Nest a group via Groovy using script runner

Carlos David October 27, 2017

I've enabled Nested groups in jira, but now wish to nest AD groups within jira groups with groovy (via the Script Runner console).

 

groupService.addGroupsToGroups() 

does not work via the Script Runner console, no error message is provided

2 answers

1 vote
adammarkham
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 6, 2017

You can do this using the following script, but you'll need to replace the group names:

import com.atlassian.jira.bc.JiraServiceContextImpl
import com.atlassian.jira.bc.group.GroupService
import com.atlassian.jira.component.ComponentAccessor

def authenticationContext = ComponentAccessor.getJiraAuthenticationContext()
def groupService = ComponentAccessor.getComponent(GroupService)

def jiraServiceContext = new JiraServiceContextImpl(authenticationContext.getLoggedInUser())

// groups that can have groups added to them
def nestedGroups = ["nested1", "nested2"]

// the groups to add to the nested groups above as children
def childGroups = ["group1", "group2"]

def groupValidationResult = groupService.validateAddGroupsToGroup(jiraServiceContext, nestedGroups, childGroups)

if (groupValidationResult.isSuccess()) {

groupService.addGroupsToGroups(jiraServiceContext, nestedGroups, childGroups)
} else {
log.warn "invalid children groups: $groupValidationResult.invalidChildren"
}

 Notably this uses GroupService to add nested groups. I'd recommend using GroupService, as it performs some validation that GroupManager may not.

Carlos David November 7, 2017

Thanks Adam.

This works great for Jira-originated groups but doesn't work for AD groups. Is nesting not supported for AD?

adammarkham
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 7, 2017

Good to hear you got it working. 

The response here indicated you may need to change some configuration to get nested groups working for AD.

Hope this helps.

Carlos David November 8, 2017

Unless I'm mistaken the post you provided is to do with altering the AD integration to find users in AD sub-groups of AD groups.

I wish to nest AD groups within Jira-only groups via groovy. This is possible via the GUI (after enabling nested groups in User Mgmt).

 

Any ideas Adam?

David Merrill July 27, 2021

We are doing a user directory migration from our old pre-acquisition AD directory to the LDAP run by our new parent corporation.  I was able to adapt Adam's script to nest our new LDAP-based groups under their legacy counterparts in Jira's internal user directory.

I guess the only trick is that you need to make sure you enable nested groups in the internal user directory, but that's not hard to do.

0 votes
Carlos David December 5, 2017

Reopened. Can anyone assist?

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events