diff --git a/descriptions/api.github.com/api.github.com.2022-11-28.json b/descriptions/api.github.com/api.github.com.2022-11-28.json index 81f2146f22..df0c050959 100644 --- a/descriptions/api.github.com/api.github.com.2022-11-28.json +++ b/descriptions/api.github.com/api.github.com.2022-11-28.json @@ -38681,7 +38681,7 @@ "/repos/{owner}/{repo}/collaborators": { "get": { "summary": "List repository collaborators", - "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nOrganization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have push access to the repository to use this endpoint.\n\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", + "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nThe `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization.\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", "tags": [ "repos" ], @@ -38811,7 +38811,7 @@ }, "put": { "summary": "Add a repository collaborator", - "description": "This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see \"[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)\" and \"[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api).\"\n\nAdding an outside collaborator may be restricted by enterprise administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories).\"\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/rest/collaborators/invitations).\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", + "description": "Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an \"outside collaborator\" (if they are not an Enterprise Managed User) or a \"repository collaborator\" if they are an Enterprise Managed User. These users are exempt from some organization policies - see \"[Adding outside collaborators to repositories](https://docs.github.com/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)\" to learn more about these collaborator types.\n\nThis endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications).\n\nAdding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)\" and \"[Setting permissions for adding outside collaborators](https://docs.github.com/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)\" for organization settings.\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/rest/collaborators/invitations).\n\nFor Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise.\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", "tags": [ "repos" ], @@ -38876,7 +38876,14 @@ "description": "Response when:\n- an existing collaborator is added as a collaborator\n- an organization member is added as an individual collaborator\n- an existing team member (whose team is also a repository collaborator) is added as an individual collaborator" }, "422": { - "$ref": "#/components/responses/validation_failed" + "description": "Response when:\n- validation failed, or the endpoint has been spammed\n- an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/validation-error" + } + } + } }, "403": { "$ref": "#/components/responses/forbidden" @@ -38934,7 +38941,7 @@ "/repos/{owner}/{repo}/collaborators/{username}/permission": { "get": { "summary": "Get repository permissions for a user", - "description": "Checks the repository permission of a collaborator. The possible repository\npermissions are `admin`, `write`, `read`, and `none`.\n\n*Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the\ncollaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The\n`permissions` hash can also be used to determine which base level of access the collaborator has to the repository.", + "description": "Checks the repository permission and role of a collaborator.\n\nThe `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`.\nThe `role_name` attribute provides the name of the assigned role, including custom roles. The\n`permission` can also be used to determine which base level of access the collaborator has to the repository.\n\nThe calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.", "tags": [ "repos" ], diff --git a/descriptions/api.github.com/api.github.com.2022-11-28.yaml b/descriptions/api.github.com/api.github.com.2022-11-28.yaml index 448219f3e1..8da26e30b0 100644 --- a/descriptions/api.github.com/api.github.com.2022-11-28.yaml +++ b/descriptions/api.github.com/api.github.com.2022-11-28.yaml @@ -28157,12 +28157,12 @@ paths: summary: List repository collaborators description: |- For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. - Organization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint. + The `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. Team members will include the members of child teams. - The authenticated user must have push access to the repository to use this endpoint. - + The authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization. OAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint. tags: - repos @@ -28259,11 +28259,13 @@ paths: put: summary: Add a repository collaborator description: |- - This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." + Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an "outside collaborator" (if they are not an Enterprise Managed User) or a "repository collaborator" if they are an Enterprise Managed User. These users are exempt from some organization policies - see "[Adding outside collaborators to repositories](https://docs.github.com/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)" to learn more about these collaborator types. - Adding an outside collaborator may be restricted by enterprise administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)." + This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). - For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: + Adding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)" and "[Setting permissions for adding outside collaborators](https://docs.github.com/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)" for organization settings. + + For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: ``` Cannot assign {member} permission of {role name} @@ -28273,6 +28275,8 @@ paths: The invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/rest/collaborators/invitations). + For Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise. + **Updating an existing collaborator's permission level** The endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed. @@ -28327,7 +28331,14 @@ paths: - an organization member is added as an individual collaborator - an existing team member (whose team is also a repository collaborator) is added as an individual collaborator '422': - "$ref": "#/components/responses/validation_failed" + description: |- + Response when: + - validation failed, or the endpoint has been spammed + - an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts + content: + application/json: + schema: + "$ref": "#/components/schemas/validation-error" '403': "$ref": "#/components/responses/forbidden" x-github: @@ -28387,13 +28398,15 @@ paths: get: summary: Get repository permissions for a user description: |- - Checks the repository permission of a collaborator. The possible repository - permissions are `admin`, `write`, `read`, and `none`. + Checks the repository permission and role of a collaborator. + + The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the + `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. + The `role_name` attribute provides the name of the assigned role, including custom roles. The + `permission` can also be used to determine which base level of access the collaborator has to the repository. - *Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the - `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the - collaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The - `permissions` hash can also be used to determine which base level of access the collaborator has to the repository. + The calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. tags: - repos operationId: repos/get-collaborator-permission-level diff --git a/descriptions/api.github.com/api.github.com.json b/descriptions/api.github.com/api.github.com.json index 81f2146f22..df0c050959 100644 --- a/descriptions/api.github.com/api.github.com.json +++ b/descriptions/api.github.com/api.github.com.json @@ -38681,7 +38681,7 @@ "/repos/{owner}/{repo}/collaborators": { "get": { "summary": "List repository collaborators", - "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nOrganization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have push access to the repository to use this endpoint.\n\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", + "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nThe `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization.\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", "tags": [ "repos" ], @@ -38811,7 +38811,7 @@ }, "put": { "summary": "Add a repository collaborator", - "description": "This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see \"[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)\" and \"[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api).\"\n\nAdding an outside collaborator may be restricted by enterprise administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories).\"\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/rest/collaborators/invitations).\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", + "description": "Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an \"outside collaborator\" (if they are not an Enterprise Managed User) or a \"repository collaborator\" if they are an Enterprise Managed User. These users are exempt from some organization policies - see \"[Adding outside collaborators to repositories](https://docs.github.com/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)\" to learn more about these collaborator types.\n\nThis endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications).\n\nAdding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)\" and \"[Setting permissions for adding outside collaborators](https://docs.github.com/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)\" for organization settings.\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/rest/collaborators/invitations).\n\nFor Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise.\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", "tags": [ "repos" ], @@ -38876,7 +38876,14 @@ "description": "Response when:\n- an existing collaborator is added as a collaborator\n- an organization member is added as an individual collaborator\n- an existing team member (whose team is also a repository collaborator) is added as an individual collaborator" }, "422": { - "$ref": "#/components/responses/validation_failed" + "description": "Response when:\n- validation failed, or the endpoint has been spammed\n- an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/validation-error" + } + } + } }, "403": { "$ref": "#/components/responses/forbidden" @@ -38934,7 +38941,7 @@ "/repos/{owner}/{repo}/collaborators/{username}/permission": { "get": { "summary": "Get repository permissions for a user", - "description": "Checks the repository permission of a collaborator. The possible repository\npermissions are `admin`, `write`, `read`, and `none`.\n\n*Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the\ncollaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The\n`permissions` hash can also be used to determine which base level of access the collaborator has to the repository.", + "description": "Checks the repository permission and role of a collaborator.\n\nThe `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`.\nThe `role_name` attribute provides the name of the assigned role, including custom roles. The\n`permission` can also be used to determine which base level of access the collaborator has to the repository.\n\nThe calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.", "tags": [ "repos" ], diff --git a/descriptions/api.github.com/api.github.com.yaml b/descriptions/api.github.com/api.github.com.yaml index 448219f3e1..8da26e30b0 100644 --- a/descriptions/api.github.com/api.github.com.yaml +++ b/descriptions/api.github.com/api.github.com.yaml @@ -28157,12 +28157,12 @@ paths: summary: List repository collaborators description: |- For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. - Organization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint. + The `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. Team members will include the members of child teams. - The authenticated user must have push access to the repository to use this endpoint. - + The authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization. OAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint. tags: - repos @@ -28259,11 +28259,13 @@ paths: put: summary: Add a repository collaborator description: |- - This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." + Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an "outside collaborator" (if they are not an Enterprise Managed User) or a "repository collaborator" if they are an Enterprise Managed User. These users are exempt from some organization policies - see "[Adding outside collaborators to repositories](https://docs.github.com/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)" to learn more about these collaborator types. - Adding an outside collaborator may be restricted by enterprise administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)." + This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). - For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: + Adding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)" and "[Setting permissions for adding outside collaborators](https://docs.github.com/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)" for organization settings. + + For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: ``` Cannot assign {member} permission of {role name} @@ -28273,6 +28275,8 @@ paths: The invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/rest/collaborators/invitations). + For Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise. + **Updating an existing collaborator's permission level** The endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed. @@ -28327,7 +28331,14 @@ paths: - an organization member is added as an individual collaborator - an existing team member (whose team is also a repository collaborator) is added as an individual collaborator '422': - "$ref": "#/components/responses/validation_failed" + description: |- + Response when: + - validation failed, or the endpoint has been spammed + - an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts + content: + application/json: + schema: + "$ref": "#/components/schemas/validation-error" '403': "$ref": "#/components/responses/forbidden" x-github: @@ -28387,13 +28398,15 @@ paths: get: summary: Get repository permissions for a user description: |- - Checks the repository permission of a collaborator. The possible repository - permissions are `admin`, `write`, `read`, and `none`. + Checks the repository permission and role of a collaborator. + + The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the + `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. + The `role_name` attribute provides the name of the assigned role, including custom roles. The + `permission` can also be used to determine which base level of access the collaborator has to the repository. - *Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the - `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the - collaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The - `permissions` hash can also be used to determine which base level of access the collaborator has to the repository. + The calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. tags: - repos operationId: repos/get-collaborator-permission-level diff --git a/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.json b/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.json index 9502ab08ea..d5602f9f1a 100644 --- a/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.json +++ b/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.json @@ -239628,7 +239628,7 @@ "/repos/{owner}/{repo}/collaborators": { "get": { "summary": "List repository collaborators", - "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nOrganization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have push access to the repository to use this endpoint.\n\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", + "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nThe `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization.\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", "tags": [ "repos" ], @@ -240002,7 +240002,7 @@ }, "put": { "summary": "Add a repository collaborator", - "description": "This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see \"[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)\" and \"[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api).\"\n\nAdding an outside collaborator may be restricted by enterprise administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories).\"\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/rest/collaborators/invitations).\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", + "description": "Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an \"outside collaborator\" (if they are not an Enterprise Managed User) or a \"repository collaborator\" if they are an Enterprise Managed User. These users are exempt from some organization policies - see \"[Adding outside collaborators to repositories](https://docs.github.com/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)\" to learn more about these collaborator types.\n\nThis endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications).\n\nAdding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)\" and \"[Setting permissions for adding outside collaborators](https://docs.github.com/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)\" for organization settings.\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/rest/collaborators/invitations).\n\nFor Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise.\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", "tags": [ "repos" ], @@ -241179,7 +241179,7 @@ "description": "Response when:\n- an existing collaborator is added as a collaborator\n- an organization member is added as an individual collaborator\n- an existing team member (whose team is also a repository collaborator) is added as an individual collaborator" }, "422": { - "description": "Validation failed, or the endpoint has been spammed.", + "description": "Response when:\n- validation failed, or the endpoint has been spammed\n- an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts", "content": { "application/json": { "schema": { @@ -241433,7 +241433,7 @@ "/repos/{owner}/{repo}/collaborators/{username}/permission": { "get": { "summary": "Get repository permissions for a user", - "description": "Checks the repository permission of a collaborator. The possible repository\npermissions are `admin`, `write`, `read`, and `none`.\n\n*Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the\ncollaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The\n`permissions` hash can also be used to determine which base level of access the collaborator has to the repository.", + "description": "Checks the repository permission and role of a collaborator.\n\nThe `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`.\nThe `role_name` attribute provides the name of the assigned role, including custom roles. The\n`permission` can also be used to determine which base level of access the collaborator has to the repository.\n\nThe calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.", "tags": [ "repos" ], diff --git a/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.yaml b/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.yaml index d3beeaaf3e..81517fce71 100644 --- a/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.yaml +++ b/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.yaml @@ -58112,12 +58112,12 @@ paths: summary: List repository collaborators description: |- For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. - Organization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint. + The `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. Team members will include the members of child teams. - The authenticated user must have push access to the repository to use this endpoint. - + The authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization. OAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint. tags: - repos @@ -58352,11 +58352,13 @@ paths: put: summary: Add a repository collaborator description: |- - This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." + Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an "outside collaborator" (if they are not an Enterprise Managed User) or a "repository collaborator" if they are an Enterprise Managed User. These users are exempt from some organization policies - see "[Adding outside collaborators to repositories](https://docs.github.com/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)" to learn more about these collaborator types. - Adding an outside collaborator may be restricted by enterprise administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)." + This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). - For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: + Adding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)" and "[Setting permissions for adding outside collaborators](https://docs.github.com/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)" for organization settings. + + For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: ``` Cannot assign {member} permission of {role name} @@ -58366,6 +58368,8 @@ paths: The invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/rest/collaborators/invitations). + For Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise. + **Updating an existing collaborator's permission level** The endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed. @@ -58590,7 +58594,14 @@ paths: - an existing collaborator is added as a collaborator - an organization member is added as an individual collaborator - an existing team member (whose team is also a repository collaborator) is added as an individual collaborator - '422': *15 + '422': + description: |- + Response when: + - validation failed, or the endpoint has been spammed + - an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts + content: + application/json: + schema: *98 '403': *29 x-github: triggersNotification: true @@ -58647,13 +58658,15 @@ paths: get: summary: Get repository permissions for a user description: |- - Checks the repository permission of a collaborator. The possible repository - permissions are `admin`, `write`, `read`, and `none`. + Checks the repository permission and role of a collaborator. + + The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the + `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. + The `role_name` attribute provides the name of the assigned role, including custom roles. The + `permission` can also be used to determine which base level of access the collaborator has to the repository. - *Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the - `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the - collaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The - `permissions` hash can also be used to determine which base level of access the collaborator has to the repository. + The calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. tags: - repos operationId: repos/get-collaborator-permission-level diff --git a/descriptions/api.github.com/dereferenced/api.github.com.deref.json b/descriptions/api.github.com/dereferenced/api.github.com.deref.json index 9502ab08ea..d5602f9f1a 100644 --- a/descriptions/api.github.com/dereferenced/api.github.com.deref.json +++ b/descriptions/api.github.com/dereferenced/api.github.com.deref.json @@ -239628,7 +239628,7 @@ "/repos/{owner}/{repo}/collaborators": { "get": { "summary": "List repository collaborators", - "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nOrganization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have push access to the repository to use this endpoint.\n\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", + "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nThe `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization.\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", "tags": [ "repos" ], @@ -240002,7 +240002,7 @@ }, "put": { "summary": "Add a repository collaborator", - "description": "This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see \"[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)\" and \"[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api).\"\n\nAdding an outside collaborator may be restricted by enterprise administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories).\"\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/rest/collaborators/invitations).\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", + "description": "Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an \"outside collaborator\" (if they are not an Enterprise Managed User) or a \"repository collaborator\" if they are an Enterprise Managed User. These users are exempt from some organization policies - see \"[Adding outside collaborators to repositories](https://docs.github.com/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)\" to learn more about these collaborator types.\n\nThis endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications).\n\nAdding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)\" and \"[Setting permissions for adding outside collaborators](https://docs.github.com/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)\" for organization settings.\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/rest/collaborators/invitations).\n\nFor Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise.\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", "tags": [ "repos" ], @@ -241179,7 +241179,7 @@ "description": "Response when:\n- an existing collaborator is added as a collaborator\n- an organization member is added as an individual collaborator\n- an existing team member (whose team is also a repository collaborator) is added as an individual collaborator" }, "422": { - "description": "Validation failed, or the endpoint has been spammed.", + "description": "Response when:\n- validation failed, or the endpoint has been spammed\n- an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts", "content": { "application/json": { "schema": { @@ -241433,7 +241433,7 @@ "/repos/{owner}/{repo}/collaborators/{username}/permission": { "get": { "summary": "Get repository permissions for a user", - "description": "Checks the repository permission of a collaborator. The possible repository\npermissions are `admin`, `write`, `read`, and `none`.\n\n*Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the\ncollaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The\n`permissions` hash can also be used to determine which base level of access the collaborator has to the repository.", + "description": "Checks the repository permission and role of a collaborator.\n\nThe `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`.\nThe `role_name` attribute provides the name of the assigned role, including custom roles. The\n`permission` can also be used to determine which base level of access the collaborator has to the repository.\n\nThe calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.", "tags": [ "repos" ], diff --git a/descriptions/api.github.com/dereferenced/api.github.com.deref.yaml b/descriptions/api.github.com/dereferenced/api.github.com.deref.yaml index d3beeaaf3e..81517fce71 100644 --- a/descriptions/api.github.com/dereferenced/api.github.com.deref.yaml +++ b/descriptions/api.github.com/dereferenced/api.github.com.deref.yaml @@ -58112,12 +58112,12 @@ paths: summary: List repository collaborators description: |- For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. - Organization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint. + The `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. Team members will include the members of child teams. - The authenticated user must have push access to the repository to use this endpoint. - + The authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization. OAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint. tags: - repos @@ -58352,11 +58352,13 @@ paths: put: summary: Add a repository collaborator description: |- - This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." + Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an "outside collaborator" (if they are not an Enterprise Managed User) or a "repository collaborator" if they are an Enterprise Managed User. These users are exempt from some organization policies - see "[Adding outside collaborators to repositories](https://docs.github.com/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)" to learn more about these collaborator types. - Adding an outside collaborator may be restricted by enterprise administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)." + This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). - For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: + Adding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)" and "[Setting permissions for adding outside collaborators](https://docs.github.com/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)" for organization settings. + + For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: ``` Cannot assign {member} permission of {role name} @@ -58366,6 +58368,8 @@ paths: The invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/rest/collaborators/invitations). + For Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise. + **Updating an existing collaborator's permission level** The endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed. @@ -58590,7 +58594,14 @@ paths: - an existing collaborator is added as a collaborator - an organization member is added as an individual collaborator - an existing team member (whose team is also a repository collaborator) is added as an individual collaborator - '422': *15 + '422': + description: |- + Response when: + - validation failed, or the endpoint has been spammed + - an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts + content: + application/json: + schema: *98 '403': *29 x-github: triggersNotification: true @@ -58647,13 +58658,15 @@ paths: get: summary: Get repository permissions for a user description: |- - Checks the repository permission of a collaborator. The possible repository - permissions are `admin`, `write`, `read`, and `none`. + Checks the repository permission and role of a collaborator. + + The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the + `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. + The `role_name` attribute provides the name of the assigned role, including custom roles. The + `permission` can also be used to determine which base level of access the collaborator has to the repository. - *Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the - `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the - collaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The - `permissions` hash can also be used to determine which base level of access the collaborator has to the repository. + The calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. tags: - repos operationId: repos/get-collaborator-permission-level diff --git a/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.json b/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.json index 2864884754..056b8bc9a9 100644 --- a/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.json +++ b/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.json @@ -275144,7 +275144,7 @@ "/repos/{owner}/{repo}/collaborators": { "get": { "summary": "List repository collaborators", - "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nOrganization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have push access to the repository to use this endpoint.\n\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", + "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nThe `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization.\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", "tags": [ "repos" ], @@ -275518,7 +275518,7 @@ }, "put": { "summary": "Add a repository collaborator", - "description": "This endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see \"[Rate limits for the API](https://docs.github.com/enterprise-cloud@latest//rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)\" and \"[Best practices for using the REST API](https://docs.github.com/enterprise-cloud@latest//rest/guides/best-practices-for-using-the-rest-api).\"\n\nAdding an outside collaborator may be restricted by enterprise administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories).\"\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/enterprise-cloud@latest//rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/enterprise-cloud@latest//rest/collaborators/invitations).\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", + "description": "Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an \"outside collaborator\" (if they are not an Enterprise Managed User) or a \"repository collaborator\" if they are an Enterprise Managed User. These users are exempt from some organization policies - see \"[Adding outside collaborators to repositories](https://docs.github.com/enterprise-cloud@latest//organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)\" to learn more about these collaborator types.\n\nThis endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications).\n\nAdding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)\" and \"[Setting permissions for adding outside collaborators](https://docs.github.com/enterprise-cloud@latest//organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)\" for organization settings.\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/enterprise-cloud@latest//rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/enterprise-cloud@latest//rest/collaborators/invitations).\n\nFor Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise.\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", "tags": [ "repos" ], @@ -276707,7 +276707,7 @@ "description": "Response when:\n- an existing collaborator is added as a collaborator\n- an organization member is added as an individual collaborator\n- an existing team member (whose team is also a repository collaborator) is added as an individual collaborator" }, "422": { - "description": "Validation failed, or the endpoint has been spammed.", + "description": "Response when:\n- validation failed, or the endpoint has been spammed\n- an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts", "content": { "application/json": { "schema": { @@ -276961,7 +276961,7 @@ "/repos/{owner}/{repo}/collaborators/{username}/permission": { "get": { "summary": "Get repository permissions for a user", - "description": "Checks the repository permission of a collaborator. The possible repository\npermissions are `admin`, `write`, `read`, and `none`.\n\n*Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the\ncollaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The\n`permissions` hash can also be used to determine which base level of access the collaborator has to the repository.", + "description": "Checks the repository permission and role of a collaborator.\n\nThe `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`.\nThe `role_name` attribute provides the name of the assigned role, including custom roles. The\n`permission` can also be used to determine which base level of access the collaborator has to the repository.\n\nThe calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.", "tags": [ "repos" ], diff --git a/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.yaml b/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.yaml index ba197c6535..278563d2d0 100644 --- a/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.yaml +++ b/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.yaml @@ -66393,12 +66393,12 @@ paths: summary: List repository collaborators description: |- For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. - Organization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint. + The `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. Team members will include the members of child teams. - The authenticated user must have push access to the repository to use this endpoint. - + The authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization. OAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint. tags: - repos @@ -66633,11 +66633,13 @@ paths: put: summary: Add a repository collaborator description: |- - This endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/enterprise-cloud@latest//rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/enterprise-cloud@latest//rest/guides/best-practices-for-using-the-rest-api)." + Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an "outside collaborator" (if they are not an Enterprise Managed User) or a "repository collaborator" if they are an Enterprise Managed User. These users are exempt from some organization policies - see "[Adding outside collaborators to repositories](https://docs.github.com/enterprise-cloud@latest//organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)" to learn more about these collaborator types. - Adding an outside collaborator may be restricted by enterprise administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)." + This endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications). - For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: + Adding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)" and "[Setting permissions for adding outside collaborators](https://docs.github.com/enterprise-cloud@latest//organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)" for organization settings. + + For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: ``` Cannot assign {member} permission of {role name} @@ -66647,6 +66649,8 @@ paths: The invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/enterprise-cloud@latest//rest/collaborators/invitations). + For Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise. + **Updating an existing collaborator's permission level** The endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed. @@ -66871,7 +66875,14 @@ paths: - an existing collaborator is added as a collaborator - an organization member is added as an individual collaborator - an existing team member (whose team is also a repository collaborator) is added as an individual collaborator - '422': *15 + '422': + description: |- + Response when: + - validation failed, or the endpoint has been spammed + - an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts + content: + application/json: + schema: *179 '403': *29 x-github: triggersNotification: true @@ -66928,13 +66939,15 @@ paths: get: summary: Get repository permissions for a user description: |- - Checks the repository permission of a collaborator. The possible repository - permissions are `admin`, `write`, `read`, and `none`. + Checks the repository permission and role of a collaborator. + + The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the + `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. + The `role_name` attribute provides the name of the assigned role, including custom roles. The + `permission` can also be used to determine which base level of access the collaborator has to the repository. - *Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the - `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the - collaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The - `permissions` hash can also be used to determine which base level of access the collaborator has to the repository. + The calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. tags: - repos operationId: repos/get-collaborator-permission-level diff --git a/descriptions/ghec/dereferenced/ghec.deref.json b/descriptions/ghec/dereferenced/ghec.deref.json index 2864884754..056b8bc9a9 100644 --- a/descriptions/ghec/dereferenced/ghec.deref.json +++ b/descriptions/ghec/dereferenced/ghec.deref.json @@ -275144,7 +275144,7 @@ "/repos/{owner}/{repo}/collaborators": { "get": { "summary": "List repository collaborators", - "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nOrganization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have push access to the repository to use this endpoint.\n\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", + "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nThe `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization.\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", "tags": [ "repos" ], @@ -275518,7 +275518,7 @@ }, "put": { "summary": "Add a repository collaborator", - "description": "This endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see \"[Rate limits for the API](https://docs.github.com/enterprise-cloud@latest//rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)\" and \"[Best practices for using the REST API](https://docs.github.com/enterprise-cloud@latest//rest/guides/best-practices-for-using-the-rest-api).\"\n\nAdding an outside collaborator may be restricted by enterprise administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories).\"\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/enterprise-cloud@latest//rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/enterprise-cloud@latest//rest/collaborators/invitations).\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", + "description": "Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an \"outside collaborator\" (if they are not an Enterprise Managed User) or a \"repository collaborator\" if they are an Enterprise Managed User. These users are exempt from some organization policies - see \"[Adding outside collaborators to repositories](https://docs.github.com/enterprise-cloud@latest//organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)\" to learn more about these collaborator types.\n\nThis endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications).\n\nAdding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)\" and \"[Setting permissions for adding outside collaborators](https://docs.github.com/enterprise-cloud@latest//organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)\" for organization settings.\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/enterprise-cloud@latest//rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/enterprise-cloud@latest//rest/collaborators/invitations).\n\nFor Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise.\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", "tags": [ "repos" ], @@ -276707,7 +276707,7 @@ "description": "Response when:\n- an existing collaborator is added as a collaborator\n- an organization member is added as an individual collaborator\n- an existing team member (whose team is also a repository collaborator) is added as an individual collaborator" }, "422": { - "description": "Validation failed, or the endpoint has been spammed.", + "description": "Response when:\n- validation failed, or the endpoint has been spammed\n- an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts", "content": { "application/json": { "schema": { @@ -276961,7 +276961,7 @@ "/repos/{owner}/{repo}/collaborators/{username}/permission": { "get": { "summary": "Get repository permissions for a user", - "description": "Checks the repository permission of a collaborator. The possible repository\npermissions are `admin`, `write`, `read`, and `none`.\n\n*Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the\ncollaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The\n`permissions` hash can also be used to determine which base level of access the collaborator has to the repository.", + "description": "Checks the repository permission and role of a collaborator.\n\nThe `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`.\nThe `role_name` attribute provides the name of the assigned role, including custom roles. The\n`permission` can also be used to determine which base level of access the collaborator has to the repository.\n\nThe calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.", "tags": [ "repos" ], diff --git a/descriptions/ghec/dereferenced/ghec.deref.yaml b/descriptions/ghec/dereferenced/ghec.deref.yaml index ba197c6535..278563d2d0 100644 --- a/descriptions/ghec/dereferenced/ghec.deref.yaml +++ b/descriptions/ghec/dereferenced/ghec.deref.yaml @@ -66393,12 +66393,12 @@ paths: summary: List repository collaborators description: |- For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. - Organization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint. + The `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. Team members will include the members of child teams. - The authenticated user must have push access to the repository to use this endpoint. - + The authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization. OAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint. tags: - repos @@ -66633,11 +66633,13 @@ paths: put: summary: Add a repository collaborator description: |- - This endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/enterprise-cloud@latest//rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/enterprise-cloud@latest//rest/guides/best-practices-for-using-the-rest-api)." + Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an "outside collaborator" (if they are not an Enterprise Managed User) or a "repository collaborator" if they are an Enterprise Managed User. These users are exempt from some organization policies - see "[Adding outside collaborators to repositories](https://docs.github.com/enterprise-cloud@latest//organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)" to learn more about these collaborator types. - Adding an outside collaborator may be restricted by enterprise administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)." + This endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications). - For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: + Adding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)" and "[Setting permissions for adding outside collaborators](https://docs.github.com/enterprise-cloud@latest//organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)" for organization settings. + + For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: ``` Cannot assign {member} permission of {role name} @@ -66647,6 +66649,8 @@ paths: The invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/enterprise-cloud@latest//rest/collaborators/invitations). + For Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise. + **Updating an existing collaborator's permission level** The endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed. @@ -66871,7 +66875,14 @@ paths: - an existing collaborator is added as a collaborator - an organization member is added as an individual collaborator - an existing team member (whose team is also a repository collaborator) is added as an individual collaborator - '422': *15 + '422': + description: |- + Response when: + - validation failed, or the endpoint has been spammed + - an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts + content: + application/json: + schema: *179 '403': *29 x-github: triggersNotification: true @@ -66928,13 +66939,15 @@ paths: get: summary: Get repository permissions for a user description: |- - Checks the repository permission of a collaborator. The possible repository - permissions are `admin`, `write`, `read`, and `none`. + Checks the repository permission and role of a collaborator. + + The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the + `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. + The `role_name` attribute provides the name of the assigned role, including custom roles. The + `permission` can also be used to determine which base level of access the collaborator has to the repository. - *Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the - `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the - collaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The - `permissions` hash can also be used to determine which base level of access the collaborator has to the repository. + The calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. tags: - repos operationId: repos/get-collaborator-permission-level diff --git a/descriptions/ghec/ghec.2022-11-28.json b/descriptions/ghec/ghec.2022-11-28.json index 61d3db3cba..83b350bf5a 100644 --- a/descriptions/ghec/ghec.2022-11-28.json +++ b/descriptions/ghec/ghec.2022-11-28.json @@ -46742,7 +46742,7 @@ "/repos/{owner}/{repo}/collaborators": { "get": { "summary": "List repository collaborators", - "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nOrganization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have push access to the repository to use this endpoint.\n\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", + "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nThe `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization.\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", "tags": [ "repos" ], @@ -46872,7 +46872,7 @@ }, "put": { "summary": "Add a repository collaborator", - "description": "This endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see \"[Rate limits for the API](https://docs.github.com/enterprise-cloud@latest//rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)\" and \"[Best practices for using the REST API](https://docs.github.com/enterprise-cloud@latest//rest/guides/best-practices-for-using-the-rest-api).\"\n\nAdding an outside collaborator may be restricted by enterprise administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories).\"\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/enterprise-cloud@latest//rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/enterprise-cloud@latest//rest/collaborators/invitations).\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", + "description": "Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an \"outside collaborator\" (if they are not an Enterprise Managed User) or a \"repository collaborator\" if they are an Enterprise Managed User. These users are exempt from some organization policies - see \"[Adding outside collaborators to repositories](https://docs.github.com/enterprise-cloud@latest//organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)\" to learn more about these collaborator types.\n\nThis endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications).\n\nAdding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)\" and \"[Setting permissions for adding outside collaborators](https://docs.github.com/enterprise-cloud@latest//organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)\" for organization settings.\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/enterprise-cloud@latest//rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/enterprise-cloud@latest//rest/collaborators/invitations).\n\nFor Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise.\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", "tags": [ "repos" ], @@ -46937,7 +46937,14 @@ "description": "Response when:\n- an existing collaborator is added as a collaborator\n- an organization member is added as an individual collaborator\n- an existing team member (whose team is also a repository collaborator) is added as an individual collaborator" }, "422": { - "$ref": "#/components/responses/validation_failed" + "description": "Response when:\n- validation failed, or the endpoint has been spammed\n- an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/validation-error" + } + } + } }, "403": { "$ref": "#/components/responses/forbidden" @@ -46995,7 +47002,7 @@ "/repos/{owner}/{repo}/collaborators/{username}/permission": { "get": { "summary": "Get repository permissions for a user", - "description": "Checks the repository permission of a collaborator. The possible repository\npermissions are `admin`, `write`, `read`, and `none`.\n\n*Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the\ncollaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The\n`permissions` hash can also be used to determine which base level of access the collaborator has to the repository.", + "description": "Checks the repository permission and role of a collaborator.\n\nThe `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`.\nThe `role_name` attribute provides the name of the assigned role, including custom roles. The\n`permission` can also be used to determine which base level of access the collaborator has to the repository.\n\nThe calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.", "tags": [ "repos" ], diff --git a/descriptions/ghec/ghec.2022-11-28.yaml b/descriptions/ghec/ghec.2022-11-28.yaml index 7947c92dd8..20b546191e 100644 --- a/descriptions/ghec/ghec.2022-11-28.yaml +++ b/descriptions/ghec/ghec.2022-11-28.yaml @@ -33922,12 +33922,12 @@ paths: summary: List repository collaborators description: |- For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. - Organization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint. + The `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. Team members will include the members of child teams. - The authenticated user must have push access to the repository to use this endpoint. - + The authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization. OAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint. tags: - repos @@ -34024,11 +34024,13 @@ paths: put: summary: Add a repository collaborator description: |- - This endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/enterprise-cloud@latest//rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/enterprise-cloud@latest//rest/guides/best-practices-for-using-the-rest-api)." + Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an "outside collaborator" (if they are not an Enterprise Managed User) or a "repository collaborator" if they are an Enterprise Managed User. These users are exempt from some organization policies - see "[Adding outside collaborators to repositories](https://docs.github.com/enterprise-cloud@latest//organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)" to learn more about these collaborator types. - Adding an outside collaborator may be restricted by enterprise administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)." + This endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications). - For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: + Adding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)" and "[Setting permissions for adding outside collaborators](https://docs.github.com/enterprise-cloud@latest//organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)" for organization settings. + + For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: ``` Cannot assign {member} permission of {role name} @@ -34038,6 +34040,8 @@ paths: The invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/enterprise-cloud@latest//rest/collaborators/invitations). + For Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise. + **Updating an existing collaborator's permission level** The endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed. @@ -34092,7 +34096,14 @@ paths: - an organization member is added as an individual collaborator - an existing team member (whose team is also a repository collaborator) is added as an individual collaborator '422': - "$ref": "#/components/responses/validation_failed" + description: |- + Response when: + - validation failed, or the endpoint has been spammed + - an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts + content: + application/json: + schema: + "$ref": "#/components/schemas/validation-error" '403': "$ref": "#/components/responses/forbidden" x-github: @@ -34152,13 +34163,15 @@ paths: get: summary: Get repository permissions for a user description: |- - Checks the repository permission of a collaborator. The possible repository - permissions are `admin`, `write`, `read`, and `none`. + Checks the repository permission and role of a collaborator. + + The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the + `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. + The `role_name` attribute provides the name of the assigned role, including custom roles. The + `permission` can also be used to determine which base level of access the collaborator has to the repository. - *Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the - `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the - collaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The - `permissions` hash can also be used to determine which base level of access the collaborator has to the repository. + The calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. tags: - repos operationId: repos/get-collaborator-permission-level diff --git a/descriptions/ghec/ghec.json b/descriptions/ghec/ghec.json index 61d3db3cba..83b350bf5a 100644 --- a/descriptions/ghec/ghec.json +++ b/descriptions/ghec/ghec.json @@ -46742,7 +46742,7 @@ "/repos/{owner}/{repo}/collaborators": { "get": { "summary": "List repository collaborators", - "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nOrganization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have push access to the repository to use this endpoint.\n\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", + "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nThe `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization.\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", "tags": [ "repos" ], @@ -46872,7 +46872,7 @@ }, "put": { "summary": "Add a repository collaborator", - "description": "This endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see \"[Rate limits for the API](https://docs.github.com/enterprise-cloud@latest//rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)\" and \"[Best practices for using the REST API](https://docs.github.com/enterprise-cloud@latest//rest/guides/best-practices-for-using-the-rest-api).\"\n\nAdding an outside collaborator may be restricted by enterprise administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories).\"\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/enterprise-cloud@latest//rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/enterprise-cloud@latest//rest/collaborators/invitations).\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", + "description": "Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an \"outside collaborator\" (if they are not an Enterprise Managed User) or a \"repository collaborator\" if they are an Enterprise Managed User. These users are exempt from some organization policies - see \"[Adding outside collaborators to repositories](https://docs.github.com/enterprise-cloud@latest//organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)\" to learn more about these collaborator types.\n\nThis endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications).\n\nAdding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see \"[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)\" and \"[Setting permissions for adding outside collaborators](https://docs.github.com/enterprise-cloud@latest//organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)\" for organization settings.\n\nFor more information on permission levels, see \"[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)\". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:\n\n```\nCannot assign {member} permission of {role name}\n```\n\nNote that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see \"[HTTP method](https://docs.github.com/enterprise-cloud@latest//rest/guides/getting-started-with-the-rest-api#http-method).\"\n\nThe invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/enterprise-cloud@latest//rest/collaborators/invitations).\n\nFor Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise.\n\n**Updating an existing collaborator's permission level**\n\nThe endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed.\n\n**Rate limits**\n\nYou are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.", "tags": [ "repos" ], @@ -46937,7 +46937,14 @@ "description": "Response when:\n- an existing collaborator is added as a collaborator\n- an organization member is added as an individual collaborator\n- an existing team member (whose team is also a repository collaborator) is added as an individual collaborator" }, "422": { - "$ref": "#/components/responses/validation_failed" + "description": "Response when:\n- validation failed, or the endpoint has been spammed\n- an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/validation-error" + } + } + } }, "403": { "$ref": "#/components/responses/forbidden" @@ -46995,7 +47002,7 @@ "/repos/{owner}/{repo}/collaborators/{username}/permission": { "get": { "summary": "Get repository permissions for a user", - "description": "Checks the repository permission of a collaborator. The possible repository\npermissions are `admin`, `write`, `read`, and `none`.\n\n*Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the\ncollaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The\n`permissions` hash can also be used to determine which base level of access the collaborator has to the repository.", + "description": "Checks the repository permission and role of a collaborator.\n\nThe `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`.\nThe `role_name` attribute provides the name of the assigned role, including custom roles. The\n`permission` can also be used to determine which base level of access the collaborator has to the repository.\n\nThe calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.", "tags": [ "repos" ], diff --git a/descriptions/ghec/ghec.yaml b/descriptions/ghec/ghec.yaml index 7947c92dd8..20b546191e 100644 --- a/descriptions/ghec/ghec.yaml +++ b/descriptions/ghec/ghec.yaml @@ -33922,12 +33922,12 @@ paths: summary: List repository collaborators description: |- For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. - Organization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint. + The `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. Team members will include the members of child teams. - The authenticated user must have push access to the repository to use this endpoint. - + The authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization. OAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint. tags: - repos @@ -34024,11 +34024,13 @@ paths: put: summary: Add a repository collaborator description: |- - This endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/enterprise-cloud@latest//rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/enterprise-cloud@latest//rest/guides/best-practices-for-using-the-rest-api)." + Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an "outside collaborator" (if they are not an Enterprise Managed User) or a "repository collaborator" if they are an Enterprise Managed User. These users are exempt from some organization policies - see "[Adding outside collaborators to repositories](https://docs.github.com/enterprise-cloud@latest//organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)" to learn more about these collaborator types. - Adding an outside collaborator may be restricted by enterprise administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)." + This endpoint triggers [notifications](https://docs.github.com/enterprise-cloud@latest//github/managing-subscriptions-and-notifications-on-github/about-notifications). - For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: + Adding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/enterprise-cloud@latest//admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)" and "[Setting permissions for adding outside collaborators](https://docs.github.com/enterprise-cloud@latest//organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)" for organization settings. + + For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: ``` Cannot assign {member} permission of {role name} @@ -34038,6 +34040,8 @@ paths: The invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/enterprise-cloud@latest//rest/collaborators/invitations). + For Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise. + **Updating an existing collaborator's permission level** The endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed. @@ -34092,7 +34096,14 @@ paths: - an organization member is added as an individual collaborator - an existing team member (whose team is also a repository collaborator) is added as an individual collaborator '422': - "$ref": "#/components/responses/validation_failed" + description: |- + Response when: + - validation failed, or the endpoint has been spammed + - an Enterprise Managed User (EMU) account was invited to a repository in an enterprise with personal user accounts + content: + application/json: + schema: + "$ref": "#/components/schemas/validation-error" '403': "$ref": "#/components/responses/forbidden" x-github: @@ -34152,13 +34163,15 @@ paths: get: summary: Get repository permissions for a user description: |- - Checks the repository permission of a collaborator. The possible repository - permissions are `admin`, `write`, `read`, and `none`. + Checks the repository permission and role of a collaborator. + + The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the + `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. + The `role_name` attribute provides the name of the assigned role, including custom roles. The + `permission` can also be used to determine which base level of access the collaborator has to the repository. - *Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the - `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the - collaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The - `permissions` hash can also be used to determine which base level of access the collaborator has to the repository. + The calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. tags: - repos operationId: repos/get-collaborator-permission-level diff --git a/descriptions/ghes-3.13/dereferenced/ghes-3.13.2022-11-28.deref.json b/descriptions/ghes-3.13/dereferenced/ghes-3.13.2022-11-28.deref.json index d30106a2bb..0344e3abc9 100644 --- a/descriptions/ghes-3.13/dereferenced/ghes-3.13.2022-11-28.deref.json +++ b/descriptions/ghes-3.13/dereferenced/ghes-3.13.2022-11-28.deref.json @@ -214121,7 +214121,7 @@ "/repos/{owner}/{repo}/collaborators": { "get": { "summary": "List repository collaborators", - "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nOrganization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have push access to the repository to use this endpoint.\n\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", + "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nThe `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization.\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", "tags": [ "repos" ], @@ -214816,7 +214816,7 @@ "/repos/{owner}/{repo}/collaborators/{username}/permission": { "get": { "summary": "Get repository permissions for a user", - "description": "Checks the repository permission of a collaborator. The possible repository\npermissions are `admin`, `write`, `read`, and `none`.\n\n*Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the\ncollaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The\n`permissions` hash can also be used to determine which base level of access the collaborator has to the repository.", + "description": "Checks the repository permission and role of a collaborator.\n\nThe `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`.\nThe `role_name` attribute provides the name of the assigned role, including custom roles. The\n`permission` can also be used to determine which base level of access the collaborator has to the repository.\n\nThe calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.", "tags": [ "repos" ], diff --git a/descriptions/ghes-3.13/dereferenced/ghes-3.13.2022-11-28.deref.yaml b/descriptions/ghes-3.13/dereferenced/ghes-3.13.2022-11-28.deref.yaml index f8a0414093..07387d044d 100644 --- a/descriptions/ghes-3.13/dereferenced/ghes-3.13.2022-11-28.deref.yaml +++ b/descriptions/ghes-3.13/dereferenced/ghes-3.13.2022-11-28.deref.yaml @@ -51984,12 +51984,12 @@ paths: summary: List repository collaborators description: |- For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. - Organization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint. + The `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. Team members will include the members of child teams. - The authenticated user must have push access to the repository to use this endpoint. - + The authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization. OAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint. tags: - repos @@ -52272,7 +52272,11 @@ paths: - an existing collaborator is added as a collaborator - an organization member is added as an individual collaborator - an existing team member (whose team is also a repository collaborator) is added as an individual collaborator - '422': *35 + '422': + description: Validation failed, or the endpoint has been spammed. + content: + application/json: + schema: *138 '403': *43 x-github: triggersNotification: true @@ -52329,13 +52333,15 @@ paths: get: summary: Get repository permissions for a user description: |- - Checks the repository permission of a collaborator. The possible repository - permissions are `admin`, `write`, `read`, and `none`. + Checks the repository permission and role of a collaborator. + + The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the + `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. + The `role_name` attribute provides the name of the assigned role, including custom roles. The + `permission` can also be used to determine which base level of access the collaborator has to the repository. - *Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the - `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the - collaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The - `permissions` hash can also be used to determine which base level of access the collaborator has to the repository. + The calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. tags: - repos operationId: repos/get-collaborator-permission-level diff --git a/descriptions/ghes-3.13/dereferenced/ghes-3.13.deref.json b/descriptions/ghes-3.13/dereferenced/ghes-3.13.deref.json index d30106a2bb..0344e3abc9 100644 --- a/descriptions/ghes-3.13/dereferenced/ghes-3.13.deref.json +++ b/descriptions/ghes-3.13/dereferenced/ghes-3.13.deref.json @@ -214121,7 +214121,7 @@ "/repos/{owner}/{repo}/collaborators": { "get": { "summary": "List repository collaborators", - "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nOrganization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have push access to the repository to use this endpoint.\n\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", + "description": "For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.\nThe `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.\n\nTeam members will include the members of child teams.\n\nThe authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization.\nOAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.", "tags": [ "repos" ], @@ -214816,7 +214816,7 @@ "/repos/{owner}/{repo}/collaborators/{username}/permission": { "get": { "summary": "Get repository permissions for a user", - "description": "Checks the repository permission of a collaborator. The possible repository\npermissions are `admin`, `write`, `read`, and `none`.\n\n*Note*: The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`. To determine the role assigned to the\ncollaborator, see the `role_name` attribute, which will provide the full role name, including custom roles. The\n`permissions` hash can also be used to determine which base level of access the collaborator has to the repository.", + "description": "Checks the repository permission and role of a collaborator.\n\nThe `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the\n`maintain` role is mapped to `write` and the `triage` role is mapped to `read`.\nThe `role_name` attribute provides the name of the assigned role, including custom roles. The\n`permission` can also be used to determine which base level of access the collaborator has to the repository.\n\nThe calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise.\nThere is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.", "tags": [ "repos" ], diff --git a/descriptions/ghes-3.13/dereferenced/ghes-3.13.deref.yaml b/descriptions/ghes-3.13/dereferenced/ghes-3.13.deref.yaml index f8a0414093..07387d044d 100644 --- a/descriptions/ghes-3.13/dereferenced/ghes-3.13.deref.yaml +++ b/descriptions/ghes-3.13/dereferenced/ghes-3.13.deref.yaml @@ -51984,12 +51984,12 @@ paths: summary: List repository collaborators description: |- For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. - Organization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint. + The `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. + There is presently not a way to differentiate between an organization level g{"code":"internal","msg":"git-diff-tree: context deadline exceeded","meta":{"cause":"*fmt.wrapError"}}