-
-
Notifications
You must be signed in to change notification settings - Fork 5.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
API: allow list collaborators for users with Read access to repo #9956
Comments
The problem lies here: Lines 644 to 649 in f6067a8
The get collaborators list should be available to reporeaders I guess. |
I think the reasoning for the access has been that in the UI only repo admin can see who is collaborator. But I think it would make sense other collaborators can see it. I don't know why the Jenkins plugin need this information, but another problem is there is no option to include also team members with access in the API response. |
In my opinion Jenkins queries the collaborators for determining trust of the particular PR of forks. |
FWIW for the Jenkins plugin, this can be "worked around" by granting admin permissions to the Gitea user that jenkins is authenticating as. But this is awkward to have a service user be so privileged. Would it be possible to add a granular permission for listing collaborators? I can see in the UI when granting read permissions there are toggles for specific resources (wikis, issues, etc). It'd be nice to have an extra checkbox here for collaborators. |
I agree with @davidsvantesson: "collaborators" is not even useful if the access is managed through teams. We should know more about this requirement and make a better suited solution. In the long term we should have profiles specifically designed for robots, plugins, etc. (e.g. read access to most of the info, write access to only a subset). |
Didn't #9995 resolved this one? |
I'm not sure how version strings are managed, but on the latest Docker image with version string Though it may be worth keeping this issue open (or maybe opening a new one?) to track the long term work of rethinking how/why the plugin is listing collaborators in this way in the first place. |
I'll close this for the time being. Feel free to reopen it if you find it's actually not fixed by 1.12.0. 😄 |
This is a request to allow org team users with read access to repos to get the list of collaborators via API from that repo.
Details below:
Gitea version (or commit ref): 1.10.0
Git version: 2.21
Operating system: unix
Database: any
Can you reproduce the bug at https://try.gitea.io:
https://try.gitea.io/api/v1/repos/collabtest/collab/collaborators?access_token=8414c7516aa3fbbc64bab0686ca8fc05c6e0579c
Log gist:
Description
A user with Read access to a repo is unable to GET the list of collaborators.
This request is required by the Gitea Jenkins Plugin to process the PRs automatically.
It is currently an open issue there as well: https://issues.jenkins-ci.org/browse/JENKINS-60017
Also related to this issue on Jenkins-X: jenkins-x/jx#432
The text was updated successfully, but these errors were encountered: