Remove push_code check on Mutation.securityFindingCreateMergeRequest
What does this MR do and why?
In %17.0 the Developer role will no longer have the admin_vulnerability
permission. To make sure that we're able to roll out this deprecation in a safe way this MR adds a spec to ensure that a user that belongs to a custom role with the :admin_merge_request
permission is able to execute the securityFindingCreateMergeRequest
mutation.
An example of where this mutation is used can be found in https://gitlab.com/gitlab-examples/security/security-reports/-/security/vulnerabilities/46961567
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by mo khan