Tag: ScriptRunner

Overview

There may come a day where you need to script the migration of permissions from one Confluence Space to another.

The permissions of a Confluence Space can be retrieved and treated as collection of objects.  This allows us to easily pass them on to a source page as a new set of permissions.

The Code

We’re using the Soap Service to affect change in the permissions of a Space.  After using the ComponentLocator to declare the SpaceSoapService, we retrieve the source Space as an object.  We do the same for the destination source.

The permissions of the source Space are then extracted.  This is not a single object, but rather a collection of objects.

We iterate through each of the permission objects.  Each object is a collection of attributes.  We need to determine if the permissions object relates to a single user, or a group.  Every type of permission gets it’s own object.

Permissions objects associated with a group look like so:

 [CREATEATTACHMENT,89948111,confluence-space-admins,null,null]

The first attribute is the permission type.  The second is the permission ID. The third element is the group with which this permission is associated, and this is where the format of the permissions object differs

 

If I wanted to perform a search of Jira using Groovy and ScriptRunner, I might make use of the SearchRequestService.  This class contains many useful methods, most of them having to do with filters. 

A great many of these take a JiraServiceContext as an argument.  For example, these are the parameters of the createFilter() method:

  	createFilter(JiraServiceContext serviceCtx, SearchRequest request)

At this point you might start to wonder what a “Jira Service Context” is, and for good reason. Atlassian has once again failed to document exactly what they want, or how to provide it. There is nothing in any of the documentation about what exactly this argument is.  The arguement has it’s own page in the documentation, but that contains no useful information on actually implementing or understanding this parameter.

This is a recurring theme with Atlassian and their APIs.   Rarely is the official documentation helpful or complete; instead we must rely on the kindness of strangers on the internet who post code snippets.  That’s one of the major reasons I started posting the Groovy code that I wrote for Atlassian products; the vendor sure isn’t providing any help, and hopefully what I write will be of help

Here’s some code that explores one of the basic tenets of programmatically managing Confluence: retrieving a

list of administrators for a given Space.

On it’s own this code doesn’t do much, but it is foundational to many more complicated solutions that you may be asked to code.

 import com.atlassian.confluence.security.SpacePermissionManager
import com.atlassian.confluence.spaces.SpaceManager
import com.atlassian.sal.api.component.ComponentLocator
//Import the libraries

def spacePermissionManager = ComponentLocator.getComponent(SpacePermissionManager)
def spaceManager = ComponentLocator.getComponent(SpaceManager)
//Invoke the Space Manager by telling the Component Locator to retrieve it for us

def sourceSpace = spaceManager.getSpace("<Space Key>")
//Tell the Space Manager which space we're querying
def admins = []
//Define the list of admins as an array

spaceManager.getSpaceAdmins(sourceSpace).each{ permission ->
admins.add(permission.name)
//For each administrator that the Space Manager returns from the target space, add that name to the array

//Do something else with the names
}

return admins
//Print the list of administrators.

 

As you can see, the bulk of the code is just structural, and is similar to other scripts you may have created.  The key is using the Space Manager to fetch the details about the target Space, and then parsing those details for the information you need.

 

 

 

 

The basic management of Confluence Space permissions is quite trivial. However if you spend any time on the internet looking for a solution, you’ll find yourself going in circles, or starting to believe that Space permissions management is only possible via the front-end.

There are essentially two ways in which an Atlassian product may be programmatically managed. It may be done via the REST API, or you may use a plugin such a ScriptRunner that allows you to write Groovy scripts that make use of internal Atlassian classes and methods.

There is currently no obvious or easy way to use the REST API to make permissions changes to a Confluence Space on Confluence Server.   Please note that this is different that permissions management of individual Confluence pages.

Instead what we need to do is look backwards, to the JSON RPC system that Atlassian used to use.

What I like about these RPC calls is that I can call them using CURL, or I can access the library through the ScriptRunner Console.  Here’s the basic code:

 import com.atlassian.confluence.rpc.soap.services.SpacesSoapService
import com.atlassian.sal.api.component.ComponentLocator

def addSpacePermission = ComponentLocator.getComponent(SpacesSoapService)
def String[] permissions = ["EDITSPACE"]
def String remoteEntity = "<UserOrGroup>"
def String spaceKey = "<spaceKey>"

addSpacePermission.addPermissionsToSpace(permissions, remoteEntity,