Remove repository column management permissions for user [SCI-12057]

app/controllers/repositories_controller.rb

@@ -536,7 +536,7 @@ class RepositoriesController < ApplicationController
   end
 
   def check_view_all_permissions
-    render_403 unless can_read_team?(current_team)
+    render_403 unless @repositories.all? { |repository| can_read_repository?(repository) }
   end
 
   def check_view_permissions

config/initializers/extends/permission_extends.rb

@@ -239,9 +239,6 @@ module PermissionExtends
       MyModulePermissions::STOCK_CONSUMPTION_UPDATE,
       RepositoryPermissions::READ,
       RepositoryPermissions::READ_ARCHIVED,
-      RepositoryPermissions::COLUMNS_CREATE,
-      RepositoryPermissions::COLUMNS_UPDATE,
-      RepositoryPermissions::COLUMNS_DELETE,
       RepositoryPermissions::ROWS_CREATE,
       RepositoryPermissions::ROWS_UPDATE,
       RepositoryPermissions::ROWS_DELETE,

db/migrate/20250709082818_remove_repository_column_management_permissions_for_normal_user_role.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+class RemoveRepositoryColumnManagementPermissionsForNormalUserRole < ActiveRecord::Migration[7.2]
+  REPOSITOY_COLUMN_MANAGE_PERMISSION = [
+    RepositoryPermissions::COLUMNS_CREATE,
+    RepositoryPermissions::COLUMNS_UPDATE,
+    RepositoryPermissions::COLUMNS_DELETE
+  ].freeze
+
+  def up
+    @normal_user_role = UserRole.find_predefined_normal_user_role
+    @normal_user_role.permissions = @normal_user_role.permissions - REPOSITOY_COLUMN_MANAGE_PERMISSION
+    @normal_user_role.save(validate: false)
+  end
+
+  def down
+    @normal_user_role = UserRole.find_predefined_normal_user_role
+    @normal_user_role.permissions = @normal_user_role.permissions | REPOSITOY_COLUMN_MANAGE_PERMISSION
+    @normal_user_role.save(validate: false)
+  end
+end