All the USER-related data are intended to work mainly with the current user.

USERS

USERS
Column	USERNAME	FULLNAME	EMAIL	KEY
Type	VARCHAR	VARCHAR	VARCHAR	VARCHAR
Indexed	x			x

Only users with USER_PICKER permission can search for other users. The rest can only search by themselves.

The USERS table is intended to get the user's data (full name and email) and search for the username by key,

This allows trusted users to use the full name and the email in reports for the current user running the query.

There are some auxiliary useful functions to work with usernames: See the User functions documentation to get the currentUser and to replace the user key by the username.

And other related tables to deal with the current user's permissions and groups. In this way, it is possible to check if the current user belongs to a group or has permission (global, project or issue scope) and remove the records that do not match:

USERGOUPS

USERGROUPS
Column	GROUPNAME
Type	VARCHAR
Indexed	x

It allows checking if the current user belongs to a group. Otherwise, it returns nothing to drop the record from the query.

(Note: You might want to read the ADMIN.GROUPUSERS table to write queries based on other users belonging to a particular group).

USERGLOBALPERMISSIONS

USERGLOBALPERMISSIONS
Column	PERMISSONKEY
Type	VARCHAR
Indexed	x

It allows checking if the current user has a specific global permission,

USERPROJECTPERMISSIONS

USERPROJECTPERMISSIONS
Column	PERMISSIONKEY	PROJECTID
Type	VARCHAR	BIGINT
Indexed	x	x

It allows checking if the current user has a specific permission on a project.

USERISSUEPERMISSIONS

USERISSUEPERMISSIONS
Column	PERMISSIONKEY	ISSUEID
Type	VARCHAR	BIGINT
Indexed	x

ADMIN.GLOBALPERMISSIONS

ADMIN.GLOBALPERMISSIONS
Column	KEY	NAME	DESCRIPTION
Type	VARCHAR	VARCHAR	VARCHAR
Indexed	x

This is a helpful table for administrators to explore all the global permissions from the console.

ADMIN.GROUPS

ADMIN.GROUPS
Column	NAME
Type	VARCHAR
Indexed	x

It allows administrators to explore all the groups defined in Jira from the console

ADMIN.GROUPUSERS

ADMIN.GROUPUSERS
Column	USERNAME	GROUPNAME
Type	VARCHAR	VARCHAR
Indexed	x	x

It allows administrators to search for the groups where a user belong to and all the users in a group

Examples

Think about a query that must be executed by a specific group of users. You might want to create a special group named :"my-group"

Example permissions

SELECT
    JQL.ISSUEID
FROM
  USERGOUPS g
JOIN
  JQL
WHERE
  g.GROUPNAME = 'my-group'
AND
  QUERY = '<some JQL here>'

The USERGOUPS table will return one record only if the current user belongs to 'my-group'. Otherwise, no record will be returned. This allows controlling the execution flow of the query. If the user does not belong to the group, the next tables will not be invoking and the query will not return any record.

Similarly, it is possible to check if the current user has specific global permission or for a given project or issue and then "abort" the query by avoiding the execution of the next joined tables.

Browser not supported