Refactor permission checks with issues and merge requests project settings
Slight refinement for read/write permission checks for 04d44522 as discussed in !691 (merged). Currently it appears that there is no role that only has read-only access to issues, but it could be possible.
/cc: @DouweM