Auditors can see group security dashboard

This how we do y'all

ee/app/policies/ee/group_policy.rb

@@ -74,7 +74,10 @@ module EE
         prevent :destroy_epic
       end
 
-      rule { auditor }.enable :read_group
+      rule { auditor }.policy do
+        enable :read_group
+        enable :read_group_security_dashboard
+      end
 
       rule { admin | owner }.enable :admin_group_saml
 

ee/spec/policies/group_policy_spec.rb

@@ -368,8 +368,13 @@ describe GroupPolicy do
     context 'auditor' do
       let(:current_user) { create(:user, :auditor) }
 
+      before do
+        stub_licensed_features(security_dashboard: true)
+      end
+
       it do
         expect_allowed(:read_group)
+        expect_allowed(:read_group_security_dashboard)
         expect_disallowed(:upload_file)
         expect_disallowed(*reporter_permissions)
         expect_disallowed(*developer_permissions)