Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Scriptrunner Check if user group has permissions in Confluence Space

Edited

Hello, my ultimate goal for the script is to check all spaces in Confluence and see, in which space a certain user group is. And for these spaces I want to remove the user group they are in. I already know how to remove permissions for a group in a space.

But I simply cannot find any solution or similiar thread about how to search through all spaces, or even get all spaces, and then check if a group has permissions to it.

 

Anybody has tips or solutions? Thanks!

 

 

3 answers

Hi Sngy!

I've added a small script here that will iterate through each of your spaces, then through each of your space permissions and extract those that belong to a certain group

Let me know if this works for you or if you have any questions!

Kind regards, 
Lee

I'm also trying to figure this out, and better late than never. :)  There are a few ways to do it, but I can't find the ideally efficient one like in Jira.

I am putting my script on a Listener, so I want to check for an individual space, but most of my examples below have individual space or global options.

The PermissionsManager mentioned in the previous answer is only for users (not groups), and is at a high level.

SpacePermissionManager

You could use a couple of SpacePermissionManager methods to get the data.

Collection<com.atlassian.user.Group> getGroupsWithPermissions(@Nullable Space space)
Returns all groups which have permissions in a space or on a global level. If space is null, permissions on the global level will be checked.
    Pros: gets only the groups for the space (or can be for all spaces)
    Cons: gets objects not strings, my list of groups contains strings not objects, and the removal method uses strings
If there were a method like this that returned a list of group names as strings, then I'd be set.

List<SpacePermission> getAllPermissionsForGroup(String group)
    Pros: gets all permissions at once for a group, based on string name of group
    Cons: may eat up more resources getting all vs. just for the space in question, returns SpacePermission which I'd then have to get the group name from, adding another step.

Space object

If you wanted to do it just at the space level not using the above, you could use the Space object
space.getPermissions()
    Pros: gets permissions just for the space at least
    Cons: have to loop through them all to find ones with a group, then see if group is in my list. It's a list of lists, which I cannot seem to get to flatten. Also have to get group string name from permission.  This way is really inefficient given the other options available.

Removal

If you're using the Space object, you could use its removePermission method, but you'd have to provide it with a SpacePermission object, which if you use getPermissions, you'd have.
To remove across the whole instance, it'd be a lot more efficient to use the SpacePermissionManager's method:
void removeAllPermissionsForGroup(String group,SpacePermissionContext context)
Removes all permissions for the given group.

That is why I need a list of group names as strings.

Oops!  That method was deprecated and replaced by:

SpacePermissionManagerInternal.removeAllPermissionsForGroup(String, com.atlassian.confluence.internal.security.SpacePermissionContext)

Does anyone know if there's a magical method to return a list of group names as strings for groups with permissions?

Otherwise, I'll need to either convert strings to objects or vice versa to do what I'm trying to do.

Oh well, I hope this helps somebody at least (even if it's a bit late).

hi @Sngy did you check com.atlassian.confluence.security.PermissionManager and hasPermission method?

https://docs.atlassian.com/atlassian-confluence/6.1.4/com/atlassian/confluence/security/PermissionManager.html#hasPermission-com.atlassian.user.User-com.atlassian.confluence.security.Permission-java.lang.Object-

I guess that "target" parameter is your page. Unfortunatelly, I do not have chance to test it on Confluence right now :(

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Apps & Integrations

🍻🍂Apptoberfest Update: Upcoming Virtual Events 🎉

Hello Community! I hope you've been enjoying the 🍂Apptoberfestivities🍂 (I know I have!) The event is heating up next week with a series of virtual events that we're calling the 🍻🍂Partner App ...

421 views 3 18
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you