Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to get Tempo Workload scheme via REST API?

Katharina_Klaus
Katharina_Klaus
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
December 21, 2015

Hi,

is it possible to get the workload scheme for an user?

 

Best regards

 

Answer
Watch
Like Be the first to like this
2574 views

2 answers

0 votes
SCARM Team
SCARM Team
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 9, 2016

Thanks for your input. Also, is there a mechanism to effectively block restricted pages/documents from being rendered?

Thanks

View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
May 9, 2016

JIRA does that automatically.

That's why the GSA needs a privileged account - so it can read and duplicate the JIRA restrictions.  (I don't know how GSA might "effectively block restricted pages").

The people I've worked with who have implemented crawlers to index their JIRA installations have kept it simple though, in order to avoid the risks of leaking data via the crawler.  Given the scenario:

  • Alice uses JIRA and has restricted an issue to just her team.
  • Bob uses JIRA, but is not in Alice's team, so he can't see the issue in JIRA.
  • Bob uses the GSA, but he's in a group that has full access to everything in GSA.  So he can read the data the GSA has pulled from Alice's restricted issue.


In other words, if you need any level of security, your GSA access has to match your JIRA access rules exactly.  My clients kept it simple by saying "we are only going to index things a normal, or anonymous, user can see".

Like
Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
May 9, 2016

It needs to be a JIRA admin, not a System admin account, because it needs to be able to read the restrictions set up inside JIRA to be able to work out external visibility.

If for example, issue ABC-123 is restricted to the group "penguins", then you need a JIRA admin account to look at the issue security scheme to extract that information and replicate it in the crawler index.  A non-admin user will not be able to see the issue at all, or look at the scheme that says "only penguins"

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security