JIRAÂ is one of the best, if not the best, task management systems on the market. Besides JIRA’s powerful out-of-the-box features, the whole product has rich add-on (plugin) mechanism that can help you customize many JIRA aspects.
JIRA exposes REST API as well that allows building rich ecosystems that support automation of many tasks, creatingÂ IssuesÂ for example. Sometimes in the systems that act on behalf of many users there is a need toÂ impersonateÂ the user. In other words, third party system will authenticate and access JIRA REST API throughÂ service user account, but each Issue that will be created shall have an arbitraryÂ reporterÂ that matches some other JIRA user.
The impersonation can be achieved by writing JIRA plugin for that. There are already ready-to-use plugins for that purpose on the Atlassian Market. The purpose of this article is to demonstrate the power of the JIRA plugin mechanism and how easy we can build the aforementioned impersonation functionality.
Atlassian has an excellent documentation and â€śHello Worldâ€ť tutorial that demonstrates how to install Atlassian SDK and build a simple plugin:
In this article I will assume that youâ€™ve already downloaded the Atlassian SDK.
So letâ€™s begin.
The first step is creating the plugin project by executing the following command:
Iâ€™ve answered the wizardâ€™s questions as:
The wizard creates the plugin project in the directory named after your artifact id:Â impersonation.
Navigate to theÂ impersonationÂ folder and open the Mavenâ€™sÂ pom.xml. Change the organizationâ€™s name and URL. Add a meaningful description. For example:
Execute the module creation command in the plugin root folder:
Choose the optionÂ 20Â (Servlet Filter).
The wizard asks some questions. Iâ€™ve entered the following values:
The wizard will modify the fileÂ atlassian-plugin.xmlÂ file in the folderÂ src/main/resources. Open that file and change theÂ url-patternÂ in the servlet filter in order to match the REST API endpoint:
The plugin is almost done :-).
Open the classÂ ImpersonationServletFilterÂ and implement the filter as:
In the pluginâ€™s root folder run the following command that will build the plugin and start the development of JIRA instance with the plugin installed:
Once the JIRA server is up and running, navigate your browser to the following URL:
Login with the following credentials: Username=’admin’, Password=’admin’
This is your first login, so choose the Language and the optional Avatar. After that, press the buttonÂ Create new Project. Choose theÂ Project managementÂ type. Enter the name of the project:Â Test. Select the cog (top right settings icon) and selectÂ User ManagementÂ after that.
Create 2 new users by pressing the buttonÂ Create User. Iâ€™ve picked the following usernames:Â aliceÂ andÂ bob.
Ok, letâ€™s test the functionality!
In an arbitrary folder of your choice create the following JSON payload file that contains the Issue.
In the same folder execute the following command first:
The first issue is created.
After that execute the following commands that insert the HTTP headerÂ iw-impersonateÂ that contains the name of the user to be impersonated:
Note in the JIRA dashboard that the issueÂ reporterÂ is no moreÂ admin, but ratherÂ AliceÂ andÂ Bob.
The plugin enforces that the authenticated user must be JIRA Administrator. Otherwise, the impersonation isÂ skipped.
You can adjust the plugin code in order to meet your needs regarding the permission logic, but in essence that will be a trivial task. The main goal has been achieved, third-party systems can integrate with JIRA and act on behalf of existing JIRA users.