Start Free
Latest | Instance administration | User management | Managing permissions

Managing user and group permissions at the system level

On this page

As a System Administrator, you can grant users and groups global permissions (permissions not related to a project) and you can manage the project-related permissions granted by default when a new project is created.

Setting the global permissions

Global permissions
Permission typeDescription
Administer SystemHas full control over the SonarQube instance.
Administer Quality GatesCan create and update quality gates that can be applied to the organization’s projects.
Administer Quality ProfilesCan create and update quality profiles that can be applied to the organization’s projects.
Execute analysisCan start an analysis on every project in SonarQube. This includes the ability to get all settings required to perform an analysis (including secured settings like passwords) and to push analysis results to the SonarQube server.
Create ProjectsCan create new projects in SonarQube.
Create ApplicationsCan create new applications in SonarQube.
Create PortfoliosCan create new portfolios in SonarQube.
Setting the global permissions of groups and users

To set the global-level permissions of the groups and users:

  1. In the top navigation bar, go to Administration > Security > Global permissions. The Global Permissions page opens.
  2. You can search for users or groups.
  3. In the permissions grid, select a check box to grant the corresponding permission.

Managing project-related permissions through templates

As a global System Administrator, using permission templates allows you to define:

  • The permissions granted by default to users, groups, and project creators on new projects, new applications (starting in Developer Edition), or new portfolios (starting in Enterprise Edition). 
  • Different sets of permissions that a project admin can apply to their project at any time.
Permissions related to a project
Permission TypeDescription
Browse Project

Applies only to private projects (Anyone, including anonymous users, can view the public projects.). 

Can view the project. 

See Source Code

Applies only to private projects. 

Can view the source code (via API and web view) provided the Browse project permission is also granted.

Administer Issues

Can perform the following actions:

  • Accept an issue
  • Mark an issue as False positive
Administer Security HotspotsCan change the status of a security hotspot. For private projects, the Browse project permission must also be granted.
Administer project

Can perform the following actions:

  • Delete a project.
  • Change the project settings including project-level permissions.
  • Configure various project functions, such as PDF reporting, snapshots, and webhooks.

For private projects, the Browse project permission must also be granted.

Execute Analysis on projectCan start an analysis on the project. This includes the ability to get all settings required to perform an analysis (including secured settings like passwords) and to push analysis results to the SonarQube server.
Permission template concept

A permission template defines the project-related permissions granted to groups and members of the organization. 

You can define several permission templates in your organization: 

  • You define the default template.
  • You can define a template that applies to specific projects according to their key pattern by using a regular expression. 

When a new project is created, SonarQube uses a permission template to grant the default permissions on the project. It retrieves the template according to the following rules:

  • If the project key complies with the project key pattern of a template, then this template is used.
    If several templates comply, an error is raised.
  • Otherwise, the default template is used.

The project admin can then change the permissions if necessary and apply any other template.

Creating a new template
  1. In the top navigation bar, go to Administration > Security > Permission Templates. The Permission Templates page opens with the list of templates.
  2. Select the Create button. The Create Permission Template dialog opens.
  3. Enter the template name and description.
  4. If you want to apply the template to specific new projects according to their key, enter the corresponding regular expression in Project key pattern
  5. Select the Create button. The dialog closes and the new template is displayed.
  6. Set the permissions by selecting the respective check boxes.
Setting the default template for projects, applications or portfolios
  1. In the top navigation bar, go to Administration > Security > Permission Templates. The Permission Templates page opens with the list of templates.
  2. Select the three-dot menu to the far right of the template you want to change.
  3. In the menu, select Set Default for Projects, Set Default for Applications, or Set Default for Portfolios.
Deleting a template
  1. In the top navigation bar, go to Administration > Security > Permission Templates. The Permission Templates page opens with the list of templates.
  2. Select the three-dot menu to the far right of the template you want to delete.
  3. In the menu, select Delete and confirm.
Changing a template
  1. In the top navigation bar, go to Administration > Security > Permission Templates. The Permission Templates page opens with the list of templates.
  2. Select the three-dot menu to the far right of the template you want to change.
  3. In the menu:
    • To change the template name, description or patter: select Update Details.
    • To change the template permissions, description or patter: select Edit Permissions.
Applying a permission template to several projects at a time
  1. In the top navigation bar, go to Administration > Projects > Management.
  2. Retrieve and select in the grid the projects you want to update.
  3. In the tool bar, select Bulk Apply Permission Template. The Bulk Apply Permission Template dialog opens. 
  4. Select the template and select Apply.

Was this page helpful?

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License