Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
badges earned

Your Points Tracker
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Script Runner - Script Fragment and REST Endpoint restriction based on project's role.


I'd like to restrict Script Fragment and REST Endpoint for users in specific project role.
I detected strange behavior with ApplicationUser returned by "ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser()"


1. I have a script fragment that executes specific rest endpoint with defined project Key: /rest/scriptrunner/latest/custom/myRestendpointFunction?project=${project.key}
Fragment location: jira.project.sidebar.navigation

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.project.ProjectManager
import com.atlassian.jira.project.Project;
def projectKey = jiraHelper.project?.key;
def currentUser = ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser()
def projectRoleManager = ComponentAccessor.getComponentOfType(ProjectRoleManager);
def projectManager = ComponentAccessor.getProjectManager();
def role = projectRoleManager.getProjectRole("Admin");
Project projectObj = projectManager.getProjectObjByKey(projectKey)
return projectRoleManager.isUserInProjectRole(currentUser, role, projectObj)


If am logged as user who is in Admin Role in current project, I see this fragment in project sidebar section.
If I am logged as user who is not in Admin role, I don't see this fragment.
So looks like everything is ok at this step.

2. I have to restrict my Rest Endpoint based on project role.
I use the same logic as in previous step - check project and user returned by "ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser()".
Problem is that this "getLoggedInUser()" returns me the same user with admin role regardless who is executing this rest endpoint
a) I logged as user with Admin Role in current project, execute rest endpoint URL directly and "getLoggedInUser()" returns me the correct user
b) I open another browser, logged as another user who is not in Admin role, execute rest endpoint URL directly, but "getLoggedInUser()" returns me the same user as in previous (a) step (user in admin role).

So, looks like "ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser()" returns different values in Script fragment and in rest Endpoint.

I found a solution - user "Get the user making the request" example in to get correct user in Rest Endpoint, however I don't understand what is wrong with "getLoggedInUser()"...

Could you help me to understand this?


Thank you in advance,

0 answers

Suggest an answer

Log in or Sign up to answer
Community showcase

The benefits of using Jira in different departments

Jira is a great tool to use across different departments. Forget that paperwork – switch to Jira and get that tasks done smoothly. Marketing Jira allows for a complete digital transformation of you...

97 views 0 5
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you