Merge branch 'rename-abilities' into 'master'

Rename abilities to correspond contoller/model action names

write_ was renamed to create_
modify_  was renamed to update_

So now in update action we have next code

```
def create
  can?(current_user, :create_issue, @issue)
end

def update
  can?(current_user, :update_issue, @issue)
end
```

See merge request !896

27 files changed, 90 insertions, 77 deletions

diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb
index 69bd1f58449..bfafdeeb1fb 100644
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -6,10 +6,10 @@ class Projects::IssuesController < Projects::ApplicationController
   before_action :authorize_read_issue!
 
   # Allow write(create) issue
-  before_action :authorize_write_issue!, only: [:new, :create]
+  before_action :authorize_create_issue!, only: [:new, :create]
 
   # Allow modify issue
-  before_action :authorize_modify_issue!, only: [:edit, :update]
+  before_action :authorize_update_issue!, only: [:edit, :update]
 
   # Allow issues bulk update
   before_action :authorize_admin_issues!, only: [:bulk_update]
@@ -122,8 +122,8 @@ class Projects::IssuesController < Projects::ApplicationController
                end
   end
 
-  def authorize_modify_issue!
-    return render_404 unless can?(current_user, :modify_issue, @issue)
+  def authorize_update_issue!
+    return render_404 unless can?(current_user, :update_issue, @issue)
   end
 
   def authorize_admin_issues!
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index a13688305b7..d1265198318 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -14,10 +14,10 @@ class Projects::MergeRequestsController < Projects::ApplicationController
   before_action :authorize_read_merge_request!
 
   # Allow write(create) merge_request
-  before_action :authorize_write_merge_request!, only: [:new, :create]
+  before_action :authorize_create_merge_request!, only: [:new, :create]
 
   # Allow modify merge_request
-  before_action :authorize_modify_merge_request!, only: [:close, :edit, :update, :sort]
+  before_action :authorize_update_merge_request!, only: [:close, :edit, :update, :sort]
 
   def index
     terms = params['issue_search']
@@ -218,8 +218,8 @@ class Projects::MergeRequestsController < Projects::ApplicationController
     @closes_issues ||= @merge_request.closes_issues
   end
 
-  def authorize_modify_merge_request!
-    return render_404 unless can?(current_user, :modify_merge_request, @merge_request)
+  def authorize_update_merge_request!
+    return render_404 unless can?(current_user, :update_merge_request, @merge_request)
   end
 
   def authorize_admin_merge_request!
diff --git a/app/controllers/projects/notes_controller.rb b/app/controllers/projects/notes_controller.rb
index f3e521adb69..c4a87e9dbd8 100644
--- a/app/controllers/projects/notes_controller.rb
+++ b/app/controllers/projects/notes_controller.rb
@@ -1,7 +1,7 @@
 class Projects::NotesController < Projects::ApplicationController
   # Authorize
   before_action :authorize_read_note!
-  before_action :authorize_write_note!, only: [:create]
+  before_action :authorize_create_note!, only: [:create]
   before_action :authorize_admin_note!, only: [:update, :destroy]
   before_action :find_current_user_notes, except: [:destroy, :delete_attachment]
 
diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb
index 3d75abcc29d..64306637423 100644
--- a/app/controllers/projects/snippets_controller.rb
+++ b/app/controllers/projects/snippets_controller.rb
@@ -6,10 +6,10 @@ class Projects::SnippetsController < Projects::ApplicationController
   before_action :authorize_read_project_snippet!
 
