diff --git a/ee/app/policies/ee/project_policy.rb b/ee/app/policies/ee/project_policy.rb
index dd4efbdc1efe353b91c6b935dd6979c97ba734a3..98b83eae647b0991ff36c7e99204ebab46b8ae29 100644
--- a/ee/app/policies/ee/project_policy.rb
+++ b/ee/app/policies/ee/project_policy.rb
@@ -862,7 +862,10 @@ module ProjectPolicy
 
       rule { can?(:read_merge_request) & code_review_analytics_enabled }.enable :read_code_review_analytics
 
-      rule { private_project & planner }.prevent :read_code_review_analytics
+      rule { private_project & planner }.policy do
+        prevent :read_code_review_analytics
+        enable :read_code
+      end
 
       rule { (admin | reporter) & dora4_analytics_available }
         .enable :read_dora4_analytics
diff --git a/ee/spec/policies/project_policy_spec.rb b/ee/spec/policies/project_policy_spec.rb
index 5487c0630ee87779c45d7f2b8f0f64571a8d79b1..14f5593bd9df824cbe24848200d73ec847b61efc 100644
--- a/ee/spec/policies/project_policy_spec.rb
+++ b/ee/spec/policies/project_policy_spec.rb
@@ -1697,6 +1697,15 @@
       end
     end
 
+    describe 'for planner role in private project' do
+      context 'when policy is :read_code' do
+        let(:current_user) { planner }
+        let(:project) { private_project }
+
+        it { is_expected.to be_allowed(:read_code) }
+      end
+    end
+
     describe ':read_code_review_analytics' do
       let(:policy) { :read_code_review_analytics }
 
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb
index b1fa674865a33259aeb985dc2ca6fc3a386a3157..d2668e3c64a1a94253359be22fd8f205b7944ca6 100644
--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -3701,19 +3701,37 @@ def permissions_abilities(role)
       context 'private project' do
         let(:project) { private_project }
 
-        where(:role, :allowed) do
-          :owner      | true
-          :maintainer | true
-          :developer  | true
-          :reporter   | true
-          :planner    | false
-          :guest      | false
+        context 'download_code access' do
+          where(:role, :allowed) do
+            :owner | true
+            :maintainer | true
+            :developer  | true
+            :reporter   | true
+            :planner    | false
+            :guest      | false
+          end
+
+          with_them do
+            it do
+              expect(subject.can?(:download_code)).to be(allowed)
+            end
+          end
         end
 
-        with_them do
-          it do
-            expect(subject.can?(:download_code)).to be(allowed)
-            expect(subject.can?(:read_code)).to be(allowed)
+        context 'read_code access' do
+          where(:role, :allowed) do
+            :owner | true
+            :maintainer | true
+            :developer  | true
+            :reporter   | true
+            :planner    | true
+            :guest      | false
+          end
+
+          with_them do
+            it do
+              expect(subject.can?(:read_code)).to be(allowed)
+            end
           end
         end
       end