Setting the project permissions of users and groups
When a project is created, a set of permissions defined through a permission template is applied by default. You can update these permissions provided you're a project admin.
If permissions are synchronized automatically in your system, you cannot update them manually. See If permissions are synchronized automatically below.
Permissions related to a project
Permission Type | Description |
---|---|
Browse Project | Applies only to private projects (Anyone, including anonymous users, can view the public projects.). Can view the project. |
See Source Code | Applies only to private projects. Can view the source code (via API and web view) provided the Browse project permission is also granted. |
Administer Issues | Can perform the following actions:
|
Administer Security Hotspots | Can change the status of a security hotspot. For private projects, the Browse project permission must also be granted. |
Administer project | Can perform the following actions:
For private projects, the Browse project permission must also be granted. |
Execute Analysis on project | Can start an analysis on the project. This includes the ability to get all settings required to perform an analysis (including secured settings like passwords) and to push analysis results to SonarQube Server. |
Changing the project visibility
By default, any newly created project will be public. It means every SonarQube user, authenticated or not, will be able to:
- Browse: Access a project, browse its measures and issues, and perform some issue edits (confirm, assign, comment).
- See Source Code: View the project's source code.
If you want to be sure only a limited list of groups and users can see the project, you need to change its visibility to private. Once a project is private you will be able to define which groups and users can Browse the project or See Source Code.
To change the visibility of your project:
- Retrieve the project.
- Go to Project settings > Permissions. The Permissions page opens.
- Select Public or Private.
As a system administrator, you can change the default project visibility for new projects. See Managing user permissions at the system level.
Updating or resetting the permissions of your project
You can update the permissions manually or reset them by applying a permission template defined by the System Administrator.
To update the permissions of your project
- Retrieve the project.
- Go to Project settings > Permissions. The Permissions page opens.
- To apply a permission template:
- Select the Apply Permission Template button in the top right corner of the page. The Apply Permission Template dialog opens.
- Select the template you want to apply and select the Apply button.
- To update the permissions manually, select a check box on a user or group row to change the respective permission.
If permissions are synchronized automatically
Project permission synchronization is enabled if you use GitHub, GitLab, or SCIM's automatic user and group provisioning mode in SonarQube Server. In that case, you cannot change the project permissions of auto-provisioned users. However, you can remove the permissions of local users (Local users are all the users who are not managed through the automatic provisioning process, i.e. manually created users and through another identity provider Just-in-Time-provisioned users.).
Related pages
- As a System Administrator, you can set permissions at the system level for global and project permissions:
- Project permission synchronization is enabled with:
Was this page helpful?