Rename issue boards permissions

Improve name of issue board policy permissions

Rename issue boards permissions
Improve name of issue board policy permissions
1cca0e9c · Felipe Artur · cd40c625 · 1cca0e9c · 1cca0e9c · 1cca0e9c
Commit 1cca0e9c authored Feb 24, 2021 by Felipe Artur
41 changed files
--- a/app/controllers/concerns/boards_responses.rb
+++ b/app/controllers/concerns/boards_responses.rb
@@ -35,7 +35,7 @@ module BoardsResponses
  end

  def authorize_read_list
-    authorize_action_for!(board, :read_list)
+    authorize_action_for!(board, :read_issue_board_list)
  end

  def authorize_read_issue
@@ -54,7 +54,7 @@ module BoardsResponses
  end

  def authorize_admin_list
-    authorize_action_for!(board, :admin_list)
+    authorize_action_for!(board, :admin_issue_board_list)
  end

  def authorize_action_for!(resource, ability)

--- a/app/controllers/concerns/multiple_boards_actions.rb
+++ b/app/controllers/concerns/multiple_boards_actions.rb
@@ -80,7 +80,7 @@ module MultipleBoardsActions
  end

  def authorize_admin_board!
-    return render_404 unless can?(current_user, :admin_board, parent)
+    return render_404 unless can?(current_user, :admin_issue_board, parent)
  end

  def serializer

--- a/app/controllers/groups/boards_controller.rb
+++ b/app/controllers/groups/boards_controller.rb
@@ -44,6 +44,6 @@ class Groups::BoardsController < Groups::ApplicationController
  end

  def authorize_read_board!
-    access_denied! unless can?(current_user, :read_board, group)
+    access_denied! unless can?(current_user, :read_issue_board, group)
  end
 end
--- a/app/controllers/projects/boards_controller.rb
+++ b/app/controllers/projects/boards_controller.rb
@@ -45,6 +45,6 @@ class Projects::BoardsController < Projects::ApplicationController
  end

  def authorize_read_board!
-    access_denied! unless can?(current_user, :read_board, project)
+    access_denied! unless can?(current_user, :read_issue_board, project)
  end
 end
--- a/app/graphql/mutations/boards/create.rb
+++ b/app/graphql/mutations/boards/create.rb
@@ -14,7 +14,7 @@ module Mutations
            null: true,
            description: 'The board after mutation.'

-      authorize :admin_board
+      authorize :admin_issue_board

      def resolve(args)
        board_parent = authorized_resource_parent_find!(args)

--- a/app/graphql/mutations/boards/destroy.rb
+++ b/app/graphql/mutations/boards/destroy.rb
@@ -14,7 +14,7 @@ module Mutations
                required: true,
                description: 'The global ID of the board to destroy.'

-      authorize :admin_board
+      authorize :admin_issue_board

      def resolve(id:)
        board = authorized_find!(id: id)

--- a/app/graphql/mutations/boards/issues/issue_move_list.rb
+++ b/app/graphql/mutations/boards/issues/issue_move_list.rb
@@ -83,7 +83,7 @@ module Mutations
        end

        def authorize_board!(board)
-          return if Ability.allowed?(current_user, :read_board, board.resource_parent)
+          return if Ability.allowed?(current_user, :read_issue_board, board.resource_parent)

          raise_resource_not_available_error!
        end

--- a/app/graphql/mutations/boards/lists/create.rb
+++ b/app/graphql/mutations/boards/lists/create.rb
@@ -15,7 +15,7 @@ module Mutations
              null: true,
              description: 'Issue list in the issue board.'

-        authorize :admin_list
+        authorize :admin_issue_board_list

        private


--- a/app/graphql/mutations/boards/lists/destroy.rb
+++ b/app/graphql/mutations/boards/lists/destroy.rb
@@ -33,7 +33,7 @@ module Mutations
        def can_admin_list?(list)
          return false unless list.present?

-          Ability.allowed?(current_user, :admin_list, list.board)
+          Ability.allowed?(current_user, :admin_issue_board_list, list.board)
        end
      end
    end

--- a/app/graphql/mutations/boards/lists/update.rb
+++ b/app/graphql/mutations/boards/lists/update.rb
@@ -44,7 +44,7 @@ module Mutations
        def can_read_list?(list)
          return false unless list.present?

-          Ability.allowed?(current_user, :read_list, list.board)
+          Ability.allowed?(current_user, :read_issue_board_list, list.board)
        end
      end
    end

--- a/app/graphql/mutations/boards/update.rb
+++ b/app/graphql/mutations/boards/update.rb
@@ -17,7 +17,7 @@ module Mutations
            null: true,
            description: 'The board after mutation.'

-      authorize :admin_board
+      authorize :admin_issue_board

      def resolve(id:, **args)
        board = authorized_find!(id: id)

--- a/app/graphql/resolvers/board_lists_resolver.rb
+++ b/app/graphql/resolvers/board_lists_resolver.rb
@@ -9,7 +9,7 @@ module Resolvers
    type Types::BoardListType, null: true
    extras [:lookahead]

-    authorize :read_list
+    authorize :read_issue_board_list

    argument :id, Types::GlobalIDType[List],
             required: false,

--- a/app/graphql/types/board_type.rb
+++ b/app/graphql/types/board_type.rb
@@ -5,7 +5,7 @@ module Types
    graphql_name 'Board'
    description 'Represents a project or group issue board'
    accepts ::Board
-    authorize :read_board
+    authorize :read_issue_board

    present_using BoardPresenter


--- a/app/policies/concerns/readonly_abilities.rb
+++ b/app/policies/concerns/readonly_abilities.rb
@@ -17,7 +17,7 @@ module ReadonlyAbilities

  READONLY_FEATURES = %i[
    issue
-    list
+    issue_board_list
    merge_request
    label
    milestone

--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -97,9 +97,9 @@ class GroupPolicy < BasePolicy

  rule { can?(:read_group) }.policy do
    enable :read_milestone
-    enable :read_list
+    enable :read_issue_board_list
    enable :read_label
-    enable :read_board
+    enable :read_issue_board
    enable :read_group_member
    enable :read_custom_emoji
  end
@@ -122,9 +122,9 @@ class GroupPolicy < BasePolicy
  rule { reporter }.policy do
    enable :reporter_access
    enable :read_container_image
-    enable :admin_board
+    enable :admin_issue_board
    enable :admin_label
-    enable :admin_list
+    enable :admin_issue_board_list
    enable :admin_issue
    enable :read_metrics_dashboard_annotation
    enable :read_prometheus

--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -204,8 +204,8 @@ class ProjectPolicy < BasePolicy
  rule { can?(:guest_access) }.policy do
    enable :read_project
    enable :create_merge_request_in
-    enable :read_board
-    enable :read_list
+    enable :read_issue_board
+    enable :read_issue_board_list
    enable :read_wiki
    enable :read_issue
    enable :read_label
@@ -231,7 +231,7 @@ class ProjectPolicy < BasePolicy
  rule { guest & can?(:read_container_image) }.enable :build_read_container_image

  rule { can?(:reporter_access) }.policy do
-    enable :admin_board
+    enable :admin_issue_board
    enable :download_code
    enable :read_statistics
    enable :download_wiki_code
@@ -240,7 +240,7 @@ class ProjectPolicy < BasePolicy
    enable :reopen_issue
    enable :admin_issue
    enable :admin_label
-    enable :admin_list
+    enable :admin_issue_board_list
    enable :admin_issue_link
    enable :read_commit_status
    enable :read_build
@@ -319,7 +319,7 @@ class ProjectPolicy < BasePolicy

  rule { can?(:developer_access) }.policy do
    enable :create_package
-    enable :admin_board
+    enable :admin_issue_board
    enable :admin_merge_request
    enable :admin_milestone
    enable :update_merge_request
@@ -369,7 +369,7 @@ class ProjectPolicy < BasePolicy

  rule { can?(:maintainer_access) }.policy do
    enable :destroy_package
-    enable :admin_board
+    enable :admin_issue_board
    enable :push_to_delete_protected_branch
    enable :update_snippet
    enable :admin_snippet
@@ -429,8 +429,8 @@ class ProjectPolicy < BasePolicy

