Global Read - SonarQube Community Ed

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
  • what are you trying to achieve
  • what have you tried so far to achieve this

We are using SonarQube community Edition.
Trying to give someone global read (i.e. read only permissions to all projects)
How can we achieve this?

Hi @dvictor ,

Global read can be configured in Administration > Security > Permission Templates and modifying “Default Template”:

Please note that modifying “Browse” and “See Source Code” is only applied to private projects on the hover-over question mark:

This permission is always granted by default to everybody (anonymous and authenticated users) for public projects. Therefore, the selection made on this page will be applied to private projects only.

To make projects private by default, you can change it by going to Administration > Projects > Management and click on the pencil icon in the top-right corner.

Hello @Joe
Thanks for your response. I do not want global read for everyone. I want global read for a specific users/group. Is that possible?

Hi @dvictor ,

For your use case, I suggest you set all projects to default as private so this prevents any person without specific access to browse and see source code.

Next, you should update the default permission template for projects, applications, and portfolios by disabling Browse and See Source Code (click on the checkbox to deselect) for any particular group or user, so no further projects, applications, and portfolios get this permission automatically.

Next, update the users/groups that should get global Browse and See Source Code permission by enabling it (click the checkbox to select).

If you want to update specific projects with this new permission template, go to the project’s Project Settings > click on “Permission Templates” and select the permission template that should apply to that project: