Comments (9)
We are trying to implement this code in our organization and I think we are running into a blocking issue based on this. When a new user logs in and is not part of an organization, they are unable to join the organization because the don't have the rights to do so. If the app were running at a GitHub app, we could grant those permissions to the app. Is there a way around this based on the current code?
from opensource-management-portal.
Rob: do you know which specific permission is causing the issue?
There's two things that need to happen to allow auto-accepting of invitations to work:
- The actual token configured for the application has to come from an organization owner account (a personal access token is OK) - this is to allow inviting people to the org
- The end user needs to have allowed the "increased" scope token with the
org:write
permission. This way, the app can "accept" the org invitation on behalf of the user immediately.
If you do not have #2, that's OK, the user will still receive the standard GitHub invitation either way and can accept it.
Sounds like perhaps the token you are using for the organization itself is not for an owner? Let me know how I can help.
As a general note, please have whoever is helping get this up and running open GitHub issues here or reach out to me over e-mail. We love that some people are experimenting or using this, but we do have a lot of Microsoft-specific logic and code that we've either tried to feature flag out or need to refactor. We do not often explore the app outside of those feature flags, so realize there are probably some bugs in there!
from opensource-management-portal.
I re-created a PAT from my account (I am an organization owner) just to make sure, but we are getting this error:
We are having trouble sending you an invitation through the GitHub organization to join the xxx organization. zzz Error message: You must be an organization owner or team maintainer to add a team membership.
But, I think I know what the issue might be. You gave me a template for the organizations file. I replaced the number, but I think they might be some internal id for a GitHub team. If that is the case, we should probably create our own teams and get the ids. How are these teams used?
[
{
"name": "",
"type": "private",
"ownerToken": "",
"description": "",
"teamAllMembers": "1111111",
"teamPortalSudoers": "222222",
"teamSudoers": "3333333",
"templates": ["mit", "microsoft.docs", "dnfmit", "other"],
"teamAllReposRead": "444444",
"teamAllReposWrite": "555555",
"cla": {
"Microsoft": "666666",
".NET Foundation": "7777777"
}
}
]
from opensource-management-portal.
The teamAllMembers
is used to send an invitation for someone to join the organization. While technically the API allows joins independent of a team invite, when this was implemented in mid-2015, this was the only way to invite someone via an API.
The end result, which is opinionated but liked, was being able to have basically an 'Everyone' team, so if someone wanted to give read access to a private repo to everyone, that would be easy, regardless of the org-wide permissions. This feature may not be too useful. In the latest refactor the teamAllMembers is actually internally exposed as organization.invitationTeam
but the config property has not changed its name.
To learn the GitHub IDs for an organization's teams, to help with onboarding, if you add a property onboarding: true
to an organization in the config, instead of actually including it in the running app, during startup code will hit the GitHub API with the ownerToken
and show you a mapping of team ID to name, to help complete this information.
from opensource-management-portal.
How are the other teams used? Or can they be omitted?
from opensource-management-portal.
It's fine to omit the rest. Portal sudoers and team sudoers might be eventually nice to have, they let people use the portal like an org owner, without having to be one, for some operations.
from opensource-management-portal.
It was the teamAllMembers. Once we get this thing live, we will try to commit some documentation and a couple of fixes we needed to make to get it to run as a container.
from opensource-management-portal.
Cool, thanks. We're running in a Kubernetes cluster on our side, I'll try and get that in so we can compare notes.
from opensource-management-portal.
Merged GitHub App support, finally. We're using it now across 84 organizations x4 apps each. A number of GitHub App bugs were discovered unfortunately so there are issues...
from opensource-management-portal.
Related Issues (20)
- No organization when using modern Github App HOT 4
- vendor.css and client.css not found HOT 5
- Sexe
- Sestem
- LICENSE files should never be updated by the new repository wizard HOT 2
- Porn
- An
- Ads
- Search for "teams" is not working properly. HOT 6
- Cleanup more company-specific bits HOT 2
- Docker-compose up after following setup steps on exits with failure
- Feature flag needed for the org write feature HOT 1
- Remove branch rename implementation HOT 1
- How are webhook payloads published to the service bus? HOT 4
- Hierarchical role design. HOT 2
- Dynamic organization settings example? HOT 2
- typo in UI HOT 1
- Unable to use GitHub App with PAT to dynamically see organisations where i'm part of HOT 3
- Feature: Change how GitHub ID for repo is displayed HOT 3
- Octicons name changes in latest version of primer/octicons HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from opensource-management-portal.