Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

ScriptRunner/Behaviours get project role group on CREATE screen

Gabriel MOSCALU February 22, 2019

Hello,

 

I am trying to ease the users creation and done a workflow for it.

 

Setup : Users can be internal, or customers. Customer access is controlled via groups (each customer project has a dedicated group, created on project creation). User type, Name, email, etc are captured in custom fields, as well as target project (in a single-project select CF). Depending on the project, i got the user listed in project's "Project Manager" project role, and save it in a "Team Manager" CF, as these guys need to approve the user creation. The groups to be granted to the user are listed in a CF named "Available groups", type Group Picker (multiple groups).

 

By default, when the user type is "Customer - Portal" or "Customer - JIRA", i add the "jira-customers" to that CF, and i need a bit of help on getting the group listed in the "Service Desk Customer - Portal Access " project role.

 

I managed to write the ScriptRunner workflow post-function that :

* creates the user

* grants all the groups listed in the "Available groups" CF

* adds the user to the organizations declared on the target project

 

The only missing part, where i cannot really find my way through is how to get the project's role as a group object (to be added to the groups CF). I can get the list of users in a role (used to get the Team Manager), but i do not know how to filter on the groups.

 

Here's the relevant part of the code I wrote so far:

 

import com.atlassian.jira.ComponentManager
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.project.Project
import com.atlassian.jira.project.ProjectManager
import com.atlassian.jira.security.roles.ProjectRole
import com.atlassian.jira.security.roles.DefaultRoleActors
import com.atlassian.jira.security.roles.ProjectRoleActors
import com.atlassian.jira.security.roles.ProjectRoleManager
import static com.atlassian.jira.issue.IssueFieldConstants.*
import com.atlassian.jira.security.roles.RoleActor

log.info(" --- 'New user - Main project' behaviour is executed in : ${getActionName()} --- ")

if (getActionName() != "Create") {
return // not the initial action, so don't set default values for groups
}

ComponentManager componentManager = ComponentManager.getInstance()
ProjectRoleManager projectRoleManager = ComponentManager.getComponentInstanceOfType(ProjectRoleManager.class) as ProjectRoleManager

def ProjectSelectedField = getFieldById(getFieldChanged())
def selectedOption = ProjectSelectedField.getValue().toString().split(": ")[1] as String
ProjectManager pm = ComponentAccessor.getProjectManager()
Project selectedProjectObj = pm.getProjectByCurrentKeyIgnoreCase(selectedOption)
log.debug(" --- 'New user - Main project' behaviour : selected project = ${selectedProjectObj.getName()} --- ")
log.debug(" --- 'New user - Main project' behaviour : selected project lead = ${selectedProjectObj.getProjectLead()?.getKey()} --- ")

def groupsField = getFieldByName("Available groups")
def orgField = getFieldByName("New user - Company")
log.debug(" --- 'New user - Main project' behaviour : New user - Company = ${orgField.getValue()} --- ")
def tmField = getFieldByName("Team Manager")


tmField.setFormValue(selectedProjectObj.getProjectLead()?.getKey())
orgField.setFormValue( selectedProjectObj.getName().toString() )

// name of role here
ProjectRole custRole = projectRoleManager.getProjectRole("Service Desk Customer - Portal Access")

ProjectRoleActors actors = projectRoleManager.getProjectRoleActors(custRole, selectedProjectObj)

log.info("$selectedProjectObj.key, $selectedProjectObj.name, $selectedProjectObj.leadUserName, ${actors.getUsers()*.name}\n");

 

unfortunately, the last line logs something i do not expect:

 

2019-02-23 08:12:49,422 http-nio-8080-exec-4846 INFO admin 492x1528569x2 uxnj3h 10.122.130.50,10.122.140.22 /rest/scriptrunner/behaviours/latest/runvalidator.json [c.o.j.groovy.user.FieldBehaviours] DEMO, Demo_Project, Solutions_Support, [my_agent, my_support_user]

 

While i would have expected to get "cust-demo" - the group name that includes all users allowed to access this project.

 

Can you please help me get this right?

 

Thanks

Gabriel

 

PS: I forgot to mention: I would like that every change of the project selection is added to the groups CF (not to overwrite existing values), to allow  multiple groups access granting.

1 answer

0 votes
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 23, 2019

It looks to me like "cust-demo" is not a group listed in the role of "Service Desk Customer - Portal Access" for that project.

The code is returning three other groups and a couple of users.  My best guess is that you're looking in the wrong place - cust-demo being the group you have named in global permissions as users allowed to be "customers"

Gabriel MOSCALU February 23, 2019

Hi Nic,

 

The "cust-demo" is a group and it is added on that project:

 

2019-02-23 17_19_24-Clipboard.png

 

And the group is not empty (that's where the "my_agent" and the "my_support_user" came from (I could make generic the log, but tougher to mangle with the screenshots):2019-02-23 17_21_20-Users - ServiceDesk.png

Any idea how to get the group name, not the members?

 

The global permissions allows "jira-support" & "jira-can-login" members to login, giving access to ServiceDesk features to "jira-support" and "servicedesk-agents", and "jira-can-login" gives access to JIRA Software license seats.

 

All the other users, based on groups and organizations, get access to portals only.

Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 26, 2019

Ahh, ok, the call is "flattening" groups out, and returning the content of the groups.

I can't see how to get to the groups this way, the class is built to get directly to a user, not go via the group.

Suggest an answer

Log in or Sign up to answer