//Cloudogu EcoSystem Docs

Permission template

The permission template is a mechanism in SonarQube to set up project permissions. The default template will be changed during the dogu startup to ensure that the CES_ADMIN group has access to administer new created projects. The following permissions will be set (admin codeviewer issueadmin securityhotspotadmin scan user ) this setup can be verified (Administration -> Security -> Permisssion Templates). see setup.json for further details

default template overview

Fix wrong project permissions

The permissions for projects created without correct CESADMIN group permissions can be changed later using a specific config-key. (set `amendprojectswithcesadminpermissionstoall-> restart sonar -> CES_ADMIN group will be added to all projects). The implementation uses the SonarQube API endpointpermissions/add_group. After the changes to the projects are applied the config-key will automatically reset tonone` (see config-key description in dogu.json).