Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Sign up for free Log in
Atlassian Community Hero Image Collage

Remove user from Organization with ScriptRunner automation rule

Brad Butchers
Brad Butchers Jan 13, 2021

I don't have much experience with scripting so I want to ask if anyone has set up ScriptRunner automation rule for removing users from an organization or can recommend some approach.

Answer
Watch
Like Be the first to like this
298 views

3 answers

1 accepted

0 votes
Answer accepted
Hana Kučerová
Hana Kučerová Community Leader Jan 13, 2021

Hi @Brad Butchers ,

would you please provide more information? What is your situation and why and under which circumstances do you need to do such a thing?

View More Comments
Brad Butchers
Brad Butchers Jan 14, 2021

Hi Hana,

The situation is if people leave a company they can complete a certain request type and it will automatically remove them from the organization

Cheers

Brad

Like
Hana Kučerová
Hana Kučerová Community Leader Jan 16, 2021

Hi @Brad Butchers ,

you can send DELETE request to the Service Management's API. Even though it is experimental, it worked for me, I just needed to provide additional header:

X-ExperimentalApi: opt-in

It is not clear from the documentation, but you need to provide list of usernames, which you want to remove from the organization. So the request body is the same as when you are adding users to the organization, something like:

{
    "usernames": [
        "username1",
        "username2",
        "username3"
    ]   
}

Example of how to send request can be found here.

Like
Brad Butchers
Brad Butchers Jan 17, 2021

Excellent thanks, what would the script look like thought? I'm new to the groovy/java scripting for script runner but i did run these through postman and they work for me too.

For an automation rue to work firstly I would need to know how to get the username from a custom field to use as the user to remove. How would I do this?

Second would be to get the organization that user belongs too. How would I do this too?

Cheers

Brad

Like
Hana Kučerová
Hana Kučerová Community Leader Jan 18, 2021

Hi @Brad Butchers ,

so, just to be sure - user, who should be deleted, creates the request for himself or somebody requests for him? I ask, because I want to know, if we can use field Reporter or we will work with some custom field with type User Picker (Single User).

When the user should be removed? Immediately after the issue is created or during some transition or ... ?

Thank you.

Like
Brad Butchers
Brad Butchers Jan 18, 2021

Hi Hana,

someone request for them, and immediately after the request is created it would run the rule.

Thanks

Like
Hana Kučerová
Hana Kučerová Community Leader Jan 19, 2021

Hi @Brad Butchers ,

here is the code for the post function. Be aware that the user removal is performed under the logged in user, who has created the issue (so he needs to be Service Management Agent). It can be easily changed to some specific user. You also need to replace 12345 with id of your user picker custom field.

The script simply takes the user from the custom field and look, if there's organization with this user. If so, the script removes him from this organization.

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.issue.CustomFieldManager
import com.atlassian.jira.issue.MutableIssue
import com.atlassian.jira.issue.fields.CustomField
import com.atlassian.jira.project.Project
import com.atlassian.jira.user.ApplicationUser
import com.atlassian.servicedesk.api.organization.CustomerOrganization
import com.atlassian.servicedesk.api.organization.OrganizationsQuery
import com.atlassian.servicedesk.api.organization.OrganizationService
import com.atlassian.servicedesk.api.organization.UsersInOrganizationQuery
import com.atlassian.servicedesk.api.organization.UsersOrganizationUpdateParameters
import com.atlassian.servicedesk.api.ServiceDesk
import com.atlassian.servicedesk.api.ServiceDeskManager
import com.onresolve.scriptrunner.runner.customisers.PluginModule
import com.onresolve.scriptrunner.runner.customisers.WithPlugin

@WithPlugin("com.atlassian.servicedesk")

@PluginModule
ServiceDeskManager serviceDeskManager

@PluginModule
OrganizationService organizationService

final Integer USER_CUSTOM_FIELD_ID = 12345

MutableIssue issue = issue
Project project = issue.getProjectObject()

ApplicationUser loggedInUser = ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser()

CustomFieldManager customFieldManager = ComponentAccessor.getCustomFieldManager()
CustomField customField = customFieldManager.getCustomFieldObject(USER_CUSTOM_FIELD_ID)
ApplicationUser userToRemove = issue.getCustomFieldValue(customField) as ApplicationUser

ServiceDesk serviceDeskProject = serviceDeskManager.getServiceDeskForProject(project)
Integer serviceDeskProjectId = serviceDeskProject.getId()

OrganizationsQuery organizationsQuery = organizationService.newOrganizationsQueryBuilder().serviceDeskId(serviceDeskProjectId).build()
List<CustomerOrganization> organizations = organizationService.getOrganizations(loggedInUser, organizationsQuery)?.getResults()

organizations.each {CustomerOrganization customerOrganization ->
    UsersInOrganizationQuery usersInOrganizationQuery = organizationService.newUsersInOrganizationQuery().
            customerOrganization(customerOrganization)
            .build()
    ApplicationUser foundUser = organizationService.getUsersInOrganization(loggedInUser, usersInOrganizationQuery).find{ ApplicationUser userInOrganization ->
        userInOrganization.getKey() == userToRemove.getKey()
    } as ApplicationUser
    if (foundUser) {
        Set<ApplicationUser> users = [foundUser].toSet()
        UsersOrganizationUpdateParameters usersOrganizationUpdateParameters = organizationService.newUsersOrganizationUpdateParametersBuilder()
                .organization(customerOrganization)
                .users(users)
                .build()
        organizationService.removeUsersFromOrganization(loggedInUser, usersOrganizationUpdateParameters)
    }
}
Like
Brad Butchers
Brad Butchers Jan 20, 2021

Thanks so much Hana, greatly appreciated. I will do some testing today :)

Like
Brad Butchers
Brad Butchers Jan 20, 2021

Hi Hana,

In regards to;

"Be aware that the user removal is performed under the logged in user, who has created the issue (so he needs to be Service Management Agent). It can be easily changed to some specific user."

Where would I add the system account that would do this for the permissions?

i would have to change below?

ApplicationUser loggedInUser = ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser()
Like
Hana Kučerová
Hana Kučerová Community Leader Jan 26, 2021

Hi @Brad Butchers ,

I'm sorry, I missed the notification. You can change it like this:

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.issue.CustomFieldManager
import com.atlassian.jira.issue.MutableIssue
import com.atlassian.jira.issue.fields.CustomField
import com.atlassian.jira.project.Project
import com.atlassian.jira.user.ApplicationUser
import com.atlassian.jira.user.util.UserManager
import com.atlassian.servicedesk.api.organization.CustomerOrganization
import com.atlassian.servicedesk.api.organization.OrganizationsQuery
import com.atlassian.servicedesk.api.organization.OrganizationService
import com.atlassian.servicedesk.api.organization.UsersInOrganizationQuery
import com.atlassian.servicedesk.api.organization.UsersOrganizationUpdateParameters
import com.atlassian.servicedesk.api.ServiceDesk
import com.atlassian.servicedesk.api.ServiceDeskManager
import com.onresolve.scriptrunner.runner.customisers.PluginModule
import com.onresolve.scriptrunner.runner.customisers.WithPlugin

@WithPlugin("com.atlassian.servicedesk")

@PluginModule
ServiceDeskManager serviceDeskManager

@PluginModule
OrganizationService organizationService

final Integer USER_CUSTOM_FIELD_ID = 12345
final String USER_KEY = "userkey"

MutableIssue issue = issue
Project project = issue.getProjectObject()

UserManager userManager = ComponentAccessor.getUserManager()
ApplicationUser user = userManager.getUserByKey(USER_KEY)

CustomFieldManager customFieldManager = ComponentAccessor.getCustomFieldManager()
CustomField customField = customFieldManager.getCustomFieldObject(USER_CUSTOM_FIELD_ID)
ApplicationUser userToRemove = issue.getCustomFieldValue(customField) as ApplicationUser

ServiceDesk serviceDeskProject = serviceDeskManager.getServiceDeskForProject(project)
Integer serviceDeskProjectId = serviceDeskProject.getId()

OrganizationsQuery organizationsQuery = organizationService.newOrganizationsQueryBuilder().serviceDeskId(serviceDeskProjectId).build()
List<CustomerOrganization> organizations = organizationService.getOrganizations(user, organizationsQuery)?.getResults()

organizations.each {CustomerOrganization customerOrganization ->
    UsersInOrganizationQuery usersInOrganizationQuery = organizationService.newUsersInOrganizationQuery().
            customerOrganization(customerOrganization)
            .build()
    ApplicationUser foundUser = organizationService.getUsersInOrganization(user, usersInOrganizationQuery).find{ ApplicationUser userInOrganization ->
        userInOrganization.getKey() == userToRemove.getKey()
    } as ApplicationUser
    if (foundUser) {
        Set<ApplicationUser> users = [foundUser].toSet()
        UsersOrganizationUpdateParameters usersOrganizationUpdateParameters = organizationService.newUsersOrganizationUpdateParametersBuilder()
                .organization(customerOrganization)
                .users(users)
                .build()
        organizationService.removeUsersFromOrganization(user, usersOrganizationUpdateParameters)
    }
}
Like
Brad Butchers
Brad Butchers Jan 27, 2021

Hi @Hana Kučerová 

Don't be sorry, thank you so much for assistance, I just wasn't sure if you had gone on holidays or something.

So I just need to replace "userkey" with my service account?

final String USER_KEY = "userkey"

 

Like
Hana Kučerová
Hana Kučerová Community Leader Jan 27, 2021

Hi @Brad Butchers ,

yes, you just need to provide key of your service user 

It is something like JIRAUSERxxxxx or username for older users. I think it is more safe to work with keys instead of usernames, see here for details.

Like
Brad Butchers
Brad Butchers Jan 27, 2021

Thanks so much, works perfectly :) your amazing!

Would it be possible to do the opposite like this? add a user to an organization?

Like
Hana Kučerová
Hana Kučerová Community Leader Jan 28, 2021

@Brad Butchers  Yes, but probably there will be a problem with getting the information to which organization should the user be added.

Do you have any idea, how this should work?

Like
Brad Butchers
Brad Butchers Jan 28, 2021

Hi @Hana Kučerová 

I see the problem. If there is a custom filed the user types the organization into would the script be able to match the organization to the organization ID to add the user?

Thanks,

Brad

Like
Hana Kučerová
Hana Kučerová Community Leader Jan 29, 2021

Hi @Brad Butchers ,

I can imagine you create some select list custom field with the names of organizations and the script will find the organization based on the selected name, but this is not very nice, because there will be no connection between the options of custom field and the names of the organizations and if somebody changes something, the names won't match anymore.

It would be great, if we could work directly with the organizations objects. I thought about script fields, where you can create database picker and get the right values. But if I remember it correctly these fields are not available in the portal... So this won't help us either.

Like
Brad Butchers
Brad Butchers Jan 31, 2021

Hi @Hana Kučerová 

Ah I see our limitations, thank you so much for your time and effort looking into this. It is greatly appreciated.

Cheers

Brad

Like Hana Kučerová likes this
Reply
0 votes
Brad Butchers
Brad Butchers Jan 26, 2021

Anyone else able to help me to change the script from logged in user to a specific account?

Reply
0 votes
Deleted user Jan 14, 2021 • edited

Hello,

We need this too. We have added the whole organization twice: with ".com" and ".net"
Now we should remove all users with ".com". Is this possible to do with script or somehow?

We use Cloud.

Thanks,
Max

View More Comments
Deleted user Jan 14, 2021

Sorry if this is wrong topic. I have done my task via REST API. I created VBScript and deleted unused users (3600).

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
DEPLOYMENT TYPE
SERVER
TAGS
Community showcase
Daniel Eads
Daniel Eads
Published in Jira Service Management

Security Advisory for Jira Service Management

On October 20, 2021, Atlassian published a security advisory for Jira Service Management. The full advisory is available at this link.  We've seen a number of questions already asking for...

222 views 1 2
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you