Closed vcmaxfield closed 6 years ago
I notice the same behaviour. Please can someone take a look into that?
I faced same issue.
Same here. If I create the group sonar-administrators in jira/crowd and add all sonar admins to it, they will automatically get into the local sonar sonar-administrators group. The same is with other groups.
Workaround:
This did not work for me. Some users even lose all group membership in Sonar when they log in.
Getting the same issue with github logins. The work around doesn't apply it seems as I tested this with github "groups".
Issue is still occuring with SonarQube 7.0 and Crowd 2.12.
Yep, SonarQube 7.0, and users are removed from all groups, both system sonar-administrator group or other self-created groups. Only sonar-users remains.
Faced the same issue using Ldap too... I have added users in sonar-administrator group and once they login, the user is no more in this group.
We had a similar issue with the GitLab Auth plugin. As a workaround, we set the Default groups
property in the plugin configuration to empty. After that, we were able to keep the admin group for selected GitLab users.
I think that issue with Sonar groups. I use Sonar 7 and LDAP. After logout users lose admin group. But if you give user admin access through Global Permissions tab it works. User should have the same permissions as admin group.
I'm not able the recreate the disappearance of the admin group on 7.2.1
or 6.7.5
.
@zok1995 are these groups added in sonar (and not in crowd)?
On one hand I get that losing all permissions set in sonar is annoying, but on the other hand having crowd as the source of truth for the user makes more sense for me.
@deepy i discovered the source of my error... the people who originally set this up misspelled the name of "sonar-administrators" as "sonar-administators".
I almost did that myself while setting up my crowd for testing 🙂 But thank you for following up! if someone else meets this then they got a good place to look.
Would it be OK to close this? When some time clears up I'm going to review+test and hopefully merge https://github.com/deepy/sonar-crowd/pull/4 which if working as described should provide a suitable alternative for those who don't want to sync groups.
Same here, problem still exists on:
Only when we grant admin access via global permissions it works in other cases permissions lost.
Same issue with: Sonarqube CE Version 7.7 (build 23042) Freeipa 4.6.4
Do not put any group mapping properties at the LDAP Configuration section in sonar.properties file. That solved the issue for me.
I'm seeing a problem where if a user belongs to sonar-administrators AND sonar-users in Crowd, when they log into sonar, they are removed from sonar-administrators locally (doesn't change in Crowd). Can a person belong to only one sonar- group at a time?
Update: it seems that any user belonging to sonar-administrators group is automatically removed that group in Sonar upon login.
(Crowd 2.7.2, Sonar 5.1)