From d48bdc915652d2fa922d5345c7abfb606992ef2b Mon Sep 17 00:00:00 2001 From: Grisha Levit Date: Tue, 25 Oct 2022 01:15:53 -0400 Subject: [PATCH 1/8] Add enterprise allowed actions --- github/enterprise_actions_allowed.go | 50 ++++++++++++ github/enterprise_actions_allowed_test.go | 93 +++++++++++++++++++++++ 2 files changed, 143 insertions(+) create mode 100644 github/enterprise_actions_allowed.go create mode 100644 github/enterprise_actions_allowed_test.go diff --git a/github/enterprise_actions_allowed.go b/github/enterprise_actions_allowed.go new file mode 100644 index 00000000000..629691c3abe --- /dev/null +++ b/github/enterprise_actions_allowed.go @@ -0,0 +1,50 @@ +// Copyright 2021 The go-github AUTHORS. All rights reserved. +// +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package github + +import ( + "context" + "fmt" +) + +// GetActionsAllowed gets the actions that are allowed in an enterprise. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#get-allowed-actions-and-reusable-workflows-for-an-enterprise +func (s *EnterpriseService) GetActionsAllowed(ctx context.Context, enterprise string) (*ActionsAllowed, *Response, error) { + u := fmt.Sprintf("enterprises/%v/actions/permissions/selected-actions", enterprise) + + req, err := s.client.NewRequest("GET", u, nil) + if err != nil { + return nil, nil, err + } + + actionsAllowed := new(ActionsAllowed) + resp, err := s.client.Do(ctx, req, actionsAllowed) + if err != nil { + return nil, resp, err + } + + return actionsAllowed, resp, nil +} + +// EditActionsAllowed sets the actions that are allowed in an enterprise. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-allowed-actions-and-reusable-workflows-for-an-enterprise +func (s *EnterpriseService) EditActionsAllowed(ctx context.Context, enterprise string, actionsAllowed ActionsAllowed) (*ActionsAllowed, *Response, error) { + u := fmt.Sprintf("enterprises/%v/actions/permissions/selected-actions", enterprise) + req, err := s.client.NewRequest("PUT", u, actionsAllowed) + if err != nil { + return nil, nil, err + } + + p := new(ActionsAllowed) + resp, err := s.client.Do(ctx, req, p) + if err != nil { + return nil, resp, err + } + + return p, resp, nil +} diff --git a/github/enterprise_actions_allowed_test.go b/github/enterprise_actions_allowed_test.go new file mode 100644 index 00000000000..b60a26b2834 --- /dev/null +++ b/github/enterprise_actions_allowed_test.go @@ -0,0 +1,93 @@ +// Copyright 2021 The go-github AUTHORS. All rights reserved. +// +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package github + +import ( + "context" + "encoding/json" + "fmt" + "net/http" + "testing" + + "github.com/google/go-cmp/cmp" +) + +func TestEnterpriseService_GetActionsAllowed(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + mux.HandleFunc("/enterprises/e/actions/permissions/selected-actions", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "GET") + fmt.Fprint(w, `{"github_owned_allowed":true, "verified_allowed":false, "patterns_allowed":["a/b"]}`) + }) + + ctx := context.Background() + ent, _, err := client.Enterprise.GetActionsAllowed(ctx, "e") + if err != nil { + t.Errorf("Enterprise.GetActionsAllowed returned error: %v", err) + } + want := &ActionsAllowed{GithubOwnedAllowed: Bool(true), VerifiedAllowed: Bool(false), PatternsAllowed: []string{"a/b"}} + if !cmp.Equal(ent, want) { + t.Errorf("Enterprise.GetActionsAllowed returned %+v, want %+v", ent, want) + } + + const methodName = "GetActionsAllowed" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Enterprise.GetActionsAllowed(ctx, "\n") + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Enterprise.GetActionsAllowed(ctx, "e") + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestEnterpriseService_EditActionsAllowed(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + input := &ActionsAllowed{GithubOwnedAllowed: Bool(true), VerifiedAllowed: Bool(false), PatternsAllowed: []string{"a/b"}} + + mux.HandleFunc("/enterprises/e/actions/permissions/selected-actions", func(w http.ResponseWriter, r *http.Request) { + v := new(ActionsAllowed) + json.NewDecoder(r.Body).Decode(v) + + testMethod(t, r, "PUT") + if !cmp.Equal(v, input) { + t.Errorf("Request body = %+v, want %+v", v, input) + } + + fmt.Fprint(w, `{"github_owned_allowed":true, "verified_allowed":false, "patterns_allowed":["a/b"]}`) + }) + + ctx := context.Background() + ent, _, err := client.Enterprise.EditActionsAllowed(ctx, "e", *input) + if err != nil { + t.Errorf("Enterprise.EditActionsAllowed returned error: %v", err) + } + + want := &ActionsAllowed{GithubOwnedAllowed: Bool(true), VerifiedAllowed: Bool(false), PatternsAllowed: []string{"a/b"}} + if !cmp.Equal(ent, want) { + t.Errorf("Enterprise.EditActionsAllowed returned %+v, want %+v", ent, want) + } + + const methodName = "EditActionsAllowed" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Enterprise.EditActionsAllowed(ctx, "\n", *input) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Enterprise.EditActionsAllowed(ctx, "e", *input) + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} From f57e3ed514950f59cc8dfc68748462ac69663911 Mon Sep 17 00:00:00 2001 From: Grisha Levit Date: Tue, 25 Oct 2022 02:09:03 -0400 Subject: [PATCH 2/8] Add enterprise actions permissions --- github/enterprise_actions_permissions.go | 63 +++++++++++++ github/enterprise_actions_permissions_test.go | 94 +++++++++++++++++++ 2 files changed, 157 insertions(+) create mode 100644 github/enterprise_actions_permissions.go create mode 100644 github/enterprise_actions_permissions_test.go diff --git a/github/enterprise_actions_permissions.go b/github/enterprise_actions_permissions.go new file mode 100644 index 00000000000..61662fdec68 --- /dev/null +++ b/github/enterprise_actions_permissions.go @@ -0,0 +1,63 @@ +// Copyright 2021 The go-github AUTHORS. All rights reserved. +// +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package github + +import ( + "context" + "fmt" +) + +// ActionsPermissionsEnterprise represents a policy for allowed actions in an enterprise. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions +type ActionsPermissionsEnterprise struct { + EnabledOrganizations *string `json:"enabled_organizations,omitempty"` + AllowedActions *string `json:"allowed_actions,omitempty"` + SelectedActionsURL *string `json:"selected_actions_url,omitempty"` +} + +func (a ActionsPermissionsEnterprise) String() string { + return Stringify(a) +} + +// GetActionsPermissions gets the GitHub Actions permissions policy for an enterprise. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#get-github-actions-permissions-for-an-enterprise +func (s *EnterpriseService) GetActionsPermissions(ctx context.Context, enterprise string) (*ActionsPermissionsEnterprise, *Response, error) { + u := fmt.Sprintf("enterprises/%v/actions/permissions", enterprise) + + req, err := s.client.NewRequest("GET", u, nil) + if err != nil { + return nil, nil, err + } + + permissions := new(ActionsPermissionsEnterprise) + resp, err := s.client.Do(ctx, req, permissions) + if err != nil { + return nil, resp, err + } + + return permissions, resp, nil +} + +// EditActionsPermissions sets the permissions policy in an enterprise. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-github-actions-permissions-for-an-enterprise +func (s *EnterpriseService) EditActionsPermissions(ctx context.Context, enterprise string, actionsPermissionsEnterprise ActionsPermissionsEnterprise) (*ActionsPermissionsEnterprise, *Response, error) { + u := fmt.Sprintf("enterprises/%v/actions/permissions", enterprise) + req, err := s.client.NewRequest("PUT", u, actionsPermissionsEnterprise) + if err != nil { + return nil, nil, err + } + + p := new(ActionsPermissionsEnterprise) + resp, err := s.client.Do(ctx, req, p) + if err != nil { + return nil, resp, err + } + + return p, resp, nil +} diff --git a/github/enterprise_actions_permissions_test.go b/github/enterprise_actions_permissions_test.go new file mode 100644 index 00000000000..0abd528bc82 --- /dev/null +++ b/github/enterprise_actions_permissions_test.go @@ -0,0 +1,94 @@ +// Copyright 2021 The go-github AUTHORS. All rights reserved. +// +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package github + +import ( + "context" + "encoding/json" + "fmt" + "net/http" + "testing" + + "github.com/google/go-cmp/cmp" +) + +func TestEnterpriseService_GetActionsPermissions(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + mux.HandleFunc("/enterprises/e/actions/permissions", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "GET") + fmt.Fprint(w, `{"enabled_organizations": "all", "allowed_actions": "all"}`) + }) + + ctx := context.Background() + ent, _, err := client.Enterprise.GetActionsPermissions(ctx, "e") + if err != nil { + t.Errorf("Enterprise.GetActionsPermissions returned error: %v", err) + } + want := &ActionsPermissionsEnterprise{EnabledOrganizations: String("all"), AllowedActions: String("all")} + if !cmp.Equal(ent, want) { + t.Errorf("Enterprise.GetActionsPermissions returned %+v, want %+v", ent, want) + } + + const methodName = "GetActionsPermissions" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Enterprise.GetActionsPermissions(ctx, "\n") + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Enterprise.GetActionsPermissions(ctx, "e") + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestEnterpriseService_EditActionsPermissions(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + input := &ActionsPermissionsEnterprise{EnabledOrganizations: String("all"), AllowedActions: String("selected")} + + mux.HandleFunc("/enterprises/e/actions/permissions", func(w http.ResponseWriter, r *http.Request) { + v := new(ActionsPermissionsEnterprise) + json.NewDecoder(r.Body).Decode(v) + + testMethod(t, r, "PUT") + if !cmp.Equal(v, input) { + t.Errorf("Request body = %+v, want %+v", v, input) + } + + fmt.Fprint(w, `{"enabled_organizations": "all", "allowed_actions": "selected"}`) + }) + + ctx := context.Background() + ent, _, err := client.Enterprise.EditActionsPermissions(ctx, "e", *input) + if err != nil { + t.Errorf("Enterprise.EditActionsPermissions returned error: %v", err) + } + + want := &ActionsPermissionsEnterprise{EnabledOrganizations: String("all"), AllowedActions: String("selected")} + if !cmp.Equal(ent, want) { + t.Errorf("Enterprise.EditActionsPermissions returned %+v, want %+v", ent, want) + } + + const methodName = "EditActionsPermissions" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Enterprise.EditActionsPermissions(ctx, "\n", *input) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Enterprise.EditActionsPermissions(ctx, "e", *input) + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} From aae36a60acb63949a57d665bd7b2ba1026c6d531 Mon Sep 17 00:00:00 2001 From: Grisha Levit Date: Tue, 25 Oct 2022 03:21:49 -0400 Subject: [PATCH 3/8] Add enterprise action permissions for orgs --- github/actions_runners.go | 89 ++++++++++++++++++++++ github/actions_runners_test.go | 127 ++++++++++++++++++++++++++++++++ github/github-accessors.go | 24 ++++++ github/github-accessors_test.go | 30 ++++++++ github/github-stringify_test.go | 12 +++ 5 files changed, 282 insertions(+) diff --git a/github/actions_runners.go b/github/actions_runners.go index 40c6be3a92c..985f3757367 100644 --- a/github/actions_runners.go +++ b/github/actions_runners.go @@ -20,6 +20,12 @@ type RunnerApplicationDownload struct { SHA256Checksum *string `json:"sha256_checksum,omitempty"` } +// ActionsEnabledOnEnterpriseOrgs represents all the repositories in an enterprise for which Actions is enabled. +type ActionsEnabledOnEnterpriseOrgs struct { + TotalCount int `json:"total_count"` + Organizations []*Organization `json:"organizations"` +} + // ActionsEnabledOnOrgRepos represents all the repositories in an organization for which Actions is enabled. type ActionsEnabledOnOrgRepos struct { TotalCount int `json:"total_count"` @@ -240,6 +246,89 @@ func (s *ActionsService) ListOrganizationRunners(ctx context.Context, owner stri return runners, resp, nil } +// ListEnabledOrgsInEnterprise lists the selected organizations that are enabled for GitHub Actions in an enterprise. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#list-selected-organizations-enabled-for-github-actions-in-an-enterprise +func (s *ActionsService) ListEnabledOrgsInEnterprise(ctx context.Context, owner string, opts *ListOptions) (*ActionsEnabledOnEnterpriseOrgs, *Response, error) { + u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations", owner) + u, err := addOptions(u, opts) + if err != nil { + return nil, nil, err + } + + req, err := s.client.NewRequest("GET", u, nil) + if err != nil { + return nil, nil, err + } + + orgs := &ActionsEnabledOnEnterpriseOrgs{} + resp, err := s.client.Do(ctx, req, orgs) + if err != nil { + return nil, resp, err + } + + return orgs, resp, nil +} + +// SetEnabledOrgsInEnterprise replaces the list of selected organizations that are enabled for GitHub Actions in an enterprise. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-selected-organizations-enabled-for-github-actions-in-an-enterprise +func (s *ActionsService) SetEnabledOrgsInEnterprise(ctx context.Context, owner string, organizationIDs []int64) (*Response, error) { + u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations", owner) + + req, err := s.client.NewRequest("PUT", u, struct { + IDs []int64 `json:"selected_organization_ids"` + }{IDs: organizationIDs}) + if err != nil { + return nil, err + } + + resp, err := s.client.Do(ctx, req, nil) + if err != nil { + return resp, err + } + + return resp, nil +} + +// AddEnabledOrgInEnterprise adds an organization to the list of selected organizations that are enabled for GitHub Actions in an enterprise. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#enable-a-selected-organization-for-github-actions-in-an-enterprise +func (s *ActionsService) AddEnabledOrgInEnterprise(ctx context.Context, owner string, organizationID int64) (*Response, error) { + u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations/%v", owner, organizationID) + + req, err := s.client.NewRequest("PUT", u, nil) + if err != nil { + return nil, err + } + + resp, err := s.client.Do(ctx, req, nil) + if err != nil { + return resp, err + } + + return resp, nil +} + +// RemoveEnabledOrgInEnterprise removes an organization from the list of selected organizations that are enabled for GitHub Actions in an enterprise. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#disable-a-selected-organization-for-github-actions-in-an-enterprise +func (s *ActionsService) RemoveEnabledOrgInEnterprise(ctx context.Context, owner string, organizationID int64) (*Response, error) { + u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations/%v", owner, organizationID) + + req, err := s.client.NewRequest("DELETE", u, nil) + if err != nil { + return nil, err + } + + resp, err := s.client.Do(ctx, req, nil) + if err != nil { + return resp, err + } + + return resp, nil +} + // ListEnabledReposInOrg lists the selected repositories that are enabled for GitHub Actions in an organization. // // GitHub API docs: https://docs.github.com/en/rest/actions/permissions#list-selected-repositories-enabled-for-github-actions-in-an-organization diff --git a/github/actions_runners_test.go b/github/actions_runners_test.go index 9b338641eae..76c4d3be63a 100644 --- a/github/actions_runners_test.go +++ b/github/actions_runners_test.go @@ -357,6 +357,133 @@ func TestActionsService_ListOrganizationRunners(t *testing.T) { }) } +func TestActionsService_ListEnabledOrgsInEnterprise(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + mux.HandleFunc("/enterprises/e/actions/permissions/organizations", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "GET") + testFormValues(t, r, values{ + "page": "1", + }) + fmt.Fprint(w, `{"total_count":2,"organizations":[{"id":2}, {"id":3}]}`) + }) + + ctx := context.Background() + opt := &ListOptions{ + Page: 1, + } + got, _, err := client.Actions.ListEnabledOrgsInEnterprise(ctx, "e", opt) + if err != nil { + t.Errorf("Actions.ListEnabledOrgsInEnterprise returned error: %v", err) + } + + want := &ActionsEnabledOnEnterpriseOrgs{TotalCount: int(2), Organizations: []*Organization{ + {ID: Int64(2)}, + {ID: Int64(3)}, + }} + if !cmp.Equal(got, want) { + t.Errorf("Actions.ListEnabledOrgsInEnterprise returned %+v, want %+v", got, want) + } + + const methodName = "ListEnabledOrgsInEnterprise" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Actions.ListEnabledOrgsInEnterprise(ctx, "\n", opt) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Actions.ListEnabledOrgsInEnterprise(ctx, "e", opt) + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestActionsService_SetEnabledOrgsInEnterprise(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + mux.HandleFunc("/enterprises/e/actions/permissions/organizations", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "PUT") + testHeader(t, r, "Content-Type", "application/json") + testBody(t, r, `{"selected_organization_ids":[123,1234]}`+"\n") + w.WriteHeader(http.StatusNoContent) + }) + + ctx := context.Background() + _, err := client.Actions.SetEnabledOrgsInEnterprise(ctx, "e", []int64{123, 1234}) + if err != nil { + t.Errorf("Actions.SetEnabledOrgsInEnterprise returned error: %v", err) + } + + const methodName = "SetEnabledOrgsInEnterprise" + + testBadOptions(t, methodName, func() (err error) { + _, err = client.Actions.SetEnabledOrgsInEnterprise(ctx, "\n", []int64{123, 1234}) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + return client.Actions.SetEnabledOrgsInEnterprise(ctx, "e", []int64{123, 1234}) + }) +} + +func TestActionsService_AddEnabledOrgInEnterprise(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + mux.HandleFunc("/enterprises/e/actions/permissions/organizations/123", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "PUT") + w.WriteHeader(http.StatusNoContent) + }) + + ctx := context.Background() + _, err := client.Actions.AddEnabledOrgInEnterprise(ctx, "e", 123) + if err != nil { + t.Errorf("Actions.AddEnabledOrgInEnterprise returned error: %v", err) + } + + const methodName = "AddEnabledOrgInEnterprise" + + testBadOptions(t, methodName, func() (err error) { + _, err = client.Actions.AddEnabledOrgInEnterprise(ctx, "\n", 123) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + return client.Actions.AddEnabledOrgInEnterprise(ctx, "e", 123) + }) +} + +func TestActionsService_RemoveEnabledOrgInEnterprise(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + mux.HandleFunc("/enterprises/e/actions/permissions/organizations/123", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "DELETE") + w.WriteHeader(http.StatusNoContent) + }) + + ctx := context.Background() + _, err := client.Actions.RemoveEnabledOrgInEnterprise(ctx, "e", 123) + if err != nil { + t.Errorf("Actions.RemoveEnabledOrgInEnterprise returned error: %v", err) + } + + const methodName = "RemoveEnabledOrgInEnterprise" + + testBadOptions(t, methodName, func() (err error) { + _, err = client.Actions.RemoveEnabledOrgInEnterprise(ctx, "\n", 123) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + return client.Actions.RemoveEnabledOrgInEnterprise(ctx, "e", 123) + }) +} + func TestActionsService_ListEnabledReposInOrg(t *testing.T) { client, mux, _, teardown := setup() defer teardown() diff --git a/github/github-accessors.go b/github/github-accessors.go index f91f9a93ba4..0f5d6638dca 100644 --- a/github/github-accessors.go +++ b/github/github-accessors.go @@ -62,6 +62,30 @@ func (a *ActionsPermissions) GetSelectedActionsURL() string { return *a.SelectedActionsURL } +// GetAllowedActions returns the AllowedActions field if it's non-nil, zero value otherwise. +func (a *ActionsPermissionsEnterprise) GetAllowedActions() string { + if a == nil || a.AllowedActions == nil { + return "" + } + return *a.AllowedActions +} + +// GetEnabledOrganizations returns the EnabledOrganizations field if it's non-nil, zero value otherwise. +func (a *ActionsPermissionsEnterprise) GetEnabledOrganizations() string { + if a == nil || a.EnabledOrganizations == nil { + return "" + } + return *a.EnabledOrganizations +} + +// GetSelectedActionsURL returns the SelectedActionsURL field if it's non-nil, zero value otherwise. +func (a *ActionsPermissionsEnterprise) GetSelectedActionsURL() string { + if a == nil || a.SelectedActionsURL == nil { + return "" + } + return *a.SelectedActionsURL +} + // GetAllowedActions returns the AllowedActions field if it's non-nil, zero value otherwise. func (a *ActionsPermissionsRepository) GetAllowedActions() string { if a == nil || a.AllowedActions == nil { diff --git a/github/github-accessors_test.go b/github/github-accessors_test.go index 3fee246979d..a0d88b47700 100644 --- a/github/github-accessors_test.go +++ b/github/github-accessors_test.go @@ -75,6 +75,36 @@ func TestActionsPermissions_GetSelectedActionsURL(tt *testing.T) { a.GetSelectedActionsURL() } +func TestActionsPermissionsEnterprise_GetAllowedActions(tt *testing.T) { + var zeroValue string + a := &ActionsPermissionsEnterprise{AllowedActions: &zeroValue} + a.GetAllowedActions() + a = &ActionsPermissionsEnterprise{} + a.GetAllowedActions() + a = nil + a.GetAllowedActions() +} + +func TestActionsPermissionsEnterprise_GetEnabledOrganizations(tt *testing.T) { + var zeroValue string + a := &ActionsPermissionsEnterprise{EnabledOrganizations: &zeroValue} + a.GetEnabledOrganizations() + a = &ActionsPermissionsEnterprise{} + a.GetEnabledOrganizations() + a = nil + a.GetEnabledOrganizations() +} + +func TestActionsPermissionsEnterprise_GetSelectedActionsURL(tt *testing.T) { + var zeroValue string + a := &ActionsPermissionsEnterprise{SelectedActionsURL: &zeroValue} + a.GetSelectedActionsURL() + a = &ActionsPermissionsEnterprise{} + a.GetSelectedActionsURL() + a = nil + a.GetSelectedActionsURL() +} + func TestActionsPermissionsRepository_GetAllowedActions(tt *testing.T) { var zeroValue string a := &ActionsPermissionsRepository{AllowedActions: &zeroValue} diff --git a/github/github-stringify_test.go b/github/github-stringify_test.go index b83ff2373d6..ff1d0b28bd1 100644 --- a/github/github-stringify_test.go +++ b/github/github-stringify_test.go @@ -39,6 +39,18 @@ func TestActionsPermissions_String(t *testing.T) { } } +func TestActionsPermissionsEnterprise_String(t *testing.T) { + v := ActionsPermissionsEnterprise{ + EnabledOrganizations: String(""), + AllowedActions: String(""), + SelectedActionsURL: String(""), + } + want := `github.ActionsPermissionsEnterprise{EnabledOrganizations:"", AllowedActions:"", SelectedActionsURL:""}` + if got := v.String(); got != want { + t.Errorf("ActionsPermissionsEnterprise.String = %v, want %v", got, want) + } +} + func TestActionsPermissionsRepository_String(t *testing.T) { v := ActionsPermissionsRepository{ Enabled: Bool(false), From 112fdfccaabcaa9f8606da4e73d820caaee39249 Mon Sep 17 00:00:00 2001 From: Grisha Levit Date: Tue, 25 Oct 2022 04:03:21 -0400 Subject: [PATCH 4/8] Move actions permissions out of action_runners.go --- github/actions_runners.go | 178 ------------ github/actions_runners_test.go | 254 ------------------ github/enterprise_actions_permissions.go | 89 ++++++ github/enterprise_actions_permissions_test.go | 127 +++++++++ github/orgs_actions_permissions.go | 89 ++++++ github/orgs_actions_permissions_test.go | 127 +++++++++ 6 files changed, 432 insertions(+), 432 deletions(-) diff --git a/github/actions_runners.go b/github/actions_runners.go index 985f3757367..423ebdcbbfe 100644 --- a/github/actions_runners.go +++ b/github/actions_runners.go @@ -20,18 +20,6 @@ type RunnerApplicationDownload struct { SHA256Checksum *string `json:"sha256_checksum,omitempty"` } -// ActionsEnabledOnEnterpriseOrgs represents all the repositories in an enterprise for which Actions is enabled. -type ActionsEnabledOnEnterpriseOrgs struct { - TotalCount int `json:"total_count"` - Organizations []*Organization `json:"organizations"` -} - -// ActionsEnabledOnOrgRepos represents all the repositories in an organization for which Actions is enabled. -type ActionsEnabledOnOrgRepos struct { - TotalCount int `json:"total_count"` - Repositories []*Repository `json:"repositories"` -} - // ListRunnerApplicationDownloads lists self-hosted runner application binaries that can be downloaded and run. // // GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#list-runner-applications-for-a-repository @@ -246,172 +234,6 @@ func (s *ActionsService) ListOrganizationRunners(ctx context.Context, owner stri return runners, resp, nil } -// ListEnabledOrgsInEnterprise lists the selected organizations that are enabled for GitHub Actions in an enterprise. -// -// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#list-selected-organizations-enabled-for-github-actions-in-an-enterprise -func (s *ActionsService) ListEnabledOrgsInEnterprise(ctx context.Context, owner string, opts *ListOptions) (*ActionsEnabledOnEnterpriseOrgs, *Response, error) { - u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations", owner) - u, err := addOptions(u, opts) - if err != nil { - return nil, nil, err - } - - req, err := s.client.NewRequest("GET", u, nil) - if err != nil { - return nil, nil, err - } - - orgs := &ActionsEnabledOnEnterpriseOrgs{} - resp, err := s.client.Do(ctx, req, orgs) - if err != nil { - return nil, resp, err - } - - return orgs, resp, nil -} - -// SetEnabledOrgsInEnterprise replaces the list of selected organizations that are enabled for GitHub Actions in an enterprise. -// -// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-selected-organizations-enabled-for-github-actions-in-an-enterprise -func (s *ActionsService) SetEnabledOrgsInEnterprise(ctx context.Context, owner string, organizationIDs []int64) (*Response, error) { - u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations", owner) - - req, err := s.client.NewRequest("PUT", u, struct { - IDs []int64 `json:"selected_organization_ids"` - }{IDs: organizationIDs}) - if err != nil { - return nil, err - } - - resp, err := s.client.Do(ctx, req, nil) - if err != nil { - return resp, err - } - - return resp, nil -} - -// AddEnabledOrgInEnterprise adds an organization to the list of selected organizations that are enabled for GitHub Actions in an enterprise. -// -// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#enable-a-selected-organization-for-github-actions-in-an-enterprise -func (s *ActionsService) AddEnabledOrgInEnterprise(ctx context.Context, owner string, organizationID int64) (*Response, error) { - u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations/%v", owner, organizationID) - - req, err := s.client.NewRequest("PUT", u, nil) - if err != nil { - return nil, err - } - - resp, err := s.client.Do(ctx, req, nil) - if err != nil { - return resp, err - } - - return resp, nil -} - -// RemoveEnabledOrgInEnterprise removes an organization from the list of selected organizations that are enabled for GitHub Actions in an enterprise. -// -// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#disable-a-selected-organization-for-github-actions-in-an-enterprise -func (s *ActionsService) RemoveEnabledOrgInEnterprise(ctx context.Context, owner string, organizationID int64) (*Response, error) { - u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations/%v", owner, organizationID) - - req, err := s.client.NewRequest("DELETE", u, nil) - if err != nil { - return nil, err - } - - resp, err := s.client.Do(ctx, req, nil) - if err != nil { - return resp, err - } - - return resp, nil -} - -// ListEnabledReposInOrg lists the selected repositories that are enabled for GitHub Actions in an organization. -// -// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#list-selected-repositories-enabled-for-github-actions-in-an-organization -func (s *ActionsService) ListEnabledReposInOrg(ctx context.Context, owner string, opts *ListOptions) (*ActionsEnabledOnOrgRepos, *Response, error) { - u := fmt.Sprintf("orgs/%v/actions/permissions/repositories", owner) - u, err := addOptions(u, opts) - if err != nil { - return nil, nil, err - } - - req, err := s.client.NewRequest("GET", u, nil) - if err != nil { - return nil, nil, err - } - - repos := &ActionsEnabledOnOrgRepos{} - resp, err := s.client.Do(ctx, req, repos) - if err != nil { - return nil, resp, err - } - - return repos, resp, nil -} - -// SetEnabledReposInOrg replaces the list of selected repositories that are enabled for GitHub Actions in an organization.. -// -// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-selected-repositories-enabled-for-github-actions-in-an-organization -func (s *ActionsService) SetEnabledReposInOrg(ctx context.Context, owner string, repositoryIDs []int64) (*Response, error) { - u := fmt.Sprintf("orgs/%v/actions/permissions/repositories", owner) - - req, err := s.client.NewRequest("PUT", u, struct { - IDs []int64 `json:"selected_repository_ids"` - }{IDs: repositoryIDs}) - if err != nil { - return nil, err - } - - resp, err := s.client.Do(ctx, req, nil) - if err != nil { - return resp, err - } - - return resp, nil -} - -// AddEnabledReposInOrg adds a repository to the list of selected repositories that are enabled for GitHub Actions in an organization. -// -// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#enable-a-selected-repository-for-github-actions-in-an-organization -func (s *ActionsService) AddEnabledReposInOrg(ctx context.Context, owner string, repositoryID int64) (*Response, error) { - u := fmt.Sprintf("orgs/%v/actions/permissions/repositories/%v", owner, repositoryID) - - req, err := s.client.NewRequest("PUT", u, nil) - if err != nil { - return nil, err - } - - resp, err := s.client.Do(ctx, req, nil) - if err != nil { - return resp, err - } - - return resp, nil -} - -// RemoveEnabledRepoInOrg removes a single repository from the list of enabled repos for GitHub Actions in an organization. -// -// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#disable-a-selected-repository-for-github-actions-in-an-organization -func (s *ActionsService) RemoveEnabledRepoInOrg(ctx context.Context, owner string, repositoryID int64) (*Response, error) { - u := fmt.Sprintf("orgs/%v/actions/permissions/repositories/%v", owner, repositoryID) - - req, err := s.client.NewRequest("DELETE", u, nil) - if err != nil { - return nil, err - } - - resp, err := s.client.Do(ctx, req, nil) - if err != nil { - return resp, err - } - - return resp, nil -} - // GetOrganizationRunner gets a specific self-hosted runner for an organization using its runner ID. // // GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#get-a-self-hosted-runner-for-an-organization diff --git a/github/actions_runners_test.go b/github/actions_runners_test.go index 76c4d3be63a..1b99442ef3b 100644 --- a/github/actions_runners_test.go +++ b/github/actions_runners_test.go @@ -357,260 +357,6 @@ func TestActionsService_ListOrganizationRunners(t *testing.T) { }) } -func TestActionsService_ListEnabledOrgsInEnterprise(t *testing.T) { - client, mux, _, teardown := setup() - defer teardown() - - mux.HandleFunc("/enterprises/e/actions/permissions/organizations", func(w http.ResponseWriter, r *http.Request) { - testMethod(t, r, "GET") - testFormValues(t, r, values{ - "page": "1", - }) - fmt.Fprint(w, `{"total_count":2,"organizations":[{"id":2}, {"id":3}]}`) - }) - - ctx := context.Background() - opt := &ListOptions{ - Page: 1, - } - got, _, err := client.Actions.ListEnabledOrgsInEnterprise(ctx, "e", opt) - if err != nil { - t.Errorf("Actions.ListEnabledOrgsInEnterprise returned error: %v", err) - } - - want := &ActionsEnabledOnEnterpriseOrgs{TotalCount: int(2), Organizations: []*Organization{ - {ID: Int64(2)}, - {ID: Int64(3)}, - }} - if !cmp.Equal(got, want) { - t.Errorf("Actions.ListEnabledOrgsInEnterprise returned %+v, want %+v", got, want) - } - - const methodName = "ListEnabledOrgsInEnterprise" - testBadOptions(t, methodName, func() (err error) { - _, _, err = client.Actions.ListEnabledOrgsInEnterprise(ctx, "\n", opt) - return err - }) - - testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { - got, resp, err := client.Actions.ListEnabledOrgsInEnterprise(ctx, "e", opt) - if got != nil { - t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) - } - return resp, err - }) -} - -func TestActionsService_SetEnabledOrgsInEnterprise(t *testing.T) { - client, mux, _, teardown := setup() - defer teardown() - - mux.HandleFunc("/enterprises/e/actions/permissions/organizations", func(w http.ResponseWriter, r *http.Request) { - testMethod(t, r, "PUT") - testHeader(t, r, "Content-Type", "application/json") - testBody(t, r, `{"selected_organization_ids":[123,1234]}`+"\n") - w.WriteHeader(http.StatusNoContent) - }) - - ctx := context.Background() - _, err := client.Actions.SetEnabledOrgsInEnterprise(ctx, "e", []int64{123, 1234}) - if err != nil { - t.Errorf("Actions.SetEnabledOrgsInEnterprise returned error: %v", err) - } - - const methodName = "SetEnabledOrgsInEnterprise" - - testBadOptions(t, methodName, func() (err error) { - _, err = client.Actions.SetEnabledOrgsInEnterprise(ctx, "\n", []int64{123, 1234}) - return err - }) - - testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { - return client.Actions.SetEnabledOrgsInEnterprise(ctx, "e", []int64{123, 1234}) - }) -} - -func TestActionsService_AddEnabledOrgInEnterprise(t *testing.T) { - client, mux, _, teardown := setup() - defer teardown() - - mux.HandleFunc("/enterprises/e/actions/permissions/organizations/123", func(w http.ResponseWriter, r *http.Request) { - testMethod(t, r, "PUT") - w.WriteHeader(http.StatusNoContent) - }) - - ctx := context.Background() - _, err := client.Actions.AddEnabledOrgInEnterprise(ctx, "e", 123) - if err != nil { - t.Errorf("Actions.AddEnabledOrgInEnterprise returned error: %v", err) - } - - const methodName = "AddEnabledOrgInEnterprise" - - testBadOptions(t, methodName, func() (err error) { - _, err = client.Actions.AddEnabledOrgInEnterprise(ctx, "\n", 123) - return err - }) - - testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { - return client.Actions.AddEnabledOrgInEnterprise(ctx, "e", 123) - }) -} - -func TestActionsService_RemoveEnabledOrgInEnterprise(t *testing.T) { - client, mux, _, teardown := setup() - defer teardown() - - mux.HandleFunc("/enterprises/e/actions/permissions/organizations/123", func(w http.ResponseWriter, r *http.Request) { - testMethod(t, r, "DELETE") - w.WriteHeader(http.StatusNoContent) - }) - - ctx := context.Background() - _, err := client.Actions.RemoveEnabledOrgInEnterprise(ctx, "e", 123) - if err != nil { - t.Errorf("Actions.RemoveEnabledOrgInEnterprise returned error: %v", err) - } - - const methodName = "RemoveEnabledOrgInEnterprise" - - testBadOptions(t, methodName, func() (err error) { - _, err = client.Actions.RemoveEnabledOrgInEnterprise(ctx, "\n", 123) - return err - }) - - testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { - return client.Actions.RemoveEnabledOrgInEnterprise(ctx, "e", 123) - }) -} - -func TestActionsService_ListEnabledReposInOrg(t *testing.T) { - client, mux, _, teardown := setup() - defer teardown() - - mux.HandleFunc("/orgs/o/actions/permissions/repositories", func(w http.ResponseWriter, r *http.Request) { - testMethod(t, r, "GET") - testFormValues(t, r, values{ - "page": "1", - }) - fmt.Fprint(w, `{"total_count":2,"repositories":[{"id":2}, {"id": 3}]}`) - }) - - ctx := context.Background() - opt := &ListOptions{ - Page: 1, - } - got, _, err := client.Actions.ListEnabledReposInOrg(ctx, "o", opt) - if err != nil { - t.Errorf("Actions.ListEnabledReposInOrg returned error: %v", err) - } - - want := &ActionsEnabledOnOrgRepos{TotalCount: int(2), Repositories: []*Repository{ - {ID: Int64(2)}, - {ID: Int64(3)}, - }} - if !cmp.Equal(got, want) { - t.Errorf("Actions.ListEnabledReposInOrg returned %+v, want %+v", got, want) - } - - const methodName = "ListEnabledReposInOrg" - testBadOptions(t, methodName, func() (err