Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Get started Tell me more
Atlassian Community about banner
4,557,600
Community Members
 
Community Events
184
Community Groups

I'm trying to access user permissions for project through Jira python module

Rajinish_Gaddam
Rajinish_Gaddam Mar 13, 2020

Hi, I have tried to get permission for a project for a user, but I was getting below error. Thanks in advance

from jira import JIRA

ORGANISATION = "https://domain.atlassian.net"

jira = JIRA(basic_auth=('xxxxxx@gmail.com', 'xxxxxxx'), options={'server': ORGANISATION})

f = jira.my_permissions(projectId="10001")



{
"errorMessages": [
"The 'permissions' query parameter is required."
],
"errors": {}
Answer
Watch
Like Be the first to like this
1192 views

1 answer

1 accepted

0 votes
Answer accepted
Earl McCutcheon
Earl McCutcheon
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Mar 16, 2020

Hello @Rajinish_Gaddam ,

First looking at the error you are getting "The 'permissions' query parameter is required." looks like it is related to an update to the API covered in this KB "Change notice - Get my permissions resource will require a permissions query parameter" there is a change in acquiring permissions and you can no longer get all permissions of the user but rather check if a user has a particular permission specified:

Starting 1 February 2019, we will require that you provide the permissions query parameter in all requests to the Get my permissions resource.

and I am not seeing an input for this update in the python module "my_permissions" referance here:

So it looks like this one is no longer valid in Jira python module after this change in Jira cloud.

I would recomend updating the command rather than using the "my_permisisons" value to pass in the params, but rather manually pass in the additional URL string including the permissions as covered in the API documentation with something similar to the exe:

curl --request GET \
  --url '/rest/api/3/mypermissions?permissions=BROWSE_PROJECTS%2CEDIT_ISSUES' \
  --user 'email@example.com:' \
  --header 'Accept: application/json'

Regards,
Earl

View More Comments
Rajinish_Gaddam
Rajinish_Gaddam Mar 17, 2020

thanks @Earl McCutcheon  for informative response, but how will I get to know what permissions are applied on the user ?

Like
Earl McCutcheon
Earl McCutcheon
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Mar 18, 2020

Hi @Rajinish_Gaddam ,

So to check what permissions are avaliable to the mypermission fall under the keys returned by the get all permissions endpoint, covered in the API doc under the "Get my permissions" section here:

permissions

string

A list of permission keys. This parameter accepts a comma-separated list. Omitting this parameter is deprecated. To get the list of available permissions, use Get all permissions. Note that deprecated keys cannot be used. Deprecated keys are not returned by Get all permissions but are returned by this operation if permissions is omitted.

If you wanted to check all permissions that a user has you would need to check avaliable permissions in the projects permission scheme covered here append each avaliable permission to the permission endpoint, and I would recomend looking into adapting the "Get permitted projects" into your script for this.

The updated to the behavior is in relation to app development, This will add additional context requirements for scenarios where you want to check the full permissions set on a user, but massively reduces the load to the server when running permissions checks for individual actions. 

When an external application is doing a permissions checks it should only be calling on the permissions required by the follow up actions it is attempting to do to see if the action can be completed, if the app is calling all permissions on every check this adds a lot of overhead as permission lookups can be expensive in terms of time, cpu, etc...

As an exe if all you needed to check was if a user has a global administrator permission, to complete an action your app could run a GET "/rest/api/3/mypermissions?permissions=ADMINISTER" to hit a single check, where if it were if the call is checking all permission possibilities you are looking at 39 permissions on a default install for the same action and cause 39 times the load on the server for the single call, and when apps are doing repeated calls for various permission checks for your various actions, this load can add up rather quickly.

Regards,
Earl

Like
Rajinish_Gaddam
Rajinish_Gaddam Mar 18, 2020

thank you @Earl McCutcheon you're wonderful this information is more helpful

Like Earl McCutcheon likes this
Eliot_Cole
Eliot_Cole
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
Apr 14, 2023

I was struggling to see from the responses here as to what options were available to the requester to place in the ?permissions= field.

Hopefully the link below can assist others in this when they arrive at this page:

https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-permission-schemes/#built-in-permissions

That is a list of all the values you could use there. Or to quote the guide as of time of posting this:

The built-in Jira permissions are listed below. Apps can also define custom permissions. See the project permission and global permission module documentation for more information.

I will list them below, also.

Project permissions

  • ADMINISTER_PROJECTS
  • BROWSE_PROJECTS
  • MANAGE_SPRINTS_PERMISSION (Jira Software only)
  • SERVICEDESK_AGENT (Jira Service Desk only)
  • VIEW_DEV_TOOLS (Jira Software only)
  • VIEW_READONLY_WORKFLOW

Issue permissions

  • ASSIGNABLE_USER
  • ASSIGN_ISSUES
  • CLOSE_ISSUES
  • CREATE_ISSUES
  • DELETE_ISSUES
  • EDIT_ISSUES
  • LINK_ISSUES
  • MODIFY_REPORTER
  • MOVE_ISSUES
  • RESOLVE_ISSUES
  • SCHEDULE_ISSUES
  • SET_ISSUE_SECURITY
  • TRANSITION_ISSUES

Voters and watchers permissions

  • MANAGE_WATCHERS
  • VIEW_VOTERS_AND_WATCHERS

Comments permissions

  • ADD_COMMENTS
  • DELETE_ALL_COMMENTS
  • DELETE_OWN_COMMENTS
  • EDIT_ALL_COMMENTS
  • EDIT_OWN_COMMENTS

Attachments permissions

  • CREATE_ATTACHMENTS
  • DELETE_ALL_ATTACHMENTS
  • DELETE_OWN_ATTACHMENTS

Time tracking permissions

  • DELETE_ALL_WORKLOGS
  • DELETE_OWN_WORKLOGS
  • EDIT_ALL_WORKLOGS
  • EDIT_OWN_WORKLOGS
  • WORK_ON_ISSUES
Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Software
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

See all events