  rule { issues_disabled }.policy do
    prevent(*create_read_update_admin_destroy(:issue))
-    prevent(*create_read_update_admin_destroy(:board))
-    prevent(*create_read_update_admin_destroy(:list))
+    prevent(*create_read_update_admin_destroy(:issue_board))
+    prevent(*create_read_update_admin_destroy(:issue_board_list))
  end

  rule { merge_requests_disabled | repository_disabled }.policy do
@@ -507,8 +507,8 @@ class ProjectPolicy < BasePolicy
  rule { can?(:public_access) }.policy do
    enable :read_package
    enable :read_project
-    enable :read_board
-    enable :read_list
+    enable :read_issue_board
+    enable :read_issue_board_list
    enable :read_wiki
    enable :read_label
    enable :read_milestone

--- a/app/services/boards/lists/update_service.rb
+++ b/app/services/boards/lists/update_service.rb
@@ -47,11 +47,11 @@ module Boards
      end

      def can_read?(list)
-        Ability.allowed?(current_user, :read_list, parent)
+        Ability.allowed?(current_user, :read_issue_board_list, parent)
      end

      def can_admin?(list)
-        Ability.allowed?(current_user, :admin_list, parent)
+        Ability.allowed?(current_user, :admin_issue_board_list, parent)
      end
    end
  end

--- a/app/views/shared/boards/_show.html.haml
+++ b/app/views/shared/boards/_show.html.haml
@@ -2,7 +2,7 @@
 - group = local_assigns.fetch(:group, false)
 -# TODO: Move group_id and can_admin_list to the board store
  See: https://gitlab.com/gitlab-org/gitlab/-/issues/213082
- can_admin_list = can?(current_user, :admin_list, current_board_parent) == true
+- can_admin_list = can?(current_user, :admin_issue_board_list, current_board_parent) == true
 - @no_breadcrumb_container = true
 - @no_container = true
 - @content_class = "issue-boards-content js-focus-mode-board"

--- a/app/views/shared/boards/_switcher.html.haml
+++ b/app/views/shared/boards/_switcher.html.haml
@@ -7,7 +7,7 @@
    milestone_path: milestones_filter_path(milestone_filter_opts),
    board_base_url: board_base_url,
    has_missing_boards: (!multiple_boards_available? && current_board_parent.boards.size > 1).to_s,
-    can_admin_board: can?(current_user, :admin_board, parent).to_s,
+    can_admin_board: can?(current_user, :admin_issue_board, parent).to_s,
    multiple_issue_boards_available: parent.multiple_issue_boards_available?.to_s,
    labels_path: labels_filter_path_with_defaults(only_group_labels: true, include_descendant_groups: true),
    labels_web_url: parent.is_a?(Project) ? project_labels_path(@project) : group_labels_path(@group),

--- a/app/views/shared/issuable/_search_bar.html.haml
+++ b/app/views/shared/issuable/_search_bar.html.haml
@@ -5,7 +5,7 @@
 - placeholder = local_assigns[:placeholder] || _('Search or filter results...')
 - is_not_boards_modal_or_productivity_analytics = type != :boards_modal && type != :productivity_analytics
 - block_css_class = is_not_boards_modal_or_productivity_analytics ? 'row-content-block second-block' : ''
- user_can_admin_list = board && can?(current_user, :admin_list, board.resource_parent)
+- user_can_admin_list = board && can?(current_user, :admin_issue_board_list, board.resource_parent)

 .issues-filters{ class: ("w-100" if type == :boards_modal) }
  .issues-details-filters.filtered-search-block.d-flex.flex-column.flex-lg-row{ class: block_css_class, "v-pre" => type == :boards_modal }
@@ -202,7 +202,7 @@
          - else
            = render 'shared/issuable/board_create_list_dropdown', board: board
          - if @project
-            #js-add-issues-btn{ data: { can_admin_list: can?(current_user, :admin_list, @project) } }
+            #js-add-issues-btn{ data: { can_admin_list: can?(current_user, :admin_issue_board_list, @project) } }
        #js-toggle-focus-btn
      - elsif is_not_boards_modal_or_productivity_analytics && show_sorting_dropdown
        = render 'shared/issuable/sort_dropdown'
--- a/ee/app/graphql/mutations/boards/lists/update_limit_metrics.rb
+++ b/ee/app/graphql/mutations/boards/lists/update_limit_metrics.rb
@@ -69,7 +69,7 @@ module Mutations
        end

        def authorize_admin_rights!
-          raise_resource_not_available_error! unless Ability.allowed?(current_user, :admin_list, board)
+          raise_resource_not_available_error! unless Ability.allowed?(current_user, :admin_issue_board_list, board)
        end

        def find_list_by_global_id(gid)

--- a/ee/app/graphql/mutations/boards/update_epic_user_preferences.rb
+++ b/ee/app/graphql/mutations/boards/update_epic_user_preferences.rb
@@ -25,7 +25,7 @@ module Mutations
            null: true,
            description: 'User preferences for the epic in the board after mutation.'

-      authorize :read_board
+      authorize :read_issue_board

      def resolve(board_id:, epic_id:, **args)
        board = authorized_find!(id: board_id)

--- a/ee/app/policies/ee/group_policy.rb
+++ b/ee/app/policies/ee/group_policy.rb
@@ -144,7 +144,7 @@ module EE
      end

      rule { reporter }.policy do
-        enable :admin_list
+        enable :admin_issue_board_list
        enable :view_productivity_analytics
        enable :view_type_of_work_charts
        enable :read_group_timelogs
@@ -341,7 +341,7 @@ module EE
        prevent :admin_milestone
        prevent :upload_file
        prevent :admin_label
-        prevent :admin_list
+        prevent :admin_issue_board_list
        prevent :admin_issue
        prevent :admin_pipeline
        prevent :add_cluster

--- a/ee/app/policies/ee/project_policy.rb
+++ b/ee/app/policies/ee/project_policy.rb
@@ -209,7 +209,7 @@ module EE
      rule { can?(:guest_access) & iterations_available }.enable :read_iteration

      rule { can?(:reporter_access) }.policy do
-        enable :admin_board
+        enable :admin_issue_board
        enable :admin_epic_issue
        enable :read_group_timelogs
      end
@@ -217,7 +217,7 @@ module EE
      rule { oncall_schedules_available & can?(:reporter_access) }.enable :read_incident_management_oncall_schedule

      rule { can?(:developer_access) }.policy do
-        enable :admin_board
+        enable :admin_issue_board
        enable :read_vulnerability_feedback
        enable :create_vulnerability_feedback
        enable :destroy_vulnerability_feedback

--- a/ee/app/policies/ee/readonly_abilities.rb
+++ b/ee/app/policies/ee/readonly_abilities.rb
@@ -10,7 +10,7 @@ module EE
    ].freeze

    READONLY_FEATURES_EE = %i[
-      board
+      issue_board
      issue_link
      approvers
      vulnerability_feedback

--- a/ee/lib/ee/api/group_boards.rb
+++ b/ee/lib/ee/api/group_boards.rb
@@ -34,7 +34,7 @@ module EE
            requires :name, type: String, desc: 'The board name'
          end
          post '/' do
-            authorize!(:admin_board, board_parent)
+            authorize!(:admin_issue_board, board_parent)

            create_board
          end
@@ -44,7 +44,7 @@ module EE
            success ::API::Entities::Board
          end
          delete '/:board_id' do
-            authorize!(:admin_board, board_parent)
+            authorize!(:admin_issue_board, board_parent)

            delete_board
          end

--- a/ee/spec/controllers/projects/boards_controller_spec.rb
+++ b/ee/spec/controllers/projects/boards_controller_spec.rb
@@ -106,7 +106,7 @@ RSpec.describe Projects::BoardsController do
        before do
          expect(Ability).to receive(:allowed?).with(user, :log_in, :global).and_call_original
          allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
-          allow(Ability).to receive(:allowed?).with(user, :admin_board, project).and_return(false)
+          allow(Ability).to receive(:allowed?).with(user, :admin_issue_board, project).and_return(false)
        end

        it 'returns a not found 404 response' do
@@ -185,7 +185,7 @@ RSpec.describe Projects::BoardsController do
      before do
        expect(Ability).to receive(:allowed?).with(user, :log_in, :global).and_call_original
        allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
-        allow(Ability).to receive(:allowed?).with(user, :admin_board, project).and_return(false)
+        allow(Ability).to receive(:allowed?).with(user, :admin_issue_board, project).and_return(false)
      end

      it 'returns a not found 404 response' do
@@ -235,7 +235,7 @@ RSpec.describe Projects::BoardsController do
      before do
        expect(Ability).to receive(:allowed?).with(user, :log_in, :global).and_call_original
        allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
-        allow(Ability).to receive(:allowed?).with(user, :admin_board, project).and_return(false)
+        allow(Ability).to receive(:allowed?).with(user, :admin_issue_board, project).and_return(false)
      end

      it 'returns a not found 404 response' do

--- a/ee/spec/graphql/mutations/boards/update_spec.rb
+++ b/ee/spec/graphql/mutations/boards/update_spec.rb
@@ -32,7 +32,7 @@ RSpec.describe Mutations::Boards::Update do

  subject { mutation.resolve(**mutation_params) }

-  specify { expect(described_class).to require_graphql_authorizations(:admin_board) }
+  specify { expect(described_class).to require_graphql_authorizations(:admin_issue_board) }

  describe '#resolve' do
    context 'when the user cannot admin the board' do

--- a/ee/spec/policies/group_policy_spec.rb
+++ b/ee/spec/policies/group_policy_spec.rb
@@ -1261,7 +1261,7 @@ RSpec.describe GroupPolicy do
    let(:current_user) { owner }
    let(:policies) do
      %i[create_projects create_epic update_epic admin_milestone upload_file admin_label
-         admin_list admin_issue admin_pipeline add_cluster create_cluster update_cluster
+         admin_issue_board_list admin_issue admin_pipeline add_cluster create_cluster update_cluster
         admin_cluster admin_group_member create_deploy_token create_subgroup]
    end


--- a/ee/spec/policies/project_policy_spec.rb
+++ b/ee/spec/policies/project_policy_spec.rb
@@ -34,7 +34,7 @@ RSpec.describe ProjectPolicy do

    let(:auditor_permissions) do
      %i[
-        download_code download_wiki_code read_project read_board read_list
+        download_code download_wiki_code read_project read_issue_board read_issue_board_list
        read_project_for_iids read_issue_iid read_merge_request_iid read_wiki
        read_issue read_label read_issue_link read_milestone read_iteration
        read_snippet read_project_member read_note read_cycle_analytics
@@ -190,7 +190,7 @@ RSpec.describe ProjectPolicy do
      end

      it 'disables boards permissions' do
-        expect_disallowed :admin_board
+        expect_disallowed :admin_issue_board
      end
    end
  end
@@ -1635,7 +1635,8 @@ RSpec.describe ProjectPolicy do
      # These are abilities that are not explicitly allowed by policies because most of them are not
      # real abilities.  They are prevented due to the use of create_update_admin helper method.
      let(:abilities_not_currently_enabled) do
-        %i[create_merge_request create_list update_list create_label update_label create_milestone
+        %i[create_merge_request create_issue_board_list create_issue_board update_issue_board
+           update_issue_board_list create_label update_label create_milestone
           update_milestone update_wiki update_design admin_design update_note
           update_pipeline_schedule admin_pipeline_schedule create_trigger update_trigger
           admin_trigger create_pages admin_release request_access create_board update_board

--- a/lib/api/boards.rb
+++ b/lib/api/boards.rb
@@ -30,7 +30,7 @@ module API
          use :pagination
        end
        get '/' do
-          authorize!(:read_board, user_project)
+          authorize!(:read_issue_board, user_project)
          present paginate(board_parent.boards.with_associations), with: Entities::Board
        end

@@ -39,7 +39,7 @@ module API
          success Entities::Board
        end
        get '/:board_id' do
-          authorize!(:read_board, user_project)
+          authorize!(:read_issue_board, user_project)
          present board, with: Entities::Board
        end

