Skip to content

Restrict Organizations (Public GitHub) #44

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Mar 5, 2017
Merged

Restrict Organizations (Public GitHub) #44

merged 3 commits into from
Mar 5, 2017

Conversation

@jonsharratt
Copy link
Member

@jonsharratt jonsharratt commented Feb 21, 2017
edited
Loading

What did you implement:

Closes #36

Allow new environment variable CODEBOX_RESTRICTED_ORGS you can set with comma separated list of organization names that are only allowed access. e.g. org1,org2.

This allows organisations on public GitHub the ability to grant access to their GitHub application and ensure only those part of the restricted organizations list can then get access to your registry.

Without setting this environment variable anyone with a GitHub / GitHub Enterprise account can have read access to your npm registry by default. We want to allow read access by default as in the enterprise we want to foster productivity and not hamper access in order for npm installs to work.

How did you implement it:

  • Widened scope to include ability to read user organisations
  • If CODEBOX_RESTRICTED_ORGS variable is set then check access against github to see if the user belongs to that org if so they get access.
  • Admins are still explicitly set using CODEBOX_ADMINS variable as organization roles in GitHub are either member or admin which is way too wide to cater for gradual roll out of publishers. Not all team members will be admins of an organization that should have publish rights.

How can we verify it:

  • Deploy this branch with relevant env vars / situations set with public github
  • Deploy this branch with relevant env vars / situations set with enterprise github
  • Check npm info operation and npm publish

Todos:

  • Write tests
  • Write documentation
  • Fix linting errors
  • Tag ready for review or wip

Is this a breaking change?: NO

@jonsharratt jonsharratt changed the title Restrict Organizations Ability Restrict Organizations (Public GitHub) Feb 22, 2017
@jonsharratt
Add option to restrict orgs
504d067 
This allows users wanting to use public github the ability to limit access to their npm registry by whitelisting orgs via environment variable YITH_RESTRICTED_ORGS.
@jonsharratt
Ensure test coverage for restricted orgs
804d5ca
@jonsharratt jonsharratt merged commit 4767da0 into master Mar 5, 2017
@jonsharratt jonsharratt deleted the restrict-orgs branch March 5, 2017 12:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

ready-for-review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jonsharratt