I'm using SonarQube 4.5.4. The SonarQube's API documentation says that the POST api/projects/destroy method requires Administer System permission.
However, users having the Administer Project role can delete their projects via the web interface selecting the Deletion option in the Project Configuration menu.
Why can't "project administrators" use the API to delete the projects they administer? Or is there a way? I've tried and I got this error:
$ curl -u user:password -X POST "https://sonar.cpqd.com.br/api/projects/destroy?id=123456789"
{"err_code":401,"err_msg":"Unauthorized"}%
The link to the documentation you provide points to http://nemo.sonarqube.org/ which is running SonarQube 5.1, not the version you are using.
Fortunately, there is no change regarding permissions checks on the WS /api/projects/destroy between 4.5 and 5.1 and what you request is not implemented: Administer System permission is required, project administer permission is not enough.
In 5.2, this WS is replaced by WS /api/project/delete which requires 'Administer System' permission or 'Administer' permission on the project.
Related
I setted up Strapi through NPX and ran
npx create-strapi-app my-project --quickstart
I am using strapi and here is my side bar
Normally i expected it to be like the following:
I dont know why but I cannot access Roles & Permission tab as it is not there. I need this tab for API permission customization.
I checked the docs and it says that is should be there following:
"This plugin provides a way to protect your API with a full
authentication process based on JWT. This plugin comes also with an
ACL strategy that allows you to manage the permissions between the
groups of users.
To access the plugin admin panel, click on the Roles & Pemissions link
in the left menu."
I have no idea what is wrong with my dashboard. How may i access this plugin?
Okay, strange enough I wasted 30 minutes on this, so it turns out they decided to change their UI in version 3.x and somehow when you search for "Roles & Permissions strapi" on google, it leads you to old documents, which is frustrating and misleading :))))
New docs link here
Roles & Permissions. This plugin provides a way to protect your API
with a full authentication process based on JWT. This plugin comes
also with an ACL strategy that allows you to manage the permissions
between the groups of users.
To access the plugin admin panel, click on the Settings link in the
left menu and then everything will be under the USERS & PERMISSIONS
PLUGIN section.
#Concept
If you in version3.x
Go to Settings -> User & Permission -> Roles -> Authenticated or Public -> on Permissions Widget --> select Application.
We are testing out the new project badge URL's in version 7.1
As described in the release notes
The thought was to, e.g., include this in README's on github.
However, as our Sonarqube instance requires login, these URL's do not work.
Is there a workaround for this?
Or a feature planned to allow unauthorized access to badge URL's?
We've created a MMF to allow usage of badges on project that requires authentication : https://jira.sonarsource.com/browse/MMF-1178
Unfortunately there's no workaround nor ETA.
In our environment every SonarQube user can browse each project. We also have some users as project admins and they could handle the other permissions for special users. With SonarQube 5.2 (and SonarQube 5.3) a project admin can't access the project permission page, he gets a "insufficient privileges". Currently only system admins can manage the project permissions.
What can we do to get the old behavior back?
You've spotted a bug. It will be fixed in 5.4: https://jira.sonarsource.com/browse/SONAR-7266
I use gerrit with Google Play Android Publisher Plugin the way it described in plugin tutorial on the plugin page.
.apk is signed and if I upload it via google play gui it uploads well.
When I try to upload it using gerrit i get en error. Log below:
Upload failed: The Google Service Account credential 'GooglePlayAPICredentials' has not been configured correctly.
Update the credential, ensuring that the required data have been entered, then try again
- No changes have been applied to the Google Play account
Build step 'Upload Android APK to Google Play' marked build as failure
Finished: FAILURE
For google play credentials i use p12 key with email that looks like
serviceaccountforgerrit#api-64****-*****8.iam.gserviceaccount.com
and the keyfile i got while generating the key on a page that looks like:
https://console.developers.google.com/permissions/serviceaccounts?project=api-64****-*****8
I have created a new service account with "Furnish a new private key" checkbox checked and P12 radiobutton selected.
I have also granted access to this key in google play developer console api settings
https://play.google.com/apps/publish/?dev_acc=*******#ApiAccessPlace
Service account have every permission possible.
What could be the problem?
I have a same issue, but I solve with change the Google oAuth plugin (dependency for Google Play publish plugin) from v0.4 to v0.3.
You can downgrade by install manualy.
Download here:
https://updates.jenkins-ci.org/download/plugins/google-oauth-plugin/
(this is a *.hpi file)
Manage Jenkins > Manage Plugins > Advanced > Upload plugin
It works for me.
As per János answer, Downgrade Google OAuth Credentials plugin to v0.3
Download here
Manage Jenkins > Manage Plugins > Advanced > Upload plugin
Downgrade Token Macro Plugin to 1.10
Download here
Manage Jenkins > Manage Plugins > Advanced > Upload plugin
Re-import your JSON into the credential store
Credentials > (select credential domain) > (find your google credential) > Click Update (toolbox icon) > Choose File > Select the JSON file you downloaded previously > Save
It's 2018 and unfortunately the issue still exists. The solutions from János answer and Andy Answer are correct.
Let me write down the working solution step by step in case if someone
already have the latest Google Play publish plugin installed.
Uninstall the Google OAuth Credentials plugin
Uninstall the Google Play publish plugin
Download and manually install the Google OAuth Credentials plugin Version v0.3 from here
Restart Jenkins to complete this installation
Download and manually install the Google Play publish plugin Version v1.5 from here
Download and manually install the token-macro plugin Version v1.10 from here
Now the error from Google Play publish plugin should have gone.
Update:
By following the mentioned procedure of downgrading the version numbers of certain plugins, you would loose the GIT section from you Jenkins Jobs. i.e: You would not be able to select the Git Branch for your Jenkins Job and the Polling to your Git Branch would stop.
I'm using SonarQube (ver4.3.2) and I'm trying to get project list that the API caller user is allowed to see. I found a following API which can get project list:
http://nemo.sonarsource.org/api/resources
When I call this API, then I get all SonarQube's projects though the API caller user doesn't have brows permission for some projects. The API caller a user means user which is authorized by http basic authentication. I want to get only project list which the API caller user can see.
Is it possible?
Regards,
Michael
When calling the "/api/resources" WS, you will get only the projects you are allowed to see - which indeed means projects for which the user has the "Browse" permission.
If you get all the projects of your SonarQube instance when calling this WS, this means that your permissions allow this and you should review them. For instance, maybe the group "anyone" is set on the "Browse" permission of each project? (which is the default configuration of SonarQube by the way).