Documentation: Clean up Auditor docs to make clear what it covers
Problem to solve
Auditor documentation isn't consistent.
Further details
While the list of permissions and restrictions makes it clear that Auditors cannot access the project/group Settings, it doesn't list any other area that is unavailable, but what is explicitly listed as viewable is a very small subset of project/group resources.
So this makes things a little unclear.
Further confusion comes from this line:
If the project is public or internal, they have the same access as users that aren’t members of that project or group.
Why would they have the same access as a non-member if they should be able to audit events and other resources? And this is not in fact the case. Even for a public project, an Auditor can see more than a non-member.
Based on the use cases, Auditors should have read-only access to everything except the Admin area, and (as noted in the docs) the Settings menu.
Proposal
Review and make it consistent.
Who can address the issue
Anyone familiar with Auditor role.