Hi, where I can find database table with all JIRA permissions?
I found a table with mapping between scheme, group and permissions, but I'm not able to find the reference table with permissions list
select * from jira_db.schemepermissions sp
If you can run SQL against your JIRA database (perhaps using the Bob Swift SQL macro from a Confluence page), then this MySQL query will give you what you much of what you're looking for.
Note that the schemepermissions table shows permissions given directly to groups and the projectroleactor table shows permissions given to groups through project roles that contain groups.
-- Permissions given directly to group SELECT SP.perm_parameter AS GroupName, PS.name AS PermissionSchemeName, SP.permission_key AS Permission FROM schemepermissions SP INNER JOIN permissionscheme PS ON SP.scheme = PS.id WHERE SP.perm_type = 'group' ORDER BY 1, 2, 3; -- Permissions given indirectly to group through project role SELECT PRA.roletypeparameter AS GroupName, PR.name AS RoleName, P.pname AS Project, PS.name AS PermissionSchemeName, SP.permission_key AS Permission FROM schemepermissions SP INNER JOIN permissionscheme PS ON SP.scheme = PS.id INNER JOIN projectrole PR ON SP.perm_parameter = PR.ID INNER JOIN projectroleactor PRA ON PR.id = PRA.projectroleid INNER JOIN project P on PRA.pid = P.id WHERE SP.perm_type = 'projectrole' AND PRA.roletype = 'atlassian-group-role-actor' ORDER BY 1, 2, 3;
Please bear in mind that this will only give you the basics for groups and roles. Many JIRA installations use things like "assignee can edit", "member of custom field x can do transition" and so-on.
It's a good start for getting the general access layers for a project, but it won't tell you "who can do what" in full.
It's hard-coded into a properties file, not the database. (Generally, ignore the JIRA database, you really don't need to know)
Why are you looking?
The properties file gives the list of available permissions, which feels like what you were asking for from your question, but your comment clarifies that you're actually looking for "who can do what"
That's a lot more complex, as it's possible to grant permissions to groups in at least four totally different ways. To get a full picture of them all, you'll need to read fields from individual issues, security schemes, permissions, and the workflow (which needs to be parsed), on top of the group/user stuff.
I have multiple projects that use variations of the same base workflow. The variations depend on the requirements of the project or issue type. The variations mostly come in the form of new statuses ...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events