Add security manager group permissions
What does this MR do and why?
Previously, security managers had minimal access. Now they can:
- View basic group information, packages, and container images
- Create new projects (when allowed by group settings)
- Access security-related features like vulnerability scanning, audit logs, and compliance frameworks
- View analytics and reporting dashboards
- Read compliance reports and security testing results
The changes also introduce proper restrictions, so security managers only receive these enhanced permissions when the relevant features are available in their organization's plan. Additionally, the code includes a test setup to verify that these new permissions work correctly.
Essentially, this provides security managers with significantly broader access to security and compliance tools within groups, while maintaining appropriate boundaries around what they can and cannot do.
Releated to
https://gitlab.com/gitlab-org/gitlab/-/issues/551797
Screenshots or screen recordings
| Before | After |
|---|---|
How to set up and validate locally
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability. This code change expands the permissions for users with the "security manager" role in a group management system.