SonarQube read only permissions

issues

(David Laughlin) #1

Hi All,

In the interest of transparency, I am trying to configure my SonarQube instance so that any member of my organization can login and view the metrics of the project. What I don’t want is any user that logins to be able to modify the status of issues (changing from Open to Resolved as Fixed, etc), reassigning etc… I would like to limit that to the specific development teams working on the project through various groups.

I have tried making the project public, as well as making it private and providing the ‘Browse’ permission. It seems that the ‘Browse’ permission does more than just allow browse, also allowing edits of a few fields.

Is there a way to achieve this?

Thanks.

SonarQube Version: 7.5.0.205043
External User Authentication: LDAP


(Julien Lancelot) #2

Hi David,

Indeed, it’s a know limitation that the ‘Browse’ permission allow users to do the ‘Confirm’ and ‘Resolve as confirmed’ actions on issues.
We have a JIRA ticket to fix this : https://jira.sonarsource.com/browse/SONAR-9059, feel free to vote for it.

Regards,
Julien Lancelot