Role Reader should be able to upload File

[Fatte1254]

⚠️ Note on feature completeness ⚠️

We are narrowing the scope of acceptable enhancements to DefectDojo. Learn more here:
https://github.com/DefectDojo/django-DefectDojo/blob/master/readme-docs/CONTRIBUTING.md

Is your feature request related to a problem? Please describe
Problem:
A Developer with the Reader role for a product currently cannot upload files or respond to questionnaires to provide Proof of Concept (PoC) evidence for a mitigation. However, this functionality is necessary — Developers should be able to upload supporting files and answer relevant questionnaires to demonstrate that a finding has been mitigated.

The Product Owner, who has the Writer role, should then be able to review the submitted PoC, validate the mitigation, and update the finding status accordingly.

Describe the solution you'd like
Solution:
Enable Developers with the Reader role to upload supporting files and complete relevant questionnaires as Proof of Concept (PoC) for mitigated findings.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you have considered.

Additional context
Add any other context, screenshots, sketch, code snippet, etc. about the feature request here.

[valentijnscholten]

Thank you for submitting your enhancement request, this is something we would welcome a community PR for!

[manuel-sommer]

Maybe it makes sense to also optionally limit the upload scope that a developer can do to already existing tests (reimport).