I am creating a JIRA plugin to fetch the issue-level permissions. Currently, the project-level permissions are working extremely fine but the issue-level permissions are not working. I tried finding a REST API to handle these permissions but, didn’t find anything so I decided to make a custom JIRA plugin to fetch the issue-level permissions of a project and handle them via exposing the plugin through an API.
My question is that what JIRA JAVA APIs do I have to use in order to handle these permissions? Or, is there any other workaround to handle issue-level permissions?
Maybe you are referring to the "Issue level security" term (??)
If so, you can get the issue security level name from the "security level" field attached to the issues (Use a Jira account that has an active "Set Issue Security" permission, in order to work with this system issue field). This can be done by REST API that queries issue fields.
Also, the JAVA API Interface is called: 'IssueSecuritySchemes' (at package: com.atlassian.jira.functest.framework.admin, for Jira Server/Data Center).
Related
I need to review all source code permissions on a particular folder structure. I have gone through the apis and can't find what I need or haven't figured out how to use them correctly yet.
I have also tried the tfssecurity command but, can't figure out how to make it look at just a specific team project.
I am using Azure DevOps Server 2020 and the source is in TFVC.
This is part of a source control audit and I need to produce a report of what permissions users have on a folder in source.
I have tried the following apis: https://learn.microsoft.com/en-us/rest/api/azure/devops/security/?view=azure-devops-server-rest-6.0
Along with the tfssecurity command.
None are producing the results I need.
Found the APIs needed to do this.
Use this one to get all of the namespaces and find the ones that you want to get the security data for.
https://{instance}/{collection}/_apis/securitynamespaces
After that call this API to get the ACLs for that namespace.
https://{instance}/{collection}/_apis/accesscontrollists/{securityNamespaceId}?alwaysAllowAdministrators=True
Once you get all of the ACLs for the namespace, you can then look at each ACE to find out the permissions.
https://{instance}/{collection}/_apis/identities?descriptors={descriptors}&queryMembership=expandedDown
I am trying to integrate a project in Reportportal to JIRA project. When trying to configure, it is failing with error "Impossible interact with external system" like the attached picture.
The Jira service is up in docker. The https cert on JIRA is valid CA signed cert (i.e. Not self signed). I ruled out importing cert into jira service container.
The JIRA instance uses NTLM for authentication. I am not sure if Basic auth that reportportal jira service is trying working here.
Thanks for hep.
You should take a look into service-jira docker container logs. This will give details what's happening during this response.
and you also can drop as a mail to support#reportportal.io
Try This out !
You should take care of following points for reportportal.io integration with jira.
Link to BTS: This link should be correct.[https://jira.company.com]
Project name in Jira: Use project key instead of name. project key should taken from jira.
BTS username: Use jira email here.
BTS password: Use jira API token instead of password for Jira-cloud [Go to Jira account setting and generate new token or search how to generate jira API token]
All the best !
I'm hosting a project on my Jenkins server. That project has a GitHub repo and I have it set up so it automatically builds new commits. In order for that to work, I need to input credentials for a github account that has full access to the repo.
The problem is, that if I want him to add his login info to the credentials list, I'd have to give him acces to all credentials on the server (I don't want that).
I tried using the credentials under "{username}" > "Credentials", but those didn't show up in the project setup (even with 100% access to everything on the server).
Is there a way for the user to store his credentials and use them for the project without giving him full access to all credentials on the server?
Add the user's credentials under Global security and then allow project based Matrix Authorization Strategy per project as shown:
I found the answer in this mailing list entry:
In short: You need to
install and activate the Authorize Projects Plugin,
enable "run as specific user" strategy in global security settings,
enable this for the project in question.
This allows you to use the credentials for this specific user.
Enabling ssh-agent is the final step to make this work conveniently.
I have created custom checkin policy for TFS. It is deployed to the client system. I have added the custom checkin policy for project collection in TFS. But I have a number of clients that have not installed the custom checkin policy, when these developers want to check in, Visual Studio shows an error
Internal error in Check for PMS Details. Error loading the Check for PMS Details ...
So I want to apply the custom checkin policy for certain users. For example the user is admin then no need to run the custom checkin policy.
As others mention, the policy needs to be installed on the Client machine to work. There is no getting around that. You can, however, in the policy itself check the Identity and group membership of the user doing the check-in and skip the policy validation (always return an empty array of PolicyFailures) in that case.
I have been working on such a policy, but never found time to finish it. The policy I have been building works in the same way as the ConditionalPath policy that ships in the TFS Power tools. Basically it wraps another (set of) rules and places a condition on their execution.
Custom policies need to be installed onto the client system, they are not centrally processed.
A check in policy can be scoped only to the project level within TFS, as far as I am aware you are unable to limit a policy in any other way unless you handle this within the policy itself.
You must install your check-in policies on all TFS Windows clients, otherwise you get the nasty error.
A conditional policy can be implemented in two ways.
set the condition inside the custom policy code
use a Gated check-in build and customize the Build template
There is a third option, a Server side event handler, but I generally discourage it.
On my Jenkins build server, I want to set an Authentication Token so that only users that know the token can fire off builds. (As described here.)
This doc page says that it should be configurable under my job's "Build Triggers" configuration.
However, my server has no such fields, and I'm running the latest version (1.546). Mine looks like this:
.
As you can see, this doesn't really look like the docs say it should.
How can I set this token?
You're missing the Trigger builds remotely (e.g., from scripts) Build Trigger:
This is only visible with Security enabled. To get this option from a freshly downloaded 1.546 WAR, I changed Configure Global Security from Anyone can do anything to at least Logged-in users can do anything. For ease/speed of testing, under Security Realm I selected Jenkins’ own user database and Allow users to sign up:
You can go to http://Jenkins-IP/jobs/me/configure to check and change your API access token. Also check whether the user you intend to use has necessary permissions to execute the builds in Manage Jenkins>Configure Global Security
Each jenkins user gets an authentication token - applicable since version 1.426 (more).
You can see yours, provided you are logged in your jenkins server, at http://your.jenkins.server/me/configure
(press 'show API token' button)
Then you can copy and paste it in your scripts (e.g. see here for an example usage).