From b360dcc5806ae79d753ce05110b436afe8f1e942 Mon Sep 17 00:00:00 2001 From: Julen <12843626+julenpardo@users.noreply.github.com> Date: Tue, 18 May 2021 13:12:00 +0200 Subject: [PATCH] Make user search GDPR compliant (#927) * Make user search GDPR compliant The `username` field is deprecated and Jira is gradually removing it from the cloud instances. This is the second time such changes break our integrations; until now, our workaround consisted of first searching for the user based on the email, and then use the account id from the response for the other requests. But now we cannot search anymore for users based on the email, and we need to use the `query` field. Even if we just pass the same exact value we passed to `username`. I can imagine there're several places in the code that would require of being changed for being completely GDPR compliant, but I have no time at the moment to fix all of them :( Thanks for your work! * Remove redundant check The payload object was already initialized with the `username` value, so there's no need to check whether is specified or not. * Init payload iwth both username and query `query` is a different parameter from `username` so it shouldn't replace it actually. Tested with v3 API and it's working. * Update docblock regarding Jira cloud parameters Co-authored-by: adehad <26027314+adehad@users.noreply.github.com> * Fix optional `user` param * Update docblock Co-authored-by: adehad <26027314+adehad@users.noreply.github.com> * Update docblock Co-authored-by: adehad <26027314+adehad@users.noreply.github.com> * Update docblock Co-authored-by: adehad <26027314+adehad@users.noreply.github.com> Co-authored-by: adehad <26027314+adehad@users.noreply.github.com> --- jira/client.py | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/jira/client.py b/jira/client.py index 6580d4685..fd5b5a592 100644 --- a/jira/client.py +++ b/jira/client.py @@ -2959,30 +2959,39 @@ def delete_user_avatar(self, username: str, avatar: str): def search_users( self, - user: str, + user: Optional[str] = None, startAt: int = 0, maxResults: int = 50, includeActive: bool = True, includeInactive: bool = False, + query: Optional[str] = None, ) -> ResultList[User]: """Get a list of user Resources that match the specified search string. + "username" query parameter is deprecated in Jira Cloud; the expected parameter now is "query", which can just be the full + email again. But the "user" parameter is kept for backwards compatibility, i.e. Jira Server/Data Center. Args: - user (str): a string to match usernames, name or email against. + user (Optional[str]): a string to match usernames, name or email against. startAt (int): index of the first user to return. maxResults (int): maximum number of users to return. If maxResults evaluates as False, it will try to get all items in batches. includeActive (bool): If true, then active users are included in the results. (Default: True) includeInactive (bool): If true, then inactive users are included in the results. (Default: False) + query (Optional[str]): Search term. It can just be the email. Returns: ResultList[User] """ + if not user and not query: + raise ValueError("Either 'user' or 'query' arguments must be specified.") + params = { "username": user, + "query": query, "includeActive": includeActive, "includeInactive": includeInactive, } + return self._fetch_pages(User, None, "user/search", startAt, maxResults, params) def search_allowed_users_for_issue(