Implement read_group_runners policy
Currently, there are many HAML pages in the administration UI which are directly testing for conditions in order to determine if a functionality should be available/shown to the user. This leads to a tight coupling of view/backend logic and is no longer the best way to go about this problem.
An example is testing for the :admin_group
permission in order to determine whether group runners can be read. We should replace that logic with a declarative policy that doesn't reuse unrelated policies.