Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to create Custom Repository Role without permissions #3226

Open
andriyun opened this issue Aug 7, 2024 · 6 comments
Open

Unable to create Custom Repository Role without permissions #3226

andriyun opened this issue Aug 7, 2024 · 6 comments
Assignees

Comments

@andriyun
Copy link
Contributor

andriyun commented Aug 7, 2024

In the current implementation, the client allows you to request a Custom Repository Role for an Organization without specifying the required keys.
CreateCustomRepoRole use as argument opts *CreateOrUpdateCustomRoleOptions which has all key as optional https://github.com/google/go-github/blob/master/github/orgs_custom_roles.go#L60

As a result, the client will allow the creation request to GitHub and will fail with an error.

In most cases, what is missing might be clear and reasonable.

But it doesn't work when creating a custom role with no permissions. In other words when CreateCustomRepoRole gets an empty array as a Permission key.

Due to omitempty in JSON tag of the Permission key, an empty array as value is omitted from the final request to GitHub API, while it is required by the API

In our case, we are using custom roles that might have empty permissions set for flexibility's sake to extend them in the future

@gmlewis
Copy link
Collaborator

gmlewis commented Aug 7, 2024

It sounds like we need a new endpoint with an additional private struct which removes the omitempty from the existing CreateOrUpdateCustomRoleOptions struct, but is otherwise identical. We've done things like this in other places.
For example, here:

params := struct {
Properties []*CustomProperty `json:"properties"`
}{
Properties: properties,
}

@andriyun - would you like to make a PR to address this, or shall I open this up to other contributors to this repo?

@andriyun
Copy link
Contributor Author

andriyun commented Aug 7, 2024

I'll be glad to submit PR with changes to fix it :)

@gmlewis
Copy link
Collaborator

gmlewis commented Aug 7, 2024

Thank you, @andriyun ! It's yours.

andriyun pushed a commit to DanskeCommodities/go-github that referenced this issue Aug 13, 2024
andriyun pushed a commit to DanskeCommodities/go-github that referenced this issue Aug 13, 2024
@andriyun
Copy link
Contributor Author

Hey @gmlewis
Sorry for late question. I didn't get your idea about creating new endpoint. I could neither find other cases you are referring too.
It's true at there are some similar constructions there with CreateOrUpdate****Options
However there are not used separate Create Update` methods.

I've added PR with changes #3235
Please take a look

@gmlewis
Copy link
Collaborator

gmlewis commented Aug 13, 2024

So I was thinking that this could be achieved without breaking the current API by adding separate endpoint(s) that specifically handle the NoPermissions case, and internally uses modified structs where the omitempty has been removed from the permissions field.

Does that make sense?

I've looked at #3235 but was hoping to not break the current API, which that PR does.

andriyun pushed a commit to DanskeCommodities/go-github that referenced this issue Aug 14, 2024
@andriyun
Copy link
Contributor Author

I understand your point now. It makes perfect sense.

I changed the PR in such a way, that it doesn't break the current API.
However, I couldn't run tests locally without fails. The fails I see look not relevant for changes I have added

andriyun pushed a commit to DanskeCommodities/go-github that referenced this issue Aug 15, 2024
andriyun pushed a commit to DanskeCommodities/go-github that referenced this issue Aug 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants