Align project and personal snippet abilities

Mostly a search and replace for *_project_snippet and *_personal_snippet
abilities across app and spec files. Replaced with just *_snippet and
falling back on the type of subject to determine which policies to
apply.

There are some less trivial changes included which relate to inferring
an abilities name from the subject class. Because ProjectSnippet is a
child of Snippet there is some special handling around the place. There
is perhaps potential to clean this up a bit as there is the same logic
spread out in various locations.

Various changes required after review

- Renamed before_action names
- Fixed snippet note mailer with spec
- Removed incorrect/unecessary policy parameter
- Fix personal snippet note policy spec

app/controllers/projects/snippets_controller.rb

@@ -15,17 +15,17 @@ class Projects::SnippetsController < Projects::ApplicationController
   before_action :check_snippets_available!
   before_action :snippet, only: [:show, :edit, :destroy, :update, :raw, :toggle_award_emoji, :mark_as_spam]
 
-  # Allow read any snippet
-  before_action :authorize_read_project_snippet!, except: [:new, :create, :index]
+  # Allow create snippet
+  before_action :authorize_create_snippet!, only: [:new, :create]
 
-  # Allow write(create) snippet
-  before_action :authorize_create_project_snippet!, only: [:new, :create]
+  # Allow read any snippet
+  before_action :authorize_read_snippet!, except: [:new, :create, :index]
 
   # Allow modify snippet
-  before_action :authorize_update_project_snippet!, only: [:edit, :update]
+  before_action :authorize_update_snippet!, only: [:edit, :update]
 
   # Allow destroy snippet
-  before_action :authorize_admin_project_snippet!, only: [:destroy]
+  before_action :authorize_admin_snippet!, only: [:destroy]
 
   respond_to :html
 
@@ -115,16 +115,16 @@ class Projects::SnippetsController < Projects::ApplicationController
     project_snippet_path(@project, @snippet)
   end
 
-  def authorize_read_project_snippet!
-    return render_404 unless can?(current_user, :read_project_snippet, @snippet)
+  def authorize_read_snippet!
+    return render_404 unless can?(current_user, :read_snippet, @snippet)
   end
 
-  def authorize_update_project_snippet!
-    return render_404 unless can?(current_user, :update_project_snippet, @snippet)
+  def authorize_update_snippet!
+    return render_404 unless can?(current_user, :update_snippet, @snippet)
   end
 
-  def authorize_admin_project_snippet!
-    return render_404 unless can?(current_user, :admin_project_snippet, @snippet)
+  def authorize_admin_snippet!
+    return render_404 unless can?(current_user, :admin_snippet, @snippet)
   end
 
   def snippet_params

app/controllers/snippets/notes_controller.rb

@@ -33,7 +33,7 @@ class Snippets::NotesController < ApplicationController
   end
 
   def authorize_read_snippet!
-    return render_404 unless can?(current_user, :read_personal_snippet, snippet)
+    return render_404 unless can?(current_user, :read_snippet, snippet)
   end
 
   def authorize_create_note!

app/controllers/snippets_controller.rb

@@ -126,7 +126,7 @@ class SnippetsController < ApplicationController
   end
 
   def authorize_read_snippet!
-    return if can?(current_user, :read_personal_snippet, @snippet)
+    return if can?(current_user, :read_snippet, @snippet)
 
     if current_user
       render_404
@@ -136,15 +136,15 @@ class SnippetsController < ApplicationController
   end
 
   def authorize_update_snippet!
-    return render_404 unless can?(current_user, :update_personal_snippet, @snippet)
+    return render_404 unless can?(current_user, :update_snippet, @snippet)
   end
 
   def authorize_admin_snippet!
-    return render_404 unless can?(current_user, :admin_personal_snippet, @snippet)
+    return render_404 unless can?(current_user, :admin_snippet, @snippet)
   end
 
   def authorize_create_snippet!
-    return render_404 unless can?(current_user, :create_personal_snippet)
+    return render_404 unless can?(current_user, :create_snippet)
   end
 
   def snippet_params

app/controllers/uploads_controller.rb

@@ -41,6 +41,8 @@ class UploadsController < ApplicationController
       case model
       when Note
         can?(current_user, :read_project, model.project)
+      when Snippet, ProjectSnippet
+        can?(current_user, :read_snippet, model)
       when User
         # We validate the current user has enough (writing)
         # access to itself when a secret is given.

app/graphql/mutations/snippets/create.rb

@@ -67,11 +67,11 @@ module Mutations
       end
 
       def authorized_resource?(project)
-        Ability.allowed?(context[:current_user], :create_project_snippet, project)
+        Ability.allowed?(context[:current_user], :create_snippet, project)
       end
 
       def can_create_personal_snippet?
-        Ability.allowed?(context[:current_user], :create_personal_snippet)
+        Ability.allowed?(context[:current_user], :create_snippet)
       end
     end
   end

app/graphql/types/permission_types/project.rb

@@ -21,7 +21,7 @@ module Types
       permission_field :create_snippet
 
       def create_snippet
-        Ability.allowed?(context[:current_user], :create_project_snippet, object)
+        Ability.allowed?(context[:current_user], :create_snippet, object)
       end
     end
   end

app/graphql/types/permission_types/user.rb

@@ -8,7 +8,7 @@ module Types
       permission_field :create_snippet
 
       def create_snippet
-        Ability.allowed?(context[:current_user], :create_personal_snippet)
+        Ability.allowed?(context[:current_user], :create_snippet)
       end
     end
   end

app/helpers/projects_helper.rb

@@ -425,7 +425,7 @@ module ProjectsHelper
     {
       environments:     :read_environment,
       milestones:       :read_milestone,
-      snippets:         :read_project_snippet,
+      snippets:         :read_snippet,
       settings:         :admin_project,
       builds:           :read_build,
       clusters:         :read_cluster,
@@ -443,7 +443,7 @@ module ProjectsHelper
       blobs:          :download_code,
       commits:        :download_code,
       merge_requests: :read_merge_request,
-      notes:          [:read_merge_request, :download_code, :read_issue, :read_project_snippet],
+      notes:          [:read_merge_request, :download_code, :read_issue, :read_snippet],
       members:        :read_project_member
     )
   end

app/mailers/emails/notes.rb

@@ -26,19 +26,17 @@ module Emails
       mail_answer_note_thread(@merge_request, @note, note_thread_options(recipient_id, reason))
     end
 
