ScriptRunner - How To Restrict Issue Type Creation By Groups

Ricky Wang Lin September 14, 2021

ScriptRunner has an example of this only by Project Roles (https://docs.adaptavist.com/sr4js/6.33.0/features/behaviours/behaviours-examples/restricting-issue-types).


How exactly can I accomplish this with groups?  Scenario: There are 3 issue types within a project: Task, Bugs, Incidents.

I want anyone who's in the "jira-users" group to be able to create only Task and Bugs

I want anyone who's int the "Incident Team" group to be able to create Task, Bugs, AND Incidents.

Thoughts?

3 answers

1 accepted

4 votes
Answer accepted
Ram Kumar Aravindakshan _Adaptavist_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
September 15, 2021

Hi @Ricky Wang Lin

For your requirement, you can reuse the code provided in the https://docs.adaptavist.com/sr4js/6.33.0/features/behaviours/behaviours-examples/restricting-issue-types page. But you will need to modify it slightly.

Below is a sample modified working code for your reference:-

import com.atlassian.jira.component.ComponentAccessor
import com.onresolve.jira.groovy.user.FieldBehaviours
import groovy.transform.BaseScript

import static com.atlassian.jira.issue.IssueFieldConstants.ISSUE_TYPE

@BaseScript FieldBehaviours behaviours

def loggedInUser = ComponentAccessor.jiraAuthenticationContext.loggedInUser
def groupManager = ComponentAccessor.groupManager
def issueTypeField = getFieldById(ISSUE_TYPE)

def availableIssueTypes = []

def developmentGroupUsers = groupManager.getUsersInGroup("Developers")
def adminGroupUsers = groupManager.getUsersInGroup("jira-administrators")

if (developmentGroupUsers.contains(loggedInUser)) {
availableIssueTypes.addAll(["Bug", "Story", "Epic"])
}

if (adminGroupUsers.contains(loggedInUser)) {
availableIssueTypes.addAll(["Task"])
}

issueTypeField.setFieldOptions(availableIssueTypes)

Please note, the working sample code provided is not 100% exact to your environment. Hence, you will need to make the required modifications.

Below is a print screen of the Behaviour configuration:-

behaviour_config.png

In this scenario, you will need to use the Behaviour Initialiser instead of the Server-Side Behaviour. 

And the groups that are going to be tested is the jira-administrators group and the Developers group.

To invoke the groups you want to use, you will need to use the groupManager and specify the group names you want to use, as shown below:-

def groupManager = ComponentAccessor.groupManager
...
...
def developmentGroupUsers = groupManager.getUsersInGroup("Developers")
def adminGroupUsers = groupManager.getUsersInGroup("jira-administrators")

Next, you will need to modify the if condition, i.e. instead of using the User Role, use the Group to set the condition as shown below:-

if (developmentGroupUsers.contains(loggedInUser)) {
availableIssueTypes.addAll(["Bug", "Story", "Epic"])
}

if (adminGroupUsers.contains(loggedInUser)) {
availableIssueTypes.addAll(["Task"])
}

Below are a few test print screens:-

1) When the Admin user who is in the jira-administrators group is used, and the issue is being created, the user is restricted to only the Task issue type as shown in the image below:-

create_screen_admin.png

2) When the user Ram who is in the Developers group is used, the user is restricted to the BugStoryEpic issue types as shown below:-

create_screen_ram.png

I hope this helps to answer your question. :)

 

Thank you and Kind Regards,

Ram

Ram Kumar Aravindakshan _Adaptavist_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
September 22, 2021

Hi @Ricky Wang Lin

If this solution answers your question, please accept the solution.

Thank you and Kind Regards,

Ram

Ricky Wang Lin October 18, 2021

Hi @Ram Kumar Aravindakshan _Adaptavist_ .  Sorry I took a while, but your solution worked perfectly for my needs and I was able to modify it to fit my needs.  Thank you so much very much for this help!  I appreciate you!

Ricky Wang Lin October 18, 2021

On this note, I'd personally recommend what you have provided here to be added to the ScriptRunner's official KB since the official KB only tells you on how to do it by roles, but not by groups.  Thank you!

2 votes
Arturs Kalnins May 26, 2022

This only applies for jira server/data center. Is there a similar solution for JIra cloud + script runner?

0 votes
Fabian Lim
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
September 14, 2021

Hi @Ricky Wang Lin

Here are instructions on how you would validate groups: https://library.adaptavist.com/entity/validate-the-user-group-of-the-assignee

Thanks

Ricky Wang Lin September 15, 2021

Hi Fabian.  Thank you for the insight.  Is there a equivalent to use Behavior to also hide it?  I think having a validator is a good idea as a safety net, but would prefer to just hide the Issue Type altogether by group from users who aren't supposed to see it.

Suggest an answer

Log in or Sign up to answer