Hi guys,
Im baffled - can @JamieA help at all?
Ive created a script runner listener that monitors the "UserCreatedEvent" and the purpose of the script is to remove the user from the "Service Desk Customers" project role as as SINGLE USER and add that person to the group called "service-desk-customers" so that they belong to the group.
I have found out that when this "UserCreatedEvent" is fired the user is not in that role as a single user YET. I tested this script in the console with the hybrid version and the command (removeActorsFromProjectRole) actually works. However, it doesnt work in the automation where the event is fired.
*EDIT*
The adding of the group is succesfull but not the removal from the role as a single user. The if -statement is returned as false during run time. This does not work even when the if statement is removed as the user is not in that role yet when this script has run.
Why? :D
This is purely superficial as we think the admin page is easier to understand where not every single user is listed as a single user instead of a group (JSD does this feature automatically and we dont like it:D)
We are running JIRA 7.4.4 Core with the latest SD.
The script code is below
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.crowd.event.user.UserCreatedEvent
import com.atlassian.jira.user.util.UserUtil
import com.atlassian.jira.security.groups.GroupManager
import com.atlassian.jira.user.util.UserManager
import com.atlassian.jira.user.ApplicationUsers
import com.atlassian.jira.security.roles.ProjectRoleManager
import com.atlassian.jira.security.roles.ProjectRole
import com.atlassian.jira.project.ProjectManager
import com.atlassian.jira.security.roles.ProjectRoleActor
import com.atlassian.jira.project.Project
import com.atlassian.jira.bc.projectroles.ProjectRoleService
import com.atlassian.jira.util.ErrorCollection
import com.atlassian.jira.util.SimpleErrorCollection
UserManager userManager = ComponentAccessor.getComponent(UserManager)
GroupManager groupManager = ComponentAccessor.getComponent(GroupManager)
UserUtil userUtil = ComponentAccessor.getComponent(UserUtil)
ProjectRoleManager projectRoleManager = ComponentAccessor.getComponent(ProjectRoleManager)
ProjectManager projectManager = ComponentAccessor.getComponent(ProjectManager)
ProjectRoleService projectRoleService = ComponentAccessor.getComponent(ProjectRoleService)
def event = event as UserCreatedEvent
def gname = groupManager.getGroup('service-desk-customers')
def appUser = userManager.getUserByKey(ApplicationUsers.getKeyFor(event.user))
log.info "User: ${appUser}"
userUtil.addUserToGroup(gname, appUser) //Adds the user to the above group
long projectRoleID = 10200
long projectID = 10301
def adminUser = userManager.getUserByKey("jiraadmin")
Collection listOfUsers = [appUser.getKey()]
ProjectRole projectRole = projectRoleManager.getProjectRole(projectRoleID)//Service Desk Customers projectrole
Project project = projectManager.getProjectObj(projectID) //Service Desk Project
log.info "User List: ${listOfUsers}"
log.info "Project Role: ${projectRole}"
log.info "Project: ${project}"
log.info "${projectRoleManager.isUserInProjectRole(appUser,projectRole,project)}"
if (projectRoleManager.isUserInProjectRole(appUser,projectRole,project)){
ErrorCollection errorCollection = new SimpleErrorCollection()
projectRoleService.removeActorsFromProjectRole(listOfUsers,projectRole,project,ProjectRoleActor.USER_ROLE_ACTOR_TYPE,errorCollection)
}
I was finally able to figure out what the problem was.
As the script is reacting to the user authenticated event, the script is obviously run as the user who is logging in, whom more then likely wont have project administrative rights.
I noticed that I was setting the JIRA admin user in the script, but I wasnt doing anything with it :D D'oH!
Here is the code that fixed the problem, by placing the 2 lines of code after the 1st row.
