Hello Everyone!
I'm implementing a gadget here that has a field which allows user A to select other user.
The issue I'm experiencing now is that the field populates everyone registered to the company.
The expected behavior of the field is if User A is a developer for Project B, User A should see people in Project B and not others.
I'm using the server version of JIRA and the REST API that I'm calling is /rest/api/2/user/picker
I've tried using /rest/api/2/user/search too but the result still lists down everyone.
How do I limit the user list to only user A has project access to ? Or is there other API calls that I need to use other than the one I'm using.
The list of API that I'm using is from :
Any help would be appreciated!
Thanks!
Instead of listening to the global users, I would suggest to look at the Roles in a specific project.
There should be an API endpoint that gets the list of members in the role in the specific project.
api/2/project/PRO/role/12314
Hi,
Thanks for the reply!
I'm using sometime similar currently. For us, a user can be involved in multiple projects.
What I ended up doing is using
/rest/api/2/project
this gets all the project that they user is visible to.
and then
/rest/api/2/user/assignable/multiProjectSearch
Uses this to search for every user that can be assigned in that project
so this is done for each of the project the user is visible to and then more filtering is done afterward to prevent duplicates.
There seem to be quite a few API calls and I'm wondering if there is an API that something similar to this.
Does this mean that every gadget that require a listing of users need to have its own security protocols ? For example every gadget that has the ability to choose users need to implement its own filtering of names. I was under the impression that the visibility of names provided by the API is handled in the backend of the API.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.