@@ -51,7 +51,7 @@ module API
          requires :name, type: String, desc: 'The board name'
        end
        post '/' do
-          authorize!(:admin_board, board_parent)
+          authorize!(:admin_issue_board, board_parent)

          create_board
        end
@@ -64,7 +64,7 @@ module API
          use :update_params
        end
        put '/:board_id' do
-          authorize!(:admin_board, board_parent)
+          authorize!(:admin_issue_board, board_parent)

          update_board
        end
@@ -75,7 +75,7 @@ module API
        end

        delete '/:board_id' do
-          authorize!(:admin_board, board_parent)
+          authorize!(:admin_issue_board, board_parent)

          delete_board
        end
@@ -93,7 +93,7 @@ module API
          use :pagination
        end
        get '/lists' do
-          authorize!(:read_board, user_project)
+          authorize!(:read_issue_board, user_project)
          present paginate(board_lists), with: Entities::List
        end

@@ -105,7 +105,7 @@ module API
          requires :list_id, type: Integer, desc: 'The ID of a list'
        end
        get '/lists/:list_id' do
-          authorize!(:read_board, user_project)
+          authorize!(:read_issue_board, user_project)
          present board_lists.find(params[:list_id]), with: Entities::List
        end

@@ -117,7 +117,7 @@ module API
          use :list_creation_params
        end
        post '/lists' do
-          authorize!(:admin_list, user_project)
+          authorize!(:admin_issue_board_list, user_project)

          create_list
        end
@@ -133,7 +133,7 @@ module API
        put '/lists/:list_id' do
          list = board_lists.find(params[:list_id])

-          authorize!(:admin_list, user_project)
+          authorize!(:admin_issue_board_list, user_project)

          move_list(list)
        end
@@ -146,7 +146,7 @@ module API
          requires :list_id, type: Integer, desc: 'The ID of a board list'
        end
        delete "/lists/:list_id" do
-          authorize!(:admin_list, user_project)
+          authorize!(:admin_issue_board_list, user_project)
          list = board_lists.find(params[:list_id])

          destroy_list(list)

--- a/lib/api/group_boards.rb
+++ b/lib/api/group_boards.rb
@@ -30,7 +30,7 @@ module API
          use :pagination
        end
        get '/' do
-          authorize!(:read_board, user_group)
+          authorize!(:read_issue_board, user_group)
          present paginate(board_parent.boards.with_associations), with: Entities::Board
        end

@@ -39,7 +39,7 @@ module API
          success Entities::Board
        end
        get '/:board_id' do
-          authorize!(:read_board, user_group)
+          authorize!(:read_issue_board, user_group)
          present board, with: Entities::Board
        end

@@ -51,7 +51,7 @@ module API
          use :update_params
        end
        put '/:board_id' do
-          authorize!(:admin_board, board_parent)
+          authorize!(:admin_issue_board, board_parent)

          update_board
        end
@@ -69,7 +69,7 @@ module API
          use :pagination
        end
        get '/lists' do
-          authorize!(:read_board, user_group)
+          authorize!(:read_issue_board, user_group)
          present paginate(board_lists), with: Entities::List
        end

@@ -81,7 +81,7 @@ module API
          requires :list_id, type: Integer, desc: 'The ID of a list'
        end
        get '/lists/:list_id' do
-          authorize!(:read_board, user_group)
+          authorize!(:read_issue_board, user_group)
          present board_lists.find(params[:list_id]), with: Entities::List
        end

@@ -93,7 +93,7 @@ module API
          use :list_creation_params
        end
        post '/lists' do
-          authorize!(:admin_list, user_group)
+          authorize!(:admin_issue_board_list, user_group)

          create_list
        end
@@ -109,7 +109,7 @@ module API
        put '/lists/:list_id' do
          list = board_lists.find(params[:list_id])

-          authorize!(:admin_list, user_group)
+          authorize!(:admin_issue_board_list, user_group)

          move_list(list)
        end
@@ -122,7 +122,7 @@ module API
          requires :list_id, type: Integer, desc: 'The ID of a board list'
        end
        delete "/lists/:list_id" do
-          authorize!(:admin_list, user_group)
+          authorize!(:admin_issue_board_list, user_group)
          list = board_lists.find(params[:list_id])

          destroy_list(list)

--- a/spec/controllers/groups/boards_controller_spec.rb
+++ b/spec/controllers/groups/boards_controller_spec.rb
@@ -29,7 +29,7 @@ RSpec.describe Groups::BoardsController do
          expect(Ability).to receive(:allowed?).with(user, :log_in, :global).and_call_original
          allow(Ability).to receive(:allowed?).with(user, :read_cross_project, :global).and_return(true)
          allow(Ability).to receive(:allowed?).with(user, :read_group, group).and_return(true)
-          allow(Ability).to receive(:allowed?).with(user, :read_board, group).and_return(false)
+          allow(Ability).to receive(:allowed?).with(user, :read_issue_board, group).and_return(false)
        end

        it 'returns a not found 404 response' do
@@ -74,7 +74,7 @@ RSpec.describe Groups::BoardsController do
          expect(Ability).to receive(:allowed?).with(user, :log_in, :global).and_call_original
          allow(Ability).to receive(:allowed?).with(user, :read_cross_project, :global).and_return(true)
          allow(Ability).to receive(:allowed?).with(user, :read_group, group).and_return(true)
-          allow(Ability).to receive(:allowed?).with(user, :read_board, group).and_return(false)
+          allow(Ability).to receive(:allowed?).with(user, :read_issue_board, group).and_return(false)
        end

        it 'returns a not found 404 response' do
@@ -111,7 +111,7 @@ RSpec.describe Groups::BoardsController do
          expect(Ability).to receive(:allowed?).with(user, :log_in, :global).and_call_original
          allow(Ability).to receive(:allowed?).with(user, :read_cross_project, :global).and_return(true)
          allow(Ability).to receive(:allowed?).with(user, :read_group, group).and_return(true)
-          allow(Ability).to receive(:allowed?).with(user, :read_board, group).and_return(false)
+          allow(Ability).to receive(:allowed?).with(user, :read_issue_board, group).and_return(false)
        end

        it 'returns a not found 404 response' do

--- a/spec/controllers/projects/boards_controller_spec.rb
+++ b/spec/controllers/projects/boards_controller_spec.rb
@@ -34,7 +34,7 @@ RSpec.describe Projects::BoardsController do
        before do
          expect(Ability).to receive(:allowed?).with(user, :log_in, :global).and_call_original
          allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
-          allow(Ability).to receive(:allowed?).with(user, :read_board, project).and_return(false)
+          allow(Ability).to receive(:allowed?).with(user, :read_issue_board, project).and_return(false)
        end

        it 'returns a not found 404 response' do
@@ -78,7 +78,7 @@ RSpec.describe Projects::BoardsController do
        before do
          expect(Ability).to receive(:allowed?).with(user, :log_in, :global).and_call_original
          allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
-          allow(Ability).to receive(:allowed?).with(user, :read_board, project).and_return(false)
+          allow(Ability).to receive(:allowed?).with(user, :read_issue_board, project).and_return(false)
        end

        it 'returns a not found 404 response' do
@@ -134,7 +134,7 @@ RSpec.describe Projects::BoardsController do
        before do
          expect(Ability).to receive(:allowed?).with(user, :log_in, :global).and_call_original
          allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
-          allow(Ability).to receive(:allowed?).with(user, :read_board, project).and_return(false)
+          allow(Ability).to receive(:allowed?).with(user, :read_issue_board, project).and_return(false)
        end

        it 'returns a not found 404 response' do
@@ -172,7 +172,7 @@ RSpec.describe Projects::BoardsController do
        before do
          expect(Ability).to receive(:allowed?).with(user, :log_in, :global).and_call_original
          allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
-          allow(Ability).to receive(:allowed?).with(user, :read_board, project).and_return(false)
+          allow(Ability).to receive(:allowed?).with(user, :read_issue_board, project).and_return(false)
        end

        it 'returns a not found 404 response' do

--- a/spec/graphql/mutations/boards/update_spec.rb
+++ b/spec/graphql/mutations/boards/update_spec.rb
@@ -20,7 +20,7 @@ RSpec.describe Mutations::Boards::Update do

  subject { mutation.resolve(**mutation_params) }

-  specify { expect(described_class).to require_graphql_authorizations(:admin_board) }
+  specify { expect(described_class).to require_graphql_authorizations(:admin_issue_board) }

  describe '#resolve' do
    context 'when the user cannot admin the board' do

--- a/spec/graphql/types/board_type_spec.rb
+++ b/spec/graphql/types/board_type_spec.rb
@@ -5,7 +5,7 @@ require 'spec_helper'
 RSpec.describe GitlabSchema.types['Board'] do
  specify { expect(described_class.graphql_name).to eq('Board') }

-  specify { expect(described_class).to require_graphql_authorizations(:read_board) }
+  specify { expect(described_class).to require_graphql_authorizations(:read_issue_board) }

  it 'has specific fields' do
    expected_fields = %w[id name web_url web_path]

--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -1828,7 +1828,7 @@ RSpec.describe User do
  end

  describe '.instance_access_request_approvers_to_be_notified' do
-    let_it_be(:admin_list) { create_list(:user, 12, :admin, :with_sign_ins) }
+    let_it_be(:admin_issue_board_list) { create_list(:user, 12, :admin, :with_sign_ins) }

    it 'returns up to the ten most recently active instance admins' do
      active_admins_in_recent_sign_in_desc_order = User.admins.active.order_recent_sign_in.limit(10)

--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -64,8 +64,8 @@ RSpec.describe ProjectPolicy do
      end

      it 'disables boards and lists permissions' do
-        expect_disallowed :read_board, :create_board, :update_board
-        expect_disallowed :read_list, :create_list, :update_list, :admin_list
+        expect_disallowed :read_issue_board, :create_board, :update_board
+        expect_disallowed :read_issue_board_list, :create_list, :update_list, :admin_issue_board_list
      end

      context 'when external tracker configured' do

--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -18,12 +18,12 @@ RSpec.shared_context 'GroupPolicy context' do
   ]
  end

-  let(:read_group_permissions) { %i[read_label read_list read_milestone read_board] }
+  let(:read_group_permissions) { %i[read_label read_issue_board_list read_milestone read_issue_board] }

  let(:reporter_permissions) do
    %i[
        admin_label
-        admin_board
+        admin_issue_board
        read_container_image
        read_metrics_dashboard_annotation
        read_prometheus

--- a/spec/support/shared_contexts/policies/project_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/project_policy_shared_context.rb
@@ -16,8 +16,8 @@ RSpec.shared_context 'ProjectPolicy context' do
  let(:base_guest_permissions) do
    %i[
      award_emoji create_issue create_merge_request_in create_note
-      create_project read_board read_issue read_issue_iid read_issue_link
-      read_label read_list read_milestone read_note read_project
+      create_project read_issue_board read_issue read_issue_iid read_issue_link
+      read_label read_issue_board_list read_milestone read_note read_project
      read_project_for_iids read_project_member read_release read_snippet
      read_wiki upload_file
    ]
@@ -25,7 +25,7 @@ RSpec.shared_context 'ProjectPolicy context' do

  let(:base_reporter_permissions) do
    %i[
-      admin_issue admin_issue_link admin_label admin_list create_snippet
+      admin_issue admin_issue_link admin_label admin_issue_board_list create_snippet
      download_code download_wiki_code fork_project metrics_dashboard
      read_build read_commit_status read_confidential_issues
      read_container_image read_deployment read_environment read_merge_request

--- a/spec/support/shared_examples/requests/api/graphql/group_and_project_boards_query_shared_examples.rb
+++ b/spec/support/shared_examples/requests/api/graphql/group_and_project_boards_query_shared_examples.rb
@@ -25,7 +25,7 @@ RSpec.shared_examples 'group and project boards query' do
      board = create(:board, resource_parent: board_parent, name: 'A')

      allow(Ability).to receive(:allowed?).and_call_original
-      allow(Ability).to receive(:allowed?).with(user, :read_board, board).and_return(false)
+      allow(Ability).to receive(:allowed?).with(user, :read_issue_board, board).and_return(false)

      post_graphql(query, current_user: current_user)