Need true read-only access

I recently discovered that “browse” permission belies its name, in that someone can make changes to an issue (e.g., mark it FP or add a comment) while looking it up. This is undesirable for us as we’d prefer those changes to be made by specific reviewers. Yet we need the regular devs to SEE the issues related to them. Or like the old Bruce Springsteen song: “You can look but you better not touch!”

It seems you had a Jira ticket ([SONAR-9059] - Jira) but it was abandoned. Has anyone looked at this feature since then?

If not, is there a way to kludge it in SQ itself, e.g., by setting database permissions?


Marking an issue FP/WF requires the Administer Issues permission, but it’s a fair point that you can comment on an issue with the Browse permission. And although the statuses are deprecated in 10.3, you can also ‘Confirm’ issues or mark them ‘Fixed’ (but that will be reverted by the next analysis if they’re not actually fixed in code).

So leaving aside those two deprecated statuses… It may seem self-evident, but would you mind being explicit about why commenting is undesirable?

And no, there isn’t a way to kludge this.


1 Like

I guess I missed the point about the restrictions on FP/WF. As for comments, we are formalizing a code review process, so it’d be nice to say only reviewers can comment. Then again, I guess we can just have reviewers REMOVE comments they don’t agree with.

BTW, are comments stored in a separate table, or are they just string data stored with the issue? IOW, is there any space savings to having the same comment on multiple issues? For instance, if I have the same exact comment on a hundred issues, will my DB have a hundred copies of this string, or will there be, say, one copy of the comment string with a hundred references to it? (Of course each reference will have its own comment KEY. But we do have a few cases where the comment TEXT is, shall we say, rather long-winded…)


It’s been a long time since I poked around in the DB, but I’m pretty confident in saying there’s a row for each comment somewhere.