fix invalid access action

[orblazer]

Hello,
This PR fix 2 invalid access action.

• When we get repository via [GET]/projects/{project_name}/repositories/{repository_name} its ask list instead of read
• When we list scanner candidates of project [GET]/projects/{project_name_or_id}/scanner/candidates its ask create instead of list

Thanks.

[codecov]

Codecov Report

Merging #16381 (2228d2b) into main (c414666) will increase coverage by 0.03%.
The diff coverage is 0.00%.

@@            Coverage Diff             @@
##             main   #16381      +/-   ##
==========================================
+ Coverage   66.61%   66.64%   +0.03%     
==========================================
  Files         995      995              
  Lines      105886   105886              
  Branches     2600     2600              
==========================================
+ Hits        70532    70572      +40     
+ Misses      31461    31418      -43     
- Partials     3893     3896       +3     

Flag	Coverage Δ
unittests	66.64% <0.00%> (+0.03%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
src/server/v2.0/handler/repository.go	0.00% <0.00%> (ø)
src/core/api/internal.go	36.20% <0.00%> (-8.63%)	⬇️
src/jobservice/runner/redis.go	66.66% <0.00%> (-4.52%)	⬇️
...tegration/tag-retention/tag-retention.component.ts	36.75% <0.00%> (+5.98%)	⬆️
src/controller/event/topic.go	10.56% <0.00%> (+8.45%)	⬆️
src/pkg/permission/evaluator/rbac/casbin_match.go	100.00% <0.00%> (+10.86%)	⬆️
...g-retention-tasks/tag-retention-tasks.component.ts	86.11% <0.00%> (+25.00%)	⬆️
src/controller/event/handler/auditlog/auditlog.go	60.71% <0.00%> (+46.42%)	⬆️

[heww]

Only project admin can access this API /projects/{project_name_or_id}/scanner/candidates, so it doesn't use the (scanner, read) permission.

[github-actions]

This PR is being marked stale due to a period of inactivty. If this PR is still relevant, please comment or remove the stale label. Otherwise, this PR will close in 30 days.

[MinerYang]

Hi @orblazer,
As it mentioned above, the repository part looks correct but not the scanner part.
Would you like to revise this PR?
Thanks!

[wy65701436]

lgtm

[wy65701436]

@orblazer please help to resolve the coflict, then let me merge it, thanks.

[wy65701436]

@orblazer please help to sync the latest code to resolve the CI failure, then let me merge it, thanks.

[orblazer]

Hello @wy65701436 i have merge the branch.
If you want the commit a7d86cf accept the DCO i can make new PR.

[wy65701436]

@orblazer sure, you can go ahead to file an PR or fix the DCO of this one, the change LGTM

[wy65701436]

@orblazer would you mind to resolve the DCO problem? then we can go ahead to merge it.

[orblazer]

Hello @wy65701436, as i have said, i have make new PR #18188 for accept DCO on original commit.