yes, for the whole 'diagnose' commands you need to be an administrator; the diagnose commands can be pretty powerful and are thus locked behind admin privileges.
I believe you might still be able to use the policy lookup tool in FortiGate GUI though, as long as you have read permissions for that.
The administration guide link my colleague provided above contains a section about the Policy Lookup tool in FortiGate GUI.
I hope this helps!
+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++