This web service addresses an inconsistency in the GitHub API's behavior regarding collaborator permissions. Specifically, it mitigates the issue with the endpoint https://api.github.com/repos/{owner}/{repo}/collaborators/{username}/permission, which returns a 200 status code even if the username is no longer a collaborator (when a 404 would be expected).
The GitHub API endpoint https://api.github.com/repos/{owner}/{repo}/collaborators/{username}/permission returns a 200 status code regardless of whether the user is still a collaborator or not, leading to potential misinterpretation of user permissions.
This service resolves the issue by first calling the API endpoint https://api.github.com/repos/{owner}/{repo}/collaborators/{username} to check if the status code is 200 (indicating the user is a collaborator). Only if this check passes does it then call https://api.github.com/repos/{owner}/{repo}/collaborators/{username}/permission to retrieve the actual permissions.
-
Clone the repository:
git clone <repository-url> cd <repository-directory>
-
Install the dependencies:
pip install -r requirements.txt
-
Run the web service:
python app.py
-
The service will be available at
http://localhost:8080.
- URL:
/check_permission - Method:
GET - Query Parameters:
owner(string): The owner of the repository.repo(string): The name of the repository.username(string): The username to check.
- Response:
200 OK: If the user is a collaborator, returns the permission details.404 Not Found: If the user is not a collaborator.
This web service leverages the apispec library to generate the OpenAPI Specification of the API endpoint exposed. To update the swagger.yaml file, you can run:
python app/generate_spec.pyTo check if a user is a collaborator and get their permissions:
curl -X GET "http://localhost:5000/check_permission?owner=octocat&repo=Hello-World&username=someuser"This will first verify if the user is a collaborator and then, if they are, return their permission details.