Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,254,235
Community Members
 
Community Events
164
Community Groups

List of all groups and where they are used

Need A way to extract all groups and there usage through SQL 

3 answers

1 vote

A manual way is to look at all your permission schemes and notifications schemes for the groups they use. Then go through all project roles and do the same. Groups can also be used for sharing of filters and dashboards. Finally check all workflows for group usage in the XML. Very tedious!

I would love to see a plugin that does all this for admins

Hello Matt I want an SQL query for that since my admins want to automate the process

Me too!

Like Nic Brough _Adaptavist_ likes this

This article comes on the top of google queries for "jira find where group is used", and does sadly not contain the answer from other similar questions. 

So I'm therefore pointing out that there is a knowledge-base article for it: https://confluence.atlassian.com/jirakb/how-to-identify-group-usage-in-jira-441221524.html

Problem is that article doesn't reference the complexities or how to actually answer the question.  That's why Google lands here - it explains it properly.

Like Matt Doar__ LinkedIn likes this

Your answer explains the complexity on the details and nuances in the question -- I wholeheartedly agree.

The kb-article gave me the answer I needed, based on a very similar question to this community post, nevertheless :) 


I usually never comment on forums but can attest that this post is worthless and I don't understand why the question is so hard. All I want to see is the all the permission schemes (and potentially others schemes like notifications) that have a reference to the group in question. Inside the JIRA admin all you see is that the group in question has no product access which is flat garbage because the users access the product every day and are on multiple permission schemes. My use case might be far less complex than ones above, but maybe simplicity is a good place to begin?

 

JIRA-group-usage.png

Like David Innes likes this

We are looking at permissions of the current groups to see if all are necessary and that the permissions aren't being duplicated over multiple groups.

That a number of the groups have only the comment "This group currently has no product access" is not helpful.  

We have the cloud version which doesn't allow for running SQL against the Database.

So any development which would allow clear showing of what permissions each group has would be very welcome.

 

Kind Regards

The question is hard to answer because it does not have any context.  So the answers you're seeing here are either highly generic (because there's no context) or trying to ask for that context.

I think it's probably important to be very clear about the context of the question.  What problem are you trying to solve?  (In fact, is it really a problem?  "I want to cut down the number of groups" is not the actual problem, the problem behind that is likely more to be "the admin is struggling to maintain all the people in the groups".  Getting a list of permissioned groups probably isn't going to help much with that, it would be far better to review the groups without looking at permissions, get the groups tidied into what you actually need from them, get the space admins to review their spaces to see that the new/changed groups have the right access, and then kill off the ones you don't need later.  Or, even, stop using groups apart from the bare minumum of "can use the application" and maybe a small handful of wide-ranging standard groups, and get the space admins to add the people they need when they need them.

A list of 100,000 lines listing every permission every user and every group in every space is not really going to help you rationalise, the permissions aren't really the problem you're trying to solve in these cases.

As a Jira Admin,
I want to see all permitted access a particular group of users has,
So that I can ensure they do not have more access than I intend.

Jira OOTB is not very secure-by-default once you let in users outside your org.  You need to lock down various things - conveniently via groups.

For example, group "external-users-client1" should have permission to see only a Jira project dedicated for collaborating with Client1.

I want to be able to address concerns like:  Did I set that up properly, or possibly create a huge security hole that is not obvious?

0 votes

I'd suggest asking your admins for a more human answer.

I can think of around 30 different SQL queries that, while "accurate", won't tell you what you really need to know about access.

Instead of giving you a "Microsoft" answer (technically accurate, but completely useless), could you tell us what you are trying to do?  What question are you trying to answer, and why?

Hi Nic, 

I am currently an Intern and trying my hands in every Area of JIRA, I tried my hands in JIRA, EasyBI, BigPicture, so My JIRA admin gave me a assignment to figure out where all the groups are getting used in JIRA for Ex.

  1. Permission schemes
  2. Any other shares:
  • Filters
  • Dashboards
  • Agile Boards
  • Tempo
  • eazyBI

I want to extract the list. 

I found this link but I have to insert all the roles and run separate query for for each which kind of make it complicated.

https://confluence.atlassian.com/jirakb/how-to-identify-group-usage-in-jira-441221524.html

Need some work around for this.

Right, that's a significant project in itself, even in a small Jira.

Your list is a start, but you also need to look at

  • Fields
  • Filters referring to fields (of many types)
  • Notifications
  • Subscriptions
  • Workflows (conditions, validators, post functions, triggers)
  • Integrations (application links for example)
  • Outgoing calls
  • And
  • And
  • And

As you can tell, this is not a simple task.  However, it is generally of limited use too, and hence pretty much a massive waste of time.

Go back to the real question. "I want to know where groups/users are used" is not the real question.  Why do you want to know where they're used?  What's the point?  Why does it matter?

The JIRA admin wants it for tracking process and she wants to automate the process instead of looking into JIRA manually

Automate what?

I mean the process of looking all the Usage of the groups she wants it in excel tabular format

I'm afraid that's a circular answer - "Why do you want to know where they are used?" is not answered by "I want to look at where they are used".

Could you tell us why this matters and how it would be more useful than going into the configuration to check, understand and amend access?

Like Marco Brundel likes this

as I mentioned I am an intern and this is assignment given to me by JIRA admin. I suppose may be want to present the report to management or to save time. I am not sure why they want it that way.

Then ask them.

Take this conversation to them.  Point out that "where a group is used" is a very complex thing to try to extract from Jira (even before you install any add-ons).

It is still possible, but it's going to take you a LOT longer to form SQL than it is to investigate every place where they might be used manually, and than any investigation is going to take a very very long time.

If you knew why you were doing this, you would probably save a lot of time because you could focus on the actual question.

Like Marco Brundel likes this

Suggest an answer

Log in or Sign up to answer
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you