   # Allow write(create) snippet
-  before_action :authorize_write_project_snippet!, only: [:new, :create]
+  before_action :authorize_create_project_snippet!, only: [:new, :create]
 
   # Allow modify snippet
-  before_action :authorize_modify_project_snippet!, only: [:edit, :update]
+  before_action :authorize_update_project_snippet!, only: [:edit, :update]
 
   # Allow destroy snippet
   before_action :authorize_admin_project_snippet!, only: [:destroy]
@@ -75,8 +75,8 @@ class Projects::SnippetsController < Projects::ApplicationController
     @snippet ||= @project.snippets.find(params[:id])
   end
 
-  def authorize_modify_project_snippet!
-    return render_404 unless can?(current_user, :modify_project_snippet, @snippet)
+  def authorize_update_project_snippet!
+    return render_404 unless can?(current_user, :update_project_snippet, @snippet)
   end
 
   def authorize_admin_project_snippet!
diff --git a/app/controllers/projects/wikis_controller.rb b/app/controllers/projects/wikis_controller.rb
index 36ef86e1909..50512cb6dc3 100644
--- a/app/controllers/projects/wikis_controller.rb
+++ b/app/controllers/projects/wikis_controller.rb
@@ -2,7 +2,7 @@ require 'project_wiki'
 
 class Projects::WikisController < Projects::ApplicationController
   before_action :authorize_read_wiki!
-  before_action :authorize_write_wiki!, only: [:edit, :create, :history]
+  before_action :authorize_create_wiki!, only: [:edit, :create, :history]
   before_action :authorize_admin_wiki!, only: :destroy
   before_action :load_project_wiki
   include WikiHelper
@@ -28,7 +28,7 @@ class Projects::WikisController < Projects::ApplicationController
         )
       end
     else
-      return render('empty') unless can?(current_user, :write_wiki, @project)
+      return render('empty') unless can?(current_user, :create_wiki, @project)
       @page = WikiPage.new(@project_wiki)
       @page.title = params[:id]
 
@@ -43,7 +43,7 @@ class Projects::WikisController < Projects::ApplicationController
   def update
     @page = @project_wiki.find_page(params[:id])
 
-    return render('empty') unless can?(current_user, :write_wiki, @project)
+    return render('empty') unless can?(current_user, :create_wiki, @project)
 
     if @page.update(content, format, message)
       redirect_to(
diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb
index cf672c5c093..8e7e45c781f 100644
--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -2,7 +2,7 @@ class SnippetsController < ApplicationController
   before_action :snippet, only: [:show, :edit, :destroy, :update, :raw]
 
   # Allow modify snippet
-  before_action :authorize_modify_snippet!, only: [:edit, :update]
+  before_action :authorize_update_snippet!, only: [:edit, :update]
 
   # Allow destroy snippet
   before_action :authorize_admin_snippet!, only: [:destroy]
@@ -87,8 +87,8 @@ class SnippetsController < ApplicationController
                  end
   end
 
-  def authorize_modify_snippet!
-    return render_404 unless can?(current_user, :modify_personal_snippet, @snippet)
+  def authorize_update_snippet!
+    return render_404 unless can?(current_user, :update_personal_snippet, @snippet)
   end
 
   def authorize_admin_snippet!
diff --git a/app/models/ability.rb b/app/models/ability.rb
index c90c99c5b5f..3ee3a7857ee 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -68,6 +68,7 @@ class Ability
     def project_abilities(user, project)
       rules = []
       key = "/user/#{user.id}/project/#{project.id}"
+
       RequestStore.store[key] ||= begin
         team = project.team
 
@@ -144,9 +145,9 @@ class Ability
         :read_project_member,
         :read_merge_request,
         :read_note,
-        :write_project,
-        :write_issue,
-        :write_note
+        :create_project,
+        :create_issue,
+        :create_note
       ]
     end
 
@@ -154,15 +155,15 @@ class Ability
       project_guest_rules + [
         :download_code,
         :fork_project,
-        :write_project_snippet
+        :create_project_snippet
       ]
     end
 
     def project_dev_rules
       project_report_rules + [
-        :write_merge_request,
-        :write_wiki,
-        :modify_issue,
+        :create_merge_request,
+        :create_wiki,
+        :update_issue,
         :admin_issue,
         :admin_label,
         :push_code
@@ -171,10 +172,10 @@ class Ability
 
     def project_archived_rules
       [
-        :write_merge_request,
+        :create_merge_request,
         :push_code,
         :push_code_to_protected_branches,
-        :modify_merge_request,
+        :update_merge_request,
         :admin_merge_request
       ]
     end
@@ -182,9 +183,8 @@ class Ability
     def project_master_rules
       project_dev_rules + [
         :push_code_to_protected_branches,
-        :modify_issue,
-        :modify_project_snippet,
-        :modify_merge_request,
+        :update_project_snippet,
+        :update_merge_request,
         :admin_milestone,
         :admin_project_snippet,
         :admin_project_member,
@@ -244,30 +244,40 @@ class Ability
       rules.flatten
     end
 
-    [:issue, :note, :project_snippet, :personal_snippet, :merge_request].each do |name|
+
+    [:issue, :merge_request].each do |name|
       define_method "#{name}_abilities" do |user, subject|
-        if subject.author == user || user.is_admin?
-          rules = [
+        rules = []
+
+        if subject.author == user || (subject.respond_to?(:assignee) && subject.assignee == user)
+          rules += [
             :"read_#{name}",
-            :"write_#{name}",
-            :"modify_#{name}",
-            :"admin_#{name}"
+            :"update_#{name}",
           ]
-          rules.push(:change_visibility_level) if subject.is_a?(Snippet)
-          rules
-        elsif subject.respond_to?(:assignee) && subject.assignee == user
-          [
+        end
+
+        rules += project_abilities(user, subject.project)
+        rules
+      end
+    end
+
+    [:note, :project_snippet, :personal_snippet].each do |name|
+      define_method "#{name}_abilities" do |user, subject|
+        rules = []
+
+        if subject.author == user
+          rules += [
             :"read_#{name}",
-            :"write_#{name}",
-            :"modify_#{name}",
+            :"update_#{name}",
+            :"admin_#{name}"
           ]
-        else
-          if subject.respond_to?(:project) && subject.project
-            project_abilities(user, subject.project)
-          else
-            []
-          end
         end
+
+        if subject.respond_to?(:project) && subject.project
+          rules += project_abilities(user, subject.project)
+        end
+
+        rules
       end
     end
 
@@ -276,13 +286,16 @@ class Ability
       target_user = subject.user
       group = subject.group
       can_manage = group_abilities(user, group).include?(:admin_group)
+
       if can_manage && (user != target_user)
-        rules << :modify_group_member
+        rules << :update_group_member
         rules << :destroy_group_member
       end
+
       if !group.last_owner?(user) && (can_manage || (user == target_user))
         rules << :destroy_group_member
       end
+
       rules
     end
 
@@ -299,8 +312,8 @@ class Ability
     def named_abilities(name)
       [
         :"read_#{name}",
-        :"write_#{name}",
-        :"modify_#{name}",
+        :"create_#{name}",
+        :"update_#{name}",
         :"admin_#{name}"
       ]
     end
diff --git a/app/services/issues/bulk_update_service.rb b/app/services/issues/bulk_update_service.rb
index eb07413ee94..de8387c4900 100644
--- a/app/services/issues/bulk_update_service.rb
+++ b/app/services/issues/bulk_update_service.rb
@@ -10,7 +10,7 @@ module Issues
 
       issues = Issue.where(id: issues_ids)
       issues.each do |issue|
-        next unless can?(current_user, :modify_issue, issue)
+        next unless can?(current_user, :update_issue, issue)
 
         Issues::UpdateService.new(issue.project, current_user, issue_params).execute(issue)
       end
diff --git a/app/services/update_snippet_service.rb b/app/services/update_snippet_service.rb
index 9d181c2d2ab..e9328bb7323 100644
--- a/app/services/update_snippet_service.rb
+++ b/app/services/update_snippet_service.rb
@@ -9,9 +9,9 @@ class UpdateSnippetService < BaseService
   def execute
     # check that user is allowed to set specified visibility_level
     new_visibility = params[:visibility_level]
+
     if new_visibility && new_visibility.to_i != snippet.visibility_level
-      unless can?(current_user, :change_visibility_level, snippet) &&
-        Gitlab::VisibilityLevel.allowed_for?(current_user, new_visibility)
+      unless Gitlab::VisibilityLevel.allowed_for?(current_user, new_visibility)
         deny_visibility_level(snippet, new_visibility)
         return snippet
       end
diff --git a/app/views/groups/group_members/_group_member.html.haml b/app/views/groups/group_members/_group_member.html.haml
index ec39a755f0f..b460e0ff59e 100644
--- a/app/views/groups/group_members/_group_member.html.haml
+++ b/app/views/groups/group_members/_group_member.html.haml
@@ -32,7 +32,7 @@
     %span.pull-right
       %strong= member.human_access
       - if show_controls
-        - if can?(current_user, :modify_group_member, member)
+        - if can?(current_user, :update_group_member, member)
           = button_tag class: "btn-xs btn js-toggle-button",
                        title: 'Edit access level', type: 'button' do
             %i.fa.fa-pencil-square-o
diff --git a/app/views/projects/_aside.html.haml b/app/views/projects/_aside.html.haml
index 86a807a0cae..72aea8814f5 100644
--- a/app/views/projects/_aside.html.haml
+++ b/app/views/projects/_aside.html.haml
@@ -22,11 +22,11 @@
                   Contribution guide
 
         .actions
-          - if can? current_user, :write_issue, @project
+          - if can? current_user, :create_issue, @project
             = link_to url_for_new_issue(@project, only_path: true), title: "New Issue", class: 'btn btn-sm append-right-10' do
               New Issue
 
-          - if can? current_user, :write_merge_request, @project
+          - if can? current_user, :create_merge_request, @project
             = link_to new_namespace_project_merge_request_path(@project.namespace, @project), class: "btn btn-sm", title: "New Merge Request" do
               New Merge Request
 
diff --git a/app/views/projects/diffs/_parallel_view.html.haml b/app/views/projects/diffs/_parallel_view.html.haml
index cb41dd852d3..37fd1b1ec8a 100644
--- a/app/views/projects/diffs/_parallel_view.html.haml
+++ b/app/views/projects/diffs/_parallel_view.html.haml
@@ -18,7 +18,7 @@
         - elsif type_left ==  'old' || type_left.nil?
           %td.old_line{id: line_code_left, class: "#{type_left}"}
             = link_to raw(line_number_left), "##{line_code_left}", id: line_code_left
-            - if @comments_allowed && can?(current_user, :write_note, @project)
+            - if @comments_allowed && can?(current_user, :create_note, @project)
               = link_to_new_diff_note(line_code_left, 'old')
             %td.line_content{class: "parallel noteable_line #{type_left} #{line_code_left}", "line_code" => line_code_left }= raw line_content_left
 
@@ -31,7 +31,7 @@
 
           %td.new_line{id: new_line_code, class: "#{new_line_class}", data: { linenumber: line_number_right }}
             = link_to raw(line_number_right), "##{new_line_code}", id: new_line_code
-            - if @comments_allowed && can?(current_user, :write_note, @project)
+            - if @comments_allowed && can?(current_user, :create_note, @project)
               = link_to_new_diff_note(line_code_right, 'new')
             %td.line_content.parallel{class: "noteable_line #{new_line_class} #{new_line_code}", "line_code" => new_line_code}= raw line_content_right
 
diff --git a/app/views/projects/diffs/_text_file.html.haml b/app/views/projects/diffs/_text_file.html.haml
index a6373181b45..ed4c601bcdb 100644
--- a/app/views/projects/diffs/_text_file.html.haml
+++ b/app/views/projects/diffs/_text_file.html.haml
@@ -16,7 +16,7 @@
       - else
         %td.old_line
           = link_to raw(type == "new" ? "&nbsp;" : line_old), "##{line_code}", id: line_code
-          - if @comments_allowed && can?(current_user, :write_note, @project)
+          - if @comments_allowed && can?(current_user, :create_note, @project)
             = link_to_new_diff_note(line_code)
         %td.new_line{data: {linenumber: line.new_pos}}
           = link_to raw(type == "old" ? "&nbsp;" : line.new_pos) , "##{line_code}", id: line_code
diff --git a/app/views/projects/issues/_discussion.html.haml b/app/views/projects/issues/_discussion.html.haml
index a099e597294..f61ae957208 100644
--- a/app/views/projects/issues/_discussion.html.haml
+++ b/app/views/projects/issues/_discussion.html.haml
@@ -1,5 +1,5 @@
 - content_for :note_actions do
-  - if can?(current_user, :modify_issue, @issue)
+  - if can?(current_user, :update_issue, @issue)
     - if @issue.closed?
       = link_to 'Reopen Issue', issue_path(@issue, issue: {state_event: :reopen}, status_only: true), method: :put, class: 'btn btn-grouped btn-reopen js-note-target-reopen', title: 'Reopen Issue'
     - else
diff --git a/app/views/projects/issues/index.html.haml b/app/views/projects/issues/index.html.haml
index 2785ff25e69..d06225f5488 100644
--- a/app/views/projects/issues/index.html.haml
+++ b/app/views/projects/issues/index.html.haml
@@ -13,7 +13,7 @@
 
       = render 'shared/issuable/search_form', path: namespace_project_issues_path(@project.namespace, @project)
 
-    - if can? current_user, :write_issue, @project
+    - if can? current_user, :create_issue, @project
       = link_to new_namespace_project_issue_path(@project.namespace, @project, issue: { assignee_id: @issuable_finder.assignee.try(:id), milestone_id: @issuable_finder.milestones.try(:first).try(:id) }), class: "btn btn-new pull-left", title: "New Issue", id: "new_issue_link" do
         %i.fa.fa-plus
         New Issue
diff --git a/app/views/projects/issues/show.html.haml b/app/views/projects/issues/show.html.haml
index 5bbb1fd4e92..54d33a5ddd1 100644
--- a/app/views/projects/issues/show.html.haml
+++ b/app/views/projects/issues/show.html.haml
@@ -12,11 +12,11 @@
         &middot; created by #{link_to_member(@project, @issue.author)} #{issue_timestamp(@issue)}
 
       .pull-right
-        - if can?(current_user, :write_issue, @project)
+        - if can?(current_user, :create_issue, @project)
           = link_to new_namespace_project_issue_path(@project.namespace, @project), class: 'btn btn-grouped new-issue-link', title: 'New Issue', id: 'new_issue_link' do
             = icon('plus')
             New Issue
-        - if can?(current_user, :modify_issue, @issue)
+        - if can?(current_user, :update_issue, @issue)
           - if @issue.closed?
             = link_to 'Reopen', issue_path(@issue, issue: {state_event: :reopen}, status_only: true), method: :put, class: 'btn btn-grouped btn-reopen'
           - else
@@ -31,7 +31,7 @@
       = gfm escape_once(@issue.title)
     %div
       - if @issue.description.present?
-        .description{class: can?(current_user, :modify_issue, @issue) ? 'js-task-list-container' : ''}
+        .description{class: can?(current_user, :update_issue, @issue) ? 'js-task-list-container' : ''}
           .wiki
             = preserve do
               = markdown(@issue.description)
diff --git a/app/views/projects/merge_requests/_discussion.html.haml b/app/views/projects/merge_requests/_discussion.html.haml
index 76088b9c862..f855dfec321 100644
--- a/app/views/projects/merge_requests/_discussion.html.haml
+++ b/app/views/projects/merge_requests/_discussion.html.haml
@@ -1,5 +1,5 @@
 - content_for :note_actions do
-  - if can?(current_user, :modify_merge_request, @merge_request)
+  - if can?(current_user, :update_merge_request, @merge_request)
     - if @merge_request.open?
       = link_to 'Close', merge_request_path(@merge_request, merge_request: {state_event: :close }), method: :put, class: "btn btn-grouped btn-close close-mr-link js-note-target-close", title: "Close merge request"
     - if @merge_request.closed?
diff --git a/app/views/projects/merge_requests/index.html.haml b/app/views/projects/merge_requests/index.html.haml
index 750cc3e6eea..e0bc1df97ee 100644
--- a/app/views/projects/merge_requests/index.html.haml
+++ b/app/views/projects/merge_requests/index.html.haml
@@ -3,7 +3,7 @@
   .pull-right
     = render 'shared/issuable/search_form', path: namespace_project_merge_requests_path(@project.namespace, @project)
 
-    - if can? current_user, :write_merge_request, @project
+    - if can? current_user, :create_merge_request, @project
       .pull-left.hidden-xs
         = link_to new_namespace_project_merge_request_path(@project.namespace, @project), class: "btn btn-new", title: "New Merge Request" do
           %i.fa.fa-plus
diff --git a/app/views/projects/merge_requests/show/_mr_box.html.haml b/app/views/projects/merge_requests/show/_mr_box.html.haml
index b3470ba37d6..e3cd4346872 100644
--- a/app/views/projects/merge_requests/show/_mr_box.html.haml
+++ b/app/views/projects/merge_requests/show/_mr_box.html.haml
@@ -3,7 +3,7 @@
 
 %div
   - if @merge_request.description.present?
-    .description{class: can?(current_user, :modify_merge_request, @merge_request) ? 'js-task-list-container' : ''}
+    .description{class: can?(current_user, :update_merge_request, @merge_request) ? 'js-task-list-container' : ''}
       .wiki
         = preserve do
           = markdown(@merge_request.description)
diff --git a/app/views/projects/merge_requests/show/_mr_title.html.haml b/app/views/projects/merge_requests/show/_mr_title.html.haml
index 83baf157a92..4e8144b4de2 100644
--- a/app/views/projects/merge_requests/show/_mr_title.html.haml
+++ b/app/views/projects/merge_requests/show/_mr_title.html.haml
@@ -7,7 +7,7 @@
     created by #{link_to_member(@project, @merge_request.author)} #{time_ago_with_tooltip(@merge_request.created_at)}
 
   .issue-btn-group.pull-right
-    - if can?(current_user, :modify_merge_request, @merge_request)
+    - if can?(current_user, :update_merge_request, @merge_request)
       - if @merge_request.open?
         = link_to 'Close', merge_request_path(@merge_request, merge_request: { state_event: :close }), method: :put, class: "btn btn-grouped btn-close", title: "Close merge request"
         = link_to edit_namespace_project_merge_request_path(@project.namespace, @project, @merge_request), class: "btn btn-grouped issuable-edit", id: "edit_merge_request" do
diff --git a/app/views/projects/milestones/show.html.haml b/app/views/projects/milestones/show.html.haml
index 5c85092a045..5947498e379 100644
--- a/app/views/projects/milestones/show.html.haml
+++ b/app/views/projects/milestones/show.html.haml
@@ -62,7 +62,7 @@
       %span.badge= @users.count
 
   .pull-right
-    - if can?(current_user, :write_issue, @project)
+    - if can?(current_user, :create_issue, @project)
       = link_to new_namespace_project_issue_path(@project.namespace, @project, issue: { milestone_id: @milestone.id }), class: "btn  btn-grouped", title: "New Issue" do
         %i.fa.fa-plus
         New Issue
diff --git a/app/views/projects/notes/_notes_with_form.html.haml b/app/views/projects/notes/_notes_with_form.html.haml
index a202e74a892..04222b8f7c4 100644
--- a/app/views/projects/notes/_notes_with_form.html.haml
+++ b/app/views/projects/notes/_notes_with_form.html.haml
@@ -3,7 +3,7 @@
 .js-notes-busy
 
