Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Determine a collaborator's permissions (to an organization repos) via the api?

Tags:

github

api

In a repos that belongs to an organization (as opposed to an individual), collaborators are members of "teams", and teams can have three different kinds of permissions:

  • Pull Only
  • Push & Pull
  • Push, Pull, & Administrative

I can see a list of collaborators on a repos like this:

GET /repos/:owner/:repo/collaborators

...but it does not tell me what type of permissions a collaborator has.

In this particular case, I am one of the collaborators; I do not own the repository.

Is there a way to programmatically determine the type of collaborator permission I have?

like image 276
Dan Tenenbaum Avatar asked Dec 22 '13 19:12

Dan Tenenbaum

2 Answers

If you want to check whether you have push access to a GitHub repo, you can use the repo endpoint:

GET /repos/:owner/:repo

If your request includes your authorization information (either including your account credentials or an OAuth access token), the permissions field will give you the information you're looking for:

{ 'admin': False, 'push': False, 'pull': True }

like image 139
jm.carp Avatar answered Oct 23 '22 11:10

jm.carp

Update June 2017: You now have nested teams.
However, the orgs/teams API mentions:

The REST API v3 does not yet fully support nested teams.
For example, the endpoints for List team members and List team repositories do not return results inherited from a nested team's structure.

Warning: since January 2020, The Team APIs will be moving from a top-level path under /teams/:team_id to a scoped path under the organization that owns the team with a path like /organizations/:org_id/team/:team_id.
See "Moving the teams API" by Dirkjan Bussink

Original answer 2016

The one query which should include your permission is mentioned in "List User Teams"

GET /user/teams

List all of the teams across all of the organizations to which the authenticated user belongs. This method requires user or repo scope when authenticating via OAuth.

The answer looks like:

Status: 200 OK
X-RateLimit-Limit: 5000
X-RateLimit-Remaining: 4999

[
  {
    "url": "https://api.github.com/teams/1",
    "name": "Owners",
    "id": 1,
    "permission": "admin",                     <============
    "members_count": 3,
    "repos_count": 10,
    "organization": {
      "login": "github",
      "id": 1,
      "url": "https://api.github.com/orgs/github",
      "avatar_url": "https://github.com/images/error/octocat_happy.gif"
    }
  }
]

You need to filter that result in order to match the team with the right repo, and you should get back the permission level associated to that repo that way.

like image 31
VonC Avatar answered Oct 23 '22 10:10

VonC
Sign in to Comment

Related questions

Get personal credit report data via online api [closed]
What is the best api/library for Java to use Cassandra? [closed]
Google Maps and DART
How to implement authentication for REST API?
A Sequelize column that cannot be updated
API vs Toolkit vs Framework vs Library
gdata-python-api + Analytics with simple auth
REST API with multiple commands per resource
Google similar image search API
mobile safari image upload & their sizes
How I can deactivate the SSL verification?
API & Service for City name, Country lookups [closed]
Telegram API vs Bot API [closed]
Laravel : How to send image or file to API
How to get a primary or a list of languages from github's URL using github API?
Rails 5.1+ Vuejs Webpacker: Normal Rails MVC vs Rails API
PancakeSwap API / Swaping BNB with Binance Smart Chain's API
Magento API: Assigning preexisting simple products to configurable products
Consuming RESTful APIs using Java
Querying API through Curl/PHP

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!