Se kilde

This sample disables a user - by setting the JIRA Context to a user with higher Level:

Also look at https://docs.atlassian.com/software/jira/docs/api/7.6.1/com/atlassian/jira/bc/JiraServiceContext.html

This is a potential thread, as its possible for anyone who can create and execure groovy scripts to elevate rights, just by knowing an admin username

import com.atlassian.crowd.embedded.api.User
import com.atlassian.crowd.embedded.impl.ImmutableUser
import com.atlassian.jira.bc.user.UserService
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.user.util.UserManager
import com.onresolve.scriptrunner.runner.util.UserMessageUtil
import com.atlassian.crowd.embedded.api.UserWithAttributes
import com.atlassian.crowd.embedded.api.CrowdService
import com.atlassian.jira.user.ApplicationUsers

CrowdService crowdService = ComponentAccessor.crowdService
UserManager userManager = ComponentAccessor.getUserManager()
UserService userService = ComponentAccessor.getComponent(UserService.class)

String adminUsername = "automation"

def jiraAuthenticationContext = ComponentAccessor.jiraAuthenticationContext
def adminUser = ComponentAccessor.userManager.getUserByKey(adminUsername)
def originalUser = jiraAuthenticationContext.loggedInUser
try {
  //Swicth User
   jiraAuthenticationContext.setLoggedInUser(adminUser)
}
finally {
// jiraAuthenticationContext.setLoggedInUser(originalUser)
}

if (jiraAuthenticationContext.getLoggedInUser() == ComponentAccessor.userManager.getUserByKey(adminUsername))
{
  //Rigts has been elevated, we can do the following code:
  UserService.UpdateUserValidationResult updateUserValidationResult
  UserWithAttributes user = crowdService.getUserWithAttributes(issue.getReporter().getName())
  updateUser = ApplicationUsers.from(ImmutableUser.newUser(user).active(false).toUser())
  updateUserValidationResult = userService.validateUpdateUser(updateUser)
  if (updateUserValidationResult.isValid())
  {
     userService.updateUser(updateUserValidationResult)
     UserMessageUtil.success("The Reporter has been disabled in the User Database")
  }
  else
  {
     UserMessageUtil.error("The Reporter could not be disabled in the User Database")
  }
}
else
{
  //Elevation of Rights failed
  UserMessageUtil.error("Elevation of rights failed. Contact Administrator")
}