Skip to main content

permissions

Creates, updates, deletes, gets or lists a permissions resource.

Overview

Namepermissions
TypeResource
Idgithub.teams.permissions

Fields

The following fields are returned by SELECT queries:

Alternative response with repository permissions

NameDatatypeDescription
idintegerUnique identifier of the repository
namestringThe name of the repository. (example: Team Environment)
node_idstring (example: MDEwOlJlcG9zaXRvcnkxMjk2MjY5)
full_namestring (example: octocat/Hello-World)
role_namestring (example: admin)
allow_auto_mergebooleanWhether to allow Auto-merge to be used on pull requests.
allow_forkingbooleanWhether to allow forking this repo
allow_merge_commitbooleanWhether to allow merge commits for pull requests.
allow_rebase_mergebooleanWhether to allow rebase merges for pull requests.
allow_squash_mergebooleanWhether to allow squash merges for pull requests.
archive_urlstring (example: http://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref})
archivedbooleanWhether the repository is archived.
assignees_urlstring (example: http://api.github.com/repos/octocat/Hello-World/assignees{/user})
blobs_urlstring (example: http://api.github.com/repos/octocat/Hello-World/git/blobs{/sha})
branches_urlstring (example: http://api.github.com/repos/octocat/Hello-World/branches{/branch})
clone_urlstring (example: https://github.com/octocat/Hello-World.git)
collaborators_urlstring (example: http://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator})
comments_urlstring (example: http://api.github.com/repos/octocat/Hello-World/comments{/number})
commits_urlstring (example: http://api.github.com/repos/octocat/Hello-World/commits{/sha})
compare_urlstring (example: http://api.github.com/repos/octocat/Hello-World/compare/{base}...{head})
contents_urlstring (example: http://api.github.com/repos/octocat/Hello-World/contents/{+path})
contributors_urlstring (uri) (example: http://api.github.com/repos/octocat/Hello-World/contributors)
created_atstring (date-time) (example: 2011-01-26T19:01:12Z)
default_branchstringThe default branch of the repository. (example: master)
delete_branch_on_mergebooleanWhether to delete head branches when pull requests are merged
deployments_urlstring (uri) (example: http://api.github.com/repos/octocat/Hello-World/deployments)
descriptionstring (example: This your first repo!)
disabledbooleanReturns whether or not this repository disabled.
downloads_urlstring (uri) (example: http://api.github.com/repos/octocat/Hello-World/downloads)
events_urlstring (uri) (example: http://api.github.com/repos/octocat/Hello-World/events)
forkboolean
forksinteger
forks_countinteger
forks_urlstring (uri) (example: http://api.github.com/repos/octocat/Hello-World/forks)
git_commits_urlstring (example: http://api.github.com/repos/octocat/Hello-World/git/commits{/sha})
git_refs_urlstring (example: http://api.github.com/repos/octocat/Hello-World/git/refs{/sha})
git_tags_urlstring (example: http://api.github.com/repos/octocat/Hello-World/git/tags{/sha})
git_urlstring (example: git:github.com/octocat/Hello-World.git)
has_downloadsbooleanWhether downloads are enabled.
has_issuesbooleanWhether issues are enabled.
has_pagesboolean
has_projectsbooleanWhether projects are enabled.
has_wikibooleanWhether the wiki is enabled.
homepagestring (uri) (example: https://github.com)
hooks_urlstring (uri) (example: http://api.github.com/repos/octocat/Hello-World/hooks)
html_urlstring (uri) (example: https://github.com/octocat/Hello-World)
is_templatebooleanWhether this repository acts as a template that can be used to generate new repositories.
issue_comment_urlstring (example: http://api.github.com/repos/octocat/Hello-World/issues/comments{/number})
issue_events_urlstring (example: http://api.github.com/repos/octocat/Hello-World/issues/events{/number})
issues_urlstring (example: http://api.github.com/repos/octocat/Hello-World/issues{/number})
keys_urlstring (example: http://api.github.com/repos/octocat/Hello-World/keys{/key_id})
labels_urlstring (example: http://api.github.com/repos/octocat/Hello-World/labels{/name})
languagestring
languages_urlstring (uri) (example: http://api.github.com/repos/octocat/Hello-World/languages)
licenseobjectLicense Simple (title: License Simple)
master_branchstring
merges_urlstring (uri) (example: http://api.github.com/repos/octocat/Hello-World/merges)
milestones_urlstring (example: http://api.github.com/repos/octocat/Hello-World/milestones{/number})
mirror_urlstring (uri) (example: git:git.example.com/octocat/Hello-World)
network_countinteger
notifications_urlstring (example: http://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating})
open_issuesinteger
open_issues_countinteger
ownerobjectA GitHub user. (title: Simple User)
permissionsobject
privatebooleanWhether the repository is private or public.
pulls_urlstring (example: http://api.github.com/repos/octocat/Hello-World/pulls{/number})
pushed_atstring (date-time) (example: 2011-01-26T19:06:43Z)
releases_urlstring (example: http://api.github.com/repos/octocat/Hello-World/releases{/id})
sizeinteger
ssh_urlstring (example: git@github.com:octocat/Hello-World.git)
stargazers_countinteger
stargazers_urlstring (uri) (example: http://api.github.com/repos/octocat/Hello-World/stargazers)
statuses_urlstring (example: http://api.github.com/repos/octocat/Hello-World/statuses/{sha})
subscribers_countinteger
subscribers_urlstring (uri) (example: http://api.github.com/repos/octocat/Hello-World/subscribers)
subscription_urlstring (uri) (example: http://api.github.com/repos/octocat/Hello-World/subscription)
svn_urlstring (uri) (example: https://svn.github.com/octocat/Hello-World)
tags_urlstring (uri) (example: http://api.github.com/repos/octocat/Hello-World/tags)
teams_urlstring (uri) (example: http://api.github.com/repos/octocat/Hello-World/teams)
temp_clone_tokenstring
topicsarray
trees_urlstring (example: http://api.github.com/repos/octocat/Hello-World/git/trees{/sha})
updated_atstring (date-time) (example: 2011-01-26T19:14:43Z)
urlstring (uri) (example: https://api.github.com/repos/octocat/Hello-World)
visibilitystringThe repository visibility: public, private, or internal. (default: public)
watchersinteger
watchers_countinteger
web_commit_signoff_requiredbooleanWhether to require contributors to sign off on web-based commits

Methods

The following methods are available for this resource:

NameAccessible byRequired ParamsOptional ParamsDescription
check_permissions_for_repo_in_orgselectorg, team_slug, owner, repoChecks whether a team has admin, push, maintain, triage, or pull permission for a repository. Repositories inherited through a parent team will also be checked.

You can also get information about the specified repository, including what permissions the team grants on it, by passing the following custom media type via the application/vnd.github.v3.repository+json accept header.

If a team doesn't have permission for the repository, you will receive a 404 Not Found response status.

If the repository is private, you must have at least read permission for that repository, and your token must have the repo or admin:org scope. Otherwise, you will receive a 404 Not Found response status.

> [!NOTE]
> You can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/repos/{owner}/{repo}.
check_permissions_for_repo_legacyselectteam_id, owner, repo> [!WARNING]
> Endpoint closing down notice: This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new Check team permissions for a repository endpoint.

> [!NOTE]
> Repositories inherited through a parent team will also be checked.

You can also get information about the specified repository, including what permissions the team grants on it, by passing the following custom media type via the Accept header:
add_or_update_repo_permissions_in_orgreplaceorg, team_slug, owner, repoTo add a repository to a team or update the team's permission on a repository, the authenticated user must have admin access to the repository, and must be able to see the team. The repository must be owned by the organization, or a direct fork of a repository owned by the organization. You will get a 422 Unprocessable Entity status if you attempt to add a repository to a team that is not owned by the organization. Note that, if you choose not to pass any parameters, you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP method."

> [!NOTE]
> You can also specify a team by org_id and team_id using the route PUT /organizations/{org_id}/team/{team_id}/repos/{owner}/{repo}.

For more information about the permission levels, see "Repository permission levels for an organization".
add_or_update_repo_permissions_legacyreplaceteam_id, owner, repo> [!WARNING]
> Endpoint closing down notice: This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new "Add or update team repository permissions" endpoint.

To add a repository to a team or update the team's permission on a repository, the authenticated user must have admin access to the repository, and must be able to see the team. The repository must be owned by the organization, or a direct fork of a repository owned by the organization. You will get a 422 Unprocessable Entity status if you attempt to add a repository to a team that is not owned by the organization.

Note that, if you choose not to pass any parameters, you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP method."

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

NameDatatypeDescription
orgstringThe organization name. The name is not case sensitive.
ownerstringThe account owner of the repository. The name is not case sensitive.
repostringThe name of the repository without the .git extension. The name is not case sensitive.
team_idintegerThe unique identifier of the team.
team_slugstringThe slug of the team name.

SELECT examples

Checks whether a team has admin, push, maintain, triage, or pull permission for a repository. Repositories inherited through a parent team will also be checked.

You can also get information about the specified repository, including what permissions the team grants on it, by passing the following custom media type via the application/vnd.github.v3.repository+json accept header.

If a team doesn't have permission for the repository, you will receive a 404 Not Found response status.

If the repository is private, you must have at least read permission for that repository, and your token must have the repo or admin:org scope. Otherwise, you will receive a 404 Not Found response status.

> [!NOTE]
> You can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/repos/{owner}/{repo}.

SELECT
id,
name,
node_id,
full_name,
role_name,
allow_auto_merge,
allow_forking,
allow_merge_commit,
allow_rebase_merge,
allow_squash_merge,
archive_url,
archived,
assignees_url,
blobs_url,
branches_url,
clone_url,
collaborators_url,
comments_url,
commits_url,
compare_url,
contents_url,
contributors_url,
created_at,
default_branch,
delete_branch_on_merge,
deployments_url,
description,
disabled,
downloads_url,
events_url,
fork,
forks,
forks_count,
forks_url,
git_commits_url,
git_refs_url,
git_tags_url,
git_url,
has_downloads,
has_issues,
has_pages,
has_projects,
has_wiki,
homepage,
hooks_url,
html_url,
is_template,
issue_comment_url,
issue_events_url,
issues_url,
keys_url,
labels_url,
language,
languages_url,
license,
master_branch,
merges_url,
milestones_url,
mirror_url,
network_count,
notifications_url,
open_issues,
open_issues_count,
owner,
permissions,
private,
pulls_url,
pushed_at,
releases_url,
size,
ssh_url,
stargazers_count,
stargazers_url,
statuses_url,
subscribers_count,
subscribers_url,
subscription_url,
svn_url,
tags_url,
teams_url,
temp_clone_token,
topics,
trees_url,
updated_at,
url,
visibility,
watchers,
watchers_count,
web_commit_signoff_required
FROM github.teams.permissions
WHERE org = '{{ org }}' -- required
AND team_slug = '{{ team_slug }}' -- required
AND owner = '{{ owner }}' -- required
AND repo = '{{ repo }}' -- required
;

REPLACE examples

To add a repository to a team or update the team's permission on a repository, the authenticated user must have admin access to the repository, and must be able to see the team. The repository must be owned by the organization, or a direct fork of a repository owned by the organization. You will get a 422 Unprocessable Entity status if you attempt to add a repository to a team that is not owned by the organization. Note that, if you choose not to pass any parameters, you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP method."

> [!NOTE]
> You can also specify a team by org_id and team_id using the route PUT /organizations/{org_id}/team/{team_id}/repos/{owner}/{repo}.

For more information about the permission levels, see "Repository permission levels for an organization".

REPLACE github.teams.permissions
SET 
permission = '{{ permission }}'
WHERE 
org = '{{ org }}' --required
AND team_slug = '{{ team_slug }}' --required
AND owner = '{{ owner }}' --required
AND repo = '{{ repo }}' --required;