Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

JIRA SD Script Runner Adding a user to a group and removing the user from the project role as a user

Edited

Hi guys,

Im baffled - can @JamieA help at all?

Ive created a script runner listener that monitors the "UserCreatedEvent" and the purpose of the script is to remove the user from the "Service Desk Customers" project role as as SINGLE USER and add that person to the group called "service-desk-customers" so that they belong to the group.

I have found out that when this "UserCreatedEvent" is fired the user is not in that role as a single user YET. I tested this script in the console with the hybrid version and the command (removeActorsFromProjectRole) actually works. However, it doesnt work in the automation where the event is fired.

*EDIT*

The adding of the group is succesfull but not the removal from the role as a single user. The if -statement is returned as false during run time. This does not work even when the if statement is removed as the user is not in that role yet when this script has run.

Why? :D

This is purely superficial as we think the admin page is easier to understand where not every single user is listed as a single user instead of a group (JSD does this feature automatically and we dont like it:D)

We are running JIRA 7.4.4 Core with the latest SD.

The script code is below

 

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.crowd.event.user.UserCreatedEvent
import com.atlassian.jira.user.util.UserUtil
import com.atlassian.jira.security.groups.GroupManager
import com.atlassian.jira.user.util.UserManager
import com.atlassian.jira.user.ApplicationUsers
import com.atlassian.jira.security.roles.ProjectRoleManager
import com.atlassian.jira.security.roles.ProjectRole
import com.atlassian.jira.project.ProjectManager
import com.atlassian.jira.security.roles.ProjectRoleActor
import com.atlassian.jira.project.Project
import com.atlassian.jira.bc.projectroles.ProjectRoleService
import com.atlassian.jira.util.ErrorCollection
import com.atlassian.jira.util.SimpleErrorCollection

UserManager userManager = ComponentAccessor.getComponent(UserManager)
GroupManager groupManager = ComponentAccessor.getComponent(GroupManager)
UserUtil userUtil = ComponentAccessor.getComponent(UserUtil)
ProjectRoleManager projectRoleManager = ComponentAccessor.getComponent(ProjectRoleManager)
ProjectManager projectManager = ComponentAccessor.getComponent(ProjectManager)
ProjectRoleService projectRoleService = ComponentAccessor.getComponent(ProjectRoleService)

def event = event as UserCreatedEvent
def gname = groupManager.getGroup('service-desk-customers')
def appUser = userManager.getUserByKey(ApplicationUsers.getKeyFor(event.user))
log.info "User: ${appUser}"
userUtil.addUserToGroup(gname, appUser) //Adds the user to the above group

long projectRoleID = 10200
long projectID = 10301

def adminUser = userManager.getUserByKey("jiraadmin")
Collection listOfUsers = [appUser.getKey()]
ProjectRole projectRole = projectRoleManager.getProjectRole(projectRoleID)//Service Desk Customers projectrole
Project project = projectManager.getProjectObj(projectID) //Service Desk Project

log.info "User List: ${listOfUsers}"
log.info "Project Role: ${projectRole}"
log.info "Project: ${project}"
log.info "${projectRoleManager.isUserInProjectRole(appUser,projectRole,project)}"

if (projectRoleManager.isUserInProjectRole(appUser,projectRole,project)){
    ErrorCollection errorCollection = new SimpleErrorCollection()
    projectRoleService.removeActorsFromProjectRole(listOfUsers,projectRole,project,ProjectRoleActor.USER_ROLE_ACTOR_TYPE,errorCollection)
}

 

4 answers

1 accepted

1 vote
Answer accepted

I was finally able to figure out what the problem was.

As the script is reacting to the user authenticated event, the script is obviously run as the user who is logging in, whom more then likely wont have project administrative rights.

I noticed that I was setting the JIRA admin user in the script, but I wasnt doing anything with it :D D'oH!

Here is the code that fixed the problem, by placing the 2 lines of code after the 1st row.

String AdminUser = "jiraadmin" //User with admin rights

ApplicationUser adminApplicationUser = userManager.getUserByName("${AdminUser}")
ComponentAccessor.getJiraAuthenticationContext().setLoggedInUser(adminApplicationUser)
0 votes

The question is publicly available. What do you mean by #it does not work in automation#? What is automation? You log script variables. Did you check in the log that the variables have correct values in automation?

