Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How can I see the field level restrictions for a scriptrunner scripted field ?

Penny Boulet
Penny Boulet September 14, 2020

I have taken over administering JIRA with script-runner. No one who remains knows anything about some custom fields that were set up with script-runner years ago.

Someone wants the ability to change the content of a script-runner field but I am unable to find a way to see who has permissions to do that today so I am unable to find what additional access to give to this person.

 

Can you provide a set by step method to see the current permissions for this script-runner field?

Thanks,

Penny

Answer
Watch
Like Be the first to like this
767 views

1 answer

1 accepted

1 vote
Answer accepted
Steven F Behnke
Steven F Behnke
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 14, 2020

Script Fields allow arbitrary Groovy code to run. Since this is a security problem, only full Jira Administrators are allowed to configure the fields under the Apps -> Scriptrunner -> Script Field section. 

View More Comments
Penny Boulet
Penny Boulet September 14, 2020

The scripted field in question is numeric and is used to rank order items so we work on them in order. Some set of people can do this and none of them are JIRA admins.

What I want to know is how I can *see who can do things with this custom field in terms of using it* NOT changing the definition of the field.  I keep reading things that imply this limitation is possible and I know some people in my org have permissions and aothers do not BUT I don't know how to see what grants them permissions.

i.e.

  • Is it Project Admin for the project(s) that use that field?
  • Is it group membership for a select group ?
  • Is it hard-coded in middle of the scriptrunner script for the field who can access it?


I do NOT want to give out full JIRA admin permissions to anyone not qualified to be a JIRA admin. I want to set minimal permissions to "USE" the single field.

Like
Steven F Behnke
Steven F Behnke
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 14, 2020

Script Fields are read-only constructs. When their value is "viewed", a "script" is executed on the server and the result of that script is the "value" in the field.

When referring to the field value, it's not possible to answer who can "use" the field or who can "access" the field: It depends on the script that has been written. 

For instance, a common use-case is a calculated value. This can be something like ...

return getCustomFieldValue('Impact') * getCustomFieldValue('Severity')

In this case, someone would need to be able to edit the 'Impact' and 'Severity' fields on the issue in question to interact with the scripted field.

 

Sorry, I'm struggling to understand what we mean by "use" the field or to "access" the field. If you can share the script, I may be able to explain more. 

Like
Penny Boulet
Penny Boulet September 14, 2020

I am sorry for being unclear.

I was able to finally get in touch with someone who has moved on to another job to get some help.

What was done here was they added a "Schedule" permission for the project in question.
People who have this "schedule permission" can use the "drag and drop" to do backlog ordering when looking at the backlog.  When that happens, the values in this custom field are automatically computed and populated in the background.

I was confused that this was actually permissions on the custom field itself. It is the ability to re-order backlog items that is restricted and not a restriction on the custom field itself.

 

Thank you for your explanations - they make much more sense to me now.

Like Steven F Behnke likes this
Steven F Behnke
Steven F Behnke
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 15, 2020

That's very interesting (and would be hard to pinpoint!!) Thanks for sharing the solution. 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
SERVER
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.