Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-10323

Analyzing a branch of a project should require only 'Execute Analysis' permission

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.7.2, 7.1
    • Component/s: Branch & PR
    • Labels:

      Description

      • To analyze the master of a project, you just need 'Execute Analysis' permission on the project
      • To analyze a branch of a project, you need 'Execute Analysis' and 'Browse on the project'
        Indeed, analyzing of a branch currently makes a call to api/project_branches/list as well as a call to api/settings/values on the project. These 2 calls require the 'Browse' permission.

      To make it simple and consistent, it should be possible to have only the 'Execute Analysis' permission to call api/project_branches/list and api/settings/values on a component .
      The WS documentation needs to be updated accordingly.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              eric.hartmann Eric Hartmann
              Reporter:
              christophe.levis Christophe Levis
              Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: