Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-4397

Create two new global permissions 'Ability to execute some Sonar analysis' and 'Ability to execute some local (dry run) Sonar analysis'

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.7
    • Labels:
      None

      Description

      For the first permission 'SonarQube analysis execution' :

      • Default values : anyone
      • Description : Ability to execute SonarQube analyses. This permission allows to get all settings (even the secured ones like scm account password, jira account password, ...) required to execute all SonarQube plugins.

      For the second permissions 'Local (dry run) SonarQube analysis execution' :

      • Default values : anyone
      • Description : Ability to execute local (dry run) SonarQube analyses without pushing the results to the SonarQube server. This permission allows to get all settings required to execute all SonarQube plugins except the secured one like scm account password, jira account password, ... This permission is required for instance to execute a local SonarQube analysis in SonarQube Eclipse.

      Expected behaviors :

      • By default, without providing any authentication information, it must be possible out-of-the box to execute some Sonar analysis without any limitations.
      • If the batch (with relating user account) doesn't have any of those two permissions, the following error message must be logged :
        • You're not authorized to execute any Sonar analysis. Please contact your Sonar administrator.
      • If the batch (with relating user account) only have the 'Ability to execute some local (dry run) Sonar analysis' permission but try to do a standard Sonar analysis, the following error message must be logged :
        • You're only authorized to execute a local(dry run) Sonar analysis without pushing the results to the Sonar server. Please contact your Sonar administrator.
      • If the batch (with relating user account) has the permission 'Ability to execute some Sonar analysis', the analysis should occur whatever ever is the project roles on the project to be analysed
      • If the batch (with relating user account) has only the permission 'Ability to execute some local(dry run) Sonar analysis' but without having the role 'user' on the project to be analysed, the following error message must be logged :
        • You're not authorized to access to project 'xxxx', please contact your Sonar administrator

      Moreover, when launching a local analysis (and so with the 'Ability to execute some local(dry run) Sonar analysis' permission), if a plugin try to get the value of secured property, the following error message must be logged :

      • Access to the secured property 'xxxxx' is not possible with the permission 'Ability to execute some local(dry run) Sonar analysis'. The Sonar plugin accessing to this property must be deactivated in dry run mode.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              henryju OLD - Julien HENRY
              Reporter:
              freddy.mallet Freddy Mallet (Inactive)
              Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: