Access policy check for new snippet button
What does this MR do?
Adds a couple of check to avoid displaying the New Snippet
button to users without :create_snippet
permission:
-
In the user's profile
Snippets
tab, we were using the ability to populate the link to the new snippet form. The partial, however was rendering the button even when the link was not there (as a result of not having the correct ability). In this case, the button didn't take the user to the New Snippet form, it just reloaded the page. -
Previously, only the non-empty state for project snippets was checking for the ability. As a result, when the project had snippets the project_snippets page showed the button to any user. Clicking on the button resulted in a 404 error for guest users.
Screenshots
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry - [-] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines -
Style guides - [-] Database guides
- [-] Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
Ref: #55240 (closed)
Edited by 🤖 GitLab Bot 🤖