Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,366,304
Community Members
 
Community Events
168
Community Groups

JIRA SD Script Runner Adding a user to a group and removing the user from the project role as a user

Edited

Hi guys,

Im baffled - can @JamieA help at all?

Ive created a script runner listener that monitors the "UserCreatedEvent" and the purpose of the script is to remove the user from the "Service Desk Customers" project role as as SINGLE USER and add that person to the group called "service-desk-customers" so that they belong to the group.

I have found out that when this "UserCreatedEvent" is fired the user is not in that role as a single user YET. I tested this script in the console with the hybrid version and the command (removeActorsFromProjectRole) actually works. However, it doesnt work in the automation where the event is fired.

*EDIT*

The adding of the group is succesfull but not the removal from the role as a single user. The if -statement is returned as false during run time. This does not work even when the if statement is removed as the user is not in that role yet when this script has run.

Why? :D

This is purely superficial as we think the admin page is easier to understand where not every single user is listed as a single user instead of a group (JSD does this feature automatically and we dont like it:D)

We are running JIRA 7.4.4 Core with the latest SD.

The script code is below

 

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.crowd.event.user.UserCreatedEvent
import com.atlassian.jira.user.util.UserUtil
import com.atlassian.jira.security.groups.GroupManager
import com.atlassian.jira.user.util.UserManager
import com.atlassian.jira.user.ApplicationUsers
import com.atlassian.jira.security.roles.ProjectRoleManager
import com.atlassian.jira.security.roles.ProjectRole
import com.atlassian.jira.project.ProjectManager
import com.atlassian.jira.security.roles.ProjectRoleActor
import com.atlassian.jira.project.Project
import com.atlassian.jira.bc.projectroles.ProjectRoleService
import com.atlassian.jira.util.ErrorCollection
import com.atlassian.jira.util.SimpleErrorCollection

UserManager userManager = ComponentAccessor.getComponent(UserManager)
GroupManager groupManager = ComponentAccessor.getComponent(GroupManager)
UserUtil userUtil = ComponentAccessor.getComponent(UserUtil)
ProjectRoleManager projectRoleManager = ComponentAccessor.getComponent(ProjectRoleManager)
ProjectManager projectManager = ComponentAccessor.getComponent(ProjectManager)
ProjectRoleService projectRoleService = ComponentAccessor.getComponent(ProjectRoleService)

def event = event as UserCreatedEvent
def gname = groupManager.getGroup('service-desk-customers')
def appUser = userManager.getUserByKey(ApplicationUsers.getKeyFor(event.user))
log.info "User: ${appUser}"
userUtil.addUserToGroup(gname, appUser) //Adds the user to the above group

long projectRoleID = 10200
long projectID = 10301

def adminUser = userManager.getUserByKey("jiraadmin")
Collection listOfUsers = [appUser.getKey()]
ProjectRole projectRole = projectRoleManager.getProjectRole(projectRoleID)//Service Desk Customers projectrole
Project project = projectManager.getProjectObj(projectID) //Service Desk Project

log.info "User List: ${listOfUsers}"
log.info "Project Role: ${projectRole}"
log.info "Project: ${project}"
log.info "${projectRoleManager.isUserInProjectRole(appUser,projectRole,project)}"

if (projectRoleManager.isUserInProjectRole(appUser,projectRole,project)){
    ErrorCollection errorCollection = new SimpleErrorCollection()
    projectRoleService.removeActorsFromProjectRole(listOfUsers,projectRole,project,ProjectRoleActor.USER_ROLE_ACTOR_TYPE,errorCollection)
}

 

4 answers

1 accepted

2 votes
Answer accepted

I was finally able to figure out what the problem was.

As the script is reacting to the user authenticated event, the script is obviously run as the user who is logging in, whom more then likely wont have project administrative rights.

I noticed that I was setting the JIRA admin user in the script, but I wasnt doing anything with it :D D'oH!

Here is the code that fixed the problem, by placing the 2 lines of code after the 1st row.

String AdminUser = "jiraadmin" //User with admin rights

ApplicationUser adminApplicationUser = userManager.getUserByName("${AdminUser}")
ComponentAccessor.getJiraAuthenticationContext().setLoggedInUser(adminApplicationUser)

Duplicate answer.

