Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

GitHub API How to check if user has write access to a repository [duplicate]

Tags:

github-api

I currently have a bot which automates a few GitHub operations, like merging pull requests, notifying staff on Slack when a PR is opened, that kind of thing (it's a custom flavored Hubot instance)

When staff give him the command to merge a pull request, he firstly checks to see if they belong to a team which has write access to that repository. It works, but the code isn't great.

First he gets all teams on the organization, loops through them, gets all users assigned to that team, if he finds the user issuing the merge command, he then checks to see if that team has write access. If not does, authentication is good.

Is this the best way to go about it? I feel like it could be much simpler.

like image 629
lukerollans Avatar asked Jan 11 '15 04:01

lukerollans


People also ask

How do I know if I have write access to my GitHub repository?

how can i check write access to a git repository, if i do have a clone of it? A very easy way to check is whether you see an edit 'pencil' icon in the top right of the README.MD on the main Code page of the repo (scroll down to it if there's a long list of top level files/folders).

How can I see who has access to my GitHub repository?

You can see a combined overview of teams and people with access to your repository in your repository settings. For more information, see "Managing teams and people with access to your repository."

Do collaborators have write access GitHub?

Collaborators on a personal repository can pull (read) the contents of the repository and push (write) changes to the repository. Note: In a private repository, repository owners can only grant write access to collaborators. Collaborators can't have read-only access to repositories owned by a personal account.

How do I see collaborations on GitHub?

On GitHub.com, navigate to the main page of the repository. Under your repository name, click Settings. In the "Access" section of the sidebar, click Collaborators & teams.


2 Answers

UPDATE: there is now a GitHub API endpoint for this:

https://docs.github.com/en/rest/reference/collaborators#check-if-a-user-is-a-repository-collaborator


OLD ANSWER: There isn't a much simpler way to do this currently (but I agree that it would be great if there was a more elegant way to get this information). You could perhaps reduce the number of requests by fetching the user's teams and the list of teams which have access to the repository (and not all teams in the organizations). The intersection of these two lists should allow you to answer the question, I think.

(Also, in your solution, note that you not only have to check that the user is a member of a push-access team -- you also need to check that this push-access team has access to the repository in question. The user could have been a member of a push-access team which doesn't have access to the repository in question, and a member of a pull-access team which does have access to the repository in question.)

like image 183
Ivan Zuzak Avatar answered Oct 15 '22 00:10

Ivan Zuzak


My company uses Github enterprise.

This API Docs link helped

GET /repos/:owner/:repo/collaborators/:username

If user has access you would get a response similar to

Status: 204 No Content

X-RateLimit-Limit: 5000

X-RateLimit-Remaining: 4999

like image 21
suryakrupa Avatar answered Oct 14 '22 23:10

suryakrupa