Allow read-only access to groups and projects pages in the admin area

Eugie Limpinrequested to merge
el-admin-area-groups-projects-access into master

What does this MR do and why?

Allow read-only access to groups and projects pages in the admin area for non-admin users with custom admin roles enabling read_admin_groups and read_admin_projects permissions.

References

Implements Permission to view custom attributes (or groups... (#534449 - closed).

Screenshots or screen recordings

Page Admin Regular user with read_admin_groups and read_admin_projects custom admin permissions
Groups list Screenshot_2025-07-16_at_4.49.24_PM Screenshot_2025-07-16_at_4.45.18_PM
Group page Screenshot_2025-07-16_at_4.49.32_PM Screenshot_2025-07-16_at_4.45.41_PM
Projects list Screenshot_2025-07-16_at_4.49.01_PM Screenshot_2025-07-16_at_4.45.09_PM
Project page Screenshot_2025-07-16_at_4.49.12_PM Screenshot_2025-07-16_at_4.45.31_PM

How to set up and validate locally

  1. Enable custom_admin_roles feature flag
  2. Login with an admin, enable admin mode (doc), enter admin mode, and go to http://localhost:9393/admin/application_settings/roles_and_permissions/
  3. Create a custom admin role with View Groups and View Projects permissions
  4. Assign custom admin role to a non-admin user (doc)
  5. Login with the user
  6. Go to Admin area and verify that the groups, projects, group details, and project details pages are accessible and look like the screenshots.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Daniel Tian

Merge request reports