Youtrack check if user has permissions

Question

I'm trying to create a Youtrack workflow where only a specific role is allowed to edit the Kanban state to ready-to-pull when the current issue is in backlog. I wasn't quite able to get it correctly working, keeps throwing exceptions but I'm unable to read the full exception.

I tried to create the current workflow code:

var entities = require('@jetbrains/youtrack-scripting-api/entities');
var workflow = require('@jetbrains/youtrack-scripting-api/workflow');

exports.rule = entities.Issue.onChange({
    title: workflow.i18n('Block change in Kanban stage for issues that are in backlog'),
    guard: function(ctx) {
    return ctx.issue.isReported && ctx.issue.fields.isChanged(ctx.KanbanState);
  },
  action: function(ctx) {
    var issue = ctx.issue;

    if (!ctx.user.hasRole('project-admin', ctx.project)) {
        workflow.message('U dont have the correct permissions to do this'); 
        ctx.KanbanState = ctx.KanbanState.Blocked;
    }
  },
  requirements: {
    Stage: {
      type: entities.State.fieldType
    },
    KanbanState: {
      name: 'Kanban State',
      type: entities.EnumField.fieldType,
      ReadyToPull: {
        name: 'Ready to pull'
      },
      Blocked: {}
    }
  }
});

Most of this is a copy from the Kanban change workflow that blocks moving the issue to a new stage when the kanban state isn't set to "Ready-to-Pull". I basically want the exact same, but I want to only allow project admins to change the kanban state to "ready-to-pull" when the current stage is "Backlog". The current code only checks the permissions at the moment, but I started getting stuck there already.

Answer 1

To implement this task, I suggest you use the workflow.check method, for example:

    workflow.check(ctx.user.hasRole('project-admin', ctx.project), 'U dont have the correct permissions to do this'); 

I hope this helps.

Answer 2

Seeing as in our current situation we only need to disable a single person to not be able to change the Kanban states when new tickets are set, we have the following solution:

exports.rule = entities.Issue.onChange({
    title: workflow.i18n('Block change in Kanban stage for issues in backlog stage'),
    guard: function(ctx) {
    var issue = ctx.issue;
    return issue.fields.isChanged(ctx.KanbanState);//Runs when Kanban state changes
  },
  action: function(ctx) {
    var issue = ctx.issue;
    //Check if user has changed the kanban state to ready to pull while the current stage is backlog.

    if (issue.fields.Stage.name == 'Backlog') {
      //Current stage is backlog
      if (issue.fields.KanbanState.name === ctx.KanbanState.ReadyToPull.name) {
        //Kanban state was changed to ready to pull;

        var target = '<useremail>';

        workflow.check(ctx.currentUser.email == target,
          workflow.i18n('No permissions to change the Kanban state.'));
        issue.fields.KanbanState = ctx.KanbanState.Blocked;
      }
    }
  },
  requirements: {
    Stage: {
      type: entities.State.fieldType,
      Backlog: {},
      Development: {}
    },
    KanbanState: {
      name: 'Kanban State',
      type: entities.EnumField.fieldType,
      ReadyToPull: {
        name: 'Ready to pull'
      },
      Blocked: {}
    }
  }
});

However I checked the answer of @Oleg Larshun and his answer worked as well. replacing the email section with:

workflow.check(ctx.user.hasRole('project-admin', ctx.project), 'U dont have the correct permissions to do this');