Add custom role abilities for AI catalog item management and config (!234759) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

We need the ability to create custom roles which grant access to manage and configure AI catalog items. Specifically we have a Transcend event coming up where we need to empower wider community members without granting them maintainer permission.

This MR adds those configurable abilities for custom roles.

References

Closes #578560, #583859, #583860, #578558

Screenshots or screen recordings

How to set up and validate locally

Create a custom role (at system or for a top level group) with base role of Developer + Manage and Configure AI Catalog items
Test using a developer role that the user cannot create or enable agents/flows
Switch to the custom role and test the user can create/hide/enable*/disable

NOTE: *The GraphQL query used for UI enablement is hardcoded for maintainer role at the moment so enablement must be completed via GraphQL:

mutation {
  aiCatalogItemConsumerCreate(input: {
    itemId: "gid://gitlab/Ai::Catalog::Item/30"
    target: { 
      projectId: "gid://gitlab/Project/19"
    }
  }) {
    errors
  }
}

Fixing this is outside the scope of this MR, but will be addressed in a follow-up.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited May 06, 2026 by Lee Tickett

Add custom role abilities for AI catalog item management and config

What does this MR do and why?

References

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports