Don't check project permission for regular analysis

diff --git a/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectRepositoryLoader.java b/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectRepositoryLoader.java
index d8849f1940006547d82a624e8bbd220d3b1ff8a5..daf4d05420cc8f2797889867193df4b3c0260740 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectRepositoryLoader.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectRepositoryLoader.java
@@ -90,8 +90,11 @@ public class ProjectRepositoryLoader implements ServerComponent {
       ComponentDto module = dbClient.componentDao().getNullableByKey(session, query.getModuleKey());
       // Current project/module can be null when analysing a new project
       if (module != null) {
-        UserSession.get().checkComponentPermission(UserRole.USER, query.getModuleKey(),
-          "You're not authorized to access to project '" + module.name() + "', please contact your SonarQube administrator.");
+        if (query.isPreview()) {
+          // Scan permission is enough to analyze all projects but preview permission is limited to projects user can access
+          UserSession.get().checkComponentPermission(UserRole.USER, query.getModuleKey(),
+            "You're not authorized to access to project '" + module.name() + "', please contact your SonarQube administrator.");
+        }
 
         ComponentDto project = getProject(module, session);
         if (!project.key().equals(module.key())) {