I'm cannot check a user permission from specific Jira Project via REST API

Hi Team,

I am trying to find out if a user has permissions to administer a specific Jira project, but the REST API responds to wrong information or I am not calling it correctly.

With the user I can administer the TEST project:

But if I check the Rest API to ask if user has the ADMINISTER_PROJECTS permission, “havePermission” response value is false:

/rest/api/3/mypermissions?projectKey=TEST&permissions=ADMINISTER_PROJECTS

Response:

{
  "permissions": {
    "ADMINISTER_PROJECTS": {
      "id": "23",
      "key": "ADMINISTER_PROJECTS",
      "name": "Administer Projects",
      "type": "PROJECT",
      "description": "Ability to administer a project in Jira.",
      "havePermission": false
    }
  }
}

That could be happening?

Thanks in advance
Best regards.

@jbolufer

You said you were trying to find the permissions “of a user” but then you used the
/rest/api/3/mypermissions endpoint. That endpoint is for checking your permissions, not another user’s permissions.

If you are saying the you know you have Administer Project permission on the project ‘TEST’ but the REST API is telling you that you don’t have Administer Project permissions, then that is a different topic.

Hi @sunnyape ,

Thanks for the reply.

I want to check the permissions of the logged in user in a specific Jira project. That is why I call /rest/api/3/mypermissions endpoint

If to obtain the permissions of the user logged in for the Jira project I have to call another endpoint, that is what I need to know.

Thanks in advance.
Best regards.

Hi @jbolufer

To get the permissions of other users, you use the Get bulk permissions endpoint.

Hi @sunnyape ,

The same thing happens with endpoint x. I send the following request (The id 10000 is that of the TEST project)

{
 "projectPermissions": [
    {
      "projects": [
        10000
      ],
      "permissions": [
        "ADMINISTER_PROJECTS"
      ]
}
  ]
}

And API responds with an empty list of projects, which means that I do not have admin permissions on the TEST project.

{
  "projectPermissions": [
    {
      "permission": "ADMINISTER_PROJECTS",
      "issues": [],
      "projects": []
    }
  ],
  "globalPermissions": []
}

Best regards.

Hi @jbolufer

You might want to read the documentation for that endpoint again, especially the part that says:

If no account ID is provided, the operation returns details for the logged in user.

Given that you didn’t provide an account ID in your request, the REST API did exactly what you asked it to do, and returned the permissions of the logged in user… which is you.

Hi @jbolufer ,

I think what’s happening here is that your user, although it can see the project settings, is not a member of a project role or group where Administer Projects permission has been granted to (refer to the blue box in the image below). In which case, the REST API is returning the correct response. Also, I notice in your screenshot that your test project is a company-managed project, hence, you need to verify the permission schemes.

To verify that, click on permission helper (the one in the red box), and test your user if it has Administer Projects permission. If indeed you do not have the said permission, you can expand the text in the modal to explain what went wrong.

If my gut feel is correct, you just need to add your user in a project role or group with Administer Project permission, call the API again - either the /mypermissions or the bulk permission - then there should be changes in the response (what you’re expecting).

Cheers,
Ian

Hi @iragudo,

That is what was happening.

My user did not have the Administrators role, but being able to see the configuration of the project had caused me confusion.

Thank you
Best regards

1 Like