Latest versions of Jira has deprecated the ability for add-ons to show webPanels based on remote conditions, so I’m trying to move the conditional check to Jira project properties, along with related remote project properties.
My web panel is configured to show up in the Jira Project Settings, and I’m trying to set some Jira Project properties from my addon, authenticated with JWT.
I have a local development setup using “atlas-run-standalone”, and an add-on project based on Bitbucket
The local setup works perfectly, but when trying in our cloud test environment I get an 401 error when trying to read or write updates to Jira projects.
Here’s a stripped down version of the code, only trying to read a property:
app.get('/project-admin', addon.authenticate(), function (req, res) {
var httpClient = addon.httpClient(req);
var jiraProjectId = req.query.projectId;
httpClient.get(
{ uri: "/rest/api/2/project/" + jiraProjectId + "/properties/ardoqSettings" }
, function (error, response, body)
{ delete response.body; console.log('Jira response 1', JSON.stringify(response)); }
);
}
The request URI from Jira:
'/project-admin?projectId=10301&tz=Europe%2FBerlin&loc=en-US&user_id=kristian&user_key=kristian&xdm_e=https%3A%2F%2Fardoq-dev.atlassian.net&xdm_c=channel-ardoq-add-on__project-admin-panel&cp=&xdm_deprecated_addon_key_do_not_use=ardoq-add-on&lic=none&cv=1.3.57&jwt=<removed for this post>'
This gives a 401 response. Here is the log output:
Jira response 1 {"statusCode":401,"headers":
{"server":"Atlassian Proxy/0.5.80","atl-vtm-backend-time":"162","content-type":"text/html;charset=ISO-8859-1","strict-transport-security":"max-age=315360000; includeSubDomains; preload","date":"Wed, 07 Jun 2017 09:12:35 GMT","transfer-encoding":"chunked","atl-vtm-time":"251","x-content-type-options":"nosniff","connection":"close","atl-vtm-queue-time":"0"}
,"request":{"uri":
{"protocol":"https:","slashes":true,"auth":null,"host":"ardoq-dev.atlassian.net","port":443,"hostname":"ardoq-dev.atlassian.net","hash":null,"search":null,"query":null,"pathname":"/rest/api/2/project/10301/properties/ardoqSettings","path":"/rest/api/2/project/10301/properties/ardoqSettings","href":"https://ardoq-dev.atlassian.net/rest/api/2/project/10301/properties/ardoqSettings"}
,"method":"GET","headers":
{"Authorization":"JWT <removed for this post>","User-Agent":"atlassian-connect-express/1.0.14"}
}}
I found this documentation: https://developer.atlassian.com/static/connect/docs/latest/scopes/jira-rest-scopes.html
It states that permissions for /rest/api/{version}/project/.+/properties/.+
is N/A for GET, POST and DELETE, and WRITE scope is needed for PUT. This doesn’t seem to correspond to the error I’m experiencing, which returns 401 for both GET and PUT. Is this relevant?
Here’s my atlassian-connect.json:
{
"key": "ardoq-add-on",
"name": "Ardoq",
"version": "2.0.0",
"description": "This add-on let's you integrate Jira with Ardoq.",
"vendor": {
"name": "Ardoq AS",
"url": "http://www.ardoq.com"
},
"baseUrl": "{{localBaseUrl}}",
"links": {
"self": "{{localBaseUrl}}/atlassian-connect.json",
"homepage": "{{localBaseUrl}}/atlassian-connect.json"
},
"authentication": {
"type": "jwt"
},
"scopes": ["read", "write", "delete", "project_admin", "admin"],
"lifecycle": {
"installed": "/installed",
"uninstalled": "/uninstalled"
},
"modules": {
"jiraProjectAdminTabPanels": [
{
"location": "projectgroup4",
"url": "/project-admin?projectId={project.id}",
"weight": 100,
"key": "project-admin-panel",
"name": {
"value": "Ardoq Integration"
}
}
],
"webPanels": [
{
"location": "atl.jira.view.issue.left.context",
"url": "/connect-issue?projectId={project.id}&issueId={issue.id}",
"weight": 500,
"key": "ardoq-link-issue",
"name": {
"value": "Ardoq integration"
},
"conditions": [
{
"condition": "entity_property_equal_to",
"params": {
"entity": "project",
"propertyKey": "ardoqSettings",
"objectName": "isEnabled",
"value": "true"
}
}
]
}
]
}
}