 .js-main-target-form
-- if can? current_user, :write_note, @project
+- if can? current_user, :create_note, @project
   = render "projects/notes/form", view: params[:view]
 
 :javascript
diff --git a/app/views/projects/snippets/index.html.haml b/app/views/projects/snippets/index.html.haml
index da9401bd8c1..30081673ffc 100644
--- a/app/views/projects/snippets/index.html.haml
+++ b/app/views/projects/snippets/index.html.haml
@@ -1,7 +1,7 @@
 - page_title "Snippets"
 %h3.page-title
   Snippets
-  - if can? current_user, :write_project_snippet, @project
+  - if can? current_user, :create_project_snippet, @project
     = link_to new_namespace_project_snippet_path(@project.namespace, @project), class: "btn btn-new pull-right", title: "New Snippet" do
       Add new snippet
 
diff --git a/app/views/projects/snippets/show.html.haml b/app/views/projects/snippets/show.html.haml
index 5725d804df3..8cbb813c758 100644
--- a/app/views/projects/snippets/show.html.haml
+++ b/app/views/projects/snippets/show.html.haml
@@ -28,7 +28,7 @@
       = @snippet.file_name
     .file-actions
       .btn-group
-        - if can?(current_user, :modify_project_snippet, @snippet)
+        - if can?(current_user, :update_project_snippet, @snippet)
           = link_to "edit", edit_namespace_project_snippet_path(@project.namespace, @project, @snippet), class: "btn btn-sm", title: 'Edit Snippet'
         = link_to "raw", raw_namespace_project_snippet_path(@project.namespace, @project, @snippet), class: "btn btn-sm", target: "_blank"
       - if can?(current_user, :admin_project_snippet, @snippet)
diff --git a/app/views/projects/wikis/_main_links.html.haml b/app/views/projects/wikis/_main_links.html.haml
index 633214a4e86..788bb8cf1e2 100644
--- a/app/views/projects/wikis/_main_links.html.haml
+++ b/app/views/projects/wikis/_main_links.html.haml
@@ -2,7 +2,7 @@
   - if (@page && @page.persisted?)
     = link_to history_namespace_project_wiki_path(@project.namespace, @project, @page), class: "btn btn-grouped" do
       Page History
-    - if can?(current_user, :write_wiki, @project)
+    - if can?(current_user, :create_wiki, @project)
       = link_to edit_namespace_project_wiki_path(@project.namespace, @project, @page), class: "btn btn-grouped" do
         %i.fa.fa-pencil-square-o
         Edit
diff --git a/app/views/projects/wikis/_nav.html.haml b/app/views/projects/wikis/_nav.html.haml
index 693c3facb32..804a1b52dbe 100644
--- a/app/views/projects/wikis/_nav.html.haml
+++ b/app/views/projects/wikis/_nav.html.haml
@@ -10,7 +10,7 @@
       %i.fa.fa-download
       Git Access
 
-  - if can?(current_user, :write_wiki, @project)
+  - if can?(current_user, :create_wiki, @project)
     .pull-right
       = link_to '#modal-new-wiki', class: "add-new-wiki btn btn-new", "data-toggle" => "modal" do
         %i.fa.fa-plus
diff --git a/app/views/snippets/show.html.haml b/app/views/snippets/show.html.haml
index 70a95abde6f..089e8122918 100644
--- a/app/views/snippets/show.html.haml
+++ b/app/views/snippets/show.html.haml
@@ -36,7 +36,7 @@
       = @snippet.file_name
     .file-actions
       .btn-group
-        - if can?(current_user, :modify_personal_snippet, @snippet)
+        - if can?(current_user, :update_personal_snippet, @snippet)
           = link_to "edit", edit_snippet_path(@snippet), class: "btn btn-sm", title: 'Edit Snippet'
         = link_to "raw", raw_snippet_path(@snippet), class: "btn btn-sm", target: "_blank"
       - if can?(current_user, :admin_personal_snippet, @snippet)