为了进行故障排除或某些管理任务,我们可能想知道给定用户拥有的所有权限。
Jira 通过其 UI 提供权限助手和类似工具,但对于所有权限的列表,我们只能通过作为用户本身进行身份验证的 REST API 请求或通过数据库来获取它。
此处提供的两个解决方案都包含嵌套组(假设在实例中配置了支持嵌套组)
当前用户本身,或者通过 Switch User 类似功能,模拟用户。然后在浏览器中打开此 URL
https://Jira-base-URL/rest/api/2/mypermissions
POSTGRES、MYSQL 和 MSSQL
WITH RECURSIVE nested AS
(
select m.* from cwd_membership m where m.membership_type = 'GROUP_USER'
and m.lower_child_name = 'charlie'
UNION ALL
select m.* from cwd_membership m
join nested on m.lower_child_name = nested.lower_parent_name
where m.membership_type = 'GROUP_GROUP'
),
uperm AS
(
select distinct 'User' as "Type", sp.permission_key as "Permission", p.pkey as "Project Key", u.lower_user_name as "Source"
from nested n
join cwd_user u on u.lower_user_name = n.lower_child_name
join app_user a on a.lower_user_name = u.lower_user_name
join schemepermissions sp on sp.perm_type = 'user' and sp.perm_parameter = a.user_key
join permissionscheme s on s.id = sp.scheme
join nodeassociation na on na.sink_node_id = s.id and na.sink_node_entity = 'PermissionScheme'
join project p on p.id = na.source_node_id
where n.membership_type = 'GROUP_USER'
),
gperm AS
(
select distinct 'Group' as "Type", sp.permission_key as "Permission", p.pkey as "Project Key", sp.perm_parameter as "Source"
from nested n
join schemepermissions sp on sp.perm_type = 'group' and sp.perm_parameter = n.lower_parent_name
join permissionscheme s