Add auditor access for group compliance report
What does this MR do and why?
Describe in detail what your merge request does and why.
Closes #355500 (closed)
Screenshots or screen recordings
These are strongly recommended to assist reviewers and reduce the time to merge your change.
auditor-enable-group-compliance-report
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
- Switch to the
masterbranch and visit GitLab in your browser. Login as an admin user and attempt to visit the compliance report in a grouphttps://gitlab.example.com/groups/<GROUP>/-/security/compliance_dashboard. As an admin, you should be able to view this page. - Impersonate an auditor account and attempt to visit
https://gitlab.example.com/groups/<GROUP>/-/security/compliance_dashboard. As an auditor, you should see a404. This is expected. - Switch to the
auditor-enable-group-compliance-reportbranch. - In the address bar, attempt to visit
https://gitlab.example.com/groups/<GROUP>/-/security/compliance_dashboard. As an auditor, you should now be able to view this page.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Kent Japhet Ballon