-    def note_project_snippet_email(recipient_id, note_id, reason = nil)
+    def note_snippet_email(recipient_id, note_id, reason = nil)
       setup_note_mail(note_id, recipient_id)
-
       @snippet = @note.noteable
-      @target_url = project_snippet_url(*note_target_url_options)
-      mail_answer_note_thread(@snippet, @note, note_thread_options(recipient_id, reason))
-    end
 
-    def note_personal_snippet_email(recipient_id, note_id, reason = nil)
-      setup_note_mail(note_id, recipient_id)
+      case @snippet
+      when ProjectSnippet
+        @target_url = project_snippet_url(*note_target_url_options)
+      when Snippet
+        @target_url = gitlab_snippet_url(@note.noteable)
+      end
 
-      @snippet = @note.noteable
-      @target_url = gitlab_snippet_url(@note.noteable)
       mail_answer_note_thread(@snippet, @note, note_thread_options(recipient_id, reason))
     end
 

app/models/ability.rb

@@ -24,7 +24,7 @@ class Ability
     # read the given snippet.
     def users_that_can_read_personal_snippet(users, snippet)
       DeclarativePolicy.subject_scope do
-        users.select { |u| allowed?(u, :read_personal_snippet, snippet) }
+        users.select { |u| allowed?(u, :read_snippet, snippet) }
       end
     end
 

app/models/event.rb

@@ -145,10 +145,8 @@ class Event < ApplicationRecord
       Ability.allowed?(user, :read_issue, note? ? note_target : target)
     elsif merge_request? || merge_request_note?
       Ability.allowed?(user, :read_merge_request, note? ? note_target : target)
-    elsif personal_snippet_note?
-      Ability.allowed?(user, :read_personal_snippet, note_target)
-    elsif project_snippet_note?
-      Ability.allowed?(user, :read_project_snippet, note_target)
+    elsif personal_snippet_note? || project_snippet_note?
+      Ability.allowed?(user, :read_snippet, note_target)
     elsif milestone?
       Ability.allowed?(user, :read_milestone, project)
     else

app/models/note.rb

@@ -367,7 +367,7 @@ class Note < ApplicationRecord
   end
 
   def noteable_ability_name
-    for_snippet? ? noteable.class.name.underscore : noteable_type.demodulize.underscore
+    for_snippet? ? 'snippet' : noteable_type.demodulize.underscore
   end
 
   def can_be_discussion_note?

app/models/project.rb

@@ -2274,7 +2274,7 @@ class Project < ApplicationRecord
   end
 
   def snippets_visible?(user = nil)
-    Ability.allowed?(user, :read_project_snippet, self)
+    Ability.allowed?(user, :read_snippet, self)
   end
 
   def max_attachment_size

app/models/snippet.rb

@@ -215,9 +215,7 @@ class Snippet < ApplicationRecord
   end
 
   def embeddable?
-    ability = project_id? ? :read_project_snippet : :read_personal_snippet
-
-    Ability.allowed?(nil, ability, self)
+    Ability.allowed?(nil, :read_snippet, self)
   end
 
   def notes_with_associations
@@ -240,7 +238,7 @@ class Snippet < ApplicationRecord
   end
 
   def to_ability_name
-    model_name.singular
+    'snippet'
   end
 
   def valid_secret_token?(token)

app/policies/global_policy.rb

@@ -75,7 +75,7 @@ class GlobalPolicy < BasePolicy
 
   rule { ~anonymous }.policy do
     enable :read_instance_metadata
-    enable :create_personal_snippet
+    enable :create_snippet
   end
 
   rule { admin }.policy do
@@ -83,7 +83,7 @@ class GlobalPolicy < BasePolicy
     enable :update_custom_attribute
   end
 
-  rule { external_user }.prevent :create_personal_snippet
+  rule { external_user }.prevent :create_snippet
 end
 
 GlobalPolicy.prepend_if_ee('EE::GlobalPolicy')

app/policies/personal_snippet_policy.rb

@@ -6,19 +6,19 @@ class PersonalSnippetPolicy < BasePolicy
   condition(:internal_snippet, scope: :subject) { @subject.internal? }
 
   rule { public_snippet }.policy do
-    enable :read_personal_snippet
+    enable :read_snippet
     enable :create_note
   end
 
   rule { is_author | admin }.policy do
-    enable :read_personal_snippet
-    enable :update_personal_snippet
-    enable :admin_personal_snippet
+    enable :read_snippet
+    enable :update_snippet
+    enable :admin_snippet
     enable :create_note
   end
 
   rule { internal_snippet & ~external_user }.policy do
-    enable :read_personal_snippet
+    enable :read_snippet
     enable :create_note
   end
 
@@ -26,8 +26,5 @@ class PersonalSnippetPolicy < BasePolicy
 
   rule { can?(:create_note) }.enable :award_emoji
 
-  rule { can?(:read_all_resources) }.enable :read_personal_snippet
-
-  # Aliasing the ability to ease GraphQL permissions check
-  rule { can?(:read_personal_snippet) }.enable :read_snippet
+  rule { can?(:read_all_resources) }.enable :read_snippet
 end

app/policies/project_policy.rb

@@ -9,7 +9,7 @@ class ProjectPolicy < BasePolicy
     merge_request
     label
     milestone
-    project_snippet
+    snippet
     wiki
     note
     pipeline
@@ -185,7 +185,7 @@ class ProjectPolicy < BasePolicy
     enable :read_issue
     enable :read_label
     enable :read_milestone
-    enable :read_project_snippet
+    enable :read_snippet
     enable :read_project_member
     enable :read_note
     enable :create_project
@@ -208,7 +208,7 @@ class ProjectPolicy < BasePolicy
     enable :download_code
     enable :read_statistics
     enable :download_wiki_code
-    enable :create_project_snippet
+    enable :create_snippet
     enable :update_issue
     enable :reopen_issue
     enable :admin_issue
@@ -286,8 +286,8 @@ class ProjectPolicy < BasePolicy
   rule { can?(:maintainer_access) }.policy do
     enable :admin_board
     enable :push_to_delete_protected_branch
-    enable :update_project_snippet
-    enable :admin_project_snippet
+    enable :update_snippet
+    enable :admin_snippet
     enable :admin_project_member
     enable :admin_note
     enable :admin_wiki
@@ -352,7 +352,7 @@ class ProjectPolicy < BasePolicy
   end
 
   rule { snippets_disabled }.policy do
-    prevent(*create_read_update_admin_destroy(:project_snippet))
+    prevent(*create_read_update_admin_destroy(:snippet))
   end
 
   rule { wiki_disabled }.policy do
@@ -405,7 +405,7 @@ class ProjectPolicy < BasePolicy
     enable :read_wiki
     enable :read_label
     enable :read_milestone
-    enable :read_project_snippet
+    enable :read_snippet
     enable :read_project_member
     enable :read_merge_request
     enable :read_note

app/policies/project_snippet_policy.rb

@@ -14,44 +14,41 @@ class ProjectSnippetPolicy < BasePolicy
   # We have to check both project feature visibility and a snippet visibility and take the stricter one
   # This will be simplified - check https://gitlab.com/gitlab-org/gitlab-foss/issues/27573
   rule { ~can?(:read_project) }.policy do
-    prevent :read_project_snippet
-    prevent :update_project_snippet
-    prevent :admin_project_snippet
+    prevent :read_snippet
+    prevent :update_snippet
+    prevent :admin_snippet
   end
 
-  # we have to use this complicated prevent because the delegated project policy
-  # is overly greedy in allowing :read_project_snippet, since it doesn't have any
-  # information about the snippet. However, :read_project_snippet on the *project*
-  # is used to hide/show various snippet-related controls, so we can't just move
-  # all of the handling here.
+  # we have to use this complicated prevent because the delegated project
+  # policy is overly greedy in allowing :read_snippet, since it doesn't have
+  # any information about the snippet. However, :read_snippet on the *project*
+  # is used to hide/show various snippet-related controls, so we can't just
+  # move all of the handling here.
   rule do
     all?(private_snippet | (internal_snippet & external_user),
          ~project.guest,
          ~is_author,
          ~can?(:read_all_resources))
-  end.prevent :read_project_snippet
+  end.prevent :read_snippet
 
   rule { internal_snippet & ~is_author & ~admin }.policy do
-    prevent :update_project_snippet
-    prevent :admin_project_snippet
+    prevent :update_snippet
+    prevent :admin_snippet
   end
 
-  rule { public_snippet }.enable :read_project_snippet
+  rule { public_snippet }.enable :read_snippet
 
   rule { is_author & ~project.reporter & ~admin }.policy do
-    prevent :admin_project_snippet
+    prevent :admin_snippet
   end
 
   rule { is_author | admin }.policy do
-    enable :read_project_snippet
-    enable :update_project_snippet
-    enable :admin_project_snippet
+    enable :read_snippet
+    enable :update_snippet
+    enable :admin_snippet
   end
 
-  rule { ~can?(:read_project_snippet) }.prevent :create_note
-
-  # Aliasing the ability to ease GraphQL permissions check
-  rule { can?(:read_project_snippet) }.enable :read_snippet
+  rule { ~can?(:read_snippet) }.prevent :create_note
 end
 
 ProjectSnippetPolicy.prepend_if_ee('EE::ProjectSnippetPolicy')

app/services/snippets/destroy_service.rb

@@ -36,9 +36,7 @@ module Snippets
     attr_reader :snippet
 
     def user_can_delete_snippet?
-      return can?(current_user, :admin_project_snippet, snippet) if project
-
-      can?(current_user, :admin_personal_snippet, snippet)
+      can?(current_user, :admin_snippet, snippet)
     end
 
     def service_response_error(message, http_status)

app/views/dashboard/_snippets_head.html.haml

@@ -3,7 +3,7 @@
 
   - if current_user && current_user.snippets.any? || @snippets.any?
     .page-title-controls
-      - if can?(current_user, :create_personal_snippet)
+      - if can?(current_user, :create_snippet)
         = link_to _("New snippet"), new_snippet_path, class: "btn btn-success", title: _("New snippet")
 
 .top-area

app/views/dashboard/snippets/index.html.haml

 - @hide_top_links = true
 - page_title    "Snippets"
 - header_title  "Snippets", dashboard_snippets_path
-- button_path = new_snippet_path if can?(current_user, :create_personal_snippet)
+- button_path = new_snippet_path if can?(current_user, :create_snippet)
 
 = render 'dashboard/snippets_head'
 - if current_user.snippets.exists?

app/views/layouts/header/_new_dropdown.haml

@@ -21,7 +21,7 @@
       - if @project&.persisted?
         - create_project_issue = show_new_issue_link?(@project)
         - merge_project = merge_request_source_project_for_project(@project)
-        - create_project_snippet = can?(current_user, :create_project_snippet, @project)
+        - create_project_snippet = can?(current_user, :create_snippet, @project)
 
         - if create_project_issue || merge_project || create_project_snippet
           %li.dropdown-bold-header
@@ -38,5 +38,5 @@
         %li= link_to _('New project'), new_project_path, class: 'qa-global-new-project-link'
       - if current_user.can_create_group?
         %li= link_to _('New group'), new_group_path
-      - if current_user.can?(:create_personal_snippet)
+      - if current_user.can?(:create_snippet)
         %li= link_to _('New snippet'), new_snippet_path, class: 'qa-global-new-snippet-link'

app/views/notify/note_project_snippet_email.html.haml

-= render 'note_email'

app/views/notify/note_project_snippet_email.text.erb

-<%= render 'note_email' %>

app/views/projects/buttons/_dropdown.html.haml

 - can_create_issue = show_new_issue_link?(@project)
-- can_create_project_snippet = can?(current_user, :create_project_snippet, @project)
+- can_create_project_snippet = can?(current_user, :create_snippet, @project)
 - can_push_code = can?(current_user, :push_code, @project)
 - create_mr_from_new_fork = can?(current_user, :fork_project, @project) && can?(current_user, :create_merge_request_in, @project)
 - merge_project = merge_request_source_project_for_project(@project)

