Add List fine-grained personal access tokens with access to organization resources API #3215
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #3215 +/- ##
==========================================
- Coverage 97.72% 92.92% -4.80%
==========================================
Files 153 171 +18
Lines 13390 11609 -1781
==========================================
- Hits 13085 10788 -2297
- Misses 215 727 +512
- Partials 90 94 +4 ☔ View full report in Codecov by Sentry. |
| // GitHub API docs: https://docs.github.com/rest/orgs/personal-access-tokens#list-fine-grained-personal-access-tokens-with-access-to-organization-resources | ||
| // | ||
| //meta:operation GET /orgs/{org}/personal-access-tokens | ||
| func (s *OrganizationsService) ListFineGrainedPersonalAccessTokens(ctx context.Context, org string, opts *ListOptions) ([]*PersonalAccessToken, *Response, error) { |
There was a problem hiding this comment.
This endpoint can take a whole bunch more options:
sort stringThe property by which to sort the results.Default: created_atValue: created_at
--
direction stringThe direction to sort the results by.Default: descCan be one of: asc, desc
owner arrayA list of owner usernames to use to filter the results.
repository stringThe name of the repository to use to filter the results.
permission stringThe permission to use to filter the results.
last_used_before stringOnly show fine-grained personal access tokens used before the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
last_used_after stringOnly show fine-grained personal access tokens used after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
sort string
The property by which to sort the results.
Default: created_at
Value: created_at
direction string
The direction to sort the results by.
Default: desc
Can be one of: asc, desc
owner array
A list of owner usernames to use to filter the results.
repository string
The name of the repository to use to filter the results.
permission string
The permission to use to filter the results.
last_used_before string
Only show fine-grained personal access tokens used before the given time. This is a timestamp in [ISO 8601](https://en.wikipedia.org/wiki/ISO_8601) format: YYYY-MM-DDTHH:MM:SSZ.
last_used_after string
Only show fine-grained personal access tokens used after the given time. This is a timestamp in [ISO 8601](https://en.wikipedia.org/wiki/ISO_8601) format: YYYY-MM-DDTHH:MM:SSZ.
So let's please create a new type ListFineGrainedPATOptions struct { ... ListOptions } that can take all these parameter, and make sure to add omitempty to each one of them since they are optional.
There was a problem hiding this comment.
Good point and sorry for missing that. I added that on my latest commit.
One thing though, using the owner array as
Owner []string `url:"owner,omitempty,comma"`will cause the API to return 422 status code, as it expects the []owner=... format, so I had to create the helper function below.
I tried to find an example on the codebase and I found IssueListOptions, but this one seems to work as that endpoint expects the orgs/{ORG}/issues?labels=bug%2Cfeature format
There was a problem hiding this comment.
@arymoraes - I'm looking all over the GitHub v3 API documentation and can't find []owner=... anywhere.
Where did you find this? It seems incredibly strange syntax to me for a query parameter.
There was a problem hiding this comment.
I also found it very strange. I did not find it on the docs, but by trial and error (and by remembering seeing this kind of issue once).
If you run a CURL with:
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: {TOKEN}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/{ORG}/personal-access-tokens?owner={username}It will give you a 422 status code error:
{
"message": "Invalid request.\n\nInvalid input: `\"{username}\"` is not of type `array`.",
"documentation_url": "https://docs.github.com/rest/orgs/personal-access-tokens#list-fine-grained-personal-access-tokens-with-access-to-organization-resources",
"status": "422"
}However:
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer {TOKEN}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/{ORG}/personal-access-tokens?owner[]={username}
Is valid and will indeed return you a list of tokens filtered by that owner
There was a problem hiding this comment.
OK, wow, that is bizarre... so I was hoping that your unit test would show how multiple owners would appear in the resulting URL, but it doesn't... do they show up as comma-separated values?
There was a problem hiding this comment.
Honestly, it gets even weirder if you want multiple owners.
personal-access-tokens?owner[]=owner1,owner2
doesn't work, it'll just return an empty array of tokens (maybe if thinks the owner name is owner1,owner2?
You have to do
personal-access-tokens?owner[]=owner1&owner[]=owner2
To be able to filter tokens from any of those two owners. This is the one that is generated with addListFineGrainedPATOptions.
I am finding this really weird, but this is the way it works even with curl, so I'm assuming this is indeed the way that GitHub API wants us to send the query param. I tried to search for others with the same question, but could not. I could take another look though.
I should probably improve the comment for addListFineGrainedPATOptions to add the multiple owners scenario, and maybe also test the URL explicitly on the unit test?
There was a problem hiding this comment.
Wow, that's amazing... thank you for the details, @arymoraes !
Maybe could you please just add a comment explaining all this weirdness would be extremely helpful for anyone else that comes across this and tries to use it. Thank you!
There was a problem hiding this comment.
Done!
I added the comments to the addListFineGrainedPATOptions helper function declaration, as well as inside addListFineGrainedPATOptions when we call addListFineGrainedPATOptions, so whoever runs into that code knows why we are doing this.
| ListOptions: ListOptions{Page: 2, PerPage: 2}, | ||
| Sort: "created_at", | ||
| Direction: "desc", | ||
| Owner: []string{"octocat"}, |
There was a problem hiding this comment.
Please modify your test case to list multiple owners in order to demonstrate how this code behaves for this case.
…AccessTokens test case
…edPersonalAccessTokens
There was a problem hiding this comment.
Thank you, @arymoraes !
LGTM.
Awaiting second LGTM+Approval from any other contributor to this repo before merging.
|
@arymoraes @gmlewis Could you please check who will be the next reviewer? |
In this repo, we depend upon volunteers to review. Since you are another contributor to this repo, you are welcome to review this PR and give your feedback. If you approve, please LGTM+Approve and we can move forward with this PR. Thank you. |
|
Thank you, @AbhishekAg ! |
Fixes: #3213.