Get product advice from experts

Ask a question →

Join a community group

Find a group →

Advance your career with learning paths

Take a free class →

Earn badges and rewards

Connect and share ideas at events

See the calendar →

Community
Products
Bamboo
Questions
Bamboo Permissions Audit Report

Bamboo Permissions Audit Report

I tried looking through the REST API Browser (and I unchecked public api only) for a way to expose the permissions given to a particular plan and could not find one. Not sure if there is a JSON-RPC api available to let me get this information or not...

Management wants me to make a spreadsheet of all IDs that have access to Bamboo, what role each ID has on each priviledged resource - and they also want to know the last login time (which I am not sure I can even get).

I know that there are cases where the permission is based on a group, and I can query Jira to get the group members... but I just dont want to go through thousands of plans individually on the web interface, that would take me a month to do.

Looking to see if anyone else had to do something similar and can share.

2 answers

1 accepted

0 votes

Answer accepted

web scraping is icky... but if worse comes to worse, I do have....

curl -k -u 'ausername:somepassword' https://my.bamboo.url/chain/admin/config/editChainPermissions.action?buildKey=MYBUILD-KEY | awk -F\" '/bambooPermission_/{ print $(NF - 1) }'

I don't want this to be the accepted answer... but just in case there is no better answer I wanted to put it out there for everyone else.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Currently scraping...

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

As a 3-year late suggestion - I'd add a

| grep " checked "

before the awk to your solution. Also, don't forget the Deploy side, too...

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

:) way to necromance :) but yes, thats a valid comment

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Reply

0 votes

I don't think this is exposed through REST. You could write a plugin for it but it might be kinda hairy...

There are 2 rest end points that can give you the projects/plans that you could always pipe into the above( https://docs.atlassian.com/bamboo/REST/5.0-SNAPSHOT/#d2e41). If this is going to be a one-off - it might just be worth it go for the ugly...

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Yeah, I saw it wasnt in rest, but that doesn't mean we cant use JSON-RPC... I learned at Summit 2013 that theres still a lot of things you can do with JSON-RPC that isnt in REST yet.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Reply

Suggest an answer

Log in or Sign up to answer

Was this helpful?

Thanks!

TAGS