app/views/projects/snippets/_actions.html.haml

 - return unless current_user
 
 .d-none.d-sm-block
-  - if can?(current_user, :update_project_snippet, @snippet)
+  - if can?(current_user, :update_snippet, @snippet)
     = link_to edit_project_snippet_path(@project, @snippet), class: "btn btn-grouped" do
       = _('Edit')
-  - if can?(current_user, :admin_project_snippet, @snippet)
+  - if can?(current_user, :admin_snippet, @snippet)
     = link_to project_snippet_path(@project, @snippet), method: :delete, data: { confirm: _("Are you sure?") }, class: "btn btn-grouped btn-inverted btn-remove", title: _('Delete Snippet') do
       = _('Delete')
-  - if can?(current_user, :create_project_snippet, @project)
+  - if can?(current_user, :create_snippet, @project)
     = link_to new_project_snippet_path(@project), class: 'btn btn-grouped btn-inverted btn-success', title: _("New snippet") do
       = _('New snippet')
   - if @snippet.submittable_as_spam_by?(current_user)
     = link_to _('Submit as spam'), mark_as_spam_project_snippet_path(@project, @snippet), method: :post, class: 'btn btn-grouped btn-spam', title: _('Submit as spam')
-- if can?(current_user, :create_project_snippet, @project) || can?(current_user, :update_project_snippet, @snippet)
+- if can?(current_user, :create_snippet, @project) || can?(current_user, :update_snippet, @snippet)
   .d-block.d-sm-none.dropdown
     %button.btn.btn-default.btn-block.append-bottom-0.prepend-top-5{ data: { toggle: "dropdown" } }
       = _('Options')
       = icon('caret-down')
     .dropdown-menu.dropdown-menu-full-width
       %ul
-        - if can?(current_user, :create_project_snippet, @project)
+        - if can?(current_user, :create_snippet, @project)
           %li
             = link_to new_project_snippet_path(@project), title: _("New snippet") do
               = _('New snippet')
-        - if can?(current_user, :admin_project_snippet, @snippet)
+        - if can?(current_user, :admin_snippet, @snippet)
           %li
             = link_to project_snippet_path(@project, @snippet), method: :delete, data: { confirm: _("Are you sure?") }, title: _('Delete Snippet') do
               = _('Delete')
-        - if can?(current_user, :update_project_snippet, @snippet)
+        - if can?(current_user, :update_snippet, @snippet)
           %li
             = link_to edit_project_snippet_path(@project, @snippet) do
               = _('Edit')

app/views/projects/snippets/index.html.haml

@@ -6,7 +6,7 @@
       - include_private = @project.team.member?(current_user) || current_user.admin?
       = render partial: 'snippets/snippets_scope_menu', locals: { subject: @project, include_private: include_private }
 
-      - if can?(current_user, :create_project_snippet, @project)
+      - if can?(current_user, :create_snippet, @project)
         .nav-controls
           = link_to _("New snippet"), new_project_snippet_path(@project), class: "btn btn-success", title: _("New snippet")
 

app/views/snippets/_actions.html.haml

 - return unless current_user
 
 .d-none.d-sm-block
-  - if can?(current_user, :update_personal_snippet, @snippet)
+  - if can?(current_user, :update_snippet, @snippet)
     = link_to edit_snippet_path(@snippet), class: "btn btn-grouped" do
       = _("Edit")
-  - if can?(current_user, :admin_personal_snippet, @snippet)
+  - if can?(current_user, :admin_snippet, @snippet)
     = link_to gitlab_snippet_path(@snippet), method: :delete, data: { confirm: _("Are you sure?") }, class: "btn btn-grouped btn-inverted btn-remove", title: _('Delete Snippet') do
       = _("Delete")
-  - if can?(current_user, :create_personal_snippet)
+  - if can?(current_user, :create_snippet)
     = link_to new_snippet_path, class: "btn btn-grouped btn-success btn-inverted", title: _("New snippet") do
       = _("New snippet")
   - if @snippet.submittable_as_spam_by?(current_user)
@@ -18,15 +18,15 @@
     = icon('caret-down')
   .dropdown-menu.dropdown-menu-full-width
     %ul
-      - if can?(current_user, :create_personal_snippet)
+      - if can?(current_user, :create_snippet)
         %li
           = link_to new_snippet_path, title: _("New snippet") do
             = _("New snippet")
-      - if can?(current_user, :admin_personal_snippet, @snippet)
+      - if can?(current_user, :admin_snippet, @snippet)
         %li
           = link_to gitlab_snippet_path(@snippet), method: :delete, data: { confirm: _("Are you sure?") }, title: _('Delete Snippet') do
             = _("Delete")
-      - if can?(current_user, :update_personal_snippet, @snippet)
+      - if can?(current_user, :update_snippet, @snippet)
         %li
           = link_to edit_snippet_path(@snippet) do
             = _("Edit")

app/views/snippets/_snippets.html.haml

@@ -3,7 +3,7 @@
 - current_user_empty_message_header = s_('UserProfile|You haven\'t created any snippets.')
 - current_user_empty_message_description = s_('UserProfile|Snippets in GitLab can either be private, internal, or public.')
 - primary_button_label = _('New snippet')
-- primary_button_link = new_snippet_path if can?(current_user, :create_personal_snippet)
+- primary_button_link = new_snippet_path if can?(current_user, :create_snippet)
 - visitor_empty_message = s_('UserProfile|No snippets found.')
 
 .snippets-list-holder

ee/app/policies/ee/project_snippet_policy.rb

@@ -6,7 +6,7 @@ module EE
     extend ::Gitlab::Utils::Override
 
     prepended do
-      rule { auditor }.enable :read_project_snippet
+      rule { auditor }.enable :read_snippet
     end
   end
 end

ee/spec/policies/project_policy_spec.rb

@@ -45,7 +45,7 @@ describe ProjectPolicy do
         download_code download_wiki_code read_project read_board read_list
         read_project_for_iids read_issue_iid read_merge_request_iid read_wiki
         read_issue read_label read_issue_link read_milestone
-        read_project_snippet read_project_member read_note read_cycle_analytics
+        read_snippet read_project_member read_note read_cycle_analytics
         read_pipeline read_build read_commit_status read_container_image
         read_environment read_deployment read_merge_request read_pages
         create_merge_request_in award_emoji

ee/spec/policies/project_snippet_policy_spec.rb

@@ -8,8 +8,8 @@ describe ProjectSnippetPolicy do
   let(:snippet) { create(:project_snippet, snippet_visibility, project: project) }
   let(:author_permissions) do
     [
-      :update_project_snippet,
-      :admin_project_snippet
+      :update_snippet,
+      :admin_snippet
     ]
   end
 
@@ -22,7 +22,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { create(:user, :auditor) }
 
       it do
-        is_expected.to be_allowed(:read_project_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_disallowed(*author_permissions)
       end
     end

lib/api/award_emoji.rb

@@ -127,6 +127,8 @@ module API
         case awardable
         when Note
           read_ability(awardable.noteable)
+        when Snippet, ProjectSnippet
+          :read_snippet
         else
           :"read_#{awardable.class.to_s.underscore}"
         end

lib/api/helpers/notes_helpers.rb

@@ -72,7 +72,15 @@ module API
       end
 
       def noteable_read_ability_name(noteable)
-        "read_#{noteable.class.to_s.underscore}".to_sym
+        "read_#{ability_name(noteable)}".to_sym
+      end
+
+      def ability_name(noteable)
+        if noteable.respond_to?(:to_ability_name)
+          noteable.to_ability_name
+        else
+          noteable.class.to_s.underscore
+        end
       end
 
       def find_noteable(parent_type, parent_id, noteable_type, noteable_id)

lib/api/project_snippets.rb

@@ -60,7 +60,7 @@ module API
         mutually_exclusive :code, :content
       end
       post ":id/snippets" do
-        authorize! :create_project_snippet, user_project
+        authorize! :create_snippet, user_project
         snippet_params = declared_params(include_missing: false).merge(request: request, api: true)
         snippet_params[:content] = snippet_params.delete(:code) if snippet_params[:code].present?
 
@@ -97,7 +97,7 @@ module API
         snippet = snippets_for_current_user.find_by(id: params.delete(:snippet_id))
         not_found!('Snippet') unless snippet
 
-        authorize! :update_project_snippet, snippet
+        authorize! :update_snippet, snippet
 
         snippet_params = declared_params(include_missing: false)
           .merge(request: request, api: true)
@@ -126,7 +126,7 @@ module API
         snippet = snippets_for_current_user.find_by(id: params[:snippet_id])
         not_found!('Snippet') unless snippet
 
-        authorize! :admin_project_snippet, snippet
+        authorize! :admin_snippet, snippet
 
         destroy_conditionally!(snippet) do |snippet|
           service = ::Snippets::DestroyService.new(current_user, snippet)

lib/api/snippets.rb

@@ -106,7 +106,7 @@ module API
         snippet = snippets_for_current_user.find_by_id(params.delete(:id))
         break not_found!('Snippet') unless snippet
 
-        authorize! :update_personal_snippet, snippet
+        authorize! :update_snippet, snippet
 
         attrs = declared_params(include_missing: false).merge(request: request, api: true)
         service_response = ::Snippets::UpdateService.new(nil, current_user, attrs).execute(snippet)
@@ -132,7 +132,7 @@ module API
         snippet = snippets_for_current_user.find_by_id(params.delete(:id))
         break not_found!('Snippet') unless snippet
 
-        authorize! :admin_personal_snippet, snippet
+        authorize! :admin_snippet, snippet
 
         destroy_conditionally!(snippet) do |snippet|
           service = ::Snippets::DestroyService.new(current_user, snippet)

lib/banzai/reference_parser/snippet_parser.rb

@@ -12,7 +12,7 @@ module Banzai
       private
 
       def can_read_reference?(user, ref_project, node)
-        can?(user, :read_project_snippet, referenced_by([node]).first)
+        can?(user, :read_snippet, referenced_by([node]).first)
       end
     end
   end

spec/mailers/notify_spec.rb

@@ -686,7 +686,7 @@ describe Notify do
       let(:project_snippet) { create(:project_snippet, project: project) }
       let(:project_snippet_note) { create(:note_on_project_snippet, project: project, noteable: project_snippet) }
 
-      subject { described_class.note_project_snippet_email(project_snippet_note.author_id, project_snippet_note.id) }
+      subject { described_class.note_snippet_email(project_snippet_note.author_id, project_snippet_note.id) }
 
       it_behaves_like 'appearance header and footer enabled'
       it_behaves_like 'appearance header and footer not enabled'
@@ -696,10 +696,20 @@ describe Notify do
       end
       it_behaves_like 'a user cannot unsubscribe through footer link'
 
-      it 'has the correct subject and body' do
+      it 'has the correct subject' do
         is_expected.to have_referable_subject(project_snippet, reply: true)
+      end
+
+      it 'has the correct body' do
         is_expected.to have_body_text project_snippet_note.note
       end
+
+      it 'links to the project snippet' do
+        target_url = project_snippet_url(project,
+                                         project_snippet_note.noteable,
+                                         { anchor: "note_#{project_snippet_note.id}" })
+        is_expected.to have_body_text target_url
+      end
     end
 
     describe 'project was moved' do
@@ -1650,15 +1660,23 @@ describe Notify do
     let(:personal_snippet) { create(:personal_snippet) }
     let(:personal_snippet_note) { create(:note_on_personal_snippet, noteable: personal_snippet) }
 
-    subject { described_class.note_personal_snippet_email(personal_snippet_note.author_id, personal_snippet_note.id) }
+    subject { described_class.note_snippet_email(personal_snippet_note.author_id, personal_snippet_note.id) }
 
     it_behaves_like 'a user cannot unsubscribe through footer link'
     it_behaves_like 'appearance header and footer enabled'
     it_behaves_like 'appearance header and footer not enabled'
 
