Merge branch 'ap-39087-align-personal-project-snippet-abilities' into 'master'

Align project and personal snippet abilities

Closes #39087

See merge request gitlab-org/gitlab!22500

app/controllers/projects/snippets_controller.rb

@@ -15,17 +15,17 @@ class Projects::SnippetsController < Projects::ApplicationController
   before_action :check_snippets_available!
   before_action :snippet, only: [:show, :edit, :destroy, :update, :raw, :toggle_award_emoji, :mark_as_spam]
 
-  # Allow read any snippet
-  before_action :authorize_read_project_snippet!, except: [:new, :create, :index]
+  # Allow create snippet
+  before_action :authorize_create_snippet!, only: [:new, :create]
 
-  # Allow write(create) snippet
-  before_action :authorize_create_project_snippet!, only: [:new, :create]
+  # Allow read any snippet
+  before_action :authorize_read_snippet!, except: [:new, :create, :index]
 
   # Allow modify snippet
-  before_action :authorize_update_project_snippet!, only: [:edit, :update]
+  before_action :authorize_update_snippet!, only: [:edit, :update]
 
   # Allow destroy snippet
-  before_action :authorize_admin_project_snippet!, only: [:destroy]
+  before_action :authorize_admin_snippet!, only: [:destroy]
 
   respond_to :html
 
@@ -115,16 +115,16 @@ class Projects::SnippetsController < Projects::ApplicationController
     project_snippet_path(@project, @snippet)
   end
 
-  def authorize_read_project_snippet!
-    return render_404 unless can?(current_user, :read_project_snippet, @snippet)
+  def authorize_read_snippet!
+    return render_404 unless can?(current_user, :read_snippet, @snippet)
   end
 
-  def authorize_update_project_snippet!
-    return render_404 unless can?(current_user, :update_project_snippet, @snippet)
+  def authorize_update_snippet!
+    return render_404 unless can?(current_user, :update_snippet, @snippet)
   end
 
-  def authorize_admin_project_snippet!
-    return render_404 unless can?(current_user, :admin_project_snippet, @snippet)
+  def authorize_admin_snippet!
+    return render_404 unless can?(current_user, :admin_snippet, @snippet)
   end
 
   def snippet_params

app/controllers/snippets/notes_controller.rb

@@ -33,7 +33,7 @@ class Snippets::NotesController < ApplicationController
   end
 
   def authorize_read_snippet!
-    return render_404 unless can?(current_user, :read_personal_snippet, snippet)
+    return render_404 unless can?(current_user, :read_snippet, snippet)
   end
 
   def authorize_create_note!

app/controllers/snippets_controller.rb

@@ -126,7 +126,7 @@ class SnippetsController < ApplicationController
   end
 
   def authorize_read_snippet!
-    return if can?(current_user, :read_personal_snippet, @snippet)
+    return if can?(current_user, :read_snippet, @snippet)
 
     if current_user
       render_404
@@ -136,15 +136,15 @@ class SnippetsController < ApplicationController
   end
 
   def authorize_update_snippet!
-    return render_404 unless can?(current_user, :update_personal_snippet, @snippet)
+    return render_404 unless can?(current_user, :update_snippet, @snippet)
   end
 
   def authorize_admin_snippet!
-    return render_404 unless can?(current_user, :admin_personal_snippet, @snippet)
+    return render_404 unless can?(current_user, :admin_snippet, @snippet)
   end
 
   def authorize_create_snippet!
-    return render_404 unless can?(current_user, :create_personal_snippet)
+    return render_404 unless can?(current_user, :create_snippet)
   end
 
   def snippet_params

app/controllers/uploads_controller.rb

@@ -41,6 +41,8 @@ class UploadsController < ApplicationController
       case model
       when Note
         can?(current_user, :read_project, model.project)
+      when Snippet, ProjectSnippet
+        can?(current_user, :read_snippet, model)
       when User
         # We validate the current user has enough (writing)
         # access to itself when a secret is given.

app/graphql/mutations/snippets/create.rb

@@ -67,11 +67,11 @@ module Mutations
       end
 
       def authorized_resource?(project)
-        Ability.allowed?(context[:current_user], :create_project_snippet, project)
+        Ability.allowed?(context[:current_user], :create_snippet, project)
       end
 
       def can_create_personal_snippet?
-        Ability.allowed?(context[:current_user], :create_personal_snippet)
+        Ability.allowed?(context[:current_user], :create_snippet)
       end
     end
   end

app/graphql/types/permission_types/project.rb

@@ -21,7 +21,7 @@ module Types
       permission_field :create_snippet
 
       def create_snippet
-        Ability.allowed?(context[:current_user], :create_project_snippet, object)
+        Ability.allowed?(context[:current_user], :create_snippet, object)
       end
     end
   end

app/graphql/types/permission_types/user.rb

@@ -8,7 +8,7 @@ module Types
       permission_field :create_snippet
 
       def create_snippet
-        Ability.allowed?(context[:current_user], :create_personal_snippet)
+        Ability.allowed?(context[:current_user], :create_snippet)
       end
     end
   end

app/helpers/projects_helper.rb

@@ -425,7 +425,7 @@ module ProjectsHelper
     {
       environments:     :read_environment,
       milestones:       :read_milestone,
-      snippets:         :read_project_snippet,
+      snippets:         :read_snippet,
       settings:         :admin_project,
       builds:           :read_build,
       clusters:         :read_cluster,
@@ -443,7 +443,7 @@ module ProjectsHelper
       blobs:          :download_code,
       commits:        :download_code,
       merge_requests: :read_merge_request,
-      notes:          [:read_merge_request, :download_code, :read_issue, :read_project_snippet],
+      notes:          [:read_merge_request, :download_code, :read_issue, :read_snippet],
       members:        :read_project_member
     )
   end

app/mailers/emails/notes.rb

@@ -26,19 +26,17 @@ module Emails
       mail_answer_note_thread(@merge_request, @note, note_thread_options(recipient_id, reason))
     end
 
-    def note_project_snippet_email(recipient_id, note_id, reason = nil)
+    def note_snippet_email(recipient_id, note_id, reason = nil)
       setup_note_mail(note_id, recipient_id)
-
       @snippet = @note.noteable
-      @target_url = project_snippet_url(*note_target_url_options)
-      mail_answer_note_thread(@snippet, @note, note_thread_options(recipient_id, reason))
-    end
 
-    def note_personal_snippet_email(recipient_id, note_id, reason = nil)
-      setup_note_mail(note_id, recipient_id)
+      case @snippet
+      when ProjectSnippet
+        @target_url = project_snippet_url(*note_target_url_options)
+      when Snippet
+        @target_url = gitlab_snippet_url(@note.noteable)
+      end
 
-      @snippet = @note.noteable
-      @target_url = gitlab_snippet_url(@note.noteable)
       mail_answer_note_thread(@snippet, @note, note_thread_options(recipient_id, reason))
     end
 

app/models/ability.rb

@@ -24,7 +24,7 @@ class Ability
     # read the given snippet.
     def users_that_can_read_personal_snippet(users, snippet)
       DeclarativePolicy.subject_scope do
-        users.select { |u| allowed?(u, :read_personal_snippet, snippet) }
+        users.select { |u| allowed?(u, :read_snippet, snippet) }
       end
     end
 

app/models/event.rb

@@ -145,10 +145,8 @@ class Event < ApplicationRecord
       Ability.allowed?(user, :read_issue, note? ? note_target : target)
     elsif merge_request? || merge_request_note?
       Ability.allowed?(user, :read_merge_request, note? ? note_target : target)
-    elsif personal_snippet_note?
-      Ability.allowed?(user, :read_personal_snippet, note_target)
-    elsif project_snippet_note?
-      Ability.allowed?(user, :read_project_snippet, note_target)
+    elsif personal_snippet_note? || project_snippet_note?
+      Ability.allowed?(user, :read_snippet, note_target)
     elsif milestone?
       Ability.allowed?(user, :read_milestone, project)
     else

app/models/note.rb

@@ -367,7 +367,7 @@ class Note < ApplicationRecord
   end
 
   def noteable_ability_name
-    for_snippet? ? noteable.class.name.underscore : noteable_type.demodulize.underscore
+    for_snippet? ? 'snippet' : noteable_type.demodulize.underscore
   end
 
   def can_be_discussion_note?

app/models/project.rb

@@ -2274,7 +2274,7 @@ class Project < ApplicationRecord
   end
 
   def snippets_visible?(user = nil)
-    Ability.allowed?(user, :read_project_snippet, self)
+    Ability.allowed?(user, :read_snippet, self)
   end
 
   def max_attachment_size

app/models/snippet.rb

@@ -215,9 +215,7 @@ class Snippet < ApplicationRecord
   end
 
   def embeddable?
-    ability = project_id? ? :read_project_snippet : :read_personal_snippet
-
-    Ability.allowed?(nil, ability, self)
+    Ability.allowed?(nil, :read_snippet, self)
   end
 
   def notes_with_associations
@@ -240,7 +238,7 @@ class Snippet < ApplicationRecord
   end
 
   def to_ability_name
-    model_name.singular
+    'snippet'
   end
 
   def valid_secret_token?(token)

app/policies/global_policy.rb

@@ -75,7 +75,7 @@ class GlobalPolicy < BasePolicy
 
   rule { ~anonymous }.policy do
     enable :read_instance_metadata
-    enable :create_personal_snippet
+    enable :create_snippet
   end
 
   rule { admin }.policy do
@@ -83,7 +83,7 @@ class GlobalPolicy < BasePolicy
     enable :update_custom_attribute
   end
 
-  rule { external_user }.prevent :create_personal_snippet
+  rule { external_user }.prevent :create_snippet
 end
 
 GlobalPolicy.prepend_if_ee('EE::GlobalPolicy')

app/policies/personal_snippet_policy.rb

@@ -6,19 +6,19 @@ class PersonalSnippetPolicy < BasePolicy
   condition(:internal_snippet, scope: :subject) { @subject.internal? }
 
   rule { public_snippet }.policy do
-    enable :read_personal_snippet
+    enable :read_snippet
     enable :create_note
   end
 
   rule { is_author | admin }.policy do
-    enable :read_personal_snippet
-    enable :update_personal_snippet
-    enable :admin_personal_snippet
+    enable :read_snippet
+    enable :update_snippet
+    enable :admin_snippet
     enable :create_note
   end
 
   rule { internal_snippet & ~external_user }.policy do
-    enable :read_personal_snippet
+    enable :read_snippet
     enable :create_note
   end
 
@@ -26,8 +26,5 @@ class PersonalSnippetPolicy < BasePolicy
 
   rule { can?(:create_note) }.enable :award_emoji
 
-  rule { can?(:read_all_resources) }.enable :read_personal_snippet
-
-  # Aliasing the ability to ease GraphQL permissions check
-  rule { can?(:read_personal_snippet) }.enable :read_snippet
+  rule { can?(:read_all_resources) }.enable :read_snippet
 end

app/policies/project_policy.rb

@@ -9,7 +9,7 @@ class ProjectPolicy < BasePolicy
     merge_request
     label
     milestone
-    project_snippet
+    snippet
     wiki
     note
     pipeline
@@ -185,7 +185,7 @@ class ProjectPolicy < BasePolicy
     enable :read_issue
     enable :read_label
     enable :read_milestone
-    enable :read_project_snippet
+    enable :read_snippet
     enable :read_project_member
     enable :read_note
     enable :create_project
@@ -208,7 +208,7 @@ class ProjectPolicy < BasePolicy
     enable :download_code
     enable :read_statistics
     enable :download_wiki_code
-    enable :create_project_snippet
+    enable :create_snippet
     enable :update_issue
     enable :reopen_issue
     enable :admin_issue
@@ -286,8 +286,8 @@ class ProjectPolicy < BasePolicy
   rule { can?(:maintainer_access) }.policy do
     enable :admin_board
     enable :push_to_delete_protected_branch
-    enable :update_project_snippet
-    enable :admin_project_snippet
+    enable :update_snippet
+    enable :admin_snippet
     enable :admin_project_member
     enable :admin_note
     enable :admin_wiki
@@ -352,7 +352,7 @@ class ProjectPolicy < BasePolicy
   end
 
