Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

To create a new group, go to Settings > Groups > Add new group:

Image RemovedImage Added

To add/remove users to/from a group:

Image Removed

Image Removed

, click on the Select link in the Member column.

Two groups have a special meaning:

  • Anyone is Anyone is a group that exists in the system, but that cannot be managed. Every user belongs to this group, including "anonymous Anonymous user."
  • sonar-users is the default group to which users are automatically added. This group can be changed through To change it, go to Settings > General Settings > Security sonar.defaultGroup  and set the Default user group property.

Global Permissions

To set global permissions, log in as a System administrator and go to Settings > Global Permissions.

  • Administer System: Ability to perform all administration functions for the instance: global configuration and personalization of default dashboards.
  • Administer Quality Profiles: Ability to perform any action on the quality profiles. Available since version 3.6.
  • Share Dashboards and Filters: Ability to share dashboards, issue filters and measure filters. Available since version 3.7.
  • Execute Analysis: Ability to execute analyses (project, view, report, developer), and to get all settings required to perform the analysis, even the secured ones like the scm account password, the jira account password, and so on. Available since version 3.7.
  • Execute Local Preview Analysis (Dry Run): Ability to execute local (dry run) analyses without pushing the results to the server, and to get all settings required to perform a local analysispreview analysis (results are not pushed to the server). This permission does not include the ability to access secured settings such as the scm account password, the jira account password, and so on. This permission is required to execute a local  Note that the user running the preview analysis also has to be granted the Browse permission on the project to be analyzed. This permission is required to execute preview analysis in Eclipse, IntelliJ or via the Issues Report plugin. Available since version 3.7. Was Local Analysis (Dry Run) prior to version 4.0.
  • Provision Projects: Ability to initialize project structure before first analysis. Available since version 4.0.
  • Share Dashboards and Filters: Ability to share dashboards, issue filters and measure filters. Available since version 3.7.

 

Project Permissions

Three Four different permissions can be set on projects project-level resources (projects, views, developers):

  • Users have the ability to see that Browse: Ability to access a project exists, browse the measures and the issuesits measures, and create/edit issues for it.
  • Anchor
    codeViewersRole
    codeViewersRole
    Code viewers have the ability See Source Code: Ability to view the project's source code of the project. You must have the Users permission on a project to make use of the Code viewers permission.Administrators have the ability to perform administration tasks for the project by accessing its settings. You must have the Users permission  on a project to make use of the Administrators permission ..
  • Administer Issues: Grants the permission to perform advanced editing on issues: marking an issue False Positive or changing an Issue's severity. Available since version 4.1.
  • Administer: Ability to access project settings and perform administration tasks.

Note that permissions are not cumulative. For instance, if you want to be able to administer the project, browse the measures and browse the source code, you have to be given all three permissions: Administrators, Users and Code viewersyou also have to be granted the Browse permission to be able to access the project.

You can either manually grant permissions for each project to some users and groups or apply or apply permission templates to projects (since version 3.7). 

Manually grant permissions for each project to some users and groups

Log in as a System administrator Administrator and go to Settings > Project Permissions > Projects (was Settings > Roles prior to version 3.7):

Image Removed

Apply permission templates to projects (available since version 3.7)

Create first some permission templates . To do so, go to via Settings > Project Permissions > Permission Templates:

Image Removed

.

Since version 4.1, it is possible to provide a Project key pattern. By default, every new project matching this key pattern will be granted permissions of this template.

Image Added

Then, apply permission templates to projects (either to a specific one through the "the Apply permission template" link  link or apply do some bulk changes on the selected projects):Image Removedthrough the Bulk Change link).

Image Added

Note that there is no relation between a project and a permission template, meaning that:

  • the permissions of a project can be modified after a permission template has been applied to this project
  • none of the project permissions is changed when a permission template is modified

Default project permissions

It is possible to configure the system so that when a new project (project, view, developer) is created, some users/groups are automatically granted permissions on this project.

For versions 3.7+, this is done through permission templates. Go to Settings > Project Permissions > Permission Templates > Set default templates:

For versions prior to 3.7, it is done through the "Default roles for new Projects" table:

In the example below, once a new project has been created:

...

For security reasons, you can prevent SonarQube to upload the source code to the database when analyzing a project. To do so, log in as a System administrator, go to Settings > General Settings > Security and set the sonar.importSources property the Import sources property to false.Note  Note that if you want to restrict the access to the source code for some users only, grant the See Source Code viewers permission accordingly.

FAQ

I have locked myself out

...