通过 api 确定协作者的权限(对组织存储库)? [英] Determine a collaborator's permissions (to an organization repos) via the api?
问题描述
在属于组织(而不是个人)的存储库中,协作者是团队"的成员,团队可以拥有三种不同的权限:
- 只拉
- 推送&拉
- 推,拉,&行政
我可以在这样的存储库中看到合作者列表:
GET/repos/:owner/:repo/collaborators
...但它没有告诉我协作者拥有什么类型的权限.
在这种特殊情况下,我是合作者之一;我不拥有存储库.
有没有办法以编程方式确定我拥有的协作者权限类型?
2017 年 6 月更新:您现在拥有 嵌套团队.
但是,orgs/teams
API 提及:
REST API v3 尚不完全支持嵌套团队.
例如,List team members 和 列出团队存储库 不返回从嵌套团队继承的结果结构.
警告:自 2020 年 1 月起,团队 API 将从 /teams/:team_id
下的顶级路径移动到拥有团队的组织下的范围路径,路径类似于 <代码>/organizations/:org_id/team/:team_id.
请参阅移动团队 API",作者 Dirkjan Bussink
原始答案 2016
GET/user/teams
<块引用>
列出经过身份验证的用户所属的所有组织中的所有团队.当通过 OAuth.
答案看起来像:
状态:200 OKX-RateLimit-Limit: 5000X-RateLimit-Remaining:4999[{"url": "https://api.github.com/teams/1","name": "业主",身份证":1,"权限": "管理员", <============"members_count": 3,repos_count":10,组织": {"登录": "github",身份证":1,"url": "https://api.github.com/orgs/github","avatar_url": "https://github.com/images/error/octocat_happy.gif"}}]
您需要过滤该结果以匹配团队使用正确的存储库,您应该以这种方式取回与该存储库关联的权限级别.
In a repos that belongs to an organization (as opposed to an individual), collaborators are members of "teams", and teams can have three different kinds of permissions:
- Pull Only
- Push & Pull
- Push, Pull, & Administrative
I can see a list of collaborators on a repos like this:
GET /repos/:owner/:repo/collaborators
...but it does not tell me what type of permissions a collaborator has.
In this particular case, I am one of the collaborators; I do not own the repository.
Is there a way to programmatically determine the type of collaborator permission I have?
Update June 2017: You now have nested teams.
However, the orgs/teams
API mentions:
The REST API v3 does not yet fully support nested teams.
For example, the endpoints for List team members and List team repositories do not return results inherited from a nested team's structure.
Warning: since January 2020, The Team APIs will be moving from a top-level path under /teams/:team_id
to a scoped path under the organization that owns the team with a path like /organizations/:org_id/team/:team_id
.
See "Moving the teams API" by Dirkjan Bussink
Original answer 2016
The one query which should include your permission is mentioned in "List User Teams"
GET /user/teams
List all of the teams across all of the organizations to which the authenticated user belongs. This method requires user or repo scope when authenticating via OAuth.
The answer looks like:
Status: 200 OK
X-RateLimit-Limit: 5000
X-RateLimit-Remaining: 4999
[
{
"url": "https://api.github.com/teams/1",
"name": "Owners",
"id": 1,
"permission": "admin", <============
"members_count": 3,
"repos_count": 10,
"organization": {
"login": "github",
"id": 1,
"url": "https://api.github.com/orgs/github",
"avatar_url": "https://github.com/images/error/octocat_happy.gif"
}
}
]
You need to filter that result in order to match the team with the right repo, and you should get back the permission level associated to that repo that way.
这篇关于通过 api 确定协作者的权限(对组织存储库)?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!