Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

Remove user from Organization with ScriptRunner automation rule

Brad Butchers
Contributor
January 13, 2021

I don't have much experience with scripting so I want to ask if anyone has set up ScriptRunner automation rule for removing users from an organization or can recommend some approach.

3 answers

1 accepted

0 votes
Answer accepted
Hana Kučerová
Community Champion
January 13, 2021

Hi @Brad Butchers ,

would you please provide more information? What is your situation and why and under which circumstances do you need to do such a thing?

Brad Butchers
Contributor
January 14, 2021

Hi Hana,

The situation is if people leave a company they can complete a certain request type and it will automatically remove them from the organization

Cheers

Brad

Hana Kučerová
Community Champion
January 16, 2021

Hi @Brad Butchers ,

you can send DELETE request to the Service Management's API. Even though it is experimental, it worked for me, I just needed to provide additional header:

X-ExperimentalApi: opt-in

It is not clear from the documentation, but you need to provide list of usernames, which you want to remove from the organization. So the request body is the same as when you are adding users to the organization, something like:

{
"usernames": [
"username1",
"username2",
"username3"
]
}

Example of how to send request can be found here.

Brad Butchers
Contributor
January 17, 2021

Excellent thanks, what would the script look like thought? I'm new to the groovy/java scripting for script runner but i did run these through postman and they work for me too.

For an automation rue to work firstly I would need to know how to get the username from a custom field to use as the user to remove. How would I do this?

Second would be to get the organization that user belongs too. How would I do this too?

Cheers

Brad

Hana Kučerová
Community Champion
January 18, 2021

Hi @Brad Butchers ,

so, just to be sure - user, who should be deleted, creates the request for himself or somebody requests for him? I ask, because I want to know, if we can use field Reporter or we will work with some custom field with type User Picker (Single User).

When the user should be removed? Immediately after the issue is created or during some transition or ... ?

Thank you.

Brad Butchers
Contributor
January 18, 2021

Hi Hana,

someone request for them, and immediately after the request is created it would run the rule.

Thanks

Hana Kučerová
Community Champion
January 19, 2021

Hi @Brad Butchers ,

here is the code for the post function. Be aware that the user removal is performed under the logged in user, who has created the issue (so he needs to be Service Management Agent). It can be easily changed to some specific user. You also need to replace 12345 with id of your user picker custom field.

The script simply takes the user from the custom field and look, if there's organization with this user. If so, the script removes him from this organization.

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.issue.CustomFieldManager
import com.atlassian.jira.issue.MutableIssue
import com.atlassian.jira.issue.fields.CustomField
import com.atlassian.jira.project.Project
import com.atlassian.jira.user.ApplicationUser
import com.atlassian.servicedesk.api.organization.CustomerOrganization
import com.atlassian.servicedesk.api.organization.OrganizationsQuery
import com.atlassian.servicedesk.api.organization.OrganizationService
import com.atlassian.servicedesk.api.organization.UsersInOrganizationQuery
import com.atlassian.servicedesk.api.organization.UsersOrganizationUpdateParameters
import com.atlassian.servicedesk.api.ServiceDesk
import com.atlassian.servicedesk.api.ServiceDeskManager
import com.onresolve.scriptrunner.runner.customisers.PluginModule
import com.onresolve.scriptrunner.runner.customisers.WithPlugin

@WithPlugin("com.atlassian.servicedesk")

@PluginModule
ServiceDeskManager serviceDeskManager

@PluginModule
OrganizationService organizationService

final Integer USER_CUSTOM_FIELD_ID = 12345

MutableIssue issue = issue
Project project = issue.getProjectObject()

ApplicationUser loggedInUser = ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser()

CustomFieldManager customFieldManager = ComponentAccessor.getCustomFieldManager()
CustomField customField = customFieldManager.getCustomFieldObject(USER_CUSTOM_FIELD_ID)
ApplicationUser userToRemove = issue.getCustomFieldValue(customField) as ApplicationUser

ServiceDesk serviceDeskProject = serviceDeskManager.getServiceDeskForProject(project)
Integer serviceDeskProjectId = serviceDeskProject.getId()

OrganizationsQuery organizationsQuery = organizationService.newOrganizationsQueryBuilder().serviceDeskId(serviceDeskProjectId).build()
List<CustomerOrganization> organizations = organizationService.getOrganizations(loggedInUser, organizationsQuery)?.getResults()

organizations.each {CustomerOrganization customerOrganization ->
UsersInOrganizationQuery usersInOrganizationQuery = organizationService.newUsersInOrganizationQuery().
customerOrganization(customerOrganization)
.build()
ApplicationUser foundUser = organizationService.getUsersInOrganization(loggedInUser, usersInOrganizationQuery).find{ ApplicationUser userInOrganization ->
userInOrganization.getKey() == userToRemove.getKey()
} as ApplicationUser
if (foundUser) {
Set<ApplicationUser> users = [foundUser].toSet()
UsersOrganizationUpdateParameters usersOrganizationUpdateParameters = organizationService.newUsersOrganizationUpdateParametersBuilder()
.organization(customerOrganization)
.users(users)
.build()
organizationService.removeUsersFromOrganization(loggedInUser, usersOrganizationUpdateParameters)
}
}
Brad Butchers
Contributor
January 20, 2021

Thanks so much Hana, greatly appreciated. I will do some testing today :)

Brad Butchers
Contributor
January 20, 2021

Hi Hana,

In regards to;

"Be aware that the user removal is performed under the logged in user, who has created the issue (so he needs to be Service Management Agent). It can be easily changed to some specific user."

