I don't find a way to allow authenticated user to only view the information in SonarQube but change nothing. Is it possible, at all?
The minimal role is "BROWSE: Access a project, browse its measures, and create/edit issues for it." which is too much unprotective.
I am using the latest version: 5.6.1.
You're right, there is currently no way to prevent an authenticated user to comment an issue for instance. The same way on Github there is no way to prevent an authenticated user to comment any issue.
Related
I would like to develop a custom plugin restricting access to certain parts of SonarQube (Deletion of project, Modification of permissions etc) depending on their assignment to different groups.
I was able to implement a filter which will redirect a user in case he tries to access page which is restricted to him.
There are 2 problems I am facing.
I am not able to get the logged in user (I am able to get his ID via request session but I am not able to get any more information about him.).
I am not able to get information about groups the user belongs to.
There might be an api for this however I am not able to find any examples or the documentation that might help me.
SonarQube version: 5.6.6
Security Realm: Crowd
Thank you,
Jakub
Sorry, but it's not possible to customize pages access of SonarQube.
Can we integrate slack with JIRA, without having JIRA's admin access?
I want to create issues from JIRA but dont have admin access in the same.
So what I got is, it is something not allowed yet. One needs to be JIRA admin to do the stuff.
In my work we have users who access a Web based tool called Microstrategy that serves different reports from different projects. Users are added to various groups in the Developer tool by importing them from the selected domain they are on into a specific group that gives them access to only the project > report they require. Most users come from one main central domain, some others are still on old domains.
I am currently involved with admin on this system and I am experiencing a problem I cannot get to the bottom of. I think they problem lies in no man's land, I don't know if it is a problem with network, domain, or something else?
Most users will be set up with authenticated login, meaning that when they click on the respective link for their report they are logged straight in using their windows credentials.
In this particular case however the user does not seem to be able to login, but can get in by manually typing their username in (username and password) to access.
I'm not sure what the problem is, why it won't authenticate automatically like most of the others do? I don't know if this makes any difference but when I RDP into the machine I cannot see the C drive due to 'admin restrictions on effect on this pc'.
I don't know what this restriction is and if it is a symptom or related to the login problem. Is there a way of fault finding this?
Thanks
Andrew
The answer to this partly depends on the version of MicroStrategy you are using.
Forget about RDP to the server, you won't need that.
Assuming you have access to edit and change users with the Developer tool, open Developer.
In the tree on the left,
open the "project source" (the top level of the tree)
then Administration
then User Manager
then find the user, most likely within one of the groups you have set up
right click on the user and choose Edit
go to the Authentication section
There's a few relevant things here.
Is the user linked to a windows user? (they should be for the access you want)
Is the tickbox ticked "user cannot use standard authentication to logon"
You probably don't want to allow that if the standard at your workplace is auto login
We are using Sonhrqube 4.5 that is integrated into Google's oAuth sign-on. There are no issues with logging in (Authentication). Certain users have been provisioned with sonar-administrators role. But for some reason, the admin role keeps dropping for some users (leaves the user with sonar-users role). We have tried granting them admin access again, but it keeps happening. Also tried creating a brand new group and assigning that group to the user, but still same thing happens. Any thoughts? If you need any other information, let me know.
Just additional info, not sure if it matters - We are using the sonar-oauth-plugin from JCERTIFLab for integration with Google's signon/oauth. This plugin automatically creates users with default role - sonar-users.
Thanks in advance!
It turned out to be an issue with the Sonar plugin used for integration with google's Oauth. Every time a user is authenticated, permissions get overwritten. To overcome the problem temporarily, we predefined a list of users with admin access in the properties file.
Hi I am customizing OpenERP. I want to restrict user to login into application once at a time. That means; I have a user called "Accountant". I want only one session should be allowed to login with "Accountant" user name at a time. Others can login with their own user names.
Like that application should allow only one session for each user at a time.
I have not seen any plugin for this. Can I do this through customization?
Please guide me.
This blog highlights how to do it. But I don't think there is a live implementation of this available as open source http://www.zbeanztech.com/blog/how-restrict-multiple-logins-user-openerp-0
We do plan to do it ourselves as well but haven't had a moment yet.