CMJ Integrity Check reports errors in a filter, but it's not accessible to the CMJ user

Symptoms:

A filter is reported to have integrity violations. For the solution presented, I cannot modify the filter to clear the error as it's private.

Cause:

The CMJ user does not have share permissions to access this filter.

Resolution 1:

Use the following Groovy script to make only a filter with specified ID on the system be accessible to the "jira-administrators" group:

Make filter accessible to admin

import com.atlassian.crowd.embedded.api.User
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.issue.search.SearchRequest
import com.atlassian.jira.issue.search.SearchRequestEntity
import com.atlassian.jira.issue.search.SearchRequestManager
import com.atlassian.jira.sharing.SharePermission
import com.atlassian.jira.sharing.SharePermissionImpl
import com.atlassian.jira.sharing.SharedEntity.SharePermissions
import com.atlassian.jira.sharing.type.ShareType.Name
import com.atlassian.jira.util.Visitor

// This function will share the filter with ID "filterId" with the group "jira-administrators"
def makeFilterAccessibleToAdmins(long filterId) {
    ApplicationUser user = ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser();
	SearchRequestManager srm = ComponentAccessor.getComponent(SearchRequestManager.class);
	
	SearchRequest sr = srm.getSearchRequestById(filterId);
    Set<SharePermission> permissionsSet = new HashSet<SharePermission>(
        sr.getPermissions().getPermissionSet()
    );
    permissionsSet.add(new SharePermissionImpl(null, Name.GROUP, "jira-administrators", null));
    sr.setPermissions(new SharePermissions(permissionsSet));
    
    srm.update(sr);
}

// Pass the ID of the filter you want to update
makeFilterAccessibleToAdmins(FILTERIDHERE);

Resolution 2:

You can use this groovy script to make all filters global.

NB! makeAllFiltersGlobal returns the ids of all changed filters. This list can be used to revert the changes, so save it!

Make all filters global

import com.atlassian.crowd.embedded.api.User
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.issue.search.SearchRequest
import com.atlassian.jira.issue.search.SearchRequestEntity
import com.atlassian.jira.issue.search.SearchRequestManager
import com.atlassian.jira.sharing.SharePermission
import com.atlassian.jira.sharing.SharePermissionImpl
import com.atlassian.jira.sharing.SharedEntity.SharePermissions
import com.atlassian.jira.sharing.type.ShareType.Name
import com.atlassian.jira.util.Visitor

def makeAllFiltersGlobal() {
    def changedFilters = [];
    
    ApplicationUser user = ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser();
	SearchRequestManager srm = ComponentAccessor.getComponent(SearchRequestManager.class);
    
    srm.visitAll(new Visitor<SearchRequestEntity>() {
        
        void visit(SearchRequestEntity e) {            
            SearchRequest sr = srm.getSearchRequestById(e.id)
            Set<SharePermission> permissionsSet = new HashSet<SharePermission>(
                sr.getPermissions().getPermissionSet()
            );
            
            // check if the filter is already global
            if (!permissionsSet.any { it.getType() == Name.GLOBAL } ) {
            	changedFilters.add(e.getId());
            
            	permissionsSet.add(new SharePermissionImpl(Name.GLOBAL, null, null));
            	sr.setPermissions(new SharePermissions(permissionsSet));
            	
                srm.update(sr);
            }
        }
    });
    
    return changedFilters;
}


makeAllFiltersGlobal();

You can revert the changes and remove the global permissions with this script.

Remove global share permission from filters

import com.atlassian.crowd.embedded.api.User
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.issue.search.SearchRequest
import com.atlassian.jira.issue.search.SearchRequestEntity
import com.atlassian.jira.issue.search.SearchRequestManager
import com.atlassian.jira.sharing.SharePermission
import com.atlassian.jira.sharing.SharePermissionImpl
import com.atlassian.jira.sharing.SharedEntity.SharePermissions
import com.atlassian.jira.sharing.type.ShareType.Name
import com.atlassian.jira.util.Visitor

// Remove the global share permission from a filter.
def removeGlobalSharePermission(long filterId) {
    ApplicationUser user = ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser();
	SearchRequestManager srm = ComponentAccessor.getComponent(SearchRequestManager.class);
	
	SearchRequest sr = srm.getSearchRequestById(filterId);
    Set<SharePermission> permissionsSet = new HashSet<SharePermission>(
        sr.getPermissions().getPermissionSet()
    );
    
    permissionsSet.removeAll { it.getType() == Name.GLOBAL };
    sr.setPermissions(new SharePermissions(permissionsSet));
    
    srm.update(sr);
}

// Remove the global share permission from a list of filters.
def removeGlobalSharePermission(List ids) {
    for (id in ids) {
        removeGlobalSharePermission((long)id);
    }
}

// List filter ids
def ids = [10000, 10001, 10002];

removeGlobalSharePermission(ids);

[data-colorid=ubqhrdw5e6]{color:#212121} html[data-color-mode=dark] [data-colorid=ubqhrdw5e6]{color:#dedede}Symptoms:

Cause:

Resolution 1:

Resolution 2:

Symptoms: