Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-10323

Analyzing a branch of a project should require only 'Execute Analysis' permission

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.7.2, 7.1
    • Component/s: Branch & PR
    • Labels:

      Description

      • To analyze the master of a project, you just need 'Execute Analysis' permission on the project
      • To analyze a branch of a project, you need 'Execute Analysis' and 'Browse on the project'
        Indeed, analyzing of a branch currently makes a call to api/project_branches/list as well as a call to api/settings/values on the project. These 2 calls require the 'Browse' permission.

      To make it simple and consistent, it should be possible to have only the 'Execute Analysis' permission to call api/project_branches/list and api/settings/values on a component .
      The WS documentation needs to be updated accordingly.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                eric.hartmann Eric Hartmann
                Reporter:
                christophe.levis Christophe Levis
              • Votes:
                1 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated:
                  Resolved: