Ensure Auditor permissions in UI follow docs
## Summary
Based on the first line in the docs, auditors should be able to view all parts of a project or group except the Settings area.
> Auditor users are able to have ... read-only access to all other resources, except the Admin Area.
Implementation however is inconsistent.
## Details
The list of [permissions and restrictions](https://docs.gitlab.com/ee/administration/auditor_users.html#permissions-and-restrictions-of-an-auditor-user) makes it clear that Auditors cannot access the project/group Settings, but it looks like it should have access to everything else in the UI and read-only to non-admin parts of the API.
Based on the [use cases](https://docs.gitlab.com/ee/administration/auditor_users.html#use-cases), Auditors _should_ have read-only access to everything except the Admin area, and (as noted in the docs) the Settings menu.
Note: Any previously noted docs inconsistencies have been moved to an issue: https://gitlab.com/gitlab-org/gitlab/-/issues/353636
## Steps to reproduce
1. View a project or group as an Auditor.
1. View a project or group as an Admin.
1. Compare the two.
### Example Project
For https://gitlab.com/gitlab-gold/auto-devops-testing
Auditor and Admin view of menu with Operations expanded:
 
### What is the current *bug* behavior?
The auditor cannot view a lot of group and project resources, including job logs if access restrictions are turned on.
### What is the expected *correct* behavior?
Auditor can view (not modify) all group and project resources aside from Settings.
### Detailed Listing
Note: An analysis was not done for the API, only the UI.
Under each section, you will find a table which lists the different (left nav) menu items, whether they're visible to an Auditor account, if it's behaving as expected, and any additional notes as of **2022-02-01**.
The table is for _private_ groups and projects only. Public and internal groups and projects have not been verified.
For inconsistencies aside from the the left nav menu, please see the list of issues tied to the epic
#### Group Menu
| Menu item | Submenu item | Visible? | Expected? | Notes |
| --------- | ------------ | -------- | --------- | ----- |
| Main page | - | Y | Y | |
| Group information | | Y | Y | |
| | Activity | Y | Y | |
| | Labels | Y | Y | |
| | Members | Y | Y | However, badging (2FA, is using seat, SAML, Enterprise, others?) is not. See https://gitlab.com/gitlab-org/gitlab/-/issues/353666 |
| Epics | | Y | Y | |
| | List | Y | Y | |
| | Boards | Y | Y | |
| | Roadmap | Y | Y | |
| Issues | | Y | Y | |
| | List | Y | Y | |
| | Boards | Y | Y | |
| | Milestones | Y | Y | |
| | Iterations | Y | Y | |
| Merge requests | | Y | Y | |
| Security & Compliance | | Y | Y | |
| | Security dashboard | Y | Y | |
| | Vulnerability report | Y | Y | |
| | Compliance report | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/355500 |
| | Audit events | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/351602 |
| Push rules | | N | N | Should be read-only. If not possible, then keep as not visible. https://gitlab.com/gitlab-org/gitlab/-/issues/355534 |
| CI/CD | | Y | Y | Runners is currently the only submenu item. https://gitlab.com/gitlab-org/gitlab/-/issues/357328. Token should not be revealed. |
| Kubernetes | | Y | Y | Being deprecated, visible with the feature flag |
| Packages & Registries | | Y | Y | |
| | Package registry | Y | Y | |
| | Container Registry | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/354579 |
| | Dependency Proxy | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/355501 |
| Analytics | | Y | Y | |
| | Value stream | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/354603 |
| | CI/CD | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/355528 |
| | Contribution | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/355531 |
| | DevOps adoption | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/355529 |
| | Insights | Y | Y | |
| | Issue | Y | Y | |
| | Productivity | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/355532 |
| | Repository | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/355533 |
| Wiki | | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/354577 |
| Settings | | N | Y | |
| | General | N | Y | |
| | Integrations | N | Y | |
| | Access Tokens | N | Y | |
| | Projects | N | Y | |
| | Repository | N | Y | |
| | CI/CD | N | Y | |
| | Applications | N | Y | |
| | Packages & Registries | N | Y | |
| | SAML SSO | N | Y | |
| | SAML Group Links | N | Y | |
| | Webhooks | N | Y | |
| | Usage Quotas | N | Y | https://gitlab.com/gitlab-org/gitlab/-/issues/353677 |
| | Billing | N | Y | Currently hidden |
| Billing | | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/351601 |
#### Project Menu
| Menu item | Submenu item | Visible? | Expected? | Notes |
| --------- | ------------ | -------- | --------- | ----- |
| Main page | - | Y | Y | |
| Project information | | Y | Y | |
| | Activity | Y | Y | |
| | Labels | Y | Y | |
| | Members | Y | Y | |
| Issues | | Y | Y | |
| | List | Y | Y | |
| | Boards | Y | Y | |
| | Service Desk | Y | Y | |
| | Milestones | Y | Y | |
| | Iterations | Y | Y | |
| | Requirements | Y | Y | |
| Merge requests | | Y | Y | |
| CI/CD | | Y | Y | |
| | Pipelines | Y | Y | |
| | Editor | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/357329 |
| | Jobs | Y | Y | Some job logs when viewing individual logs are not available. See https://gitlab.com/gitlab-org/gitlab/-/issues/351607 |
| | Schedules | Y | Y | |
| | Test Cases | Y | Y | |
| Security & Compliance | | Y | Y | |
| | Security dashboard | Y | Y | |
| | Vulnerability report | Y | Y | |
| | On-demand scans | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/356734 |
| | Dependency list | Y | Y | |
| | License compliance | Y | Y | |
| | Threat monitoring | Y | Y | |
| | Policies | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/356735 |
| | Audit events | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/351603 |
| | Configuration | Y | Y | |
| Deployments | | Y | Y | |
| | Feature Flags | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/357335 |
| | Environments | Y | Y | |
| Monitor | | Y | Y | |
| | Metrics | N | N | Scheduled for removal in 16.0, https://gitlab.com/gitlab-org/gitlab/-/issues/359821 |
| | Logs | N | N | Scheduled for removal in 16.0, https://gitlab.com/gitlab-org/gitlab/-/issues/359821 |
| | Tracing | N | N | Scheduled for removal in 16.0, https://gitlab.com/gitlab-org/gitlab/-/issues/359821 |
| | Error Tracking | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/358628 |
| | Alerts | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/358631 |
| | Incidents | Y | Y | |
| | On-call Schedules | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/358632 |
| | Escalation Policies | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/358633 |
| Infrastructure | | Y | Y | https://gitlab.com/gitlab-org/gitlab/-/issues/358634 |
| | Kubernetes clusters | Y | Y | See menu item issue |
| | Serverless platform | Y | Y | Deprecated in 14.3, See menu item issue |
| | Terraform | Y | Y | See menu item issue |
| Packages & Registries | | Y | Y | |
| | Package registry | Y | Y | |
| | Container Registry | Y | Y | |
| | Infrastructure Registry | Y | Y | |
| Analytics | | Y | Y | |
| | Value stream | Y | Y | |
| | Code review | Y | Y | |
| | Insights | Y | Y | |
| | Issue | Y | Y | |
| | Merge request | N | N | https://gitlab.com/gitlab-org/gitlab/-/issues/357336 |
| | Repository | Y | Y | |
| Wiki | | Y | Y | |
| Snippets | | Y | Y | |
| Settings | | N | Y | |
| | General | N | Y | |
| | Integrations | N | Y | |
| | Webhooks | N | Y | |
| | Access Tokens | N | Y | |
| | Repository | N | Y | |
| | CI/CD | N | Y | |
| | Monitor | N | Y | |
| | Pages | N | Y | |
| | Packages & Registries | N | Y | |
| | Usage Quotas | N | Y | https://gitlab.com/gitlab-org/gitlab/-/issues/353677 |
| Billing | | N | N | Redirects to Group page |
### Output of checks
GitLab.com, GitLab Enterprise Edition 14.8.0-pre gitlab@da9865d9192b953c41064fc8c03ff78a34ef0c58
epic