- Administer System: Ability to perform all administration functions for the instance: global configuration and personalization of default dashboards.
- Administer Quality Profiles: Ability to perform any action on the quality profiles. Available since version 3.6.
- Execute Analysis: Ability to execute analyses (project, view, report, developer), and to get all settings required to perform the analysis, even the secured ones like the scm account password, the jira account password, and so on. Available since version 3.7.
- Execute Preview Analysis: Ability to execute preview analysis (results are not pushed to the server). This permission does not include the ability to access secured settings such as the scm account password, the jira account password, and so on. Note that the user running the preview analysis also has to be granted the Browse permission on the project to be analyzed. This permission is required to execute preview analysis in Eclipse, IntelliJ or via the Issues Report plugin. Available since version 3.7. Was Local Was Local Analysis (Dry Run) prior to version 4.0.
- Provision Projects: Ability to initialize project structure before first analysis. Available since version 4.0.
- Share Dashboards and Filters: Ability to share dashboards, issue filters and measure filters. Available since version 3.7.
Three Four different permissions can be set on projects project-level resources (projects, views, developers):
- Browse: Ability to access a project, browse its measures, and create/edit issues for it.
See Source Code: Ability to view the project's source code.
Anchor codeViewersRole codeViewersRole
- Administer Issues: Grants the permission to perform advanced editing on issues: marking an issue False Positive or changing an Issue's severity. Available since version 4.1.
- Administer: Ability to access project settings and perform administration tasks.
Note that permissions are not cumulative. For instance, if you want to be able to administer the project, you also have to be granted the Browse permission to be able to access the project.
You can either manually grant permissions for each project to some users and groups or apply or apply permission templates to projects (since version 3.7).
Manually grant permissions for each project to some users and groups
Create first some permission templates via Settings > Project Permissions > Permission Templates:
Since version 4.1, it is possible to provide a Project key pattern. By default, every new project matching this key pattern will be granted permissions of this template.
Then, apply permission templates to projects (either to a specific one through the the Apply permission template link or do some bulk changes through the the Bulk Change link).
Note that there is no relation between a project and a permission template, meaning that:
For security reasons, you can prevent SonarQube to upload the source code to the database when analyzing a project. To do so, log in as a System administrator, go to Settings > General Settings > Security and set the Import sources property to
false. Note Note that if you want to restrict the access to the source code, grant See Source Code permission accordingly.
I have locked myself out