Permissions error while programmatically creating user

Following the recommendations here, How to create user programatically in jira plugin I’ve tried to create a service user on plugin installation, and receive an validation error creating user: You do not have permission to create a user. on the validation call:

        ApplicationUser loggedInUser = authenticationContext.getLoggedInUser();
        UserService.CreateUserRequest createUserRequest = UserService.CreateUserRequest.withUserDetails(loggedInUser, "serviceUser", password, "support@example.com", "Jira Server Plugin");
        UserService.CreateUserValidationResult validationResult = userService.validateCreateUser(createUserRequest);
        Collection<String> errorMessages = validationResult.getErrorCollection().getErrorMessages();
        for (String errorMessage : errorMessages) {
            log.error("validation error creating user: " + errorMessage);
        }

Am I missing a step? Is there some permission that needs to be granted in the plugin descriptor somehow?

Using latest SDK, 8.0.16, developing against the pre-bundled Jira instance, version 7.13.0
.

There’s no way to give P2 plugins permissions or scope. Well, I take that back. Bitbucket’s Java API has a nice method of overriding permissions. Sometimes, you’ll find that if the Service layer includes permission checks with no way to bypass them, then you’ll need to use the appropriate Manager class to subvert the Service’s validations.

In the case of the UserService class, there IS such a bypass. Note the methods:

  • UserService.CreateUserRequest.performPermissionCheck(boolean performPermissionCheck)
  • UserService.CreateUserRequest.shouldPerformPermissionCheck()

Note the description:

Indicate that the permission check should not be performed on the logged in user to determine whether the logged in user has permission to create the new user.

Good luck! :slight_smile: