I currently have a bot which automates a few GitHub operations, like merging pull requests, notifying staff on Slack when a PR is opened, that kind of thing (it's a custom flavored Hubot instance)
When staff give him the command to merge a pull request, he firstly checks to see if they belong to a team which has write access to that repository. It works, but the code isn't great.
First he gets all teams on the organization, loops through them, gets all users assigned to that team, if he finds the user issuing the merge command, he then checks to see if that team has write access. If not does, authentication is good.
Is this the best way to go about it? I feel like it could be much simpler.
how can i check write access to a git repository, if i do have a clone of it? A very easy way to check is whether you see an edit 'pencil' icon in the top right of the README.MD on the main Code page of the repo (scroll down to it if there's a long list of top level files/folders).
You can see a combined overview of teams and people with access to your repository in your repository settings. For more information, see "Managing teams and people with access to your repository."
Collaborators on a personal repository can pull (read) the contents of the repository and push (write) changes to the repository. Note: In a private repository, repository owners can only grant write access to collaborators. Collaborators can't have read-only access to repositories owned by a personal account.
On GitHub.com, navigate to the main page of the repository. Under your repository name, click Settings. In the "Access" section of the sidebar, click Collaborators & teams.
UPDATE: there is now a GitHub API endpoint for this:
https://docs.github.com/en/rest/reference/collaborators#check-if-a-user-is-a-repository-collaborator
OLD ANSWER: There isn't a much simpler way to do this currently (but I agree that it would be great if there was a more elegant way to get this information). You could perhaps reduce the number of requests by fetching the user's teams and the list of teams which have access to the repository (and not all teams in the organizations). The intersection of these two lists should allow you to answer the question, I think.
(Also, in your solution, note that you not only have to check that the user is a member of a push-access team -- you also need to check that this push-access team has access to the repository in question. The user could have been a member of a push-access team which doesn't have access to the repository in question, and a member of a pull-access team which does have access to the repository in question.)
My company uses Github enterprise.
This API Docs link helped
GET /repos/:owner/:repo/collaborators/:username
If user has access you would get a response similar to
Status: 204 No Content
X-RateLimit-Limit: 5000
X-RateLimit-Remaining: 4999
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With