Setting project permissions
Setting up your permissions and creating permission templates in SonarQube Server.
When a project is created, a set of permissions defined through a permission template is applied by default. You can update these permissions provided you’re a project admin.
Permissions related to a project
Permission Type
Description
Browse Project
Applies only to private projects (Anyone, including anonymous users, can view the public projects.).
Can view the project.
See Source Code
Applies only to private projects.
Can view the source code (via API and web view) provided the Browse project permission is also granted.
Administer Issues
Can perform the following actions:
• Accept an issue
• Mark an issue as False positive
Administer Security Hotspots
Can change the status of a security hotspot. For private projects, the Browse project permission must also be granted.
Administer project
Can perform the following actions:
• Delete a project.
• Change the project settings including project-level permissions.
• Configure various project functions, such as PDF reporting, snapshots, and webhooks.
For private projects, the Browse project permission must also be granted.
Execute Analysis on project
Can start an analysis on the project. This includes the ability to get all settings required to perform an analysis (including secured settings like passwords) and to push analysis results to SonarQube Server.
Updating or resetting the permissions of your project
You can update the permissions manually or reset them by applying a permission template defined by the System Administrator.
To update the permissions of your project
Retrieve the project.
Go to Project settings > Permissions. The Permissions page opens.
To apply a permission template:
Select the Apply Permission Template button in the top right corner of the page. The Apply Permission Template dialog opens.
Select the template you want to apply and select the Apply button.
To update the permissions manually, select a check box on a user or group row to change the respective permission.
If permissions are synchronized automatically
Project permission synchronization is enabled if you use GitHub, GitLab, or SCIM’s automatic user and group provisioning mode in SonarQube Server. In that case, you cannot change the project permissions of auto-provisioned users. However, you can remove the permissions of local users (Local users are all the users who are not managed through the automatic provisioning process, i.e. manually created users and through another identity provider Just-in-Time-provisioned users.).
Related pages
As a System Administrator, you can set permissions at the system level for global and project permissions:
Project permission synchronization is enabled with:
Last updated
Was this helpful?