How to set all existing projects to private in SonarQube?


(Farooq Khan) #1

Hi,

How to set all existing projects to private in SonarQube?

How to change sonar-users permission for all existing projects?

Which template will be applicable if multiple templates matches the criteria (including default one)?

Thanks,
Farooq


(G Ann Campbell) #2

Hi,

You can easily do this by creating a new permissions template that doesn’t grant the Anyone pseudo-group any permissions and apply it to all projects.

HOWEVER before you do that, you should be aware that applying such a template will overwrite all existing permissions settings for your projects, so this should be approached with extreme caution.

Another option is to require users to log in just to access the instance (Administration > Security > Force user authentication). It doesn’t remove anonymous rights from your projects, but it does keep anonymous users from getting to your projects to exercise their rights, which is pretty much just as good.

 
HTH,
Ann


(Farooq Khan) #3

Thanks for the response.

As you mentioned if a new template is created & applied then it will overwrite existing permission settings.
We have multiple templates applied for different group of projects. If we create a new template to not grant Anyone group any access then all existing permission sets will be lost.

Is there any easy option or any option via Web API?

Moreover, it would be very helpful if you can share your feedback on other 2 queries as well.

How to change sonar-users permission for all existing projects?

Which template will be applicable if multiple templates matches the criteria (including default one)?

Thanks
Farooq


(G Ann Campbell) #4

Hi Farooq,

The answer for the sonar-users group is pretty much the same as for Anyone.

However, given that you do have multiple extant permissions templates you can simply edit them to reflect the changes you want and reapply them one by one.

To be specific about that, templates have no on-going relationships with projects. If I create a project, some permission template will be applied. If I then edit the template, the project is unaffected until and unless I reapply the template to the project. You can easily do that on the Projects
page (Administration > Projects > Management > Bulk Apply Permission Template), presumably after you’ve run a search to narrow the set of projects to affect.

This question is only relevant at project creation. If there are multiple templates with a matching Project Key Pattern, I’m not sure which one will be applied. Ideally, you’ll avoid the question.

 
Ann


(Farooq Khan) #5

Thanks a lot Ann.

We want to make all existing projects private so that we can remove “see source code” permission from sonar-users group, as that option appears only when we make project private. Screenshots given below.

Hence, currently we have 2 main requirements:

  1. Make all existing projects private (in a go).
  2. Remove “see source code” permission from sonar-users group for all existing projects.

You think there is any other way to achieve this ?

Thanks,
Farooq


(G Ann Campbell) #6

Hi Farooq,

I’ve given you what comes to mind.

 
Ann


(Farooq Khan) #7

Hi Ann,

So it means there is no option to make all existing projects private in one go?
We need to do it project by project? I am actually checking because we have 498 projects totally.

Thanks,
Farooq