Draft: Authorize using admin_merge_request_approval_settings in REST API
What does this MR do and why?
According to the permission matrix only maintainers or owners are allowed to manage approval rules. Hence, update the permissions in REST API to check for admin_merge_request_approval_settings
policy when returning approval rules for a project or merge request.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
No change
How to set up and validate locally
- The steps to reproduce are listed in the issue description of #435126 (closed)
Related to #435126 (closed)