Groovy to automatically add a few hundreds of Security levels to a particular Issue Security Scheme

Hi,

I need to add around 300 'Security Levels' to a particular 'Issue Security Scheme' in JIRA along with the groups.

Is it possible to implement this using Scriptrunner plugin or through Groovy or any other way?

 

Thanks,

Rupa

8 answers

1 accepted

1 votes

Here is code to create a new scheme, and a new level with a single group:

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.issue.security.IssueSecuritySchemeManager
import com.atlassian.jira.scheme.SchemeEntity

def issueSecurityLevelManager = ComponentAccessor.getIssueSecurityLevelManager()
def issueSecuritySchemeManager = ComponentAccessor.getComponent(IssueSecuritySchemeManager)

def scheme = issueSecuritySchemeManager.createSchemeObject("FRIDAY", "Issue security scheme for testing")
def level = issueSecurityLevelManager.createIssueSecurityLevel(scheme.id, "Private", "Group only")
def entity = new SchemeEntity("group", "jira-users", level.id)
def gv = issueSecuritySchemeManager.getScheme(scheme.id)

issueSecuritySchemeManager.createSchemeEntity(gv, entity)

 I'm trying to get this to work in Jira 7.3.1, can you help? The final two lines no longer work it seems

https://community.atlassian.com/t5/JIRA-questions/Add-group-to-security-level-Groovy/qaq-p/616979#M204150

woah! 300 security levels on a single scheme? Don't you want to re-think the architecture? 

0 votes

issueSecurityLevelManager.createIssueSecurityLevel(scheme.id, "Private", "Reporter only")

But, agree with Alex.

Jamie,

I tried the following:

import com.atlassian.jira.issue.security.IssueSecurityLevelManager

IssueSecurityLevelManager issueSecurityLevelManager;
issueSecurityLevelManager.createIssueSecurityLevel(11238,"Sample Level","Example")

But getting an error : Cannot invoke method createIssueSecurityLevel() on null object

Also is there a way to add group-name or multiple group-names to Security levels?

I had previously used Jelly to accomplish this:

<JiraJelly xmlns:jira="jelly:com.atlassian.jira.jelly.enterprise.JiraTagLib">
<jira:CreateIssueSecurityScheme name="FRIDAY ISSUE SCHEME">
<jira:AddIssueSecurityLevel name="Test level1" description="">
<jira:AddIssueSecurity type="group" group="abc-users"/>
<jira:AddIssueSecurity type="group" group="xyz-users"/>
</jira:AddIssueSecurityLevel>
</jira:CreateIssueSecurityScheme>
</JiraJelly>


Looking to find its alternative within Scriptrunner.

You have to get the IssueSecurityLevelManager via ComponentAccessor 

def issueSecurityLevelManager = ComponentAccessor.getIssueSecurityLevelManager()

We have that many different customers using the same project and hence need that many levels so that they cannot see tickets created by other Customers.

I will propose the solution I have implemented in my company in the answer section, cause select one of 300 security levels from the dropdown will be a headache.

May I propose a better solution? I have implemented something like this in my company see the link: "Visible For" field in JIRA

 

  1. Create custom field (multiple user picker) Visible For
  2. Put that field on screens (all view, edit, create - screen scheme and issue type screen scheme) and make required through field configuration scheme
  3. Create Security Scheme with single security level (grant permissions to reporter, assignee, any needed roles and custom field "Visible For". Make that security level a default one for that project. You can even not show security level field on the screen =)

Now, if you need the issue to be visible by that customer, just add him to Visible For

 

P.S. Add all customers to any project role with browse permission, so that role can see issues in the project - permission scheme.

 

The Security Level is set automatically through Groovy post function depending on which group the Reporter belongs to.

 

Example: Say there are two Customers ABC and XYZ. 
ABC has 2 users Sam and Betty.
XYZ has 2 users Tom and Harry. 

What we need is that Sam can see what ticket Betty creates (what users of ABC create) and should not be able to view what all tickets Tom and Harry create(XYZ users).

Is this possible using your solution?

You can change multiple user picker to multiple group picker and put Sam's group in that field. (you can even make a postfunction to fill visible for field with sam's group)

Is it possible to make this Group Picker field non-searchable when using Advanced JQL?

I tried using the 'Search Template' but it does not work.

The Security Level is set automatically through Groovy post function depending on which group the Reporter belongs to.

 

Example: Say there are two Customers ABC and XYZ. 
ABC has 2 users Sam and Betty.
XYZ has 2 users Tom and Harry. 

What we need is that Sam can see what ticket Betty creates (what users of ABC create) and should not be able to view what all tickets Tom and Harry create(XYZ users).

Is this possible using your solution?

0 votes

Issue security levels can have a "Group Custom Field Value". Why don't you write the customer group to a group custom field (can be hidden), and use that in the security scheme.

it's ok if you don't need single user view only... I have proposed the solution with custom field multiple users, the same approach

Your method is very flexible, I agree. Easy to combine multiple groups etc if you need to.

Suggest an answer

Log in or Join to answer
Community showcase
Sarah Schuster
Posted Jan 29, 2018 in Jira

What are common themes you've seen across successful & failed Jira Software implementations?

Hey everyone! My name is Sarah Schuster, and I'm a Customer Success Manager in Atlassian specializing in Jira Software Cloud. Over the next few weeks I will be posting discussion topics (8 total) to ...

2,811 views 11 18
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot