Heads up! On March 5, starting at 4:30 PM Central Time, our community will be undergoing scheduled maintenance for a few hours. During this time, you will find the site temporarily inaccessible. Thanks for your patience. Read more.

×
Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

How to hide visibility for "security level" for everyone except Jira admins using Script Runner?

Michael
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 22, 2024

Hi all,

We are using scriptrunner for Jira data center and we have just started to use issue security schemes for all projects and issue types, but we would like to "hide" the security level from normal users to eliminate confusion. (We'd only like it visible to Jira admin)

To be clear - we still want the security level to be applied to all requests, just the field not "visible" for normal users.

We've already tried to create a behavior for the "Security Level" field, that is mapped to "All Projects" and "All Issue Types".

Within the behavior:

  • we've tried to use the "Hidden" toggle, with the condition "Except - When user is in group 'jira-administrators'." However, this doesn't work - everyone can still see the security level field.
  • We've also tried to do this via code:

 

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.security.groups.GroupManager

def groupManager = ComponentAccessor.getComponent(GroupManager)
def currentUser = ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser()

def
securityLevelField = getFieldById("security")

// Is user in "jira-administrators" group?
if (!groupManager.isUserInGroup(currentUser, "jira-administrators")) {

    // If not - hide the field
    securityLevelField.setHidden(true)

} else {

    // If so - show the field
    securityLevelField.setHidden(false)

}

But neither way hides the field. Can someone tell us what we are doing wrong?
Thanks,
Mike

3 answers

1 accepted

1 vote
Answer accepted
Michael
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
December 3, 2024

Since it doesn't look like there is any way we can limit the visibility of this specific system field, we've decided to just hide it from everyone via the field configuration for the issue types.

Thanks everyone,

Mike

0 votes
Ram Kumar Aravindakshan _Adaptavist_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
November 25, 2024

Hi @Michael

What you are trying to do is not achievable using ScriptRunner's Behaviour.

The Behaviour can only be used on the Create, Edit, Transition, and Assign screens. It will not work on the view screen.

UI fragments will not be able to hide custom fields. The alternative you could try (but not recommended) is to use a javascript on the Announcement Banner. Once you have performed your testing, remove the script from the Announcement Banner.

Thank you and Kind regards,
Ram

 

0 votes
Salih Tuç
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 24, 2024

Hi @Michael ,

Behavior will only work on the pop-ups (like edit, create, etc.), not the issue view screen, if this is the problem. So, can you please feed the question with a bunch of screenshots, so we can help better?

As I understood, you want to hide it on the view screen for regular users. I guess this is not possible if the field is on "View Issues" screen. So, you may delete the field from this screen and you can add it just to "Edit Issue" screen. Then, you can use your current script, so that just the allowed people can see the field (but only on Edit Issue screen)

Michael
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 25, 2024

Hello @Salih Tuç

You are correct, the only place that this field appears is on the "View" screen. We do understand that we can just remove that field from the view screen or "hide" it within the field configuration for all issue types, but in the case that we need to troubleshoot someone's access, the admins would like to be able to see / know the issue security scheme without needing to go to the issue security scheme section in our backend.

Since behaviors only work on the create and edit screen, is there another scriptrunner feature that might be able to help us? For example, the UI fragment feature?

When running this across ChatGPT, it stated this might be possible but we never got it to work.

Thanks,

Mike

Salih Tuç
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 25, 2024

Sadly, it is not possible to remove the field via UI fragment feature. I would continue with Edit Issue screen and email notifications as an alternative :) Otherwise, it seems not quite possible.

Stefan Salzl
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 2, 2024

Hi @Michael 

why would the admins have to go into the "backend" (whatever this means?) ?

Though the field is not part of the view screen it could be part of the edit screen but (as the original requirement) only be visible to the admins. The admins could see the security level of each issue by only clicking the "Edit" button.

Furthermore before the need to find anything in the backend a simple jql with showing the column "security level" would give the needed information for the admins.

Best
Stefan

Michael
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
December 3, 2024

Hello @Stefan Salzl

We are trying to solve for Admins wanting to see the security issue scheme while at the same time not providing that field to "normal users". (To prevent confusion or permission griping)

When our team is troubleshooting issue security problems, they usually go straight to the problem issue and not to a JQL query, so a JQL query wouldn't help.

 

Stefan Salzl
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 3, 2024

@Michael 

as mentioned:

Though the field is not part of the view screen it could be part of the edit screen but (as the original requirement) only be visible to the admins. The admins could see the security level of each issue by only clicking the "Edit" button.

The field can then be made only visible to Admins via a scriptrunner behaviour. With this the admin will see the issue level directly in issue´s edit mode.

 

Best
Stefan

Suggest an answer

Log in or Sign up to answer