-    it 'has the correct subject and body' do
+    it 'has the correct subject' do
       is_expected.to have_referable_subject(personal_snippet, reply: true)
+    end
+
+    it 'has the correct body' do
       is_expected.to have_body_text personal_snippet_note.note
     end
+
+    it 'links to the personal snippet' do
+      target_url = gitlab_snippet_url(personal_snippet_note.noteable)
+      is_expected.to have_body_text target_url
+    end
   end
 end

spec/models/note_spec.rb

@@ -718,12 +718,12 @@ describe Note do
   end
 
   describe '#noteable_ability_name' do
-    it 'returns project_snippet for a project snippet note' do
-      expect(build(:note_on_project_snippet).noteable_ability_name).to eq('project_snippet')
+    it 'returns snippet for a project snippet note' do
+      expect(build(:note_on_project_snippet).noteable_ability_name).to eq('snippet')
     end
 
-    it 'returns personal_snippet for a personal snippet note' do
-      expect(build(:note_on_personal_snippet).noteable_ability_name).to eq('personal_snippet')
+    it 'returns snippet for a personal snippet note' do
+      expect(build(:note_on_personal_snippet).noteable_ability_name).to eq('snippet')
     end
 
     it 'returns merge_request for an MR note' do

spec/policies/global_policy_spec.rb

@@ -307,21 +307,21 @@ describe GlobalPolicy do
     end
   end
 
-  describe 'create_personal_snippet' do
+  describe 'create_snippet' do
     context 'when anonymous' do
       let(:current_user) { nil }
 
-      it { is_expected.not_to be_allowed(:create_personal_snippet) }
+      it { is_expected.not_to be_allowed(:create_snippet) }
     end
 
     context 'regular user' do
-      it { is_expected.to be_allowed(:create_personal_snippet) }
+      it { is_expected.to be_allowed(:create_snippet) }
     end
 
     context 'when external' do
       let(:current_user) { build(:user, :external) }
 
-      it { is_expected.not_to be_allowed(:create_personal_snippet) }
+      it { is_expected.not_to be_allowed(:create_snippet) }
     end
   end
 end

spec/policies/note_policy_spec.rb

@@ -54,6 +54,27 @@ describe NotePolicy do
       end
     end
 
+    context 'when the noteable is a personal snippet' do
+      let(:noteable) { create(:personal_snippet, :public) }
+      let(:note) { create(:note, noteable: noteable, author: user) }
+
+      it 'can edit note' do
+        expect(policy).to be_allowed(:admin_note)
+        expect(policy).to be_allowed(:resolve_note)
+        expect(policy).to be_allowed(:read_note)
+      end
+
+      context 'when it is private' do
+        let(:noteable) { create(:personal_snippet, :private) }
+
+        it 'can not edit nor read the note' do
+          expect(policy).to be_disallowed(:admin_note)
+          expect(policy).to be_disallowed(:resolve_note)
+          expect(policy).to be_disallowed(:read_note)
+        end
+      end
+    end
+
     context 'when the project is public' do
       context 'when the note author is not a project member' do
         it 'can edit a note' do
@@ -79,26 +100,6 @@ describe NotePolicy do
         end
       end
 
-      context 'when the noteable is a personal snippet' do
-        let(:noteable) { create(:personal_snippet, :public) }
-
-        it 'can edit note' do
-          expect(policy).to be_allowed(:admin_note)
-          expect(policy).to be_allowed(:resolve_note)
-          expect(policy).to be_allowed(:read_note)
-        end
-
-        context 'when it is private' do
-          let(:noteable) { create(:personal_snippet, :private) }
-
-          it 'can not edit nor read the note' do
-            expect(policy).to be_disallowed(:admin_note)
-            expect(policy).to be_disallowed(:resolve_note)
-            expect(policy).to be_disallowed(:read_note)
-          end
-        end
-      end
-
       context 'when a discussion is confidential' do
         before do
           issue.update_attribute(:confidential, true)

spec/policies/personal_snippet_policy_spec.rb

@@ -10,8 +10,8 @@ describe PersonalSnippetPolicy do
 
   let(:author_permissions) do
     [
-      :update_personal_snippet,
-      :admin_personal_snippet
+      :update_snippet,
+      :admin_snippet
     ]
   end
 
@@ -24,7 +24,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(admin_user) }
 
       it do
-        is_expected.to be_allowed(:read_personal_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_allowed(:create_note)
         is_expected.to be_allowed(:award_emoji)
         is_expected.to be_allowed(*author_permissions)
@@ -39,7 +39,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(nil) }
 
       it do
-        is_expected.to be_allowed(:read_personal_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_disallowed(:create_note)
         is_expected.to be_disallowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -50,7 +50,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(regular_user) }
 
       it do
-        is_expected.to be_allowed(:read_personal_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_allowed(:create_note)
         is_expected.to be_allowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -61,7 +61,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(snippet.author) }
 
       it do
-        is_expected.to be_allowed(:read_personal_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_allowed(:create_note)
         is_expected.to be_allowed(:award_emoji)
         is_expected.to be_allowed(*author_permissions)
@@ -78,7 +78,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(nil) }
 
       it do
-        is_expected.to be_disallowed(:read_personal_snippet)
+        is_expected.to be_disallowed(:read_snippet)
         is_expected.to be_disallowed(:create_note)
         is_expected.to be_disallowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -89,7 +89,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(regular_user) }
 
       it do
-        is_expected.to be_allowed(:read_personal_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_allowed(:create_note)
         is_expected.to be_allowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -100,7 +100,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(external_user) }
 
       it do
-        is_expected.to be_disallowed(:read_personal_snippet)
+        is_expected.to be_disallowed(:read_snippet)
         is_expected.to be_disallowed(:create_note)
         is_expected.to be_disallowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -111,7 +111,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(snippet.author) }
 
       it do
-        is_expected.to be_allowed(:read_personal_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_allowed(:create_note)
         is_expected.to be_allowed(:award_emoji)
         is_expected.to be_allowed(*author_permissions)
@@ -128,7 +128,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(nil) }
 
       it do
-        is_expected.to be_disallowed(:read_personal_snippet)
+        is_expected.to be_disallowed(:read_snippet)
         is_expected.to be_disallowed(:create_note)
         is_expected.to be_disallowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -139,7 +139,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(regular_user) }
 
