+
Skip to content

Support users and teams in branch protection access restrictions #2561

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Jan 18, 2023
Merged

Support users and teams in branch protection access restrictions #2561

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
26f0a96
Add support for users and teams push restrictions
jporzucek Nov 7, 2022
2a2c37d
Fix slug naming convention to reflect docs
jporzucek Jan 13, 2023
ff084be
Changed spelling
jporzucek Jan 13, 2023
5f741b8
spelling
jporzucek Jan 14, 2023
09e4fd0
Addreess code review suggestions
jporzucek Jan 16, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
220 changes: 203 additions & 17 deletions github/repos.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1178,7 +1178,7 @@ type DismissalRestrictionsRequest struct {
Users *[]string `json:"users,omitempty"`
// The list of team slugs which can dismiss pull request reviews. (Required; use nil to disable dismissal_restrictions or &[]string{} otherwise.)
Teams *[]string `json:"teams,omitempty"`
// The list of apps which can dismiss pull request reviews. (Required; use nil to disable dismissal_restrictions or &[]string{} otherwise.)
// The list of app slugs which can dismiss pull request reviews. (Required; use nil to disable dismissal_restrictions or &[]string{} otherwise.)
Apps *[]string `json:"apps,omitempty"`
}

Expand Down Expand Up @@ -1674,6 +1674,8 @@ func (s *RepositoriesService) ReplaceAllTopics(ctx context.Context, owner, repo
// It requires the GitHub apps to have `write` access to the `content` permission.
//
// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#get-apps-with-access-to-the-protected-branch
//
// Deprecated: Please use ListAppRestrictions instead.
func (s *RepositoriesService) ListApps(ctx context.Context, owner, repo, branch string) ([]*App, *Response, error) {
u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/apps", owner, repo, branch)
req, err := s.client.NewRequest("GET", u, nil)
Expand All @@ -1690,27 +1692,37 @@ func (s *RepositoriesService) ListApps(ctx context.Context, owner, repo, branch
return apps, resp, nil
}

// ListAppRestrictions lists the GitHub apps that have push access to a given protected branch.
// It requires the GitHub apps to have `write` access to the `content` permission.
//
// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#get-apps-with-access-to-the-protected-branch
//
// Note: This is a wrapper around ListApps so a naming convention with ListUserRestrictions and ListTeamRestrictions is preserved.
func (s *RepositoriesService) ListAppRestrictions(ctx context.Context, owner, repo, branch string) ([]*App, *Response, error) {
return s.ListApps(ctx, owner, repo, branch)
}

// ReplaceAppRestrictions replaces the apps that have push access to a given protected branch.
// It removes all apps that previously had push access and grants push access to the new list of apps.
// It requires the GitHub apps to have `write` access to the `content` permission.
//
// Note: The list of users, apps, and teams in total is limited to 100 items.
//
// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#set-app-access-restrictions
func (s *RepositoriesService) ReplaceAppRestrictions(ctx context.Context, owner, repo, branch string, slug []string) ([]*App, *Response, error) {
func (s *RepositoriesService) ReplaceAppRestrictions(ctx context.Context, owner, repo, branch string, apps []string) ([]*App, *Response, error) {
u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/apps", owner, repo, branch)
req, err := s.client.NewRequest("PUT", u, slug)
req, err := s.client.NewRequest("PUT", u, apps)
if err != nil {
return nil, nil, err
}

var apps []*App
resp, err := s.client.Do(ctx, req, &apps)
var newApps []*App
resp, err := s.client.Do(ctx, req, &newApps)
if err != nil {
return nil, resp, err
}

return apps, resp, nil
return newApps, resp, nil
}

// AddAppRestrictions grants the specified apps push access to a given protected branch.
Expand All @@ -1719,42 +1731,216 @@ func (s *RepositoriesService) ReplaceAppRestrictions(ctx context.Context, owner,
// Note: The list of users, apps, and teams in total is limited to 100 items.
//
// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#add-app-access-restrictions
func (s *RepositoriesService) AddAppRestrictions(ctx context.Context, owner, repo, branch string, slug []string) ([]*App, *Response, error) {
func (s *RepositoriesService) AddAppRestrictions(ctx context.Context, owner, repo, branch string, apps []string) ([]*App, *Response, error) {
u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/apps", owner, repo, branch)
req, err := s.client.NewRequest("POST", u, slug)
req, err := s.client.NewRequest("POST", u, apps)
if err != nil {
return nil, nil, err
}

var apps []*App
resp, err := s.client.Do(ctx, req, &apps)
var newApps []*App
resp, err := s.client.Do(ctx, req, &newApps)
if err != nil {
return nil, resp, err
}

return apps, resp, nil
return newApps, resp, nil
}

// RemoveAppRestrictions removes the ability of an app to push to this branch.
// RemoveAppRestrictions removes the restrictions of an app from pushing to this branch.
// It requires the GitHub apps to have `write` access to the `content` permission.
//
// Note: The list of users, apps, and teams in total is limited to 100 items.
//
// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#remove-app-access-restrictions
func (s *RepositoriesService) RemoveAppRestrictions(ctx context.Context, owner, repo, branch string, slug []string) ([]*App, *Response, error) {
func (s *RepositoriesService) RemoveAppRestrictions(ctx context.Context, owner, repo, branch string, apps []string) ([]*App, *Response, error) {
u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/apps", owner, repo, branch)
req, err := s.client.NewRequest("DELETE", u, slug)
req, err := s.client.NewRequest("DELETE", u, apps)
if err != nil {
return nil, nil, err
}

var apps []*App
resp, err := s.client.Do(ctx, req, &apps)
var newApps []*App
resp, err := s.client.Do(ctx, req, &newApps)
if err != nil {
return nil, resp, err
}

return apps, resp, nil
return newApps, resp, nil
}

// ListTeamRestrictions lists the GitHub teams that have push access to a given protected branch.
// It requires the GitHub teams to have `write` access to the `content` permission.
//
// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#get-teams-with-access-to-the-protected-branch
func (s *RepositoriesService) ListTeamRestrictions(ctx context.Context, owner, repo, branch string) ([]*Team, *Response, error) {
u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/teams", owner, repo, branch)
req, err := s.client.NewRequest("GET", u, nil)
if err != nil {
return nil, nil, err
}

var teams []*Team
resp, err := s.client.Do(ctx, req, &teams)
if err != nil {
return nil, resp, err
}

return teams, resp, nil
}

// ReplaceTeamRestrictions replaces the team that have push access to a given protected branch.
// This removes all teams that previously had push access and grants push access to the new list of teams.
// It requires the GitHub teams to have `write` access to the `content` permission.
//
// Note: The list of users, apps, and teams in total is limited to 100 items.
//
// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#set-team-access-restrictions
func (s *RepositoriesService) ReplaceTeamRestrictions(ctx context.Context, owner, repo, branch string, teams []string) ([]*Team, *Response, error) {
u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/teams", owner, repo, branch)
req, err := s.client.NewRequest("PUT", u, teams)
if err != nil {
return nil, nil, err
}

var newTeams []*Team
resp, err := s.client.Do(ctx, req, &newTeams)
if err != nil {
return nil, resp, err
}

return newTeams, resp, nil
}

// AddTeamRestrictions grants the specified teams push access to a given protected branch.
// It requires the GitHub teams to have `write` access to the `content` permission.
//
// Note: The list of users, apps, and teams in total is limited to 100 items.
//
// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#add-team-access-restrictions
func (s *RepositoriesService) AddTeamRestrictions(ctx context.Context, owner, repo, branch string, teams []string) ([]*Team, *Response, error) {
u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/teams", owner, repo, branch)
req, err := s.client.NewRequest("POST", u, teams)
if err != nil {
return nil, nil, err
}

var newTeams []*Team
resp, err := s.client.Do(ctx, req, &newTeams)
if err != nil {
return nil, resp, err
}

return newTeams, resp, nil
}

// RemoveTeamRestrictions removes the restrictions of a team from pushing to this branch.
// It requires the GitHub teams to have `write` access to the `content` permission.
//
// Note: The list of users, apps, and teams in total is limited to 100 items.
//
// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#remove-team-access-restrictions
func (s *RepositoriesService) RemoveTeamRestrictions(ctx context.Context, owner, repo, branch string, teams []string) ([]*Team, *Response, error) {
u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/teams", owner, repo, branch)
req, err := s.client.NewRequest("DELETE", u, teams)
if err != nil {
return nil, nil, err
}

var newTeams []*Team
resp, err := s.client.Do(ctx, req, &newTeams)
if err != nil {
return nil, resp, err
}

return newTeams, resp, nil
}

// ListUserRestrictions lists the GitHub users that have push access to a given protected branch.
// It requires the GitHub users to have `write` access to the `content` permission.
//
// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#get-users-with-access-to-the-protected-branch
func (s *RepositoriesService) ListUserRestrictions(ctx context.Context, owner, repo, branch string) ([]*User, *Response, error) {
u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/users", owner, repo, branch)
req, err := s.client.NewRequest("GET", u, nil)
if err != nil {
return nil, nil, err
}

var users []*User
resp, err := s.client.Do(ctx, req, &users)
if err != nil {
return nil, resp, err
}

return users, resp, nil
}

// ReplaceUserRestrictions replaces the user that have push access to a given protected branch.
// It removes all users that previously had push access and grants push access to the new list of users.
// It requires the GitHub users to have `write` access to the `content` permission.
//
// Note: The list of users, apps, and teams in total is limited to 100 items.
//
// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#set-team-access-restrictions
func (s *RepositoriesService) ReplaceUserRestrictions(ctx context.Context, owner, repo, branch string, users []string) ([]*User, *Response, error) {
u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/users", owner, repo, branch)
req, err := s.client.NewRequest("PUT", u, users)
if err != nil {
return nil, nil, err
}

var newUsers []*User
resp, err := s.client.Do(ctx, req, &newUsers)
if err != nil {
return nil, resp, err
}

return newUsers, resp, nil
}

// AddUserRestrictions grants the specified users push access to a given protected branch.
// It requires the GitHub users to have `write` access to the `content` permission.
//
// Note: The list of users, apps, and teams in total is limited to 100 items.
//
// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#add-team-access-restrictions
func (s *RepositoriesService) AddUserRestrictions(ctx context.Context, owner, repo, branch string, users []string) ([]*User, *Response, error) {
u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/users", owner, repo, branch)
req, err := s.client.NewRequest("POST", u, users)
if err != nil {
return nil, nil, err
}

var newUsers []*User
resp, err := s.client.Do(ctx, req, &newUsers)
if err != nil {
return nil, resp, err
}

return newUsers, resp, nil
}

// RemoveUserRestrictions removes the restrictions of a user from pushing to this branch.
// It requires the GitHub users to have `write` access to the `content` permission.
//
// Note: The list of users, apps, and teams in total is limited to 100 items.
//
// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#remove-team-access-restrictions
func (s *RepositoriesService) RemoveUserRestrictions(ctx context.Context, owner, repo, branch string, users []string) ([]*User, *Response, error) {
u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/users", owner, repo, branch)
req, err := s.client.NewRequest("DELETE", u, users)
if err != nil {
return nil, nil, err
}

var newUsers []*User
resp, err := s.client.Do(ctx, req, &newUsers)
if err != nil {
return nil, resp, err
}

return newUsers, resp, nil
}

// TransferRequest represents a request to transfer a repository.
Expand Down
Loading
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载