Hi All,
is there a script I could remove plenty of users from a group? To add multiple users to group is possible I know but how about removing?
Thanks in advance,
Rumi
Use userUtil.removeUserFromGroup() to remove a user from a group.
import com.atlassian.jira.ComponentManager
import com.atlassian.jira.bc.projectroles.ProjectRoleService
import com.atlassian.jira.security.GlobalPermissionManager
import com.atlassian.jira.security.Permissions
import com.atlassian.jira.security.roles.actor.UserRoleActorFactory
import com.atlassian.jira.user.util.UserUtil
import com.atlassian.jira.util.SimpleErrorCollection
import com.opensymphony.user.Group
import com.opensymphony.user.User
import com.opensymphony.user.UserManager
import org.apache.log4j.Category
import com.atlassian.jira.project.Project;
// Configurable section
isPreview = false
// End
log = Category.getInstance("com.onresolve.jira.groovy.DeactivateOldUsers")
log.debug ("DeactivateOldUsers function running")
userManager = (UserManager) UserManager.getInstance()
GlobalPermissionManager globalPermissionManager = (GlobalPermissionManager) ComponentManager.getInstance().getComponentInstanceOfType(GlobalPermissionManager.class)
// get the first user of the first group which has the ADMIN privilege...
// cannot use current user, not really sure who that is when run as a service
adminGroup = globalPermissionManager.getGroupNames(Permissions.ADMINISTER)[0]
adminUser = userManager.getGroup(adminGroup).getUsers().get(0)
def deactivateUser (User user) {
log.debug ("deactivateUser ${user.getName()}")
// Remove user from all groups...
UserUtil userUtil = ComponentManager.getInstance().getUserUtil()
user.getGroups().each {
Group group = userManager.getGroup(it)
log.debug ("Remove $user from group: \"$group\"")
if (! isPreview) {
userUtil.removeUserFromGroup (group, user)
}
}
// Remove user from all roles...
ProjectRoleService projectRoleService = (ProjectRoleService) ComponentManager.getComponentInstanceOfType(ProjectRoleService.class);
SimpleErrorCollection errorCollection = new SimpleErrorCollection();
log.debug ("Removing all roles references for ${user.getName()}")
projectRoleService.getProjectsContainingRoleActorByNameAndType(userManager.getUser((String) adminUser), user.getName(), UserRoleActorFactory.TYPE, errorCollection).each {Project project ->
log.debug ("Remove user ${user.getName()} from role: ${project.getName()}")
}
if (! isPreview) {
projectRoleService.removeAllRoleActorsByNameAndType (userManager.getUser((String) adminUser), user.getName(), UserRoleActorFactory.TYPE, errorCollection)
}
println errorCollection.dump()
}
def boolean userStillValid (String userName) {
// You need to implement this according to what the criteria are for valid users, eg do an LDAP search,
// or process a list of leaver names as provided by your HR dept for instance
return true
}
Integer beforeUsers = userManager.getGroup("jira-users").getUsers().size()
Integer i = 0
userManager.getGroup("jira-users").getUsers().each {
User user = UserManager.getInstance().getUser(it)
userName = user.getName()
if (!userStillValid (userName)) {
log.warn ("User: $userName should be retired")
deactivateUser (user)
}
i++
}
Integer afterUsers = userManager.getGroup("jira-users").getUsers().size()
log.info ("Was: $beforeUsers, now: $afterUsers, deleted: " + (beforeUsers - afterUsers))
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.