   rule { snippets_disabled }.policy do
-    prevent(*create_read_update_admin_destroy(:project_snippet))
+    prevent(*create_read_update_admin_destroy(:snippet))
   end
 
   rule { wiki_disabled }.policy do
@@ -405,7 +405,7 @@ class ProjectPolicy < BasePolicy
     enable :read_wiki
     enable :read_label
     enable :read_milestone
-    enable :read_project_snippet
+    enable :read_snippet
     enable :read_project_member
     enable :read_merge_request
     enable :read_note

app/policies/project_snippet_policy.rb

@@ -14,44 +14,41 @@ class ProjectSnippetPolicy < BasePolicy
   # We have to check both project feature visibility and a snippet visibility and take the stricter one
   # This will be simplified - check https://gitlab.com/gitlab-org/gitlab-foss/issues/27573
   rule { ~can?(:read_project) }.policy do
-    prevent :read_project_snippet
-    prevent :update_project_snippet
-    prevent :admin_project_snippet
+    prevent :read_snippet
+    prevent :update_snippet
+    prevent :admin_snippet
   end
 
-  # we have to use this complicated prevent because the delegated project policy
-  # is overly greedy in allowing :read_project_snippet, since it doesn't have any
-  # information about the snippet. However, :read_project_snippet on the *project*
-  # is used to hide/show various snippet-related controls, so we can't just move
-  # all of the handling here.
+  # we have to use this complicated prevent because the delegated project
+  # policy is overly greedy in allowing :read_snippet, since it doesn't have
+  # any information about the snippet. However, :read_snippet on the *project*
+  # is used to hide/show various snippet-related controls, so we can't just
+  # move all of the handling here.
   rule do
     all?(private_snippet | (internal_snippet & external_user),
          ~project.guest,
          ~is_author,
          ~can?(:read_all_resources))
-  end.prevent :read_project_snippet
+  end.prevent :read_snippet
 
   rule { internal_snippet & ~is_author & ~admin }.policy do
-    prevent :update_project_snippet
-    prevent :admin_project_snippet
+    prevent :update_snippet
+    prevent :admin_snippet
   end
 
-  rule { public_snippet }.enable :read_project_snippet
+  rule { public_snippet }.enable :read_snippet
 
   rule { is_author & ~project.reporter & ~admin }.policy do
-    prevent :admin_project_snippet
+    prevent :admin_snippet
   end
 
   rule { is_author | admin }.policy do
-    enable :read_project_snippet
-    enable :update_project_snippet
-    enable :admin_project_snippet
+    enable :read_snippet
+    enable :update_snippet
+    enable :admin_snippet
   end
 
-  rule { ~can?(:read_project_snippet) }.prevent :create_note
-
-  # Aliasing the ability to ease GraphQL permissions check
-  rule { can?(:read_project_snippet) }.enable :read_snippet
+  rule { ~can?(:read_snippet) }.prevent :create_note
 end
 
 ProjectSnippetPolicy.prepend_if_ee('EE::ProjectSnippetPolicy')

app/services/snippets/destroy_service.rb

@@ -36,9 +36,7 @@ module Snippets
     attr_reader :snippet
 
     def user_can_delete_snippet?
-      return can?(current_user, :admin_project_snippet, snippet) if project
-
-      can?(current_user, :admin_personal_snippet, snippet)
+      can?(current_user, :admin_snippet, snippet)
     end
 
     def service_response_error(message, http_status)

app/views/dashboard/_snippets_head.html.haml

@@ -3,7 +3,7 @@
 
   - if current_user && current_user.snippets.any? || @snippets.any?
     .page-title-controls
-      - if can?(current_user, :create_personal_snippet)
+      - if can?(current_user, :create_snippet)
         = link_to _("New snippet"), new_snippet_path, class: "btn btn-success", title: _("New snippet")
 
 .top-area

app/views/dashboard/snippets/index.html.haml

 - @hide_top_links = true
 - page_title    "Snippets"
 - header_title  "Snippets", dashboard_snippets_path
-- button_path = new_snippet_path if can?(current_user, :create_personal_snippet)
+- button_path = new_snippet_path if can?(current_user, :create_snippet)
 
 = render 'dashboard/snippets_head'
 - if current_user.snippets.exists?

app/views/layouts/header/_new_dropdown.haml

@@ -21,7 +21,7 @@
       - if @project&.persisted?
         - create_project_issue = show_new_issue_link?(@project)
         - merge_project = merge_request_source_project_for_project(@project)
-        - create_project_snippet = can?(current_user, :create_project_snippet, @project)
+        - create_project_snippet = can?(current_user, :create_snippet, @project)
 
         - if create_project_issue || merge_project || create_project_snippet
           %li.dropdown-bold-header
@@ -38,5 +38,5 @@
         %li= link_to _('New project'), new_project_path, class: 'qa-global-new-project-link'
       - if current_user.can_create_group?
         %li= link_to _('New group'), new_group_path
-      - if current_user.can?(:create_personal_snippet)
+      - if current_user.can?(:create_snippet)
         %li= link_to _('New snippet'), new_snippet_path, class: 'qa-global-new-snippet-link'

app/views/notify/note_project_snippet_email.html.haml

-= render 'note_email'

app/views/notify/note_project_snippet_email.text.erb

-<%= render 'note_email' %>

app/views/projects/buttons/_dropdown.html.haml

 - can_create_issue = show_new_issue_link?(@project)
-- can_create_project_snippet = can?(current_user, :create_project_snippet, @project)
+- can_create_project_snippet = can?(current_user, :create_snippet, @project)
 - can_push_code = can?(current_user, :push_code, @project)
 - create_mr_from_new_fork = can?(current_user, :fork_project, @project) && can?(current_user, :create_merge_request_in, @project)
 - merge_project = merge_request_source_project_for_project(@project)

