Skip to content

Fix for org/teams API permissions #278

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 6, 2022
Merged

Fix for org/teams API permissions #278

merged 1 commit into from
May 6, 2022

Conversation

@kamicut
Copy link
Member

@kamicut kamicut commented May 5, 2022

What I am changing

  • Fix the API permissions for the org/:id/teams call

How I did it

  • We add the can('organization:view-members') permission to this API call: if an org is public, you can view its teams and members, otherwise you have to be a member of the org

How you can test it

  • Try calling the API for a private org with a non-org member

Related Issues

@vgeorge vgeorge self-requested a review May 6, 2022 08:58
vgeorge
vgeorge approved these changes May 6, 2022
View reviewed changes
Copy link
Member

@vgeorge vgeorge left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kamicut I confirm I wasn't able to see members of a private team, this looks good to merge.

@kamicut kamicut mentioned this pull request May 6, 2022
Closed
@kamicut kamicut merged commit 5b9298d into develop May 6, 2022
@kamicut kamicut deleted the fix/org-team-api-permissions branch May 6, 2022 14:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vgeorge vgeorge vgeorge approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

API Permissions

3 participants

@kamicut @vgeorge