Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Remove InActive Users from Bitbucket Using Scriptrunner

I had a requirement to clean our bitbucket license by removing any user with no login record or "Last Authentication" > 60 days. 

I did search here and there to find the most suitable approach and at the end i find there are 2 ways.

- Database update script ,  detailed article  .

 - Using a custom script with Jira script runner plugin 

I preferred the 2nd approach then I developed the required script as below :

Note :  Script-runner for Jira is required , Crowd is our identity management tool so, i used rest client to remove the user directly from the assigned group in crowd 

 

import com.atlassian.applinks.api.ApplicationLinkService
import com.atlassian.applinks.api.application.bitbucket.BitbucketApplicationType
import com.atlassian.sal.api.component.ComponentLocator
import com.atlassian.sal.api.net.Request
import com.atlassian.sal.api.net.Response
import com.atlassian.sal.api.net.ResponseException
import com.atlassian.sal.api.net.ResponseHandler
import groovy.json.JsonSlurper
import groovyx.net.http.RESTClient
import org.apache.log4j.Logger
import static groovyx.net.http.ContentType.JSON

def log = Logger.getLogger("com.onresolve.jira.groovy")

def appLinkService = ComponentLocator.getComponent(ApplicationLinkService)
def appLinkName = appLinkService.getPrimaryApplicationLink(BitbucketApplicationType)
def limitsize = 200
def start = 0
assert appLinkName
log.debug(appLinkName)
def Users = []

def isLast = false

while (!isLast) {
def restCallURL = "rest/api/1.0/admin/groups/more-members?context=bitbucket-users&start=${start}&limit=${limitsize}"
def authenticatedRequestFactory = appLinkName.createAuthenticatedRequestFactory()
def result = authenticatedRequestFactory.createRequest(Request.MethodType.GET, restCallURL)
.addHeader("Content-Type", "application/json")
.execute(new ResponseHandler<Response>() {
@Override
void handle(Response response) throws ResponseException {
if (response.statusCode != HttpURLConnection.HTTP_OK) {
throw new Exception(response.getResponseBodyAsString())
} else {
def disable = false
def slurped = new JsonSlurper().parseText(response.getResponseBodyAsString())
isLast = slurped.isLastPage
def slugs = slurped.values
slugs.each {
if (!it.lastAuthenticationTimestamp) {
Users << it.slug
} else {
Date cutoff = new Date().minus(60)
Date last = new Date(it.lastAuthenticationTimestamp)
if (last.before(cutoff)) {
Users << it.slug
}
}
}
start += 200
}
}
})
}

for (user in Users){
restClient('https://YourCrowd/crowd//rest/usermanagement/1/', "group/user/direct", ['username':user,'groupname':'bitbucket-users'])
}
def static restClient(def uri, def path, def query) {
try {

def client = new RESTClient(uri)
def res = client.auth.basic("User", "Pass")
client.delete(path: path, query: query, contentType: JSON)
} catch (Exception e) {

}
}

 

Then I added the script to be executed as a Jira service every week by following below steps :

  1. Navigate to Jira Admin -> System -> Services
  2. Fill Service name field 
  3. Fill in Class field with "com.onresolve.jira.groovy.GroovyService"
  4. Click Add Service 
  5. Write the script path under atlassian home/scripts

 

Service.PNG

Done

Regards, 

 

1 comment

Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
September 15, 2019

This is exactly the use case we originally had for our UserManagement line of products, especially for users who do not want to deal with scripts, more so maintain them in the context of updates and potential breaking changes.

With UserManagement one can configure a scheduled action scheme to run regularly or use bulk user actions to do a one-off cleanup (please, do leave a review on the Marketplace even if you are not going to buy the product - it really helps our sales!). We can delete or deactivate or just remove groups from the users. Also if you just remove groups, when the user comes back and logs in again, the built in features of User Directories integration can add the groups back i.e. dynamic management of active users!

For Bitbucket Server, UserManagement for Bitbucket is less expensive from 250 and up than ScriptRunner, you can certainly do so much more with ScriptRunner but if your requirement is to deal with inactive users - consider our product please? We priced it to be 2%-17% of the upgrade price to the next user tier.

For Bitbucket Data Center, our pricing is very close up to 500 users, and much more cost-effective from 1000 up. We priced it to be 20% of the upgrade price to the next user tier. 

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events