Get product advice from experts

Ask a question →

Join a community group

Find a group →

Advance your career with learning paths

Take a free class →

Earn badges and rewards

Connect and share ideas at events

See the calendar →

Community
Products
Jira Software
Questions
database table with all jira permissions

database table with all jira permissions

Hi, where I can find database table with all JIRA permissions?

I found a table with mapping between scheme, group and permissions, but I'm not able to find the reference table with permissions list

select * from jira_db.schemepermissions sp

Regards,

Michal

2 answers

1 accepted

4 votes

Answer accepted

If you can run SQL against your JIRA database (perhaps using the Bob Swift SQL macro from a Confluence page), then this MySQL query will give you what you much of what you're looking for.

Note that the schemepermissions table shows permissions given directly to groups and the projectroleactor table shows permissions given to groups through project roles that contain groups.

-- Permissions given directly to group
SELECT SP.perm_parameter AS GroupName, PS.name AS PermissionSchemeName, SP.permission_key AS Permission
FROM schemepermissions SP 
INNER JOIN permissionscheme PS ON SP.scheme = PS.id
WHERE SP.perm_type = 'group' 
ORDER BY 1, 2, 3;
 
-- Permissions given indirectly to group through project role
SELECT PRA.roletypeparameter AS GroupName, PR.name AS RoleName, P.pname AS Project, PS.name AS PermissionSchemeName, SP.permission_key AS Permission
FROM schemepermissions SP 
INNER JOIN permissionscheme PS ON SP.scheme = PS.id
INNER JOIN projectrole PR ON SP.perm_parameter = PR.ID
INNER JOIN projectroleactor PRA ON PR.id = PRA.projectroleid
INNER JOIN project P on PRA.pid = P.id
WHERE SP.perm_type = 'projectrole' AND PRA.roletype = 'atlassian-group-role-actor'
ORDER BY 1, 2, 3;

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Please bear in mind that this will only give you the basics for groups and roles. Many JIRA installations use things like "assignee can edit", "member of custom field x can do transition" and so-on.

It's a good start for getting the general access layers for a project, but it won't tell you "who can do what" in full.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Very true, but if they don't have access to the project (directly or indirectly), then they can't any of that.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Reply

0 votes

It's hard-coded into a properties file, not the database. (Generally, ignore the JIRA database, you really don't need to know)

Why are you looking?

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Thanks, I need to know for one group all permissions in all security schemes and projects.

Is there a way how to cut it from properties file?

Regards,

Michal

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

The properties file gives the list of available permissions, which feels like what you were asking for from your question, but your comment clarifies that you're actually looking for "who can do what"

That's a lot more complex, as it's possible to grant permissions to groups in at least four totally different ways. To get a full picture of them all, you'll need to read fields from individual issues, security schemes, permissions, and the workflow (which needs to be parsed), on top of the group/user stuff.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Reply

Suggest an answer

Log in or Sign up to answer

Was this helpful?

Thanks!

TAGS

Community showcase