       it do
-        is_expected.to be_disallowed(:read_personal_snippet)
+        is_expected.to be_disallowed(:read_snippet)
         is_expected.to be_disallowed(:create_note)
         is_expected.to be_disallowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -150,7 +150,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(external_user) }
 
       it do
-        is_expected.to be_disallowed(:read_personal_snippet)
+        is_expected.to be_disallowed(:read_snippet)
         is_expected.to be_disallowed(:create_note)
         is_expected.to be_disallowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -161,7 +161,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(snippet.author) }
 
       it do
-        is_expected.to be_allowed(:read_personal_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_allowed(:create_note)
         is_expected.to be_allowed(:award_emoji)
         is_expected.to be_allowed(*author_permissions)

spec/policies/project_policy_spec.rb

@@ -17,7 +17,7 @@ describe ProjectPolicy do
     %i[
       read_project read_board read_list read_wiki read_issue
       read_project_for_iids read_issue_iid read_label
-      read_milestone read_project_snippet read_project_member read_note
+      read_milestone read_snippet read_project_member read_note
       create_project create_issue create_note upload_file create_merge_request_in
       award_emoji read_release
     ]
@@ -25,7 +25,7 @@ describe ProjectPolicy do
 
   let(:base_reporter_permissions) do
     %i[
-      download_code fork_project create_project_snippet update_issue
+      download_code fork_project create_snippet update_issue
       admin_issue admin_label admin_list read_commit_status read_build
       read_container_image read_pipeline read_environment read_deployment
       read_merge_request download_wiki_code read_sentry_issue
@@ -48,8 +48,8 @@ describe ProjectPolicy do
 
   let(:base_maintainer_permissions) do
     %i[
-      push_to_delete_protected_branch update_project_snippet
-      admin_project_snippet admin_project_member admin_note admin_wiki admin_project
+      push_to_delete_protected_branch update_snippet
+      admin_snippet admin_project_member admin_note admin_wiki admin_project
       admin_commit_status admin_build admin_container_image
       admin_pipeline admin_environment admin_deployment destroy_release add_cluster
       daily_statistics

spec/policies/project_snippet_policy_spec.rb

@@ -12,8 +12,8 @@ describe ProjectSnippetPolicy do
   let(:author) { other_user }
   let(:author_permissions) do
     [
-      :update_project_snippet,
-      :admin_project_snippet
+      :update_snippet,
+      :admin_snippet
     ]
   end
 
@@ -26,7 +26,7 @@ describe ProjectSnippetPolicy do
       end
 
       it do
-        expect_allowed(:read_project_snippet, :create_note)
+        expect_allowed(:read_snippet, :create_note)
         expect_disallowed(*author_permissions)
       end
     end
@@ -38,8 +38,8 @@ describe ProjectSnippetPolicy do
 
       context 'not snippet author' do
         it do
-          expect_allowed(:read_project_snippet, :create_note)
-          expect_disallowed(:admin_project_snippet)
+          expect_allowed(:read_snippet, :create_note)
+          expect_disallowed(:admin_snippet)
         end
       end
     end
@@ -53,7 +53,7 @@ describe ProjectSnippetPolicy do
         end
 
         it do
-          expect_allowed(:read_project_snippet, :create_note)
+          expect_allowed(:read_snippet, :create_note)
           expect_allowed(*author_permissions)
         end
       end
@@ -64,15 +64,15 @@ describe ProjectSnippetPolicy do
         end
 
         it do
-          expect_allowed(:read_project_snippet, :create_note)
-          expect_disallowed(:admin_project_snippet)
+          expect_allowed(:read_snippet, :create_note)
+          expect_disallowed(:admin_snippet)
         end
       end
 
       context 'not a project member' do
         it do
-          expect_allowed(:read_project_snippet, :create_note)
-          expect_disallowed(:admin_project_snippet)
+          expect_allowed(:read_snippet, :create_note)
+          expect_disallowed(:admin_snippet)
         end
       end
     end
@@ -85,7 +85,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { nil }
 
       it do
-        expect_allowed(:read_project_snippet)
+        expect_allowed(:read_snippet)
         expect_disallowed(*author_permissions)
       end
     end
@@ -94,7 +94,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { regular_user }
 
       it do
-        expect_allowed(:read_project_snippet, :create_note)
+        expect_allowed(:read_snippet, :create_note)
         expect_disallowed(*author_permissions)
       end
 
@@ -105,7 +105,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { external_user }
 
       it do
-        expect_allowed(:read_project_snippet, :create_note)
+        expect_allowed(:read_snippet, :create_note)
         expect_disallowed(*author_permissions)
       end
 
@@ -115,7 +115,7 @@ describe ProjectSnippetPolicy do
         end
 
         it do
-          expect_allowed(:read_project_snippet, :create_note)
+          expect_allowed(:read_snippet, :create_note)
           expect_disallowed(*author_permissions)
         end
       end
@@ -129,7 +129,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { nil }
 
       it do
-        expect_disallowed(:read_project_snippet)
+        expect_disallowed(:read_snippet)
         expect_disallowed(*author_permissions)
       end
     end
@@ -138,7 +138,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { regular_user }
 
       it do
-        expect_allowed(:read_project_snippet, :create_note)
+        expect_allowed(:read_snippet, :create_note)
         expect_disallowed(*author_permissions)
       end
 
@@ -149,7 +149,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { external_user }
 
       it do
-        expect_disallowed(:read_project_snippet, :create_note)
+        expect_disallowed(:read_snippet, :create_note)
         expect_disallowed(*author_permissions)
       end
 
@@ -159,7 +159,7 @@ describe ProjectSnippetPolicy do
         end
 
         it do
-          expect_allowed(:read_project_snippet, :create_note)
+          expect_allowed(:read_snippet, :create_note)
           expect_disallowed(*author_permissions)
         end
       end
@@ -173,7 +173,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { nil }
 
       it do
-        expect_disallowed(:read_project_snippet)
+        expect_disallowed(:read_snippet)
         expect_disallowed(*author_permissions)
       end
     end
@@ -182,7 +182,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { regular_user }
 
       it do
-        expect_disallowed(:read_project_snippet, :create_note)
+        expect_disallowed(:read_snippet, :create_note)
         expect_disallowed(*author_permissions)
       end
 
@@ -193,7 +193,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { external_user }
 
       it do
-        expect_disallowed(:read_project_snippet, :create_note)
+        expect_disallowed(:read_snippet, :create_note)
         expect_disallowed(*author_permissions)
       end
 
@@ -203,7 +203,7 @@ describe ProjectSnippetPolicy do
         end
 
         it do
-          expect_allowed(:read_project_snippet, :create_note)
+          expect_allowed(:read_snippet, :create_note)
           expect_disallowed(*author_permissions)
         end
       end
@@ -214,7 +214,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { create(:admin) }
 
       it do
-        expect_allowed(:read_project_snippet, :create_note)
+        expect_allowed(:read_snippet, :create_note)
         expect_allowed(*author_permissions)
       end
     end

spec/presenters/snippet_presenter_spec.rb

@@ -62,8 +62,8 @@ describe SnippetPresenter do
     context 'with PersonalSnippet' do
       let(:snippet) { personal_snippet }
 
-      it 'checks read_personal_snippet' do
-        expect(presenter).to receive(:can?).with(user, :read_personal_snippet, snippet)
+      it 'checks read_snippet' do
+        expect(presenter).to receive(:can?).with(user, :read_snippet, snippet)
 
         subject
       end
@@ -72,8 +72,8 @@ describe SnippetPresenter do
     context 'with ProjectSnippet' do
       let(:snippet) { project_snippet }
 
-      it 'checks read_project_snippet ' do
-        expect(presenter).to receive(:can?).with(user, :read_project_snippet, snippet)
+      it 'checks read_snippet ' do
+        expect(presenter).to receive(:can?).with(user, :read_snippet, snippet)
 
         subject
       end
@@ -86,8 +86,8 @@ describe SnippetPresenter do
     context 'with PersonalSnippet' do
       let(:snippet) { personal_snippet }
 
-      it 'checks update_personal_snippet' do
-        expect(presenter).to receive(:can?).with(user, :update_personal_snippet, snippet)
+      it 'checks update_snippet' do
+        expect(presenter).to receive(:can?).with(user, :update_snippet, snippet)
 
         subject
       end
@@ -96,8 +96,8 @@ describe SnippetPresenter do
     context 'with ProjectSnippet' do
       let(:snippet) { project_snippet }
 
-      it 'checks update_project_snippet ' do
-        expect(presenter).to receive(:can?).with(user, :update_project_snippet, snippet)
+      it 'checks update_snippet ' do
+        expect(presenter).to receive(:can?).with(user, :update_snippet, snippet)
 
         subject
       end
@@ -110,8 +110,8 @@ describe SnippetPresenter do
     context 'with PersonalSnippet' do
       let(:snippet) { personal_snippet }
 
-      it 'checks admin_personal_snippet' do
-        expect(presenter).to receive(:can?).with(user, :admin_personal_snippet, snippet)
+      it 'checks admin_snippet' do
+        expect(presenter).to receive(:can?).with(user, :admin_snippet, snippet)
 
         subject
       end
@@ -120,8 +120,8 @@ describe SnippetPresenter do
     context 'with ProjectSnippet' do
       let(:snippet) { project_snippet }
 
-      it 'checks admin_project_snippet ' do
-        expect(presenter).to receive(:can?).with(user, :admin_project_snippet, snippet)
+      it 'checks admin_snippet ' do
+        expect(presenter).to receive(:can?).with(user, :admin_snippet, snippet)
 
         subject
       end

spec/support/shared_contexts/policies/project_policy_shared_context.rb

@@ -13,7 +13,7 @@ RSpec.shared_context 'ProjectPolicy context' do
     %i[
       read_project read_board read_list read_wiki read_issue
       read_project_for_iids read_issue_iid read_label
-      read_milestone read_project_snippet read_project_member read_note
+      read_milestone read_snippet read_project_member read_note
       create_project create_issue create_note upload_file create_merge_request_in
       award_emoji
     ]
@@ -21,7 +21,7 @@ RSpec.shared_context 'ProjectPolicy context' do
 
   let(:base_reporter_permissions) do
     %i[
-      download_code fork_project create_project_snippet update_issue
+      download_code fork_project create_snippet update_issue
       admin_issue admin_label admin_list read_commit_status read_build
       read_container_image read_pipeline read_environment read_deployment
       read_merge_request download_wiki_code read_sentry_issue read_prometheus
@@ -45,8 +45,8 @@ RSpec.shared_context 'ProjectPolicy context' do
 
   let(:base_maintainer_permissions) do
     %i[
-      push_to_delete_protected_branch update_project_snippet
-      admin_project_snippet admin_project_member admin_note admin_wiki admin_project
+      push_to_delete_protected_branch update_snippet
+      admin_snippet admin_project_member admin_note admin_wiki admin_project
       admin_commit_status admin_build admin_container_image
       admin_pipeline admin_environment admin_deployment destroy_release add_cluster
       daily_statistics

spec/support/shared_examples/finders/snippet_visibility_shared_examples.rb

@@ -234,8 +234,8 @@ RSpec.shared_examples 'snippet visibility' do
       end
 
       context "For #{params[:project_type]} project and #{params[:user_type]} users" do
-        it 'agrees with the read_project_snippet policy' do
-          expect(can?(user, :read_project_snippet, snippet)).to eq(outcome)
+        it 'agrees with the read_snippet policy' do
+          expect(can?(user, :read_snippet, snippet)).to eq(outcome)
         end
 
         it 'returns proper outcome' do
@@ -297,8 +297,8 @@ RSpec.shared_examples 'snippet visibility' do
       let!(:snippet) { create(:personal_snippet, visibility_level: snippet_visibility, author: author) }
 
       context "For personal and #{params[:snippet_visibility]} snippets with #{params[:user_type]} user" do
-        it 'agrees with read_personal_snippet policy' do
-          expect(can?(user, :read_personal_snippet, snippet)).to eq(outcome)
+        it 'agrees with read_snippet policy' do
+          expect(can?(user, :read_snippet, snippet)).to eq(outcome)
         end
 
         it 'returns proper outcome' do