Setting project permissions
Setting up your permissions and creating permission templates.
When a project is created, a set of permissions defined through a permission template is applied by default. You can update these permissions provided you’re a project admin.
Permissions related to a project
Permission Type
Description
Browse Project
Applies only to private projects (Anyone, including anonymous users, can view the public projects.).
Can view the project.
See Source Code
Applies only to private projects.
Can view the source code (via API and web view) provided the Browse project permission is also granted.
Administer Issues
Can perform the following actions:
• Accept an issue
• Mark an issue as False positive
Administer Security Hotspots
Can change the status of a security hotspot. For private projects, the Browse project permission must also be granted.
Administer project
Can perform the following actions:
• Delete a project.
• Change the project settings including project-level permissions.
• Configure various project functions, such as PDF reporting, snapshots, and webhooks.
For private projects, the Browse project permission must also be granted.
Execute Analysis on project
Can start an analysis on the project. This includes the ability to get all settings required to perform an analysis (including secured settings like passwords) and to push analysis results to SonarQube Server.
Changing the project visibility
By default, any newly created project will be public. It means every SonarQube user, authenticated or not, will be able to:
Browse: Access a project, browse its measures and issues, and perform some issue edits (confirm, assign, comment).
See Source Code: View the project’s source code.
If you want to be sure only a limited list of groups and users can see the project, you need to change its visibility to private. Once a project is private you will be able to define which groups and users can Browse the project or See Source Code.
To change the visibility of your project:
Retrieve the project. See Retrieving projects for more information.
Go to Project settings > Permissions. The Permissions page opens.
Select Public or Private.
Updating or resetting the permissions of your project
You can update the permissions manually or reset them by applying a permission template defined by the System Administrator.
To update the permissions of your project
Retrieve the project. See Retrieving projects for more information.
Go to Project settings > Permissions. The Permissions page opens.
To apply a permission template:
Select the Apply Permission Template button in the top right corner of the page. The Apply Permission Template dialog opens.
Select the template you want to apply and select the Apply button.
To update the permissions manually, select a check box on a user or group row to change the respective permission.
If permissions are synchronized automatically
Project permission synchronization is enabled if you use GitHub, GitLab, or SCIM’s automatic user and group provisioning mode in SonarQube Server. In that case, you cannot change the project permissions of auto-provisioned users. However, you can remove the permissions of local users (Local users are all the users who are not managed through the automatic provisioning process, i.e. manually created users and through another identity provider Just-in-Time-provisioned users.).
Related pages
As a System Administrator, you can set permissions at the system level for global and project permissions:
Project permission synchronization is enabled with:
SCIM automatic provisioning SCIM overview page
GitHub automatic provisioning
GitLab Automatic provisioning
Last updated
Was this helpful?