app/views/projects/snippets/_actions.html.haml

 - return unless current_user
 
 .d-none.d-sm-block
-  - if can?(current_user, :update_project_snippet, @snippet)
+  - if can?(current_user, :update_snippet, @snippet)
     = link_to edit_project_snippet_path(@project, @snippet), class: "btn btn-grouped" do
       = _('Edit')
-  - if can?(current_user, :admin_project_snippet, @snippet)
+  - if can?(current_user, :admin_snippet, @snippet)
     = link_to project_snippet_path(@project, @snippet), method: :delete, data: { confirm: _("Are you sure?") }, class: "btn btn-grouped btn-inverted btn-remove", title: _('Delete Snippet') do
       = _('Delete')
-  - if can?(current_user, :create_project_snippet, @project)
+  - if can?(current_user, :create_snippet, @project)
     = link_to new_project_snippet_path(@project), class: 'btn btn-grouped btn-inverted btn-success', title: _("New snippet") do
       = _('New snippet')
   - if @snippet.submittable_as_spam_by?(current_user)
     = link_to _('Submit as spam'), mark_as_spam_project_snippet_path(@project, @snippet), method: :post, class: 'btn btn-grouped btn-spam', title: _('Submit as spam')
-- if can?(current_user, :create_project_snippet, @project) || can?(current_user, :update_project_snippet, @snippet)
+- if can?(current_user, :create_snippet, @project) || can?(current_user, :update_snippet, @snippet)
   .d-block.d-sm-none.dropdown
     %button.btn.btn-default.btn-block.append-bottom-0.prepend-top-5{ data: { toggle: "dropdown" } }
       = _('Options')
       = icon('caret-down')
     .dropdown-menu.dropdown-menu-full-width
       %ul
-        - if can?(current_user, :create_project_snippet, @project)
+        - if can?(current_user, :create_snippet, @project)
           %li
             = link_to new_project_snippet_path(@project), title: _("New snippet") do
               = _('New snippet')
-        - if can?(current_user, :admin_project_snippet, @snippet)
+        - if can?(current_user, :admin_snippet, @snippet)
           %li
             = link_to project_snippet_path(@project, @snippet), method: :delete, data: { confirm: _("Are you sure?") }, title: _('Delete Snippet') do
               = _('Delete')
-        - if can?(current_user, :update_project_snippet, @snippet)
+        - if can?(current_user, :update_snippet, @snippet)
           %li
             = link_to edit_project_snippet_path(@project, @snippet) do
               = _('Edit')

app/views/projects/snippets/index.html.haml

@@ -6,7 +6,7 @@
       - include_private = @project.team.member?(current_user) || current_user.admin?
       = render partial: 'snippets/snippets_scope_menu', locals: { subject: @project, include_private: include_private }
 
-      - if can?(current_user, :create_project_snippet, @project)
+      - if can?(current_user, :create_snippet, @project)
         .nav-controls
           = link_to _("New snippet"), new_project_snippet_path(@project), class: "btn btn-success", title: _("New snippet")
 

app/views/snippets/_actions.html.haml

 - return unless current_user
 
 .d-none.d-sm-block
-  - if can?(current_user, :update_personal_snippet, @snippet)
+  - if can?(current_user, :update_snippet, @snippet)
     = link_to edit_snippet_path(@snippet), class: "btn btn-grouped" do
       = _("Edit")
-  - if can?(current_user, :admin_personal_snippet, @snippet)
+  - if can?(current_user, :admin_snippet, @snippet)
     = link_to gitlab_snippet_path(@snippet), method: :delete, data: { confirm: _("Are you sure?") }, class: "btn btn-grouped btn-inverted btn-remove", title: _('Delete Snippet') do
       = _("Delete")
-  - if can?(current_user, :create_personal_snippet)
+  - if can?(current_user, :create_snippet)
     = link_to new_snippet_path, class: "btn btn-grouped btn-success btn-inverted", title: _("New snippet") do
       = _("New snippet")
   - if @snippet.submittable_as_spam_by?(current_user)
@@ -18,15 +18,15 @@
     = icon('caret-down')
   .dropdown-menu.dropdown-menu-full-width
     %ul
-      - if can?(current_user, :create_personal_snippet)
+      - if can?(current_user, :create_snippet)
         %li
           = link_to new_snippet_path, title: _("New snippet") do
             = _("New snippet")
-      - if can?(current_user, :admin_personal_snippet, @snippet)
+      - if can?(current_user, :admin_snippet, @snippet)
         %li
           = link_to gitlab_snippet_path(@snippet), method: :delete, data: { confirm: _("Are you sure?") }, title: _('Delete Snippet') do
             = _("Delete")
-      - if can?(current_user, :update_personal_snippet, @snippet)
+      - if can?(current_user, :update_snippet, @snippet)
         %li
           = link_to edit_snippet_path(@snippet) do
             = _("Edit")

app/views/snippets/_snippets.html.haml

@@ -3,7 +3,7 @@
 - current_user_empty_message_header = s_('UserProfile|You haven\'t created any snippets.')
 - current_user_empty_message_description = s_('UserProfile|Snippets in GitLab can either be private, internal, or public.')
 - primary_button_label = _('New snippet')
-- primary_button_link = new_snippet_path if can?(current_user, :create_personal_snippet)
+- primary_button_link = new_snippet_path if can?(current_user, :create_snippet)
 - visitor_empty_message = s_('UserProfile|No snippets found.')
 
 .snippets-list-holder

ee/app/policies/ee/project_snippet_policy.rb

@@ -6,7 +6,7 @@ module EE
     extend ::Gitlab::Utils::Override
 
     prepended do
-      rule { auditor }.enable :read_project_snippet
+      rule { auditor }.enable :read_snippet
     end
   end
 end

ee/spec/policies/project_policy_spec.rb

@@ -45,7 +45,7 @@ describe ProjectPolicy do
         download_code download_wiki_code read_project read_board read_list
         read_project_for_iids read_issue_iid read_merge_request_iid read_wiki
         read_issue read_label read_issue_link read_milestone
-        read_project_snippet read_project_member read_note read_cycle_analytics
+        read_snippet read_project_member read_note read_cycle_analytics
         read_pipeline read_build read_commit_status read_container_image
         read_environment read_deployment read_merge_request read_pages
         create_merge_request_in award_emoji

ee/spec/policies/project_snippet_policy_spec.rb

@@ -8,8 +8,8 @@ describe ProjectSnippetPolicy do
   let(:snippet) { create(:project_snippet, snippet_visibility, project: project) }
   let(:author_permissions) do
     [
-      :update_project_snippet,
-      :admin_project_snippet
+      :update_snippet,
+      :admin_snippet
     ]
   end
 
@@ -22,7 +22,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { create(:user, :auditor) }
 
       it do
-        is_expected.to be_allowed(:read_project_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_disallowed(*author_permissions)
       end
     end

lib/api/award_emoji.rb

@@ -127,6 +127,8 @@ module API
         case awardable
         when Note
           read_ability(awardable.noteable)
+        when Snippet, ProjectSnippet
+          :read_snippet
         else
           :"read_#{awardable.class.to_s.underscore}"
         end

lib/api/helpers/notes_helpers.rb

@@ -72,7 +72,15 @@ module API
       end
 
       def noteable_read_ability_name(noteable)
-        "read_#{noteable.class.to_s.underscore}".to_sym
+        "read_#{ability_name(noteable)}".to_sym
+      end
+
+      def ability_name(noteable)
+        if noteable.respond_to?(:to_ability_name)
+          noteable.to_ability_name
+        else
+          noteable.class.to_s.underscore
+        end
       end
 
       def find_noteable(parent_type, parent_id, noteable_type, noteable_id)

lib/api/project_snippets.rb

@@ -60,7 +60,7 @@ module API
         mutually_exclusive :code, :content
       end
       post ":id/snippets" do
-        authorize! :create_project_snippet, user_project
+        authorize! :create_snippet, user_project
         snippet_params = declared_params(include_missing: false).merge(request: request, api: true)
         snippet_params[:content] = snippet_params.delete(:code) if snippet_params[:code].present?
 
@@ -97,7 +97,7 @@ module API
         snippet = snippets_for_current_user.find_by(id: params.delete(:snippet_id))
         not_found!('Snippet') unless snippet
 
-        authorize! :update_project_snippet, snippet
+        authorize! :update_snippet, snippet
 
         snippet_params = declared_params(include_missing: false)
           .merge(request: request, api: true)
@@ -126,7 +126,7 @@ module API
         snippet = snippets_for_current_user.find_by(id: params[:snippet_id])
         not_found!('Snippet') unless snippet
 
-        authorize! :admin_project_snippet, snippet
+        authorize! :admin_snippet, snippet
 
         destroy_conditionally!(snippet) do |snippet|
           service = ::Snippets::DestroyService.new(current_user, snippet)

lib/api/snippets.rb

@@ -106,7 +106,7 @@ module API
         snippet = snippets_for_current_user.find_by_id(params.delete(:id))
         break not_found!('Snippet') unless snippet
 
-        authorize! :update_personal_snippet, snippet
+        authorize! :update_snippet, snippet
 
         attrs = declared_params(include_missing: false).merge(request: request, api: true)
         service_response = ::Snippets::UpdateService.new(nil, current_user, attrs).execute(snippet)
@@ -132,7 +132,7 @@ module API
         snippet = snippets_for_current_user.find_by_id(params.delete(:id))
         break not_found!('Snippet') unless snippet
 
-        authorize! :admin_personal_snippet, snippet
+        authorize! :admin_snippet, snippet
 
         destroy_conditionally!(snippet) do |snippet|
           service = ::Snippets::DestroyService.new(current_user, snippet)

lib/banzai/reference_parser/snippet_parser.rb

@@ -12,7 +12,7 @@ module Banzai
       private
 
       def can_read_reference?(user, ref_project, node)
-        can?(user, :read_project_snippet, referenced_by([node]).first)
+        can?(user, :read_snippet, referenced_by([node]).first)
       end
     end
   end

spec/mailers/notify_spec.rb

@@ -686,7 +686,7 @@ describe Notify do
       let(:project_snippet) { create(:project_snippet, project: project) }
       let(:project_snippet_note) { create(:note_on_project_snippet, project: project, noteable: project_snippet) }
 
-      subject { described_class.note_project_snippet_email(project_snippet_note.author_id, project_snippet_note.id) }
+      subject { described_class.note_snippet_email(project_snippet_note.author_id, project_snippet_note.id) }
 
       it_behaves_like 'appearance header and footer enabled'
       it_behaves_like 'appearance header and footer not enabled'
@@ -696,10 +696,20 @@ describe Notify do
       end
       it_behaves_like 'a user cannot unsubscribe through footer link'
 
-      it 'has the correct subject and body' do
+      it 'has the correct subject' do
         is_expected.to have_referable_subject(project_snippet, reply: true)
+      end
+
+      it 'has the correct body' do
         is_expected.to have_body_text project_snippet_note.note
       end
+
+      it 'links to the project snippet' do
+        target_url = project_snippet_url(project,
+                                         project_snippet_note.noteable,
+                                         { anchor: "note_#{project_snippet_note.id}" })
+        is_expected.to have_body_text target_url
+      end
     end
 
     describe 'project was moved' do
@@ -1650,15 +1660,23 @@ describe Notify do
     let(:personal_snippet) { create(:personal_snippet) }
     let(:personal_snippet_note) { create(:note_on_personal_snippet, noteable: personal_snippet) }
 
-    subject { described_class.note_personal_snippet_email(personal_snippet_note.author_id, personal_snippet_note.id) }
+    subject { described_class.note_snippet_email(personal_snippet_note.author_id, personal_snippet_note.id) }
 
     it_behaves_like 'a user cannot unsubscribe through footer link'
     it_behaves_like 'appearance header and footer enabled'
     it_behaves_like 'appearance header and footer not enabled'
 
-    it 'has the correct subject and body' do
+    it 'has the correct subject' do
       is_expected.to have_referable_subject(personal_snippet, reply: true)
+    end
+
+    it 'has the correct body' do
       is_expected.to have_body_text personal_snippet_note.note
     end
+
+    it 'links to the personal snippet' do
+      target_url = gitlab_snippet_url(personal_snippet_note.noteable)
+      is_expected.to have_body_text target_url
+    end
   end
 end

spec/models/note_spec.rb

@@ -718,12 +718,12 @@ describe Note do
   end
 
   describe '#noteable_ability_name' do
-    it 'returns project_snippet for a project snippet note' do
-      expect(build(:note_on_project_snippet).noteable_ability_name).to eq('project_snippet')
+    it 'returns snippet for a project snippet note' do
+      expect(build(:note_on_project_snippet).noteable_ability_name).to eq('snippet')
     end
 