Where would I add the system account that would do this for the permissions?

i would have to change below?

ApplicationUser loggedInUser = ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser()
Hana Kučerová
Community Champion
January 26, 2021

Hi @Brad Butchers ,

I'm sorry, I missed the notification. You can change it like this:

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.issue.CustomFieldManager
import com.atlassian.jira.issue.MutableIssue
import com.atlassian.jira.issue.fields.CustomField
import com.atlassian.jira.project.Project
import com.atlassian.jira.user.ApplicationUser
import com.atlassian.jira.user.util.UserManager
import com.atlassian.servicedesk.api.organization.CustomerOrganization
import com.atlassian.servicedesk.api.organization.OrganizationsQuery
import com.atlassian.servicedesk.api.organization.OrganizationService
import com.atlassian.servicedesk.api.organization.UsersInOrganizationQuery
import com.atlassian.servicedesk.api.organization.UsersOrganizationUpdateParameters
import com.atlassian.servicedesk.api.ServiceDesk
import com.atlassian.servicedesk.api.ServiceDeskManager
import com.onresolve.scriptrunner.runner.customisers.PluginModule
import com.onresolve.scriptrunner.runner.customisers.WithPlugin

@WithPlugin("com.atlassian.servicedesk")

@PluginModule
ServiceDeskManager serviceDeskManager

@PluginModule
OrganizationService organizationService

final Integer USER_CUSTOM_FIELD_ID = 12345
final String USER_KEY = "userkey"

MutableIssue issue = issue
Project project = issue.getProjectObject()

UserManager userManager = ComponentAccessor.getUserManager()
ApplicationUser user = userManager.getUserByKey(USER_KEY)

CustomFieldManager customFieldManager = ComponentAccessor.getCustomFieldManager()
CustomField customField = customFieldManager.getCustomFieldObject(USER_CUSTOM_FIELD_ID)
ApplicationUser userToRemove = issue.getCustomFieldValue(customField) as ApplicationUser

ServiceDesk serviceDeskProject = serviceDeskManager.getServiceDeskForProject(project)
Integer serviceDeskProjectId = serviceDeskProject.getId()

OrganizationsQuery organizationsQuery = organizationService.newOrganizationsQueryBuilder().serviceDeskId(serviceDeskProjectId).build()
List<CustomerOrganization> organizations = organizationService.getOrganizations(user, organizationsQuery)?.getResults()

organizations.each {CustomerOrganization customerOrganization ->
UsersInOrganizationQuery usersInOrganizationQuery = organizationService.newUsersInOrganizationQuery().
customerOrganization(customerOrganization)
.build()
ApplicationUser foundUser = organizationService.getUsersInOrganization(user, usersInOrganizationQuery).find{ ApplicationUser userInOrganization ->
userInOrganization.getKey() == userToRemove.getKey()
} as ApplicationUser
if (foundUser) {
Set<ApplicationUser> users = [foundUser].toSet()
UsersOrganizationUpdateParameters usersOrganizationUpdateParameters = organizationService.newUsersOrganizationUpdateParametersBuilder()
.organization(customerOrganization)
.users(users)
.build()
organizationService.removeUsersFromOrganization(user, usersOrganizationUpdateParameters)
}
}
Brad Butchers
Contributor
January 27, 2021

Hi @Hana Kučerová 

Don't be sorry, thank you so much for assistance, I just wasn't sure if you had gone on holidays or something.

So I just need to replace "userkey" with my service account?

final String USER_KEY = "userkey"

 

Hana Kučerová
Community Champion
January 27, 2021

Hi @Brad Butchers ,

yes, you just need to provide key of your service user 

It is something like JIRAUSERxxxxx or username for older users. I think it is more safe to work with keys instead of usernames, see here for details.

Brad Butchers
Contributor
January 27, 2021

Thanks so much, works perfectly :) your amazing!

Would it be possible to do the opposite like this? add a user to an organization?

Hana Kučerová
Community Champion
January 28, 2021

@Brad Butchers  Yes, but probably there will be a problem with getting the information to which organization should the user be added.

Do you have any idea, how this should work?

Brad Butchers
Contributor
January 28, 2021

Hi @Hana Kučerová 

I see the problem. If there is a custom filed the user types the organization into would the script be able to match the organization to the organization ID to add the user?

Thanks,

Brad

Hana Kučerová
Community Champion
January 29, 2021

Hi @Brad Butchers ,

I can imagine you create some select list custom field with the names of organizations and the script will find the organization based on the selected name, but this is not very nice, because there will be no connection between the options of custom field and the names of the organizations and if somebody changes something, the names won't match anymore.

It would be great, if we could work directly with the organizations objects. I thought about script fields, where you can create database picker and get the right values. But if I remember it correctly these fields are not available in the portal... So this won't help us either.

Brad Butchers
Contributor
January 31, 2021

Hi @Hana Kučerová 

Ah I see our limitations, thank you so much for your time and effort looking into this. It is greatly appreciated.

Cheers

Brad

Like Hana Kučerová likes this
0 votes
Brad Butchers
Contributor
January 26, 2021

Anyone else able to help me to change the script from logged in user to a specific account?

0 votes
Deleted user January 14, 2021

Hello,

We need this too. We have added the whole organization twice: with ".com" and ".net"
Now we should remove all users with ".com". Is this possible to do with script or somehow?

We use Cloud.

Thanks,
Max

Deleted user January 14, 2021

Sorry if this is wrong topic. I have done my task via REST API. I created VBScript and deleted unused users (3600).

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
TAGS
AUG Leaders

Atlassian Community Events