is about implementing the necessary access rights to access the snippet repository. When the content is pushed to the snippet repository, the workflow redirects the request to GitAccessSnippet. In this class is where we need to check the authorizations. For that matter, we can take a look at the existing GitAccess class and GitAccessWiki class.

For MVP we need to limit the number of files to 1. This means that, when we receive a git operation we have to check the repository, check if there is a file, and if it exists then we need to check the git command. If it's an update or move then ok but if it's a create operation we have to reject.

This issue depends on #39176 (closed) and #39199 (closed) to be implemented first.

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.