error) { - _, _, err = client.Actions.ListEnabledReposInOrg(ctx, "\n", opt) - return err - }) - - testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { - got, resp, err := client.Actions.ListEnabledReposInOrg(ctx, "o", opt) - if got != nil { - t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) - } - return resp, err - }) -} - -func TestActionsService_SetEnabledReposInOrg(t *testing.T) { - client, mux, _, teardown := setup() - defer teardown() - - mux.HandleFunc("/orgs/o/actions/permissions/repositories", func(w http.ResponseWriter, r *http.Request) { - testMethod(t, r, "PUT") - testHeader(t, r, "Content-Type", "application/json") - testBody(t, r, `{"selected_repository_ids":[123,1234]}`+"\n") - w.WriteHeader(http.StatusNoContent) - }) - - ctx := context.Background() - _, err := client.Actions.SetEnabledReposInOrg(ctx, "o", []int64{123, 1234}) - if err != nil { - t.Errorf("Actions.SetEnabledReposInOrg returned error: %v", err) - } - - const methodName = "SetEnabledReposInOrg" - - testBadOptions(t, methodName, func() (err error) { - _, err = client.Actions.SetEnabledReposInOrg(ctx, "\n", []int64{123, 1234}) - return err - }) - - testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { - return client.Actions.SetEnabledReposInOrg(ctx, "o", []int64{123, 1234}) - }) -} - -func TestActionsService_AddEnabledReposInOrg(t *testing.T) { - client, mux, _, teardown := setup() - defer teardown() - - mux.HandleFunc("/orgs/o/actions/permissions/repositories/123", func(w http.ResponseWriter, r *http.Request) { - testMethod(t, r, "PUT") - w.WriteHeader(http.StatusNoContent) - }) - - ctx := context.Background() - _, err := client.Actions.AddEnabledReposInOrg(ctx, "o", 123) - if err != nil { - t.Errorf("Actions.AddEnabledReposInOrg returned error: %v", err) - } - - const methodName = "AddEnabledReposInOrg" - - testBadOptions(t, methodName, func() (err error) { - _, err = client.Actions.AddEnabledReposInOrg(ctx, "\n", 123) - return err - }) - - testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { - return client.Actions.AddEnabledReposInOrg(ctx, "o", 123) - }) -} - -func TestActionsService_RemoveEnabledRepoInOrg(t *testing.T) { - client, mux, _, teardown := setup() - defer teardown() - - mux.HandleFunc("/orgs/o/actions/permissions/repositories/123", func(w http.ResponseWriter, r *http.Request) { - testMethod(t, r, "DELETE") - w.WriteHeader(http.StatusNoContent) - }) - - ctx := context.Background() - _, err := client.Actions.RemoveEnabledRepoInOrg(ctx, "o", 123) - if err != nil { - t.Errorf("Actions.RemoveEnabledRepoInOrg returned error: %v", err) - } - - const methodName = "RemoveEnabledRepoInOrg" - - testBadOptions(t, methodName, func() (err error) { - _, err = client.Actions.RemoveEnabledRepoInOrg(ctx, "\n", 123) - return err - }) - - testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { - return client.Actions.RemoveEnabledRepoInOrg(ctx, "o", 123) - }) -} - func TestActionsService_GetOrganizationRunner(t *testing.T) { client, mux, _, teardown := setup() defer teardown() diff --git a/github/enterprise_actions_permissions.go b/github/enterprise_actions_permissions.go index 61662fdec68..a9d54175c28 100644 --- a/github/enterprise_actions_permissions.go +++ b/github/enterprise_actions_permissions.go @@ -23,6 +23,12 @@ func (a ActionsPermissionsEnterprise) String() string { return Stringify(a) } +// ActionsEnabledOnEnterpriseOrgs represents all the repositories in an enterprise for which Actions is enabled. +type ActionsEnabledOnEnterpriseOrgs struct { + TotalCount int `json:"total_count"` + Organizations []*Organization `json:"organizations"` +} + // GetActionsPermissions gets the GitHub Actions permissions policy for an enterprise. // // GitHub API docs: https://docs.github.com/en/rest/actions/permissions#get-github-actions-permissions-for-an-enterprise @@ -61,3 +67,86 @@ func (s *EnterpriseService) EditActionsPermissions(ctx context.Context, enterpri return p, resp, nil } + +// ListEnabledOrgsInEnterprise lists the selected organizations that are enabled for GitHub Actions in an enterprise. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#list-selected-organizations-enabled-for-github-actions-in-an-enterprise +func (s *ActionsService) ListEnabledOrgsInEnterprise(ctx context.Context, owner string, opts *ListOptions) (*ActionsEnabledOnEnterpriseOrgs, *Response, error) { + u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations", owner) + u, err := addOptions(u, opts) + if err != nil { + return nil, nil, err + } + + req, err := s.client.NewRequest("GET", u, nil) + if err != nil { + return nil, nil, err + } + + orgs := &ActionsEnabledOnEnterpriseOrgs{} + resp, err := s.client.Do(ctx, req, orgs) + if err != nil { + return nil, resp, err + } + + return orgs, resp, nil +} + +// SetEnabledOrgsInEnterprise replaces the list of selected organizations that are enabled for GitHub Actions in an enterprise. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-selected-organizations-enabled-for-github-actions-in-an-enterprise +func (s *ActionsService) SetEnabledOrgsInEnterprise(ctx context.Context, owner string, organizationIDs []int64) (*Response, error) { + u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations", owner) + + req, err := s.client.NewRequest("PUT", u, struct { + IDs []int64 `json:"selected_organization_ids"` + }{IDs: organizationIDs}) + if err != nil { + return nil, err + } + + resp, err := s.client.Do(ctx, req, nil) + if err != nil { + return resp, err + } + + return resp, nil +} + +// AddEnabledOrgInEnterprise adds an organization to the list of selected organizations that are enabled for GitHub Actions in an enterprise. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#enable-a-selected-organization-for-github-actions-in-an-enterprise +func (s *ActionsService) AddEnabledOrgInEnterprise(ctx context.Context, owner string, organizationID int64) (*Response, error) { + u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations/%v", owner, organizationID) + + req, err := s.client.NewRequest("PUT", u, nil) + if err != nil { + return nil, err + } + + resp, err := s.client.Do(ctx, req, nil) + if err != nil { + return resp, err + } + + return resp, nil +} + +// RemoveEnabledOrgInEnterprise removes an organization from the list of selected organizations that are enabled for GitHub Actions in an enterprise. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#disable-a-selected-organization-for-github-actions-in-an-enterprise +func (s *ActionsService) RemoveEnabledOrgInEnterprise(ctx context.Context, owner string, organizationID int64) (*Response, error) { + u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations/%v", owner, organizationID) + + req, err := s.client.NewRequest("DELETE", u, nil) + if err != nil { + return nil, err + } + + resp, err := s.client.Do(ctx, req, nil) + if err != nil { + return resp, err + } + + return resp, nil +} diff --git a/github/enterprise_actions_permissions_test.go b/github/enterprise_actions_permissions_test.go index 0abd528bc82..0ae84602436 100644 --- a/github/enterprise_actions_permissions_test.go +++ b/github/enterprise_actions_permissions_test.go @@ -92,3 +92,130 @@ func TestEnterpriseService_EditActionsPermissions(t *testing.T) { return resp, err }) } + +func TestActionsService_ListEnabledOrgsInEnterprise(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + mux.HandleFunc("/enterprises/e/actions/permissions/organizations", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "GET") + testFormValues(t, r, values{ + "page": "1", + }) + fmt.Fprint(w, `{"total_count":2,"organizations":[{"id":2}, {"id":3}]}`) + }) + + ctx := context.Background() + opt := &ListOptions{ + Page: 1, + } + got, _, err := client.Actions.ListEnabledOrgsInEnterprise(ctx, "e", opt) + if err != nil { + t.Errorf("Actions.ListEnabledOrgsInEnterprise returned error: %v", err) + } + + want := &ActionsEnabledOnEnterpriseOrgs{TotalCount: int(2), Organizations: []*Organization{ + {ID: Int64(2)}, + {ID: Int64(3)}, + }} + if !cmp.Equal(got, want) { + t.Errorf("Actions.ListEnabledOrgsInEnterprise returned %+v, want %+v", got, want) + } + + const methodName = "ListEnabledOrgsInEnterprise" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Actions.ListEnabledOrgsInEnterprise(ctx, "\n", opt) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Actions.ListEnabledOrgsInEnterprise(ctx, "e", opt) + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestActionsService_SetEnabledOrgsInEnterprise(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + mux.HandleFunc("/enterprises/e/actions/permissions/organizations", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "PUT") + testHeader(t, r, "Content-Type", "application/json") + testBody(t, r, `{"selected_organization_ids":[123,1234]}`+"\n") + w.WriteHeader(http.StatusNoContent) + }) + + ctx := context.Background() + _, err := client.Actions.SetEnabledOrgsInEnterprise(ctx, "e", []int64{123, 1234}) + if err != nil { + t.Errorf("Actions.SetEnabledOrgsInEnterprise returned error: %v", err) + } + + const methodName = "SetEnabledOrgsInEnterprise" + + testBadOptions(t, methodName, func() (err error) { + _, err = client.Actions.SetEnabledOrgsInEnterprise(ctx, "\n", []int64{123, 1234}) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + return client.Actions.SetEnabledOrgsInEnterprise(ctx, "e", []int64{123, 1234}) + }) +} + +func TestActionsService_AddEnabledOrgInEnterprise(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + mux.HandleFunc("/enterprises/e/actions/permissions/organizations/123", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "PUT") + w.WriteHeader(http.StatusNoContent) + }) + + ctx := context.Background() + _, err := client.Actions.AddEnabledOrgInEnterprise(ctx, "e", 123) + if err != nil { + t.Errorf("Actions.AddEnabledOrgInEnterprise returned error: %v", err) + } + + const methodName = "AddEnabledOrgInEnterprise" + + testBadOptions(t, methodName, func() (err error) { + _, err = client.Actions.AddEnabledOrgInEnterprise(ctx, "\n", 123) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + return client.Actions.AddEnabledOrgInEnterprise(ctx, "e", 123) + }) +} + +func TestActionsService_RemoveEnabledOrgInEnterprise(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + mux.HandleFunc("/enterprises/e/actions/permissions/organizations/123", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "DELETE") + w.WriteHeader(http.StatusNoContent) + }) + + ctx := context.Background() + _, err := client.Actions.RemoveEnabledOrgInEnterprise(ctx, "e", 123) + if err != nil { + t.Errorf("Actions.RemoveEnabledOrgInEnterprise returned error: %v", err) + } + + const methodName = "RemoveEnabledOrgInEnterprise" + + testBadOptions(t, methodName, func() (err error) { + _, err = client.Actions.RemoveEnabledOrgInEnterprise(ctx, "\n", 123) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + return client.Actions.RemoveEnabledOrgInEnterprise(ctx, "e", 123) + }) +} diff --git a/github/orgs_actions_permissions.go b/github/orgs_actions_permissions.go index 6d1db2ee0a3..e7a215f5682 100644 --- a/github/orgs_actions_permissions.go +++ b/github/orgs_actions_permissions.go @@ -23,6 +23,12 @@ func (a ActionsPermissions) String() string { return Stringify(a) } +// ActionsEnabledOnOrgRepos represents all the repositories in an organization for which Actions is enabled. +type ActionsEnabledOnOrgRepos struct { + TotalCount int `json:"total_count"` + Repositories []*Repository `json:"repositories"` +} + // GetActionsPermissions gets the GitHub Actions permissions policy for repositories and allowed actions in an organization. // // GitHub API docs: https://docs.github.com/en/rest/actions/permissions#get-github-actions-permissions-for-an-organization @@ -61,3 +67,86 @@ func (s *OrganizationsService) EditActionsPermissions(ctx context.Context, org s return p, resp, nil } + +// ListEnabledReposInOrg lists the selected repositories that are enabled for GitHub Actions in an organization. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#list-selected-repositories-enabled-for-github-actions-in-an-organization +func (s *ActionsService) ListEnabledReposInOrg(ctx context.Context, owner string, opts *ListOptions) (*ActionsEnabledOnOrgRepos, *Response, error) { + u := fmt.Sprintf("orgs/%v/actions/permissions/repositories", owner) + u, err := addOptions(u, opts) + if err != nil { + return nil, nil, err + } + + req, err := s.client.NewRequest("GET", u, nil) + if err != nil { + return nil, nil, err + } + + repos := &ActionsEnabledOnOrgRepos{} + resp, err := s.client.Do(ctx, req, repos) + if err != nil { + return nil, resp, err + } + + return repos, resp, nil +} + +// SetEnabledReposInOrg replaces the list of selected repositories that are enabled for GitHub Actions in an organization.. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-selected-repositories-enabled-for-github-actions-in-an-organization +func (s *ActionsService) SetEnabledReposInOrg(ctx context.Context, owner string, repositoryIDs []int64) (*Response, error) { + u := fmt.Sprintf("orgs/%v/actions/permissions/repositories", owner) + + req, err := s.client.NewRequest("PUT", u, struct { + IDs []int64 `json:"selected_repository_ids"` + }{IDs: repositoryIDs}) + if err != nil { + return nil, err + } + + resp, err := s.client.Do(ctx, req, nil) + if err != nil { + return resp, err + } + + return resp, nil +} + +// AddEnabledReposInOrg adds a repository to the list of selected repositories that are enabled for GitHub Actions in an organization. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#enable-a-selected-repository-for-github-actions-in-an-organization +func (s *ActionsService) AddEnabledReposInOrg(ctx context.Context, owner string, repositoryID int64) (*Response, error) { + u := fmt.Sprintf("orgs/%v/actions/permissions/repositories/%v", owner, repositoryID) + + req, err := s.client.NewRequest("PUT", u, nil) + if err != nil { + return nil, err + } + + resp, err := s.client.Do(ctx, req, nil) + if err != nil { + return resp, err + } + + return resp, nil +} + +// RemoveEnabledRepoInOrg removes a single repository from the list of enabled repos for GitHub Actions in an organization. +// +// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#disable-a-selected-repository-for-github-actions-in-an-organization +func (s *ActionsService) RemoveEnabledRepoInOrg(ctx context.Context, owner string, repositoryID int64) (*Response, error) { + u := fmt.Sprintf("orgs/%v/actions/permissions/repositories/%v", owner, repositoryID) + + req, err := s.client.NewRequest("DELETE", u, nil) + if err != nil { + return nil, err + } + + resp, err := s.client.Do(ctx, req, nil) + if err != nil { + return resp, err + } + + return resp, nil +} diff --git a/github/orgs_actions_permissions_test.go b/github/orgs_actions_permissions_test.go index 9664c79eda8..c45fb7bd9b4 100644 --- a/github/orgs_actions_permissions_test.go +++ b/github/orgs_actions_permissions_test.go @@ -92,3 +92,130 @@ func TestOrganizationsService_EditActionsPermissions(t *testing.T) { return resp, err }) } + +func TestActionsService_ListEnabledReposInOrg(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + mux.HandleFunc("/orgs/o/actions/permissions/repositories", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "GET") + testFormValues(t, r, values{ + "page": "1", + }) + fmt.Fprint(w, `{"total_count":2,"repositories":[{"id":2}, {"id": 3}]}`) + }) + + ctx := context.Background() + opt := &ListOptions{ + Page: 1, + } + got, _, err := client.Actions.ListEnabledReposInOrg(ctx, "o", opt) + if err != nil { + t.Errorf("Actions.ListEnabledReposInOrg returned error: %v", err) + } + + want := &ActionsEnabledOnOrgRepos{TotalCount: int(2), Repositories: []*Repository{ + {ID: Int64(2)}, + {ID: Int64(3)}, + }} + if !cmp.Equal(got, want) { + t.Errorf("Actions.ListEnabledReposInOrg returned %+v, want %+v", got, want) + } + + const methodName = "ListEnabledReposInOrg" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Actions.ListEnabledReposInOrg(ctx, "\n", opt) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Actions.ListEnabledReposInOrg(ctx, "o", opt) + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestActionsService_SetEnabledReposInOrg(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + mux.HandleFunc("/orgs/o/actions/permissions/repositories", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "PUT") + testHeader(t, r, "Content-Type", "application/json") + testBody(t, r, `{"selected_repository_ids":[123,1234]}`+"\n") + w.WriteHeader(http.StatusNoContent) + }) + + ctx := context.Background() + _, err := client.Actions.SetEnabledReposInOrg(ctx, "o", []int64{123, 1234}) + if err != nil { + t.Errorf("Actions.SetEnabledReposInOrg returned error: %v", err) + } + + const methodName = "SetEnabledReposInOrg" + + testBadOptions(t, methodName, func() (err error) { + _, err = client.Actions.SetEnabledReposInOrg(ctx, "\n", []int64{123, 1234}) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + return client.Actions.SetEnabledReposInOrg(ctx, "o", []int64{123, 1234}) + }) +} + +func TestActionsService_AddEnabledReposInOrg(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + mux.HandleFunc("/orgs/o/actions/permissions/repositories/123", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "PUT") + w.WriteHeader(http.StatusNoContent) + }) + + ctx := context.Background() + _, err := client.Actions.AddEnabledReposInOrg(ctx, "o", 123) + if err != nil { + t.Errorf("Actions.AddEnabledReposInOrg returned error: %v", err) + } + + const methodName = "AddEnabledReposInOrg" + + testBadOptions(t, methodName, func() (err error) { + _, err = client.Actions.AddEnabledReposInOrg(ctx, "\n", 123) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + return client.Actions.AddEnabledReposInOrg(ctx, "o", 123) + }) +} + +func TestActionsService_RemoveEnabledRepoInOrg(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + mux.HandleFunc("/orgs/o/actions/permissions/repositories/123", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "DELETE") + w.WriteHeader(http.StatusNoContent) + }) + + ctx := context.Background() + _, err := client.Actions.RemoveEnabledRepoInOrg(ctx, "o", 123) + if err != nil { + t.Errorf("Actions.RemoveEnabledRepoInOrg returned error: %v", err) + } + + const methodName = "RemoveEnabledRepoInOrg" + + testBadOptions(t, methodName, func() (err error) { + _, err = client.Actions.RemoveEnabledRepoInOrg(ctx, "\n", 123) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + return client.Actions.RemoveEnabledRepoInOrg(ctx, "o", 123) + }) +} From 20e1b531a1988590f098e9db7107d1960f5d75db Mon Sep 17 00:00:00 2001 From: Grisha Levit Date: Tue, 25 Oct 2022 14:01:12 -0400 Subject: [PATCH 5/8] Update copyright Co-authored-by: Glenn Lewis <6598971+gmlewis@users.noreply.github.com> --- github/enterprise_actions_allowed.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/enterprise_actions_allowed.go b/github/enterprise_actions_allowed.go index 629691c3abe..78764e03ef7 100644 --- a/github/enterprise_actions_allowed.go +++ b/github/enterprise_actions_allowed.go @@ -1,4 +1,4 @@ -// Copyright 2021 The go-github AUTHORS. All rights reserved. +// Copyright 2022 The go-github AUTHORS. All rights reserved. // // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. From b21a515e8ad1eb7cad75ff1abe8f7ba2ad00fb75 Mon Sep 17 00:00:00 2001 From: Grisha Levit Date: Tue, 25 Oct 2022 14:01:22 -0400 Subject: [PATCH 6/8] Update copyright Co-authored-by: Glenn Lewis <6598971+gmlewis@users.noreply.github.com> --- github/enterprise_actions_permissions.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/enterprise_actions_permissions.go b/github/enterprise_actions_permissions.go index a9d54175c28..c658ea304c2 100644 --- a/github/enterprise_actions_permissions.go +++ b/github/enterprise_actions_permissions.go @@ -1,4 +1,4 @@ -// Copyright 2021 The go-github AUTHORS. All rights reserved. +// Copyright 2022 The go-github AUTHORS. All rights reserved. // // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. From ffe9ec9013b6f02840da82472253a3618d5cbeab Mon Sep 17 00:00:00 2001 From: Grisha Levit Date: Tue, 25 Oct 2022 14:01:30 -0400 Subject: [PATCH 7/8] Update copyright Co-authored-by: Glenn Lewis <6598971+gmlewis@users.noreply.github.com> --- github/enterprise_actions_allowed_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/enterprise_actions_allowed_test.go b/github/enterprise_actions_allowed_test.go index b60a26b2834..cf5ccd52cca 100644 --- a/github/enterprise_actions_allowed_test.go +++ b/github/enterprise_actions_allowed_test.go @@ -1,4 +1,4 @@ -// Copyright 2021 The go-github AUTHORS. All rights reserved. +// Copyright 2022 The go-github AUTHORS. All rights reserved. // // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. From 6ac0bf59dfe7a49fa4f35489ab7052548b3916a3 Mon Sep 17 00:00:00 2001 From: Grisha Levit Date: Tue, 25 Oct 2022 14:01:38 -0400 Subject: [PATCH 8/8] Update copyright Co-authored-by: Glenn Lewis <6598971+gmlewis@users.noreply.github.com> --- github/enterprise_actions_permissions_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/enterprise_actions_permissions_test.go b/github/enterprise_actions_permissions_test.go index 0ae84602436..8627ce81026 100644 --- a/github/enterprise_actions_permissions_test.go +++ b/github/enterprise_actions_permissions_test.go @@ -1,4 +1,4 @@ -// Copyright 2021 The go-github AUTHORS. All rights reserved. +// Copyright 2022 The go-github AUTHORS. All rights reserved. // // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file.