Hi all,
Sometimes you need to run your Groovy script as another user, for example some admin user with needed permissions. This code can be rather verbose because you need get target user, get current user, set target user to authentication context and finally switch back. What can we do with all this? Idea is rather simple - we can create some utility. Let's start with it.
1) Create your utility class. Let's call it ScriptUtils.groovy. For example:
package funlabs.utils
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.security.JiraAuthenticationContext
import com.atlassian.jira.user.ApplicationUser
class ScriptUtils {
static Object withUser(String username, Closure closure) {
ApplicationUser targetUser = ComponentAccessor.userManager.getUserByName(username)
if (targetUser) {
JiraAuthenticationContext authContext = ComponentAccessor.jiraAuthenticationContext
ApplicationUser originalUser = authContext.loggedInUser
try {
authContext.loggedInUser = targetUser
int paramsNumber = closure.maximumNumberOfParameters
switch (paramsNumber) {
case 0:
return closure()
break
case 1:
return closure(targetUser)
break
case 2:
return closure(targetUser, originalUser)
break
default:
throw new IllegalArgumentException('Max params number is 2')
}
} finally {
authContext.loggedInUser = originalUser
}
} else {
throw new IllegalArgumentException("No user found for provided username - $username")
}
}
}
2) Now you can import this utility into your script and use it. Pay attention to how we import static method. Let's create ScratchScript.groovy:
package com.example
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.security.JiraAuthenticationContext
import com.atlassian.jira.user.ApplicationUser
import static funlabs.utils.ScriptUtils.withUser
final String TARGET_USER = 'devnull'
final String ADMIN_USER = 'admin'
JiraAuthenticationContext authContext = ComponentAccessor.jiraAuthenticationContext
// Let's check that now we're logged in under 'admin' user
assert authContext.loggedInUser.username == ADMIN_USER
// Non existing user example
try {
withUser('nonexistingusername') { -> }
} catch (any) {
assert any instanceof IllegalArgumentException
assert any.message == 'No user found for provided username - nonexistingusername'
}
// You can pass no params
withUser(TARGET_USER) { ->
assert authContext.loggedInUser.username == TARGET_USER
}
// If you want to get target user ('devnull' here)
withUser(TARGET_USER) { ApplicationUser targetUser ->
assert targetUser.username == TARGET_USER
}
// If you need to get both target and original users
withUser(TARGET_USER) { ApplicationUser targetUser, ApplicationUser originalUser ->
assert targetUser.username == TARGET_USER
assert originalUser.username == ADMIN_USER // in some SR context there can be no logged in user
}
//But it will boooooom! if you provide more than 2 args to closure
try {
withUser(TARGET_USER) { user1, user2, user3 -> }
} catch (any) {
assert any instanceof IllegalArgumentException
assert any.message == 'Max params number is 2'
}
// Our utility method can return result
String upperCasedUsername = withUser(TARGET_USER) { ApplicationUser targetUser ->
targetUser.username.toUpperCase()
}
assert upperCasedUsername == TARGET_USER.toUpperCase()
// Let's check that we returned to original user
assert authContext.loggedInUser.username == ADMIN_USE
So, in this elegant and simple manner we can simplify our code.
You can find code for this examples here
And what do you use for simplifying your code?