Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings
This repository was archived by the owner on Nov 1, 2017. It is now read-only.

Sync changes from upstream repository#679

Merged
hubot merged 1 commit intomasterfromupdate-1420743032
Jan 8, 2015
Merged
Show file tree
Hide file tree
Changes fromall commits
Commits
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
View file
Open in desktop
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
---
kind: change
title: "New guide: Discovering resources for a user"
created_at: 2015-01-08
author_name: jasonrudolph
---

Is your application taking advantage of the recommended workflow for discovering a user's repositories and organizations? With the [recent improvements to the API](/changes/2014-12-08-organization-permissions-api-preview/), the process is simpler than ever. In our newest guide, we show you how to [reliably identify the resources that your app can access for a given user](/guides/discovering-resources-for-a-user/).

If you have any questions or feedback, we'd love to [hear from you][contact].

[contact]: https://github.com/contact?form%5Bsubject%5D=API+v3:+Discovering+resources+for+a+user
106 changes: 106 additions & 0 deletionscontent/guides/discovering-resources-for-a-user.md
View file
Open in desktop
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,106 @@
---
title: Discovering resources for a user | GitHub API
---

# Discovering resources for a user

* TOC
{:toc}

When making authenticated requests to the GitHub API, applications often need to fetch the current user's repositories and organizations. In this guide, will explain how to reliably discover those resources.

To interact with the GitHub API, we'll be using [Octokit.rb][octokit.rb]. You can find the complete source code for this project in the [platform-samples][platform samples] repository.

## Getting started

If you haven't already, you should read the ["Basics of Authentication"][basics-of-authentication] guide before working through the examples below. The examples below assume that you have [registered an OAuth application][register-oauth-app] and that your [application has an OAuth token for a user][make-authenticated-request-for-user].

## Discover the repositories that your app can access for a user

In addition to having their own personal repositories, a user may be a collaborator on repositories owned by other users and organizations. Collectively, these are the repositories where the user has privileged access: either it's a private repository where the user has read or write access, or it's a public repository where the user has write access.

[OAuth scopes][scopes] determine which of those repositories your app can access for a user. Use the workflow below to discover those repositories.

As always, first we'll require [GitHub's Octokit.rb][octokit.rb] Ruby library. Then we'll configure Octokit.rb to automatically handle [pagination][pagination] for us.

#!ruby
require 'octokit'

Octokit.auto_paginate = true

Next, we want to opt in to the [upcoming improvements to the repository listing API][list-repositories-for-current-user]. To do so, we'll set the media type that gives us access to that functionality.

#!ruby
Octokit.default_media_type = "application/vnd.github.moondragon+json"

Now, we'll pass in our application's [OAuth token for a given user][make-authenticated-request-for-user]:

#!ruby
# !!! DO NOT EVER USE HARD-CODED VALUES IN A REAL APP !!!
# Instead, set and test environment variables, like below.
client = Octokit::Client.new :access_token => ENV["OAUTH_ACCESS_TOKEN"]

Then, we're ready to fetch the [repositories that our application can access for the user][list-repositories-for-current-user]:

#!ruby
client.repositories.each do |repository|
full_name = repository[:full_name]
has_push_access = repository[:permissions][:push]

access_type = if has_push_access
"write"
else
"read-only"
end

puts "User has #{access_type} access to #{full_name}."
end

## Discover the organizations that your app can access for a user

Applications can perform all sorts of organization-related tasks for a user. To perform these tasks, the app needs an [OAuth authorization][scopes] with sufficient permission. For example, the `read:org` scope allows you to [list teams][list-teams], and the `user` scope lets you [publicize the user’s organization membership][publicize-membership]. Once a user has granted one or more of these scopes to your app, you're ready to fetch the user’s organizations.

Just as we did when discovering repositories above, we'll start by requiring [GitHub's Octokit.rb][octokit.rb] Ruby library and configuring it to take care of [pagination][pagination] for us:

#!ruby
require 'octokit'

Octokit.auto_paginate = true

Next, we'll opt in to the [upcoming enhancements to the organization listing API][list-orgs-for-current-user]. To do so, we'll set the media type that gives us access to that functionality.

#!ruby
Octokit.default_media_type = "application/vnd.github.moondragon+json"

Now, we'll pass in our application's [OAuth token for a given user][make-authenticated-request-for-user] to initialize our API client:

#!ruby
# !!! DO NOT EVER USE HARD-CODED VALUES IN A REAL APP !!!
# Instead, set and test environment variables, like below.
client = Octokit::Client.new :access_token => ENV["OAUTH_ACCESS_TOKEN"]

Then, we can [list the organizations that our application can access for the user][list-orgs-for-current-user]:

#!ruby
client.organizations.each do |organization|
puts "User belongs to the #{organization[:login]} organization."
end

### Don’t rely on public organizations

If you've read the docs from cover to cover, you may have noticed an [API method for listing a user's public organization memberships][list-public-orgs]. Most applications should avoid this API method. This method only returns the user's public organization memberships, not their private organization memberships.

As an application, you typically want all of the user's organizations (public and private) that your app is authorized to access. The workflow above will give you exactly that.

[basics-of-authentication]: /guides/basics-of-authentication/
[list-public-orgs]: /v3/orgs/#list-user-organizations
[list-repositories-for-current-user]: /v3/repos/#list-your-repositories
[list-orgs-for-current-user]: /v3/orgs/#list-your-organizations
[list-teams]: /v3/orgs/teams/#list-teams
[make-authenticated-request-for-user]: /guides/basics-of-authentication/#making-authenticated-requests
[octokit.rb]: https://github.com/octokit/octokit.rb
[pagination]: /v3/#pagination
[platform samples]: https://github.com/github/platform-samples/tree/master/api/ruby/discovering-resources-for-a-user
[publicize-membership]: /v3/orgs/members/#publicize-a-users-membership
[register-oauth-app]: /guides/basics-of-authentication/#registering-your-app
[scopes]: /v3/oauth/#scopes
1 change: 1 addition & 0 deletionslayouts/guides.html
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -25,6 +25,7 @@ <h2><a href="/v3/">API</a></h2>
<li><h3><a href="/guides/">Overview</a></h3></li>
<li><h3><a href="/guides/getting-started/">Getting started</a></h3></li>
<li><h3><a href="/guides/basics-of-authentication/">Basics of authentication</a></h3></li>
<li><h3><a href="/guides/discovering-resources-for-a-user/">Discovering resources for a user</a></h3></li>
<li><h3><a href="/guides/managing-deploy-keys/">Managing deploy keys</a></h3></li>
<li><h3><a href="/guides/using-ssh-agent-forwarding/">Using SSH agent forwarding</a></h3></li>
<li><h3><a href="/guides/rendering-data-as-graphs/">Rendering data as graphs</a></h3></li>
Expand Down
[8]ページ先頭
©2009-2025 Movatter.jp