Add :read_agent_artifacts ability gating AI audit events in GraphQL

Andrew Jungrequested to merge
feature/601058-read-agent-artifacts-ability into master

What does this MR do and why?

Introduces a dedicated read_agent_artifacts custom ability for the Agent Artifacts dashboard and migrates all existing permission checks from read_compliance_dashboard to read_agent_artifacts.

Changes

New read_agent_artifacts custom ability

A new custom ability (ee/config/custom_abilities/read_agent_artifacts.yml) scoped to both group and project level. Granted by default to owners, auditors, and security managers.

Permission migration

All existing checks that previously used read_compliance_dashboard to gate the Agent Artifacts dashboard are updated to use read_agent_artifacts.

WorkflowPolicy compliance reviewer rules

The can_read_compliance_dashboard_in_parent condition is renamed to can_read_agent_artifacts_in_parent, and both compliance reviewer rules now enable :read_agent_artifacts in addition to :read_duo_workflow.

Subscription restriction

Compliance reviewers with read_agent_artifacts are explicitly blocked from WorkflowEventsUpdated subscriptions. Subscriptions stream live checkpoint data (chat messages, tool calls) which is broader than audit event scope.

Reviewer notes re Duo FP comments

  • Subscription nil-dereference - workflow&.user_id == current_user.id is safe. authorize_object_or_gid! raises unauthorized! before reaching that line if the workflow is not found, so the &. is purely defensive.

  • Explicit prevent for chat workflows - Dropped after finding that agentic_chat_workflow uses chat? which returns true for ALL foundational agents, not just literal chat. Adding rule { agentic_chat_workflow }.prevent :read_agent_artifacts would incorrectly block security analyst and orbit sessions. Exclusion by omission (no rule enables it for chat) is the correct approach and is covered by the when workflow is a chat session spec context.

  • Access levels [25, 50] skipping Maintainer - Matches read_compliance_dashboard which uses the same levels. Consistent with the existing compliance ability access model.

  • Controller still checks group_level_compliance_dashboard - Intentional. The license gates the page; read_agent_artifacts gates the permission within it. Also consistent with other compliance features.

  • Subscription spec coverage for reviewer-not-owner - Already covered by when user is a compliance reviewer with :read_agent_artifacts but not the workflow owner in workflow_events_updated_spec.rb.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Closes #601058

Edited by Jean van der Walt

Merge request reports