Use ProjectHook policies in controller (!114087) · Merge requests · GitLab.org / GitLab

Andy Schoenen requested to merge 393469-use-project-destroy-hook-policy into master Mar 09, 2023

What does this MR do and why?

ProjectHooksPolicy got introduced in !88245 (merged), but it was not used in controllers to check access. To avoid confusion, this makes use of the destroy policy and removes the read_web_hook policy. I previously did the same for GroupHooksPolicy in !113091 (merged).

Screenshots or screen recordings

There should be no user visible change

How to set up and validate locally

Follow the guide to create a project webhook.
Select Delete* next to the newly created webhook.
The hook should be deleted without rendering 404

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #393469 (closed)

Use ProjectHook policies in controller

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports