Add "delete group" as a customizable permission

Release notes

Background

Currently this permission resides in the Owner role. Customers want to avoid assigning Owner, and would rather split off this particular permission "delete group" so it could be added to any other base role.

Proposal

When creating a role, any base can be selected. A new permission is available and labeled "Delete Groups" that can be selected.
This permission group_delete gives them the ability to:
1. Delete a group
2. Cannot delete a top-level group on SaaS. There may be prevention mechanism here as it's tied to a subscription but a safeguard would be required.

Permission Description: Ability to delete a group. This permission cannot delete the root namespace on SaaS. Please review deleting retention period to prevent accidental deletion.

API For Reference:

https://docs.gitlab.com/ee/api/groups.html#remove-group

Views+Workflows:

Group -> General-> Advanced -> Remove Group Section

Evidence

#391760 (comment 1563798208)

Edited Feb 26, 2024 by Joe Randazzo