Comments (4)
It's not working properly. I'll take a look soon because I have introduced this issue.
from codeowners-validator.
the problem is that in current approach we are checking team permission entry which is out-dated
It no longer identifies thepermission a team has on its repos, but only specifies the default permission a repo is initially added with.
what we need to do is to list the team repos and then check the permission:
func teamHasPermissions(team *github.Team, repoName string) (bool, error) {
repos, _, err := ghClient.Teams.ListTeamRepos(ctx, team.GetID(), nil)
if err != nil {
return false, err
}
for _, r := range repos {
if r.GetName() == repoName {
var (
perm = r.GetPermissions()
hasAdmin = containsPerm(perm, "admin")
hasPush = containsPerm(perm, "push")
)
return hasAdmin || hasPush, nil
}
}
return false, nil
}
func containsPerm(perms map[string]bool, name string) bool {
perm, _ := perms[name]
return perm == true
}
other option is to use Review a user's permission level but it works currently only with users
from codeowners-validator.
Probably the best option is to use the GraphQL query to remove the overfetching problme, example query:
{
organization(login: "gh-codeowners") {
teams(first: 2) {
pageInfo {
hasNextPage
}
nodes {
slug
repositories(query: "codeowners-sample") {
nodes {
name
}
edges {
permission
}
}
}
}
}
}
can be used in https://developer.github.com/v4/explorer/
from codeowners-validator.
This issue was solved by #62. I do not close it because we can recheck if it is worth to change the implemented logic from REST to GraphQL.
More context: #62 (comment)
from codeowners-validator.
Related Issues (20)
- Comments in CODEOWNERS
- notowned with an empty codeowners file HOT 1
- Validate GitHub token scopes when `owners` check is enabled
- Add native support for pre-commit hook HOT 4
- Valid Owner Checker should report if the owner doesn't have Write access HOT 1
- App authentication doesn't work with provided action HOT 10
- /folder/* wildcard pattern is assumed to be nested by the action "Not Owned" check, which it isnt HOT 1
- CODEOWNERS file existence check HOT 1
- Unnecessary failure of test of GitHub token
- Killed: 9 HOT 8
- Error and mismatched URLs when using github app credentials via github enterprise
- Add support for specifically excluding code owners on files and subfolders HOT 1
- Recommended App permissions don't appear to be sufficient
- codeowners-validator install.sh crit-platform error for linux/arm64
- Print a list of all files and their owners HOT 1
- Owner child team is not supported by codeowners-validator
- Executing File Exist Checker Not support glob
- Feature request: fail for deleted files that are explicitly owned in CODEOWNERS HOT 4
- Support Gitea codeowners
- Runtime Error: segmentation fault codeowners-validator HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from codeowners-validator.