Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing permissions attribute on repository collaborators and teams' repositories calls #1319

Closed
ryangribble opened this issue May 24, 2016 · 0 comments
Closed

Missing permissions attribute on repository collaborators and teams' repositories calls #1319

ryangribble opened this issue May 24, 2016 · 0 comments

Comments

@ryangribble
Copy link
Contributor

ryangribble commented May 24, 2016
edited
Loading

I was writing a script to pull some auditing information from our github enterprise server when I stumbled into this one today. We are missing the permissions section of the response on repository collaborators and team repositories, which indicates the admin/push/pull permissions.

Here are the items I found so far that have the permissions attribute. It's also worth noting that this was in API preview mode and required a custom accept header until just recently when the preview period ended. In terms of GitHub Enterprise, on 2.5.x it is still preview, but is no longer preview on 2.6.x. So depending on whether our intention is to only support the latest feature build of GHE or whether we are also trying to support 2.5.x, we might want to specify that accepts header for these calls...

This is also somewhat related to #1101 where a new permission parameter (a single string/permission, rather than the permissions structure mentioned i this issue) can be provided when adding a collaborator to a repo, to denote what level of access they have.

List repository collaborators

{
"login": "octocat",
"id": 1,
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
...
"type": "User",
"site_admin": false,
"permissions": {
"pull": true,
"push": true,
"admin": false
}

I also found other places where this appears such as

List team's repositories

{
"id": 1296269,
"owner": {
"login": "octocat",
"id": 1,
...
"type": "User",
"site_admin": false
},
"name": "Hello-World",
"full_name": "octocat/Hello-World",
...
"pushed_at": "2011-01-26T19:06:43Z",
"created_at": "2011-01-26T19:01:12Z",
"updated_at": "2011-01-26T19:14:43Z",
"permissions": {
"admin": false,
"push": false,
"pull": true
}

Also there is a custom accept header version of the Check teams access to repository which can return the full repository information (including the permissions attributes) rather than just the 204/404 response indicating true/false. Potentially we could implement this alongside the Task<bool> IsRepositoryManagedByTeam() call, to be a similar call but returning a Task<Repository> object
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ryangribble