-    it 'returns personal_snippet for a personal snippet note' do
-      expect(build(:note_on_personal_snippet).noteable_ability_name).to eq('personal_snippet')
+    it 'returns snippet for a personal snippet note' do
+      expect(build(:note_on_personal_snippet).noteable_ability_name).to eq('snippet')
     end
 
     it 'returns merge_request for an MR note' do

spec/policies/global_policy_spec.rb

@@ -307,21 +307,21 @@ describe GlobalPolicy do
     end
   end
 
-  describe 'create_personal_snippet' do
+  describe 'create_snippet' do
     context 'when anonymous' do
       let(:current_user) { nil }
 
-      it { is_expected.not_to be_allowed(:create_personal_snippet) }
+      it { is_expected.not_to be_allowed(:create_snippet) }
     end
 
     context 'regular user' do
-      it { is_expected.to be_allowed(:create_personal_snippet) }
+      it { is_expected.to be_allowed(:create_snippet) }
     end
 
     context 'when external' do
       let(:current_user) { build(:user, :external) }
 
-      it { is_expected.not_to be_allowed(:create_personal_snippet) }
+      it { is_expected.not_to be_allowed(:create_snippet) }
     end
   end
 end

spec/policies/note_policy_spec.rb

@@ -54,6 +54,27 @@ describe NotePolicy do
       end
     end
 
+    context 'when the noteable is a personal snippet' do
+      let(:noteable) { create(:personal_snippet, :public) }
+      let(:note) { create(:note, noteable: noteable, author: user) }
+
+      it 'can edit note' do
+        expect(policy).to be_allowed(:admin_note)
+        expect(policy).to be_allowed(:resolve_note)
+        expect(policy).to be_allowed(:read_note)
+      end
+
+      context 'when it is private' do
+        let(:noteable) { create(:personal_snippet, :private) }
+
+        it 'can not edit nor read the note' do
+          expect(policy).to be_disallowed(:admin_note)
+          expect(policy).to be_disallowed(:resolve_note)
+          expect(policy).to be_disallowed(:read_note)
+        end
+      end
+    end
+
     context 'when the project is public' do
       context 'when the note author is not a project member' do
         it 'can edit a note' do
@@ -79,26 +100,6 @@ describe NotePolicy do
         end
       end
 
-      context 'when the noteable is a personal snippet' do
-        let(:noteable) { create(:personal_snippet, :public) }
-
-        it 'can edit note' do
-          expect(policy).to be_allowed(:admin_note)
-          expect(policy).to be_allowed(:resolve_note)
-          expect(policy).to be_allowed(:read_note)
-        end
-
-        context 'when it is private' do
-          let(:noteable) { create(:personal_snippet, :private) }
-
-          it 'can not edit nor read the note' do
-            expect(policy).to be_disallowed(:admin_note)
-            expect(policy).to be_disallowed(:resolve_note)
-            expect(policy).to be_disallowed(:read_note)
-          end
-        end
-      end
-
       context 'when a discussion is confidential' do
         before do
           issue.update_attribute(:confidential, true)

spec/policies/personal_snippet_policy_spec.rb

@@ -10,8 +10,8 @@ describe PersonalSnippetPolicy do
 
   let(:author_permissions) do
     [
-      :update_personal_snippet,
-      :admin_personal_snippet
+      :update_snippet,
+      :admin_snippet
     ]
   end
 
@@ -24,7 +24,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(admin_user) }
 
       it do
-        is_expected.to be_allowed(:read_personal_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_allowed(:create_note)
         is_expected.to be_allowed(:award_emoji)
         is_expected.to be_allowed(*author_permissions)
@@ -39,7 +39,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(nil) }
 
       it do
-        is_expected.to be_allowed(:read_personal_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_disallowed(:create_note)
         is_expected.to be_disallowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -50,7 +50,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(regular_user) }
 
       it do
-        is_expected.to be_allowed(:read_personal_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_allowed(:create_note)
         is_expected.to be_allowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -61,7 +61,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(snippet.author) }
 
       it do
-        is_expected.to be_allowed(:read_personal_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_allowed(:create_note)
         is_expected.to be_allowed(:award_emoji)
         is_expected.to be_allowed(*author_permissions)
@@ -78,7 +78,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(nil) }
 
       it do
-        is_expected.to be_disallowed(:read_personal_snippet)
+        is_expected.to be_disallowed(:read_snippet)
         is_expected.to be_disallowed(:create_note)
         is_expected.to be_disallowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -89,7 +89,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(regular_user) }
 
       it do
-        is_expected.to be_allowed(:read_personal_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_allowed(:create_note)
         is_expected.to be_allowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -100,7 +100,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(external_user) }
 
       it do
-        is_expected.to be_disallowed(:read_personal_snippet)
+        is_expected.to be_disallowed(:read_snippet)
         is_expected.to be_disallowed(:create_note)
         is_expected.to be_disallowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -111,7 +111,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(snippet.author) }
 
       it do
-        is_expected.to be_allowed(:read_personal_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_allowed(:create_note)
         is_expected.to be_allowed(:award_emoji)
         is_expected.to be_allowed(*author_permissions)
@@ -128,7 +128,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(nil) }
 
       it do
-        is_expected.to be_disallowed(:read_personal_snippet)
+        is_expected.to be_disallowed(:read_snippet)
         is_expected.to be_disallowed(:create_note)
         is_expected.to be_disallowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -139,7 +139,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(regular_user) }
 
       it do
-        is_expected.to be_disallowed(:read_personal_snippet)
+        is_expected.to be_disallowed(:read_snippet)
         is_expected.to be_disallowed(:create_note)
         is_expected.to be_disallowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -150,7 +150,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(external_user) }
 
