Auditor role needs to be able to see project settings
Problem to solve
The Auditor
role is added at the instance-level and is granted read-only access to all groups and projects within the instance. This is problematic for compliance-minded organizations with stricter segregation of duties policies. While read-only access is positive, there are further restrictions that should be in place, such as preventing the Auditor
from viewing code.
Currently, there is no way for an instance administrator
to reduce the scope of an Auditor
permissions or customize it beyond simply creating an Auditor
user with its default permissions and capabilities.
Additional Information
The Auditor
role needs to be able to see project settings, who turned specific settings on or off, and audit logs.
There are likely additional areas an Auditor
would need to access with read-only
permissions.
Proposal
A suggested proposal here could be to allow for administrators
to scope an Auditor
user's permissions to exclude viewing any areas of a Project
with code.
This will require validation to determine the most necessary areas for access and the critical "no access" components.
What does success look like, and how can we measure that?
(If no way to measure success, link to an issue that will implement a way to measure this)