String AdminUser = "jiraadmin" //User with admin rights
ApplicationUser adminApplicationUser = userManager.getUserByName("${AdminUser}")
ComponentAccessor.getJiraAuthenticationContext().setLoggedInUser(adminApplicationUser)
Duplicate answer.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The question is publicly available. What do you mean by #it does not work in automation#? What is automation? You log script variables. Did you check in the log that the variables have correct values in automation?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Alexey,
Thanks for confirming I wasnt alone :D
The "does not work in automation" means that the Listener I created with Script Runner (Script Runner listeners) that monitors the "Usercreated" event - does not successfully remove the user as a single from the project role.
This is due to the fact (I was able to debug it) that when the "UserCreated" event is thrown - the user is actually not as a single user in the project role yet - because the line
log.info "${projectRoleManager.isUserInProjectRole(appUser,projectRole,project)}"
shows false in the logs.
So my question is: why?
Why isnt the user in that role, when this listener grabs hold of the thrown event? My guess is that this script is run before JIRA actually places the user into that role.
My other question is: How can I go around this problem? How can I make this script "run later"?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I think your script works as expected. If a user is created it does not mean that the user was added to a role. I would look for another event. I do not have access to Jira right now. I ll have a look later.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Try UserUpdatedEvent or UserEditedEvent
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Alexey,
Just returned from holidays so apologies for late reply.
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.user.util.UserUtil
import com.atlassian.jira.security.groups.GroupManager
import com.atlassian.jira.user.util.UserManager
import com.atlassian.jira.user.ApplicationUsers
import com.atlassian.jira.security.roles.ProjectRoleManager
import com.atlassian.jira.security.roles.ProjectRole
import com.atlassian.jira.project.ProjectManager
import com.atlassian.jira.security.roles.ProjectRoleActor
import com.atlassian.jira.project.Project
import com.atlassian.jira.bc.projectroles.ProjectRoleService
import com.atlassian.jira.util.ErrorCollection
import com.atlassian.jira.util.SimpleErrorCollection
import com.atlassian.crowd.event.user.UserAuthenticatedEvent
UserManager userManager = ComponentAccessor.getComponent(UserManager)
GroupManager groupManager = ComponentAccessor.getComponent(GroupManager)
UserUtil userUtil = ComponentAccessor.getComponent(UserUtil)
ProjectRoleManager projectRoleManager = ComponentAccessor.getComponent(ProjectRoleManager)
ProjectManager projectManager = ComponentAccessor.getComponent(ProjectManager)
ProjectRoleService projectRoleService = ComponentAccessor.getComponent(ProjectRoleService)
def event = event as UserAuthenticatedEvent
def gname = groupManager.getGroup('service-desk-customers')
def appUser = userManager.getUserByKey(ApplicationUsers.getKeyFor(event.user))
log.info "User: ${appUser}"
if (!groupManager.isUserInGroup(appUser, gname)){
userUtil.addUserToGroup(gname, appUser) //Adds the user to the above group
}
long projectRoleID = 10200
long projectID = 10301
def adminUser = userManager.getUserByKey("jiraadmin")
Collection<String> listOfUsers = new ArrayList<>()
listOfUsers.add(appUser.getKey())
ProjectRole projectRole = projectRoleManager.getProjectRole(projectRoleID)//Service Desk Customers projectrole
Project project = projectManager.getProjectObj(projectID) //Service Desk Project
log.info "User List: ${listOfUsers}"
log.info "Project Role: ${projectRole}"
log.info "Project: ${project}"
log.info "${projectRoleManager.isUserInProjectRole(appUser,projectRole,project)}"
if (projectRoleManager.isUserInProjectRole(appUser,projectRole,project)){
ErrorCollection errorCollection = new SimpleErrorCollection()
projectRoleService.removeActorsFromProjectRole(listOfUsers,projectRole,project,ProjectRoleActor.USER_ROLE_ACTOR_TYPE,errorCollection)
}
I edited the code to fire when the user authenticates and now it returns true (the isuserinprojectrole).
However, the user is still in the project role as a single user and it seems the removeactors -function does not remove the user as a single (the user is now successfully in the group, so the single user can be removed)
Any idea buddy?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Just giving this one more go before giving up hope :) @Alexey Matveev
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Any help? :D
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I wonder if this question is even publicly available - somebody at least troll this question? :D
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.