[Backend] Add mutation to bulk apply and remove profile to groups and projects

Implement a bulk mutation that allows applying a scan profile to multiple projects and groups simultaneously.

Requirements

Core Functionality

Create a bulk mutation that can apply scan profiles to both projects and groups
Support asynchronous processing when attaching profiles to groups
Handle both persisted scan profile IDs and template-based IDs
Generate default values from templates on-the-fly when using template-based IDs

Security & Permissions

Enforce apply_security_scan_profiles permission on all target projects and groups
Validate permissions before processing any mutations

Constraints

Respect the existing limit of 10 profiles per project
Ensure the mutation fails gracefully if limits would be exceeded

Technical Considerations

Implement proper error handling for permission failures
Ensure async processing for groups doesn't block the mutation response

Description was generated using AI

Edited Dec 03, 2025 by Gal Katz