Hi, I’m developing a plugin with atlassian forge.
I call the jira cloud rest api to retrive an user property ( which I have set with rest api)
It works fine if I use api.asUser() with an user which is site-admin but it don’t work with basic users (it’s a permission problem).
I used this scopes in my app
- read:jira-user
- read:jira-work
- write:jira-work
- manage:jira-configuration
I tried to set the scope manage:jira-configuration and use api.asApp() but don’t works.
How I can make a call to get the user property when the app is used by a basic user?
Thank you very much
Hi @FedericoSpagocci ,
Can you explain the conditions under which the API call is being made. For example, is it in response to a user interaction in a custom UI or UI kit user experience?
Regards,
Dugald
Hi @dmorrow, thank you for your reply.
The app is developed with with Atlassian Forge UI Kit and for the call I use @Forge/api.
I call the get user properties jira cloud api and show it in a jira issue panel
It works fine with user which is site-admin/org admin but with basic user get forbidden 403
https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-user-properties/#api-rest-api-3-user-properties-propertykey-get
Hi @FedericoSpagocci ,
When user first visited the app, they should have been presented with a button prompting the user to grant the app permission for the scopes it requests. Prior to this, I believe you need to visit the app in the developer console (Log in with Atlassian account) and transition its distribution status to Sharing by completing some details. Here’s a couple of code snippets for an app that I created today to investigate this issue and it works for a regular user (who is not the author of the app):
modules:
jira:issuePanel:
- key: forge-get-user-properties-hello-world-panel
function: main
title: forge-get-user-properties
icon: https://developer.atlassian.com/platform/forge/images/icons/issue-panel-icon.svg
function:
- key: main
handler: index.run
permissions:
scopes:
- 'read:jira-user'
app:
id: ari:cloud:ecosystem::app/xxx
import ForgeUI, { render, Fragment, Text, IssuePanel, useAction } from '@forge/ui';
import api, { route } from '@forge/api';
const App = () => {
const getData = async () => {
const data = await api.asUser().requestJira(route`/rest/api/3/user/properties/navigation_next_ui_state?accountId=xxx`);
return await data.json();
}
const [data] = useAction(value => value, async () => await getData());
const message = data ? JSON.stringify(data, null, 2) : 'NOT FOUND';
return (
<Fragment>
<Text>{message}</Text>
</Fragment>
);
};
export const run = render(
<IssuePanel>
<App />
</IssuePanel>
);
Regards,
Dugald
1 Like
Hi @dmorrow, thank you very much for your reply.
Sorry for the delay of the reply but I’m very busy at work.
When user first visited the app, they should have been presented with a button prompting the user to grant the app permission for the scopes it requests. Prior to this, I believe you need to visit the app in the developer console (Developer console) and transition its distribution status to Sharing by completing some details
Yes i have already done that
I have make some test also with your code and I found the same issue.
If I read the property of a different user with a site admin account the code works example: federico (site admin) read frederik property
if I read the property of the same user logged it works frederik(basic user) read Frederik property
But If drake (basic user) read frederik/federico property it don’t work.
(you need to log directly in jira with different users account if you do log as user option in jira the code work)
I tried to use asAPP() instead of asUser() but nothing change
Thank you for your support