Segment Change Requests bypassable via segment create or delete

[adamvialpando]

Summary

The project level Segment Change Requests setting gates edits to a segment's definition but does not gate creation or deletion. Combined with Manage segments being a single project level permission (no separate create, edit, or delete grants), any user who can edit segments can bypass the change request gate.

Repro

1. Enable Segment Change Requests on a project.
2. As a user with Manage segments, edit an existing segment's rules. A change request is required, as expected.
3. Bypass paths that do not require a change request:
   • Delete the segment and create a new one with the desired rules, then point feature segment overrides at the new segment.
   • Create a new segment with the desired rules and switch the feature segment override to it, leaving the original segment in place.

Neither path triggers a change request, so the gate is effectively optional for anyone with Manage segments.

Expected

With Segment Change Requests enabled, segment creation and deletion should also be gated by change requests. At minimum, deleting a segment that is referenced by any feature segment override should require a change request.

Notes

• Manage segments is a single project level permission covering create, edit, and delete, so there is no RBAC workaround to grant edit only access.
• Worth aligning the gate's scope with the intent: governance over segment behaviour, not just the literal edit API call.