We have a running instance of Sonar 6.2 that's been upgraded from sonar 4.5.x and since the beginning we have used the LDAP plugin to recover user data.
Once upgraded to the 6.2 version we have noticed that we can't authorize new users and groups to projects, because we can't see them.
If we select a project and go to the users tab on the project's permisions section we get this, in spite of having this users list. And if we select the groups tab we only see the previously groups assignated and not the rest of the existing ones.
Help is appreciated.
Thanks in advance.
By default, the list you see on project Administration > Permissions > Users is the list of people with permissions on the project. Since you haven't assigned any users permissions on the project, the list is blank by default. Why not show everyone by default? Imagine a SonarQube instance with hundreds of users. You certainly wouldn't want to see them all there by default. Instead, you only want to see the ones relevant to your current context; the ones with existing permissions on the project.
To find your missing users, try entering a username in the search input. Matching users should appear in the list area so you can enable permissions for them.
Related
I am using soarqube version 8.4.2. We have different groups to review code in sonarqube. but i need to create one group, whose user can just check and see reports and can not access/ update issue or bug from dashboard of sonarqube.
I have tried over internet but i could not find any suitable stpes to restrict user for it.
I would appreciate if any one share me suggestion, or document regarding it.
Thanks in advance.
In Sonarqube, Go to the Project for which you want to apply permissions for a group of users.
Then, click on the drop down tab Administration >> Permissions >> Click on Groups
Then, search for the Group for which you want to apply permissions.
There are 6 different types of permissions, you can assign to a group or users.
Types of Permissions available under Project Administration are:
Browse: Access a project, browse its measures and issues, confirm issues, change the assignee, comment on issues and change tags.
See Source Code: View the project's source code. (Users will also need "Browse" permission)
Administer Issues: Change the type and severity of issues, resolve issues as being "fixed", "won't fix" or "false-positive" (users also need "Browse" permission).
Administer Security Hotspots: Open a Vulnerability from a Security Hotspot. Resolved a Security Hotspot as reviewed, set it as in review or reset it as to review (users also need Browse permission).
Administer: Access project settings and perform administration tasks. (Users will also need "Browse" permission)
Execute Analysis: Ability to get all settings required to perform an analysis (including the secured settings like passwords) and to push analysis results to the SonarQube server.
For your case, you can assign the Browse and See Source code. Please find the screenshot:
Note: You need administrator access to perform this permission changes.
I am using SonarQube (SQ) 6.0 community version and trying to setup authorization using groups and project permissions. There doesn't appear to be a way to assign permissions to a created group, even though the defined SQ groups have permissions assigned to them. What I wanted to do was assign permissions to a created group via the Admininistration->Security->Global Permissions process. But this action only returns the Anyone and sonar-administrators defined groups based on the usage of the internal API api/permissions/groups, which only returns groups with permissions. This same API is used in the action Administration->Projects->Management->Actions->Edit Permissions. From this last action the goal was to remove permissions for this project from the Anyone group and allow permissions from a created group (which would apply to the users in that group). But that doesn't seem possible. I've looked at permission templates, but that doesn't seem to allow association to a group. What I'm really attempting to do is a common RBAC process, which SQ does not seem to support. Is there a solution in SQ for this capability?
Yup, the UI is very confusing in this area, I struggled for quite some time before realising what to do.
What you need to do is first search for a string in the search box ("sonar" is a good query), and then the list will be populated with all users/groups matching that query. You can then assign them permissions as you see fit.
There are two different concepts at work here. Global permissions grant users and groups the ability to make global-level changes, i.e. changes that effect everyone such as which plugins are installed and what rules are active in a Quality Profile. Project permissions grant users and groups the ability to see and change individual projects.
Once your group is created and populated, you have two options:
Edit Permissions of Individual Permissions
Give the group specific permissions to individual projects by navigating to the project, then Administration > Permissions. This could get tedious if you have a lot of projects to update.
Create a Permissions Template
Create a permission template (Administration > Security > Permission Templates) and populate it by granting the group specific permissions. At this point no permissions have actually changed.
Once your template is properly constructed, you can apply it to projects individually, en masse, and/or by default as new projects are created via the template's Project Key Pattern. You can also make your new template the default so that its settings are automatically applied to all new projects regardless of project key.
Note that there is no ongoing relationship between a Permissions Template and the projects to which it has been applied. Subsequently editing a template will not update the permissions of any project.
I am writing a Sonar plugin and need to display certain elements in my widget (html.erb) according to user roles (i.e. admin).
What is the recommended way to check permissions of the current user?
I haven't checked if these are accessible in plugins but you can try using is_admin? or has_role?(:admin)
See below links for usage,
https://github.com/SonarSource/sonarqube/blob/master/server/sonar-web/src/main/webapp/WEB-INF/app/views/components/index.html.erb
https://github.com/SonarSource/sonarqube/blob/master/server/sonar-web/src/main/webapp/WEB-INF/app/views/issues/manage.html.erb
I have created a site where registered users can publish articles.
Is there a way to make the articles they publish be enabled automatically without me, as administrator, have to check if there are new articles submitted.
EDIT 1: Found a solution by setting the mysql default value of state to 1 from 0. But, is this a good way?
The ability to publish is controlled by the edit.state permission. You would want to give edit.state allow for registered for either all of content or just for specific categories they are allowed to publish in.
My client has Joomla! ver 1.5.14 installed on the remote server. I logged in using the url /administrator/ with login 'admin'. When landed on the admin page after successful login, I observed that the top menu has only two elements, Site and Help. All other elements like Menus, Content, Components, Extensions etc are not there.
Also I do not find any way to access those elements (menus, components). There are not icons on the screen to access them.
Could someone please help me figure out this issue?
Thanks in advance
Regards,
MulC
EDIT:
Following is the screenshot of the admin page
http://postimage.org/image/youvqynh7/
user admin belogs to the group 'Super Administrator'
Thank you
It's very strange that this should happen unless your client has been fiddling with the core Joomla files or database tables.
Update the site to the latest version of the 1.5 series (1.5.26)
Download the full Joomla package, extract the administrator, components, includes, libraries, modules and plugins folder, zip them up and upload to the server, replacing the current folder. Not to worry, this will only override the core files which I assume haven't been edited.
Try downloading and installing another admin template.
Else the only other thing I can think of is reconstructing the website which might take a while, depending on the amount of work that went into it.
In Joomla! 1.5.x a common security step was to create an alternate "super user" and downgrade the default admin account to a standard registered. Due to issues in early versions of 1.5 though it wasn't recommended to delete or disable this account.
This sounds like what is going on with your admin account.
You can check this by looking at the database checking the table jos_users look for the username admin and see what it's usertype is set to. At the same time look for a user that has an usertype of Super Administrator (yes, really the words Super Administrator).
Once you have the username of the Super Administrator, you will need to find the password. If the client doesn't know it then you will have to recover the admin password.