I don't have much experience with scripting so I want to ask if anyone has set up ScriptRunner automation rule for removing users from an organization or can recommend some approach.
Hi @Brad Butchers ,
would you please provide more information? What is your situation and why and under which circumstances do you need to do such a thing?
Hi Hana,
The situation is if people leave a company they can complete a certain request type and it will automatically remove them from the organization
Cheers
Brad
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Brad Butchers ,
you can send DELETE request to the Service Management's API. Even though it is experimental, it worked for me, I just needed to provide additional header:
X-ExperimentalApi: opt-in
It is not clear from the documentation, but you need to provide list of usernames, which you want to remove from the organization. So the request body is the same as when you are adding users to the organization, something like:
{
"usernames": [
"username1",
"username2",
"username3"
]
}
Example of how to send request can be found here.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Excellent thanks, what would the script look like thought? I'm new to the groovy/java scripting for script runner but i did run these through postman and they work for me too.
For an automation rue to work firstly I would need to know how to get the username from a custom field to use as the user to remove. How would I do this?
Second would be to get the organization that user belongs too. How would I do this too?
Cheers
Brad
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Brad Butchers ,
so, just to be sure - user, who should be deleted, creates the request for himself or somebody requests for him? I ask, because I want to know, if we can use field Reporter or we will work with some custom field with type User Picker (Single User).
When the user should be removed? Immediately after the issue is created or during some transition or ... ?
Thank you.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Hana,
someone request for them, and immediately after the request is created it would run the rule.
Thanks
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Brad Butchers ,
here is the code for the post function. Be aware that the user removal is performed under the logged in user, who has created the issue (so he needs to be Service Management Agent). It can be easily changed to some specific user. You also need to replace 12345 with id of your user picker custom field.
The script simply takes the user from the custom field and look, if there's organization with this user. If so, the script removes him from this organization.
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.issue.CustomFieldManager
import com.atlassian.jira.issue.MutableIssue
import com.atlassian.jira.issue.fields.CustomField
import com.atlassian.jira.project.Project
import com.atlassian.jira.user.ApplicationUser
import com.atlassian.servicedesk.api.organization.CustomerOrganization
import com.atlassian.servicedesk.api.organization.OrganizationsQuery
import com.atlassian.servicedesk.api.organization.OrganizationService
import com.atlassian.servicedesk.api.organization.UsersInOrganizationQuery
import com.atlassian.servicedesk.api.organization.UsersOrganizationUpdateParameters
import com.atlassian.servicedesk.api.ServiceDesk
import com.atlassian.servicedesk.api.ServiceDeskManager
import com.onresolve.scriptrunner.runner.customisers.PluginModule
import com.onresolve.scriptrunner.runner.customisers.WithPlugin
@WithPlugin("com.atlassian.servicedesk")
@PluginModule
ServiceDeskManager serviceDeskManager
@PluginModule
OrganizationService organizationService
final Integer USER_CUSTOM_FIELD_ID = 12345
MutableIssue issue = issue
Project project = issue.getProjectObject()
ApplicationUser loggedInUser = ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser()
CustomFieldManager customFieldManager = ComponentAccessor.getCustomFieldManager()
CustomField customField = customFieldManager.getCustomFieldObject(USER_CUSTOM_FIELD_ID)
ApplicationUser userToRemove = issue.getCustomFieldValue(customField) as ApplicationUser
ServiceDesk serviceDeskProject = serviceDeskManager.getServiceDeskForProject(project)
Integer serviceDeskProjectId = serviceDeskProject.getId()
OrganizationsQuery organizationsQuery = organizationService.newOrganizationsQueryBuilder().serviceDeskId(serviceDeskProjectId).build()
List<CustomerOrganization> organizations = organizationService.getOrganizations(loggedInUser, organizationsQuery)?.getResults()
organizations.each {CustomerOrganization customerOrganization ->
UsersInOrganizationQuery usersInOrganizationQuery = organizationService.newUsersInOrganizationQuery().
customerOrganization(customerOrganization)
.build()
ApplicationUser foundUser = organizationService.getUsersInOrganization(loggedInUser, usersInOrganizationQuery).find{ ApplicationUser userInOrganization ->
userInOrganization.getKey() == userToRemove.getKey()
} as ApplicationUser
if (foundUser) {
Set<ApplicationUser> users = [foundUser].toSet()
UsersOrganizationUpdateParameters usersOrganizationUpdateParameters = organizationService.newUsersOrganizationUpdateParametersBuilder()
.organization(customerOrganization)
.users(users)
.build()
organizationService.removeUsersFromOrganization(loggedInUser, usersOrganizationUpdateParameters)
}
}
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks so much Hana, greatly appreciated. I will do some testing today :)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Hana,
In regards to;
"Be aware that the user removal is performed under the logged in user, who has created the issue (so he needs to be Service Management Agent). It can be easily changed to some specific user."
Where would I add the system account that would do this for the permissions?
i would have to change below?
ApplicationUser loggedInUser = ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser()
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Brad Butchers ,
I'm sorry, I missed the notification. You can change it like this:
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.issue.CustomFieldManager
import com.atlassian.jira.issue.MutableIssue
import com.atlassian.jira.issue.fields.CustomField
import com.atlassian.jira.project.Project
import com.atlassian.jira.user.ApplicationUser
import com.atlassian.jira.user.util.UserManager
import com.atlassian.servicedesk.api.organization.CustomerOrganization
import com.atlassian.servicedesk.api.organization.OrganizationsQuery
import com.atlassian.servicedesk.api.organization.OrganizationService
import com.atlassian.servicedesk.api.organization.UsersInOrganizationQuery
import com.atlassian.servicedesk.api.organization.UsersOrganizationUpdateParameters
import com.atlassian.servicedesk.api.ServiceDesk
import com.atlassian.servicedesk.api.ServiceDeskManager
import com.onresolve.scriptrunner.runner.customisers.PluginModule
import com.onresolve.scriptrunner.runner.customisers.WithPlugin
@WithPlugin("com.atlassian.servicedesk")
@PluginModule
ServiceDeskManager serviceDeskManager
@PluginModule
OrganizationService organizationService
final Integer USER_CUSTOM_FIELD_ID = 12345
final String USER_KEY = "userkey"
MutableIssue issue = issue
Project project = issue.getProjectObject()
UserManager userManager = ComponentAccessor.getUserManager()
ApplicationUser user = userManager.getUserByKey(USER_KEY)
CustomFieldManager customFieldManager = ComponentAccessor.getCustomFieldManager()
CustomField customField = customFieldManager.getCustomFieldObject(USER_CUSTOM_FIELD_ID)
ApplicationUser userToRemove = issue.getCustomFieldValue(customField) as ApplicationUser
ServiceDesk serviceDeskProject = serviceDeskManager.getServiceDeskForProject(project)
Integer serviceDeskProjectId = serviceDeskProject.getId()
OrganizationsQuery organizationsQuery = organizationService.newOrganizationsQueryBuilder().serviceDeskId(serviceDeskProjectId).build()
List<CustomerOrganization> organizations = organizationService.getOrganizations(user, organizationsQuery)?.getResults()
organizations.each {CustomerOrganization customerOrganization ->
UsersInOrganizationQuery usersInOrganizationQuery = organizationService.newUsersInOrganizationQuery().
customerOrganization(customerOrganization)
.build()
ApplicationUser foundUser = organizationService.getUsersInOrganization(user, usersInOrganizationQuery).find{ ApplicationUser userInOrganization ->
userInOrganization.getKey() == userToRemove.getKey()
} as ApplicationUser
if (foundUser) {
Set<ApplicationUser> users = [foundUser].toSet()
UsersOrganizationUpdateParameters usersOrganizationUpdateParameters = organizationService.newUsersOrganizationUpdateParametersBuilder()
.organization(customerOrganization)
.users(users)
.build()
organizationService.removeUsersFromOrganization(user, usersOrganizationUpdateParameters)
}
}
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Don't be sorry, thank you so much for assistance, I just wasn't sure if you had gone on holidays or something.
So I just need to replace "userkey" with my service account?
final String USER_KEY = "userkey"
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Brad Butchers ,
yes, you just need to provide key of your service user
It is something like JIRAUSERxxxxx or username for older users. I think it is more safe to work with keys instead of usernames, see here for details.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks so much, works perfectly :) your amazing!
Would it be possible to do the opposite like this? add a user to an organization?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Brad Butchers Yes, but probably there will be a problem with getting the information to which organization should the user be added.
Do you have any idea, how this should work?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I see the problem. If there is a custom filed the user types the organization into would the script be able to match the organization to the organization ID to add the user?
Thanks,
Brad
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Brad Butchers ,
I can imagine you create some select list custom field with the names of organizations and the script will find the organization based on the selected name, but this is not very nice, because there will be no connection between the options of custom field and the names of the organizations and if somebody changes something, the names won't match anymore.
It would be great, if we could work directly with the organizations objects. I thought about script fields, where you can create database picker and get the right values. But if I remember it correctly these fields are not available in the portal... So this won't help us either.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Ah I see our limitations, thank you so much for your time and effort looking into this. It is greatly appreciated.
Cheers
Brad
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Anyone else able to help me to change the script from logged in user to a specific account?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Sorry if this is wrong topic. I have done my task via REST API. I created VBScript and deleted unused users (3600).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.