Add group to security level Groovy

Trevor Trevorton July 31, 2017

 

I've been unable to find a method in the Jira 7 API allowing me to add groups to a security level. Any help would be much appreciated,

 

Thanks

3 answers

1 accepted

3 votes
Answer accepted
Aidan Derossett [Adaptavist]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
October 18, 2017

So I was actually able to accomplish this with the following code:

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.issue.security.IssueSecuritySchemeManager
import com.atlassian.jira.scheme.SchemeEntity

def issueSecurityLevelManager = ComponentAccessor.getIssueSecurityLevelManager()
def issueSecuritySchemeManager = ComponentAccessor.getComponent(IssueSecuritySchemeManager)

def scheme = issueSecuritySchemeManager.getSchemeObject("scheme 1") //Name of scheme

def levels = issueSecurityLevelManager.getIssueSecurityLevels(scheme.id)
levels.each{
def entity = new SchemeEntity("group", "jira-users", it.id)
def gv = issueSecuritySchemeManager.getScheme(scheme.id)
issueSecuritySchemeManager.createSchemeEntity(gv, entity)
}

The above code takes a scheme, traverses all of its levels, and adds the "jira-user" group to each one. Now, I assume this isn't exactly what you'd like to happen in your instance, but, as I don't know your exact requirements, I figured it would be a good example. The biggest problem with the code in the above answers is this method here: 

def gv = issueSecuritySchemeManager.getIssueSecurityLevelScheme(scheme.id)

 As I'm sure you've found out, that method doesn't actually return a GenericValue, which is necessary for the "createSchemeEntity" method. I searched for quite some time looking for a way to make that method work, but I didn't have much luck so you may just have to use the deprecated method "getScheme" instead. But regardless, it should get the job done.

Best,

Aidan 

Jackson Farnsworth
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 17, 2019

So I've replaced "group" with "projectrole", but the role doesn't quite pop up. Instead of the security level gaining:
"Project Role (RoleName)"
It gets:
"Project Role"

Is there something special that you have to do with Roles to update it properly?

Jackson Farnsworth
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 17, 2019

Never mind, did some more digging. The second argument has to be the Role ID (Long) in String form.

def entity = new SchemeEntity("projectrole", "10201", level.id)
Like Deepali Kohli likes this
Jörg Hoffmann February 22, 2022

Thank you. I tried and came close, but I did not see that inherited method to get the GenericValue Scheme in the doc.

And also the "recommended" method "issueSecuritySchemeManager.getIssueSecurityLevelScheme(scheme.id)" gives you an object of type "IssueSecurityLevelScheme", but there is no way of actually using that to create a SchemeEntity, because the only method I found needs a "GenericValue". And there also seems to be no way to get such a GenericValue from an object of type "IssueSecurityLevelScheme". So you have to basically build it yourself, which might be possible if I just knew what exactly the first constructor parameter is "EntityModel".

But yeah... I gave up and just used the "deprecated" method, which is way easier, as you demonstrated, unless I'm overlooking something.

Deepali Kohli April 24, 2023

Hi!

Need help with creating the the entity for user custom field value (multiuser customfield) , I tried

 

def entity = new SchemeEntity("multiuser CF", "user/group",securityLevel.id)
Thanks,
Deepali Kohli
0 votes
Shaakunthala July 31, 2017

Even I couldn't get closer than this - I give up for the moment :/ :

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.issue.security.IssueSecuritySchemeManager
import com.atlassian.jira.issue.security.IssueSecurityTypeManager
import com.atlassian.jira.security.type.SecurityType
import com.atlassian.jira.issue.security.IssueSecurityLevelPermission

def group = ComponentAccessor.getGroupManager().getGroup ("jira-users")
def securityLevelManager = ComponentAccessor.getIssueSecurityLevelManager()
def issueSecuritySchemeManager = ComponentAccessor.getComponent(IssueSecuritySchemeManager.class)
def issueSecurityTypeManager = ComponentAccessor.getComponent(IssueSecurityTypeManager.class)

def issueSecurityTypes = issueSecurityTypeManager.getSchemeTypes()
def issueSecurityType = issueSecurityTypeManager.getSchemeTypes()["group"]

def issueSecurityLevelScheme = issueSecuritySchemeManager.getIssueSecurityLevelSchemes().find {
it.name == "Example Security Level"
}

def securityLevel = securityLevelManager.getIssueSecurityLevels(issueSecurityLevelScheme.id).find {
it.name == "Level 1"
}

From this point, following steps might give you a clue.

  1. Enable profiling in JIRA.
  2. Add a group to a security level.
  3. Disable profiling.
  4. Inspect atlassian-jira.log carefully with keywords like store, set, permission, issuesecuritylevelpermission, entity, etc. - this might give you a clue.

Regards,

Shaakunthala

Carlos David August 7, 2017

profiling flags up:

 

/secure/admin/AddIssueSecurity.jspa [c.a.util.profiling.UtilTimerStack] [15ms] - /jira/secure/admin/AddIssueSecurity.jspa
[14ms] - AddIssueSecurity.execute()

/secure/admin/EditIssueSecurities!default.jspa [c.a.util.profiling.UtilTimerStack] [90ms] - /jira/secure/admin/EditIssueSecurities!default.jspa
[0ms] - EditIssueSecurities.execute()

 not sure what one would do with it though, api docs don't say much

Carlos David August 14, 2017

doesn't work in 7.3.1 unfortunately

Trevor Trevorton August 21, 2017

I get the following error: 

groovy.lang.MissingMethodException: No signature of method: static com.atlassian.jira.scheme.SchemeManager.createSchemeEntity() is applicable for argument types: (org.ofbiz.core.entity.GenericValue, com.atlassian.jira.scheme.SchemeEntity) 

0 votes
Carlos David July 31, 2017

here's 95% of it, can't get the final statement to work, taken from https://community.atlassian.com/t5/JIRA-questions/Groovy-to-automatically-add-a-few-hundreds-of-Security-levels-to/qaq-p/72941

 

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.issue.security.IssueSecuritySchemeManager
import com.atlassian.jira.scheme.SchemeEntity
import com.atlassian.jira.scheme.SchemeManager
import org.ofbiz.core.entity.GenericValue

def issueSecurityLevelManager = ComponentAccessor.getIssueSecurityLevelManager()
def issueSecuritySchemeManager = ComponentAccessor.getComponent(IssueSecuritySchemeManager)

def scheme = issueSecuritySchemeManager.createSchemeObject("FRIDAY", "Issue security scheme for testing")
def level = issueSecurityLevelManager.createIssueSecurityLevel(scheme.id, "Private", "Group only")
def entity = new SchemeEntity("group", "jira-users", level.id)
def gv = issueSecuritySchemeManager.getIssueSecurityLevelScheme(scheme.id)
SchemeManager.createSchemeEntity(gv, entity)

doesn't work

 

Carlos David August 15, 2017

for the above to work in 7.3.1 I need to supply a scheme of type GenericValue to createSchemeEntity(). I tried to cast but no luck:

 

IssueSecurityLevelScheme gv = issueSecuritySchemeManager.getIssueSecurityLevelScheme(issueSecurityScheme.id)
issueSecuritySchemeManager.createSchemeEntity(gv as GenericValue, entity)

org.codehaus.groovy.runtime.typehandling.GroovyCastException: Cannot cast object 'com.atlassian.jira.issue.security.IssueSecurityLevelScheme@59f1a670' with class 'com.atlassian.jira.issue.security.IssueSecurityLevelScheme' to class 'org.ofbiz.core.entity.GenericValue'
 at Script253.run(Script253.groovy:25)

Can anybody assist?

Suggest an answer

Log in or Sign up to answer