Merge branch 'use-read-permissions-dast-types' into 'master'

Use read permissions for DAST GraphQL types

See merge request gitlab-org/gitlab!53317

ee/app/graphql/types/dast/profile_type.rb

@@ -6,7 +6,7 @@ module Types
       graphql_name 'DastProfile'
       description 'Represents a DAST Profile'
 
-      authorize :create_on_demand_dast_scan
+      authorize :read_on_demand_scans
 
       field :id, ::Types::GlobalIDType[::Dast::Profile], null: false,
             description: 'ID of the profile.'

ee/app/graphql/types/dast_scanner_profile_type.rb

@@ -5,7 +5,7 @@ module Types
     graphql_name 'DastScannerProfile'
     description 'Represents a DAST scanner profile'
 
-    authorize :create_on_demand_dast_scan
+    authorize :read_on_demand_scans
 
     field :id, ::Types::GlobalIDType[::DastScannerProfile], null: false,
           description: 'ID of the DAST scanner profile'

ee/app/graphql/types/dast_site_profile_type.rb

@@ -5,7 +5,7 @@ module Types
     graphql_name 'DastSiteProfile'
     description 'Represents a DAST Site Profile'
 
-    authorize :create_on_demand_dast_scan
+    authorize :read_on_demand_scans
 
     expose_permissions Types::PermissionTypes::DastSiteProfile
 

ee/app/graphql/types/dast_site_validation_type.rb

@@ -5,7 +5,7 @@ module Types
     graphql_name 'DastSiteValidation'
     description 'Represents a DAST Site Validation'
 
-    authorize :create_on_demand_dast_scan
+    authorize :read_on_demand_scans
 
     field :id, ::Types::GlobalIDType[::DastSiteValidation], null: false,
           description: 'Global ID of the site validation'

ee/spec/graphql/types/dast/profile_type_spec.rb

@@ -9,7 +9,7 @@ RSpec.describe GitlabSchema.types['DastProfile'] do
   let_it_be(:fields) { %i[id name description dastSiteProfile dastScannerProfile editPath] }
 
   specify { expect(described_class.graphql_name).to eq('DastProfile') }
-  specify { expect(described_class).to require_graphql_authorizations(:create_on_demand_dast_scan) }
+  specify { expect(described_class).to require_graphql_authorizations(:read_on_demand_scans) }
 
   it { expect(described_class).to have_graphql_fields(fields) }
 

ee/spec/graphql/types/dast_scanner_profile_type_spec.rb

@@ -27,7 +27,7 @@ RSpec.describe GitlabSchema.types['DastScannerProfile'] do
   end
 
   specify { expect(described_class.graphql_name).to eq('DastScannerProfile') }
-  specify { expect(described_class).to require_graphql_authorizations(:create_on_demand_dast_scan) }
+  specify { expect(described_class).to require_graphql_authorizations(:read_on_demand_scans) }
 
   it { expect(described_class).to have_graphql_fields(fields) }
 

ee/spec/graphql/types/dast_site_profile_type_spec.rb

@@ -25,7 +25,7 @@ RSpec.describe GitlabSchema.types['DastSiteProfile'] do
   end
 
   specify { expect(described_class.graphql_name).to eq('DastSiteProfile') }
-  specify { expect(described_class).to require_graphql_authorizations(:create_on_demand_dast_scan) }
+  specify { expect(described_class).to require_graphql_authorizations(:read_on_demand_scans) }
   specify { expect(described_class).to expose_permissions_using(Types::PermissionTypes::DastSiteProfile) }
 
   it { expect(described_class).to have_graphql_fields(fields) }

ee/spec/graphql/types/dast_site_validation_type_spec.rb

@@ -26,7 +26,7 @@ RSpec.describe GitlabSchema.types['DastSiteValidation'] do
   end
 
   specify { expect(described_class.graphql_name).to eq('DastSiteValidation') }
-  specify { expect(described_class).to require_graphql_authorizations(:create_on_demand_dast_scan) }
+  specify { expect(described_class).to require_graphql_authorizations(:read_on_demand_scans) }
 
   it { expect(described_class).to have_graphql_fields(fields) }