Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

Add a group or role to all permission schemes using scriptrunner?

Bryan Guffey
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 6, 2023

Hey all -

 

I've got a couple groups and one role I've created that I want to add to all of the permissions schemes in my instance. Does anyone have a script for scriptrunner to do this? 

Thanks! 

1 answer

1 vote
Matt Doar
Community Champion
February 6, 2023

This worked for me a few months ago with Jira Software Data Center 8.13

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.permission.ProjectPermissions
import com.atlassian.jira.security.plugin.ProjectPermissionKey
import com.atlassian.jira.scheme.SchemeEntity
import org.ofbiz.core.entity.GenericValue;

def permissionSchemeManager = ComponentAccessor.permissionSchemeManager
def projectManager = ComponentAccessor.projectManager

// Add jira-auditors group to Browse Projects permission in all permission schemes

// Add the given permission to one permission scheme for one group
def add_perms(permissionSchemeManager, scheme, perm, group_name) {
try {
def dryrun = true;
if (dryrun) {
log.warn("(DRYRUN) Adding the " + perm + " permission for the group: " + group_name + "\n");
} else {
log.warn("Adding the " + perm + " permission for the group: " + group_name + "\n");
SchemeEntity schemeEntity = new SchemeEntity("group", group_name, perm);
GenericValue schemeAsGenericValue = permissionSchemeManager.getScheme(scheme.id);
permissionSchemeManager.createSchemeEntity(schemeAsGenericValue, schemeEntity);
}
} catch (Exception e) {
log.error("Error updating scheme: " + scheme.name +" and permission " + perm + " " + e + "\n");
}
}

def schemes = permissionSchemeManager.getSchemeObjects()
for (scheme in schemes) {
permission_name = ProjectPermissions.BROWSE_PROJECTS

entries = permissionSchemeManager.getPermissionSchemeEntries(scheme, permission_name)
if (entries != null && entries.size() > 0) {
found = false
for(entry in entries) {
if (entry.type == "group" && entry.parameter == "jira-auditors") {
found = true
}
}
if (!found) {
//log.warn(scheme.name + " has administer for: " + entry.type + ":" + entry.parameter)
log.warn("Scheme without jira-auditors for " + permission_name + " : " + scheme.name)
add_perms(permissionSchemeManager, scheme, permission_name, "jira-auditors")
}
} else {
log.error("No entries found for Browse Project in " + scheme.name)
}

}

Matt Doar
Community Champion
February 6, 2023

Ugg, bad formatter. No guarantees, not fit for purpose etc

Craig Castle-Mead
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
December 8, 2023

Thanks @Matt Doar - script came in very handy today!

 

CCM

Like Matt Doar likes this

Suggest an answer

Log in or Sign up to answer