0 votes

The question is publicly available. What do you mean by #it does not work in automation#? What is automation? You log script variables. Did you check in the log that the variables have correct values in automation?

Hi Alexey,

Thanks for confirming I wasnt alone :D

The "does not work in automation" means that the Listener I created with Script Runner (Script Runner listeners) that monitors the "Usercreated" event - does not successfully remove the user as a single from the project role.

This is due to the fact (I was able to debug it) that when the "UserCreated" event is thrown - the user is actually not as a single user in the project role yet - because the line

log.info "${projectRoleManager.isUserInProjectRole(appUser,projectRole,project)}"

shows false in the logs.

So my question is: why?

Why isnt the user in that role, when this listener grabs hold of the thrown event? My guess is that this script is run before JIRA actually places the user into that role.

My other question is: How can I go around this problem? How can I make this script "run later"?

I think your script works as expected. If a user is created it does not mean that the user was added to a role. I would look for another event. I do not have access to Jira right now. I ll have a look later.

Try UserUpdatedEvent or UserEditedEvent

Hi Alexey,

Just returned from holidays so apologies for late reply.

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.user.util.UserUtil
import com.atlassian.jira.security.groups.GroupManager
import com.atlassian.jira.user.util.UserManager
import com.atlassian.jira.user.ApplicationUsers
import com.atlassian.jira.security.roles.ProjectRoleManager
import com.atlassian.jira.security.roles.ProjectRole
import com.atlassian.jira.project.ProjectManager
import com.atlassian.jira.security.roles.ProjectRoleActor
import com.atlassian.jira.project.Project
import com.atlassian.jira.bc.projectroles.ProjectRoleService
import com.atlassian.jira.util.ErrorCollection
import com.atlassian.jira.util.SimpleErrorCollection
import com.atlassian.crowd.event.user.UserAuthenticatedEvent

UserManager userManager = ComponentAccessor.getComponent(UserManager)
GroupManager groupManager = ComponentAccessor.getComponent(GroupManager)
UserUtil userUtil = ComponentAccessor.getComponent(UserUtil)
ProjectRoleManager projectRoleManager = ComponentAccessor.getComponent(ProjectRoleManager)
ProjectManager projectManager = ComponentAccessor.getComponent(ProjectManager)
ProjectRoleService projectRoleService = ComponentAccessor.getComponent(ProjectRoleService)

def event = event as UserAuthenticatedEvent
def gname = groupManager.getGroup('service-desk-customers')
def appUser = userManager.getUserByKey(ApplicationUsers.getKeyFor(event.user))
log.info "User: ${appUser}"

if (!groupManager.isUserInGroup(appUser, gname)){
    userUtil.addUserToGroup(gname, appUser) //Adds the user to the above group
}

long projectRoleID = 10200
long projectID = 10301

def adminUser = userManager.getUserByKey("jiraadmin")
Collection<String> listOfUsers = new ArrayList<>()
listOfUsers.add(appUser.getKey())
ProjectRole projectRole = projectRoleManager.getProjectRole(projectRoleID)//Service Desk Customers projectrole
Project project = projectManager.getProjectObj(projectID) //Service Desk Project

log.info "User List: ${listOfUsers}"
log.info "Project Role: ${projectRole}"
log.info "Project: ${project}"
log.info "${projectRoleManager.isUserInProjectRole(appUser,projectRole,project)}"

if (projectRoleManager.isUserInProjectRole(appUser,projectRole,project)){
    ErrorCollection errorCollection = new SimpleErrorCollection()
    projectRoleService.removeActorsFromProjectRole(listOfUsers,projectRole,project,ProjectRoleActor.USER_ROLE_ACTOR_TYPE,errorCollection)
}

 I edited the code to fire when the user authenticates and now it returns true (the isuserinprojectrole).

However, the user is still in the project role as a single user and it seems the removeactors -function does not remove the user as a single (the user is now successfully in the group, so the single user can be removed)

Any idea buddy?

Just giving this one more go before giving up hope :) @Alexey Matveev _Appfire_

Like Magic Mike likes this
0 votes

Any help? :D

I wonder if this question is even publicly available - somebody at least troll this question? :D

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events