       it do
-        is_expected.to be_disallowed(:read_personal_snippet)
+        is_expected.to be_disallowed(:read_snippet)
         is_expected.to be_disallowed(:create_note)
         is_expected.to be_disallowed(:award_emoji)
         is_expected.to be_disallowed(*author_permissions)
@@ -161,7 +161,7 @@ describe PersonalSnippetPolicy do
       subject { permissions(snippet.author) }
 
       it do
-        is_expected.to be_allowed(:read_personal_snippet)
+        is_expected.to be_allowed(:read_snippet)
         is_expected.to be_allowed(:create_note)
         is_expected.to be_allowed(:award_emoji)
         is_expected.to be_allowed(*author_permissions)

spec/policies/project_policy_spec.rb

@@ -17,7 +17,7 @@ describe ProjectPolicy do
     %i[
       read_project read_board read_list read_wiki read_issue
       read_project_for_iids read_issue_iid read_label
-      read_milestone read_project_snippet read_project_member read_note
+      read_milestone read_snippet read_project_member read_note
       create_project create_issue create_note upload_file create_merge_request_in
       award_emoji read_release
     ]
@@ -25,7 +25,7 @@ describe ProjectPolicy do
 
   let(:base_reporter_permissions) do
     %i[
-      download_code fork_project create_project_snippet update_issue
+      download_code fork_project create_snippet update_issue
       admin_issue admin_label admin_list read_commit_status read_build
       read_container_image read_pipeline read_environment read_deployment
       read_merge_request download_wiki_code read_sentry_issue
@@ -48,8 +48,8 @@ describe ProjectPolicy do
 
   let(:base_maintainer_permissions) do
     %i[
-      push_to_delete_protected_branch update_project_snippet
-      admin_project_snippet admin_project_member admin_note admin_wiki admin_project
+      push_to_delete_protected_branch update_snippet
+      admin_snippet admin_project_member admin_note admin_wiki admin_project
       admin_commit_status admin_build admin_container_image
       admin_pipeline admin_environment admin_deployment destroy_release add_cluster
       daily_statistics

spec/policies/project_snippet_policy_spec.rb

@@ -12,8 +12,8 @@ describe ProjectSnippetPolicy do
   let(:author) { other_user }
   let(:author_permissions) do
     [
-      :update_project_snippet,
-      :admin_project_snippet
+      :update_snippet,
+      :admin_snippet
     ]
   end
 
@@ -26,7 +26,7 @@ describe ProjectSnippetPolicy do
       end
 
       it do
-        expect_allowed(:read_project_snippet, :create_note)
+        expect_allowed(:read_snippet, :create_note)
         expect_disallowed(*author_permissions)
       end
     end
@@ -38,8 +38,8 @@ describe ProjectSnippetPolicy do
 
       context 'not snippet author' do
         it do
-          expect_allowed(:read_project_snippet, :create_note)
-          expect_disallowed(:admin_project_snippet)
+          expect_allowed(:read_snippet, :create_note)
+          expect_disallowed(:admin_snippet)
         end
       end
     end
@@ -53,7 +53,7 @@ describe ProjectSnippetPolicy do
         end
 
         it do
-          expect_allowed(:read_project_snippet, :create_note)
+          expect_allowed(:read_snippet, :create_note)
           expect_allowed(*author_permissions)
         end
       end
@@ -64,15 +64,15 @@ describe ProjectSnippetPolicy do
         end
 
         it do
-          expect_allowed(:read_project_snippet, :create_note)
-          expect_disallowed(:admin_project_snippet)
+          expect_allowed(:read_snippet, :create_note)
+          expect_disallowed(:admin_snippet)
         end
       end
 
       context 'not a project member' do
         it do
-          expect_allowed(:read_project_snippet, :create_note)
-          expect_disallowed(:admin_project_snippet)
+          expect_allowed(:read_snippet, :create_note)
+          expect_disallowed(:admin_snippet)
         end
       end
     end
@@ -85,7 +85,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { nil }
 
       it do
-        expect_allowed(:read_project_snippet)
+        expect_allowed(:read_snippet)
         expect_disallowed(*author_permissions)
       end
     end
@@ -94,7 +94,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { regular_user }
 
       it do
-        expect_allowed(:read_project_snippet, :create_note)
+        expect_allowed(:read_snippet, :create_note)
         expect_disallowed(*author_permissions)
       end
 
@@ -105,7 +105,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { external_user }
 
       it do
-        expect_allowed(:read_project_snippet, :create_note)
+        expect_allowed(:read_snippet, :create_note)
         expect_disallowed(*author_permissions)
       end
 
@@ -115,7 +115,7 @@ describe ProjectSnippetPolicy do
         end
 
         it do
-          expect_allowed(:read_project_snippet, :create_note)
+          expect_allowed(:read_snippet, :create_note)
           expect_disallowed(*author_permissions)
         end
       end
@@ -129,7 +129,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { nil }
 
       it do
-        expect_disallowed(:read_project_snippet)
+        expect_disallowed(:read_snippet)
         expect_disallowed(*author_permissions)
       end
     end
@@ -138,7 +138,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { regular_user }
 
       it do
-        expect_allowed(:read_project_snippet, :create_note)
+        expect_allowed(:read_snippet, :create_note)
         expect_disallowed(*author_permissions)
       end
 
@@ -149,7 +149,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { external_user }
 
       it do
-        expect_disallowed(:read_project_snippet, :create_note)
+        expect_disallowed(:read_snippet, :create_note)
         expect_disallowed(*author_permissions)
       end
 
@@ -159,7 +159,7 @@ describe ProjectSnippetPolicy do
         end
 
         it do
-          expect_allowed(:read_project_snippet, :create_note)
+          expect_allowed(:read_snippet, :create_note)
           expect_disallowed(*author_permissions)
         end
       end
@@ -173,7 +173,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { nil }
 
       it do
-        expect_disallowed(:read_project_snippet)
+        expect_disallowed(:read_snippet)
         expect_disallowed(*author_permissions)
       end
     end
@@ -182,7 +182,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { regular_user }
 
       it do
-        expect_disallowed(:read_project_snippet, :create_note)
+        expect_disallowed(:read_snippet, :create_note)
         expect_disallowed(*author_permissions)
       end
 