Hi Alexey,

Thanks for confirming I wasnt alone :D

The "does not work in automation" means that the Listener I created with Script Runner (Script Runner listeners) that monitors the "Usercreated" event - does not successfully remove the user as a single from the project role.

This is due to the fact (I was able to debug it) that when the "UserCreated" event is thrown - the user is actually not as a single user in the project role yet - because the line

log.info "${projectRoleManager.isUserInProjectRole(appUser,projectRole,project)}"

shows false in the logs.

So my question is: why?

Why isnt the user in that role, when this listener grabs hold of the thrown event? My guess is that this script is run before JIRA actually places the user into that role.

My other question is: How can I go around this problem? How can I make this script "run later"?

I think your script works as expected. If a user is created it does not mean that the user was added to a role. I would look for another event. I do not have access to Jira right now. I ll have a look later.

Try UserUpdatedEvent or UserEditedEvent

Hi Alexey,

Just returned from holidays so apologies for late reply.

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.user.util.UserUtil
import com.atlassian.jira.security.groups.GroupManager
import com.atlassian.jira.user.util.UserManager
import com.atlassian.jira.user.ApplicationUsers
import com.atlassian.jira.security.roles.ProjectRoleManager
import com.atlassian.jira.security.roles.ProjectRole
import com.atlassian.jira.project.ProjectManager
import com.atlassian.jira.security.roles.ProjectRoleActor
import com.atlassian.jira.project.Project
import com.atlassian.jira.bc.projectroles.ProjectRoleService
import com.atlassian.jira.util.ErrorCollection
import com.atlassian.jira.util.SimpleErrorCollection
import com.atlassian.crowd.event.user.UserAuthenticatedEvent

UserManager userManager = ComponentAccessor.getComponent(UserManager)
GroupManager groupManager = ComponentAccessor.getComponent(GroupManager)
UserUtil userUtil = ComponentAccessor.getComponent(UserUtil)
ProjectRoleManager projectRoleManager = ComponentAccessor.getComponent(ProjectRoleManager)
ProjectManager projectManager = ComponentAccessor.getComponent(ProjectManager)
ProjectRoleService projectRoleService = ComponentAccessor.getComponent(ProjectRoleService)

def event = event as UserAuthenticatedEvent
def gname = groupManager.getGroup('service-desk-customers')
def appUser = userManager.getUserByKey(ApplicationUsers.getKeyFor(event.user))
log.info "User: ${appUser}"

if (!groupManager.isUserInGroup(appUser, gname)){
    userUtil.addUserToGroup(gname, appUser) //Adds the user to the above group
}

long projectRoleID = 10200
long projectID = 10301

def adminUser = userManager.getUserByKey("jiraadmin")
Collection<String> listOfUsers = new ArrayList<>()
listOfUsers.add(appUser.getKey())
ProjectRole projectRole = projectRoleManager.getProjectRole(projectRoleID)//Service Desk Customers projectrole
Project project = projectManager.getProjectObj(projectID) //Service Desk Project

log.info "User List: ${listOfUsers}"
log.info "Project Role: ${projectRole}"
log.info "Project: ${project}"
log.info "${projectRoleManager.isUserInProjectRole(appUser,projectRole,project)}"

if (projectRoleManager.isUserInProjectRole(appUser,projectRole,project)){
    ErrorCollection errorCollection = new SimpleErrorCollection()
    projectRoleService.removeActorsFromProjectRole(listOfUsers,projectRole,project,ProjectRoleActor.USER_ROLE_ACTOR_TYPE,errorCollection)
}

 I edited the code to fire when the user authenticates and now it returns true (the isuserinprojectrole).

However, the user is still in the project role as a single user and it seems the removeactors -function does not remove the user as a single (the user is now successfully in the group, so the single user can be removed)

Any idea buddy?

Just giving this one more go before giving up hope :) @Alexey Matveev _Appfire_

Like Magic Mike likes this

Any help? :D

I wonder if this question is even publicly available - somebody at least troll this question? :D

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira

Admins, notify your Jira instance of system-wide changes with the new admin announcement banner

Hi All! We’re excited to share the launch of an announcement banner that lets Jira site administrators communicate directly to their users across Jira Cloud instance.   📢 Get y...

163 views 7 8
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you