Hello,
We are using sonar groups to set permissions to projects. However after setting this on projects permissions, we don’t know how to retrieve all the projects where a group is used for permissions. This feature can help us to know if we need to create a new group or if an existing group linked to projects in the same scope/application can be used.
it is the same feature that we have on customs quality profiles where all related project are showns.
How can i get this done??
regards
Hi,
Welcome to the community!
In fact, there’s no good way to do this. I believe that’s because of the underlying structure of permissions storage (altho that’s speculation, to be honest).
I think your best bet is to script an iteration of projects and for each project pull the groups that have permissions on it.
The best way to master the API is to perform the desired action via the UI and eavesdrop to see which calls the UI made to accomplish the action.
You may also find this guide helpful.
HTH,
Ann
Welcome 
here’s a solution using Groovy and Sonarqube web api.
Use GroovyConsole and edit <yoursonarhost>, <yourapitoken> and the <groupToSearchFor>
for your needs.
(I’m using the rather old Groovy 2.5.7 as Jenkins still ships with 2.4.21)
uses web api
/api/projects/search
/api/permissions/groups
import groovy.json.*
// method GET or POST
def sqRest(url,method, apitoken) {
jsonSlurper = new JsonSlurper()
bauth = 'Basic ' + (apitoken + ':').bytes.encodeBase64().toString()
conn = url.toURL().openConnection()
conn.setRequestMethod(method)
conn.setRequestProperty("Authorization", bauth)
if(method == 'GET') {
object = jsonSlurper.parseText(conn.content.text)
}
}
def map = [:].withDefault { [] }
getproj = sqRest('https://<yoursonarhost>/api/projects/search?ps=500', 'GET', '<yourapitoken>')
println 'project count => ' + getproj.paging.total
foo = getproj.paging.total.toFloat()/500
counter = 1
while(counter <= foo.round()) {
sqRest("https://<yoursonarhost>/api/projects/search?ps=500&p=$counter", 'GET', '<yourapitoken>').components.key.each { it ->
sqRest(" https://<yoursonarhost>/api/permissions/groups?projectKey=$it&permission=codeviewer", 'GET', '<yourapitoken>').groups.name.each { iit ->
map["$it"] << iit
}
}
counter++
}
def projectKeys = map.findAll { entry -> entry.value.contains('<groupToSearchFor>') }.keySet().toList()
/*
the list has all projects where <groupToSearchFor> has codeviewer permission
in case of searching for other permissions you need to edit
/api/permissions/groups?projectKey=$it&permission=<xxx>
see api docs https://<yoursonarhost>/web_api/api/permissions?internal=true
*/
println projectKeys
The web api is pageinated with a max. pagesize of 500. In case of more than 500 projects
you need to compute the total and loop over as shown above.
Gilbert
Hello Ann,
Thank your for your reply. I got the same response from our sonarqube support.
regards
Hi Gilbert
I’ve never had to develop in groovy but I will try to interpret your code in java or powershell.
thank you.
regards.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.