Just a heads up: On March 24, 2025, starting at 4:30pm CDT / 19:30 UTC, the site will be undergoing scheduled maintenance for a few hours. During this time, the site might be unavailable for a short while. Thanks for your patience.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

JIRA. Permission scheme automated editing

Ivan Kovnatsky
Ivan Kovnatsky August 30, 2013

Hello fellas!

I got a question concerning fast/automated/semiautomated editing of permission scheme. Let's say my company uses lots of projects and I want to create new project and use as a template permission scheme from another one.

My aim is to be able to replace some key words and save new permission scheme. I wonder if I can save Permission scheme in xml or something. It would really helped my to speed up projects creating and avoid human error factor. I'll be glad for any applicable methods.

Thanks,

Ivan.

Answer
Watch
Like Be the first to like this
913 views

5 answers

0 votes
Ivan Kovnatsky
Ivan Kovnatsky September 14, 2013

Matt,

Thanks, I will look into that.

Ivan.

Reply
0 votes
MattS
MattS
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 11, 2013

The SOAP methods don't scale to 10K users either. I'm going to use Script Runner instead.


View More Comments
MattS
MattS
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 12, 2013

ScriptRunner did the job nicely: https://answers.atlassian.com/questions/137061/is-there-a-way-to-assign-a-workgroup-to-many-permission-schemes-without-having-to-go-into-each-one-individuall?page=1#211596

Like
Reply
0 votes
Ivan Kovnatsky
Ivan Kovnatsky August 30, 2013

> Jira 7 will have no SOAP interface.

hm, too bad.

Reply
0 votes
Ivan Kovnatsky
Ivan Kovnatsky August 30, 2013

I've used SOAP to automate some sample manipulations, like user creating and groups manipulation (add/remove). Although I need to dig in here. I see here https://docs.atlassian.com/rpc-jira-plugin/4.4/com/atlassian/jira/rpc/soap/JiraSoapService.html:


addPermissionTo
deletePermissionFrom

these methods, might do what I need.

View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 30, 2013

They should, but it's still going to leave your Jira littered with permission schemes.

Also, it's going to stop working. Jira 7 will have no SOAP interface.

Like
Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 30, 2013

Would it not be better to use the same permission scheme for all the projects? If you avoid the use of groups and use roles instead, you can have one permission scheme and then delegate the maintenance of users to the project owners (or, if the reason for multiple permission schemes is that you want to poke groups into them, then put the groups in the roles with a script)

View More Comments
Ivan Kovnatsky
Ivan Kovnatsky August 30, 2013

You see we use policy: jira-KEY-users, where KEY is project key, and in my case it is keyword precisely, so I'd like to have ability somehow to replace that key and all items of permission scheme and assign it to another project.

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 30, 2013

Mmm. Well, you'll need to do some coding if you insist on doing it the hard way. One permission scheme per project isn't really a good approach, and although there is a "copy permission scheme" available to the UI (but not in REST, so you can't script or automate easily), you still have to then go in and manually edit the scheme if you want to change the settings.

It would be far better to do this:

  • Create one permission scheme that, instead of using "group: jira-key-users", uses "role: IvansUser" (IvansUser is a role I made up and you'd need to add it - you might want to re-use one of the existing roles, or at least come up with a better name!)
  • Apply that scheme to each of your new projects
  • Use REST to script "add group:jira-KEY-user to the role of IvansUser in project KEY" every time you create a new project

This way you have one consistent permission scheme, a really simple "new project" process, and you get to maintain groups in the same way that you already do. You have minimal coding and simple config.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events