Sonar 3.7 introduced the concept of permission templates. A permission template is a permission scheme that can be applied to projects/developers/views:
- upon creation (there's a default template for each type of those 3 components)
- or later through the admin UI
The idea is to be able to specify a set of key patterns on a permission template, so that this template is used upon creation (instead of the default one) when the key of the project/developer/view matches on the patterns. This way, there's no need to update the permissions later.
For instance, let's sayt that the "Finance Business Unit Template" has a key pattern like "com.mycompany.finance". Then every new project with a key that contains "com.mycompany.finance" will be created with this permission scheme.
- in case that a project key matches patterns from several permission templates, then an error is displayed. This is up to the SonarQube admin to fix the patterns so that they do not overlap
- in case that a project key matches no pattern, then the default permission template for projects is applied
- this should work:
- on batch side, when a project is created for the first time
- on server side, when a project is provisioned
- on server side, when a view is created in the Views admin console