Forge displayConditions with globalPermission condition

Hi all,

We are making an Jira application in which we have created some global permissions and we want our home page to be shown only to the users that are within this permission.

The code we currently have is:

modules:
  jira:globalPage:
    - key: home-page
      resource: home-src
      layout: blank
      resolve:
        endpoint: config-remote-endpoint
      title: home
      icon: resource:icons;logo.png
      displayConditions:
        hasGlobalPermission: home-global-permission
  jira:globalPermission:
    - key: home-global-permission
      name: Access to Home app
      description: Home app.
      anonymousAllowed: false
      defaultGrants:
        - all

We understand that this hasGlobalPermission does not exist because when doing the forge deploy it tells us that it is not allowed. How could we restrict the access to the page from the manifest?

Thanks,
David

You can use REST API in forge app to check if the user has global permission. Refer /rest/api/3/permissions

  • Use @forge/api module to interact with Jira’s REST API to check if the user has the necessary global permission.
  • Only render the home page if the permission check passes.

We are already getting the permission on the screen, but we would like the option not to appear in the apps menu if the user does not have the permission.

It appears that this is not currently possible. One workaround is to perform a permission check on the app’s page itself. If the current user does not have the required global permissions, you can display a meaningful message. While this approach won’t hide the link to the app entirely, it allows you to communicate with the user and explain that the functionality exists but is unavailable to them due to insufficient permissions. You could include a message like “Contact your Jira administrators for more details.”

Thank you, Andrei, for the suggestion.

We already have the permission check implemented on the page, and we display a message to users who don’t have access. However, we’re getting feedback from users asking us to hide the apps they don’t have permission to access from the menu entirely. It’s a bit frustrating that this isn’t possible at the moment, but we’ll continue exploring other ways to enhance the user experience.

Thanks again for your input!

Best,
David

1 Like