@@ -193,7 +193,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { external_user }
 
       it do
-        expect_disallowed(:read_project_snippet, :create_note)
+        expect_disallowed(:read_snippet, :create_note)
         expect_disallowed(*author_permissions)
       end
 
@@ -203,7 +203,7 @@ describe ProjectSnippetPolicy do
         end
 
         it do
-          expect_allowed(:read_project_snippet, :create_note)
+          expect_allowed(:read_snippet, :create_note)
           expect_disallowed(*author_permissions)
         end
       end
@@ -214,7 +214,7 @@ describe ProjectSnippetPolicy do
       let(:current_user) { create(:admin) }
 
       it do
-        expect_allowed(:read_project_snippet, :create_note)
+        expect_allowed(:read_snippet, :create_note)
         expect_allowed(*author_permissions)
       end
     end

spec/presenters/snippet_presenter_spec.rb

@@ -62,8 +62,8 @@ describe SnippetPresenter do
     context 'with PersonalSnippet' do
       let(:snippet) { personal_snippet }
 
-      it 'checks read_personal_snippet' do
-        expect(presenter).to receive(:can?).with(user, :read_personal_snippet, snippet)
+      it 'checks read_snippet' do
+        expect(presenter).to receive(:can?).with(user, :read_snippet, snippet)
 
         subject
       end
@@ -72,8 +72,8 @@ describe SnippetPresenter do
     context 'with ProjectSnippet' do
       let(:snippet) { project_snippet }
 
-      it 'checks read_project_snippet ' do
-        expect(presenter).to receive(:can?).with(user, :read_project_snippet, snippet)
+      it 'checks read_snippet ' do
+        expect(presenter).to receive(:can?).with(user, :read_snippet, snippet)
 
         subject
       end
@@ -86,8 +86,8 @@ describe SnippetPresenter do
     context 'with PersonalSnippet' do
       let(:snippet) { personal_snippet }
 
-      it 'checks update_personal_snippet' do
-        expect(presenter).to receive(:can?).with(user, :update_personal_snippet, snippet)
+      it 'checks update_snippet' do
+        expect(presenter).to receive(:can?).with(user, :update_snippet, snippet)
 
         subject
       end
@@ -96,8 +96,8 @@ describe SnippetPresenter do
     context 'with ProjectSnippet' do
       let(:snippet) { project_snippet }
 
-      it 'checks update_project_snippet ' do
-        expect(presenter).to receive(:can?).with(user, :update_project_snippet, snippet)
+      it 'checks update_snippet ' do
+        expect(presenter).to receive(:can?).with(user, :update_snippet, snippet)
 
         subject
       end
@@ -110,8 +110,8 @@ describe SnippetPresenter do
     context 'with PersonalSnippet' do
       let(:snippet) { personal_snippet }
 
-      it 'checks admin_personal_snippet' do
-        expect(presenter).to receive(:can?).with(user, :admin_personal_snippet, snippet)
+      it 'checks admin_snippet' do
+        expect(presenter).to receive(:can?).with(user, :admin_snippet, snippet)
 
         subject
       end
@@ -120,8 +120,8 @@ describe SnippetPresenter do
     context 'with ProjectSnippet' do
       let(:snippet) { project_snippet }
 
-      it 'checks admin_project_snippet ' do
-        expect(presenter).to receive(:can?).with(user, :admin_project_snippet, snippet)
+      it 'checks admin_snippet ' do
+        expect(presenter).to receive(:can?).with(user, :admin_snippet, snippet)
 
         subject
       end

spec/support/shared_contexts/policies/project_policy_shared_context.rb

@@ -13,7 +13,7 @@ RSpec.shared_context 'ProjectPolicy context' do
     %i[
       read_project read_board read_list read_wiki read_issue
       read_project_for_iids read_issue_iid read_label
-      read_milestone read_project_snippet read_project_member read_note
+      read_milestone read_snippet read_project_member read_note
       create_project create_issue create_note upload_file create_merge_request_in
       award_emoji
     ]
@@ -21,7 +21,7 @@ RSpec.shared_context 'ProjectPolicy context' do
 
   let(:base_reporter_permissions) do
     %i[
-      download_code fork_project create_project_snippet update_issue
+      download_code fork_project create_snippet update_issue
       admin_issue admin_label admin_list read_commit_status read_build
       read_container_image read_pipeline read_environment read_deployment
       read_merge_request download_wiki_code read_sentry_issue read_prometheus
@@ -45,8 +45,8 @@ RSpec.shared_context 'ProjectPolicy context' do
 
   let(:base_maintainer_permissions) do
     %i[
-      push_to_delete_protected_branch update_project_snippet
-      admin_project_snippet admin_project_member admin_note admin_wiki admin_project
+      push_to_delete_protected_branch update_snippet
+      admin_snippet admin_project_member admin_note admin_wiki admin_project
       admin_commit_status admin_build admin_container_image
       admin_pipeline admin_environment admin_deployment destroy_release add_cluster
       daily_statistics

spec/support/shared_examples/finders/snippet_visibility_shared_examples.rb

@@ -234,8 +234,8 @@ RSpec.shared_examples 'snippet visibility' do
       end
 
       context "For #{params[:project_type]} project and #{params[:user_type]} users" do
-        it 'agrees with the read_project_snippet policy' do
-          expect(can?(user, :read_project_snippet, snippet)).to eq(outcome)
+        it 'agrees with the read_snippet policy' do
+          expect(can?(user, :read_snippet, snippet)).to eq(outcome)
         end
 
         it 'returns proper outcome' do
@@ -297,8 +297,8 @@ RSpec.shared_examples 'snippet visibility' do
       let!(:snippet) { create(:personal_snippet, visibility_level: snippet_visibility, author: author) }
 
       context "For personal and #{params[:snippet_visibility]} snippets with #{params[:user_type]} user" do
-        it 'agrees with read_personal_snippet policy' do
-          expect(can?(user, :read_personal_snippet, snippet)).to eq(outcome)
+        it 'agrees with read_snippet policy' do
+          expect(can?(user, :read_snippet, snippet)).to eq(outcome)
         end
 
         it 'returns proper outcome' do