How to get projects where a sonar group is being used for permissions


We are using sonar groups to set permissions to projects. However after setting this on projects permissions, we don’t know how to retrieve all the projects where a group is used for permissions. This feature can help us to know if we need to create a new group or if an existing group linked to projects in the same scope/application can be used.

it is the same feature that we have on customs quality profiles where all related project are showns.

How can i get this done??



Welcome to the community!

In fact, there’s no good way to do this. I believe that’s because of the underlying structure of permissions storage (altho that’s speculation, to be honest).

I think your best bet is to script an iteration of projects and for each project pull the groups that have permissions on it.

The best way to master the API is to perform the desired action via the UI and eavesdrop to see which calls the UI made to accomplish the action.

You may also find this guide helpful.


1 Like

Welcome :slight_smile:

here’s a solution using Groovy and Sonarqube web api.
Use GroovyConsole and edit <yoursonarhost>, <yourapitoken> and the <groupToSearchFor>
for your needs.
(I’m using the rather old Groovy 2.5.7 as Jenkins still ships with 2.4.21)

uses web api

import groovy.json.*

// method GET or POST
def sqRest(url,method, apitoken) {
  jsonSlurper = new JsonSlurper()
  bauth = 'Basic ' + (apitoken + ':').bytes.encodeBase64().toString()
  conn = url.toURL().openConnection()
  conn.setRequestProperty("Authorization", bauth)
  if(method == 'GET') {
    object = jsonSlurper.parseText(conn.content.text)

def map = [:].withDefault { [] }

getproj = sqRest('https://<yoursonarhost>/api/projects/search?ps=500', 'GET', '<yourapitoken>')
  println 'project count => ' +
  foo =
  counter = 1
  while(counter <= foo.round()) {
    sqRest("https://<yoursonarhost>/api/projects/search?ps=500&p=$counter", 'GET', '<yourapitoken>').components.key.each { it ->
      sqRest(" https://<yoursonarhost>/api/permissions/groups?projectKey=$it&permission=codeviewer", 'GET', '<yourapitoken>') { iit ->    
           map["$it"] << iit
def projectKeys = map.findAll { entry -> entry.value.contains('<groupToSearchFor>') }.keySet().toList()
 the list has all projects where <groupToSearchFor> has codeviewer permission
 in case of searching for other permissions you need to edit
 see api docs https://<yoursonarhost>/web_api/api/permissions?internal=true
println projectKeys

The web api is pageinated with a max. pagesize of 500. In case of more than 500 projects
you need to compute the total and loop over as shown above.



Hello Ann,

Thank your for your reply. I got the same response from our sonarqube support.


Hi Gilbert

I’ve never had to develop in groovy but I will try to interpret your code in java or powershell.

thank you.

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.