SHARE
TWEET

Untitled

a guest Aug 19th, 2019 64 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. import com.atlassian.jira.bc.JiraServiceContextImpl
  2. import com.atlassian.jira.bc.filter.SearchRequestService
  3. import com.atlassian.jira.bc.portal.PortalPageService
  4. import com.atlassian.jira.component.ComponentAccessor
  5. import com.atlassian.jira.permission.GlobalPermissionKey
  6. import com.atlassian.jira.permission.GlobalPermissionType
  7. import com.atlassian.jira.portal.PortalPage
  8. import com.atlassian.jira.sharing.SharePermissionImpl
  9. import com.atlassian.jira.sharing.SharedEntity
  10. import com.atlassian.jira.sharing.search.SharedEntitySearchParametersBuilder
  11. import com.atlassian.jira.sharing.type.ShareType
  12. import com.atlassian.sal.api.ApplicationProperties
  13. import com.atlassian.sal.api.UrlMode
  14. import com.onresolve.scriptrunner.runner.ScriptRunnerImpl
  15. import groovy.xml.MarkupBuilder
  16.  
  17. /**
  18.  * Run this with FIX_MODE = false to report on any problems.
  19.  * To rectify all the issues change to: FIX_MODE = true.
  20.  */
  21. final FIX_MODE = false
  22.  
  23. def searchRequestService = ComponentAccessor.getComponent(SearchRequestService)
  24. def currentUser = ComponentAccessor.jiraAuthenticationContext.loggedInUser
  25. def applicationProperties = ScriptRunnerImpl.getOsgiService(ApplicationProperties)
  26. def portalPageService = ComponentAccessor.getComponent(PortalPageService)
  27. def globalPermissionManager = ComponentAccessor.globalPermissionManager
  28.  
  29. def contextPath = applicationProperties.getBaseUrl(UrlMode.RELATIVE)
  30.  
  31. def writer = new StringWriter()
  32. def markup = new MarkupBuilder(writer)
  33.  
  34. def serviceContext = new JiraServiceContextImpl(currentUser)
  35. def publicSharePerm = new SharePermissionImpl(null, ShareType.Name.GLOBAL, null, null)
  36. def searchParameters = new SharedEntitySearchParametersBuilder().setSharePermission(publicSharePerm).toSearchParameters()
  37.  
  38. searchRequestService.validateForSearch(serviceContext, searchParameters)
  39. assert !serviceContext.errorCollection.hasAnyErrors()
  40.  
  41. def result = searchRequestService.search(serviceContext, searchParameters, 0, Integer.MAX_VALUE)
  42. final authenticatedUserSharePerms = new SharedEntity.SharePermissions([
  43.     new SharePermissionImpl(null, ShareType.Name.AUTHENTICATED, null, null)
  44. ] as Set)
  45.  
  46. markup.h3('Filters')
  47.  
  48. if (!result.results) {
  49.     markup.p('No publicly accessible filters found')
  50. }
  51. result.results.each { filter ->
  52.     if (FIX_MODE) {
  53.         filter.setPermissions(authenticatedUserSharePerms)
  54.  
  55.         def filterUpdateContext = new JiraServiceContextImpl(filter.owner)
  56.         searchRequestService.updateFilter(filterUpdateContext, filter)
  57.         if (filterUpdateContext.errorCollection.hasAnyErrors()) {
  58.             log.warn("Error updating filter - possibly owner has been deleted. Just delete the filter. " + filterUpdateContext.errorCollection)
  59.         }
  60.     }
  61.     markup.p {
  62.         a(href: "$contextPath/issues/?filter=${filter.id}", target: '_blank', filter.name)
  63.         i(' publicly accessible. ' + (FIX_MODE ? ' Fixed.' : ''))
  64.     }
  65. }
  66.  
  67. def dashResults = portalPageService.search(serviceContext, searchParameters, 0, Integer.MAX_VALUE).results.findAll {
  68.     !it.systemDefaultPortalPage
  69. }
  70.  
  71. markup.h3('Dashboards')
  72.  
  73. if (!dashResults) {
  74.     markup.p('No publicly accessible dashboards found')
  75. }
  76. dashResults.each { dashboard ->
  77.     if (dashboard.isSystemDefaultPortalPage()) {
  78.         // can't edit the system default dashboard
  79.         return
  80.     }
  81.     if (FIX_MODE) {
  82.         def updatedDashboard = new PortalPage.Builder().portalPage(dashboard).permissions(authenticatedUserSharePerms).build()
  83.         portalPageService.updatePortalPageUnconditionally(serviceContext, currentUser, updatedDashboard)
  84.     }
  85.     markup.p {
  86.         a(href: "$contextPath/secure/Dashboard.jspa?selectPageId=${dashboard.id}", target: '_blank', dashboard.name)
  87.         i(' publicly accessible. ' + (FIX_MODE ? ' Fixed.' : ''))
  88.     }
  89. }
  90.  
  91. final GlobalPermissionType GPT_BROWSE_USERS = new GlobalPermissionType(GlobalPermissionKey.USER_PICKER.key, null, null, false);
  92.  
  93. markup.h3('Global Permissions')
  94. if (globalPermissionManager.hasPermission(GlobalPermissionKey.USER_PICKER, null)) {
  95.     if (FIX_MODE) {
  96.         globalPermissionManager.removePermission(GPT_BROWSE_USERS, null)
  97.     }
  98.     markup.p {
  99.         b('Browse Users')
  100.         i(' is publicly accessible. ' + (FIX_MODE ? ' : Fixed' : ''))
  101.     }
  102. } else {
  103.     markup.p('No problems with global permissions found')
  104. }
  105.  
  106. writer.toString()
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top