Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Hide a UI element depending on Role with Scriptrunner

Mike P
Mike P
Contributor
April 12, 2023

Hello,

I would like to hide the Project and Repository Permissions page from all users except System Admins.  I have been able to find the UI element to hide, but I am not sure how to disable it except for a System Admin.  Any suggestions? 

 

I was trying:

 

import com.atlassian.sal.api.user.UserManager
import com.atlassian.sal.api.user.UserKey

def userManager = ComponentLocator.getComponent(UserManager)

if (userManager.isSysAdmin(new UserKey(currentEvent.user.name))) {
    true
}
return false
Answer
Watch
Like Be the first to like this
561 views

1 answer

0 votes
Yannis Argyropoulos __ScriptRunner - The Adaptavist Group__
Yannis Argyropoulos __ScriptRunner - The Adaptavist Group__
Contributor
April 14, 2023 edited

Hi @Mike P 

 

The following snippet will return `true` when the logged in user is a global admins and `false` if they are a project or repo admin:

import com.atlassian.sal.api.user.UserKey

import com.atlassian.sal.api.user.UserManager

import com.atlassian.bitbucket.auth.AuthenticationContext

import com.atlassian.sal.api.component.ComponentLocator

def currentUser = ComponentLocator.getComponent(AuthenticationContext).currentUser

ComponentLocator.getComponent(UserManager).isAdmin(new UserKey(currentUser.name))

 

However, If you just need to prevent project or repo admins from changing permissions, instead of hidding UI elements, you could just reject any permission modification events for non-admin users.

You could use this library script : https://library.adaptavist.com/entity/block-changing-proj-key-from-non-admins

and modify its trigger, using  ProjectPermissionModificationRequestedEvent and RepositoryPermissionModificationRequestedEvent instead of ProjectModificationRequestedEvent

 


 

View More Comments
Mike P
Mike P
Contributor
April 18, 2023

Thank you so much Yannis.  I will give the code a try.

As for your suggestion, it would be much better if I could gray out all the fields on the page except for system admins/admins.  Is there a way to gray out the fields?

 

Also, how does one know what listener to use?  Is there documentation anywhere for them?

 

thanks!

Like
Yannis Argyropoulos __ScriptRunner - The Adaptavist Group__
Yannis Argyropoulos __ScriptRunner - The Adaptavist Group__
Contributor
April 19, 2023 edited

@Mike P  I cannot think of an easy way to gray out fields.

I suggest to do it with event listeners, because this way you can have a clear error message and not confuse users by having an inconsistent UI. Also, this will cover you from users using rest API to change permissions.


For documentation, you could have a look at
PermissionModificationRequestedEvent , CancelableEvent and their implementations

Regards,
Yannis

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
SERVER
VERSION
7.21
TAGS
AUG Leaders

Upcoming Bitbucket Events