Heads up! On March 5, starting at 4:30 PM Central Time, our community will be undergoing scheduled maintenance for a few hours. During this time, you will find the site temporarily inaccessible. Thanks for your patience. Read more.
×Hi all,
We are using scriptrunner for Jira data center and we have just started to use issue security schemes for all projects and issue types, but we would like to "hide" the security level from normal users to eliminate confusion. (We'd only like it visible to Jira admin)
To be clear - we still want the security level to be applied to all requests, just the field not "visible" for normal users.
We've already tried to create a behavior for the "Security Level" field, that is mapped to "All Projects" and "All Issue Types".
Within the behavior:
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.security.groups.GroupManager
def groupManager = ComponentAccessor.getComponent(GroupManager)
def currentUser = ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser()
def securityLevelField = getFieldById("security")
// Is user in "jira-administrators" group?
if (!groupManager.isUserInGroup(currentUser, "jira-administrators")) {
// If not - hide the field
securityLevelField.setHidden(true)
} else {
// If so - show the field
securityLevelField.setHidden(false)
}
Since it doesn't look like there is any way we can limit the visibility of this specific system field, we've decided to just hide it from everyone via the field configuration for the issue types.
Thanks everyone,
Mike
Hi @Michael
What you are trying to do is not achievable using ScriptRunner's Behaviour.
The Behaviour can only be used on the Create, Edit, Transition, and Assign screens. It will not work on the view screen.
UI fragments will not be able to hide custom fields. The alternative you could try (but not recommended) is to use a javascript on the Announcement Banner. Once you have performed your testing, remove the script from the Announcement Banner.
Thank you and Kind regards,
Ram
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Michael ,
Behavior will only work on the pop-ups (like edit, create, etc.), not the issue view screen, if this is the problem. So, can you please feed the question with a bunch of screenshots, so we can help better?
As I understood, you want to hide it on the view screen for regular users. I guess this is not possible if the field is on "View Issues" screen. So, you may delete the field from this screen and you can add it just to "Edit Issue" screen. Then, you can use your current script, so that just the allowed people can see the field (but only on Edit Issue screen)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello @Salih Tuç
You are correct, the only place that this field appears is on the "View" screen. We do understand that we can just remove that field from the view screen or "hide" it within the field configuration for all issue types, but in the case that we need to troubleshoot someone's access, the admins would like to be able to see / know the issue security scheme without needing to go to the issue security scheme section in our backend.
Since behaviors only work on the create and edit screen, is there another scriptrunner feature that might be able to help us? For example, the UI fragment feature?
When running this across ChatGPT, it stated this might be possible but we never got it to work.
Thanks,
Mike
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Sadly, it is not possible to remove the field via UI fragment feature. I would continue with Edit Issue screen and email notifications as an alternative :) Otherwise, it seems not quite possible.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Michael
why would the admins have to go into the "backend" (whatever this means?) ?
Though the field is not part of the view screen it could be part of the edit screen but (as the original requirement) only be visible to the admins. The admins could see the security level of each issue by only clicking the "Edit" button.
Furthermore before the need to find anything in the backend a simple jql with showing the column "security level" would give the needed information for the admins.
Best
Stefan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello @Stefan Salzl
We are trying to solve for Admins wanting to see the security issue scheme while at the same time not providing that field to "normal users". (To prevent confusion or permission griping)
When our team is troubleshooting issue security problems, they usually go straight to the problem issue and not to a JQL query, so a JQL query wouldn't help.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
as mentioned:
Though the field is not part of the view screen it could be part of the edit screen but (as the original requirement) only be visible to the admins. The admins could see the security level of each issue by only clicking the "Edit" button.
The field can then be made only visible to Admins via a scriptrunner behaviour. With this the admin will see the issue level directly in issue´s edit mode.
Best
Stefan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.