Hi,
when logging in into galaxy.ansible.com,
galaxy asks for write access to repositories, why is that?
Is it possible to have a role on galaxy without giving galaxy write
access to github repositories?
thanks,
nusenu
Galaxy asks for the following scopes used to access the GitHub API:
- user:email
- public_repo
- read:org
These are defined here: https://developer.github.com/v3/oauth/#scopes
The last two allow us to see the orgs you belong to and the repos you have access to, which is needed when building the list of role repositories on My Roles page.
–Chris
Chris Houseknecht:
Galaxy asks for the following scopes used to access the GitHub API:
- user:email
- public_repo
- read:orgThese are defined here: https://developer.github.com/v3/oauth/#scopes
The last two allow us to see the orgs you belong to and the repos you have
access to, which is needed when building the list of role repositories on
My Roles page.
Ok, so you actually do not need _write_ access but github does not
provide a read-only version of "public_repo", correct?
If the user accepts
- user:email
- read:org
but does not authorize
- public_repo
you would still be able to build that list (My Roles page) IFF his role
is directly listed "under his account" - is that correct?
I have not seen an option in the UI to selectively authorize access but
according to:
https://developer.github.com/v3/oauth/#requested-scopes-vs-granted-scopes
this will "soon" be possible (pointing to a entry from 2013?
https://developer.github.com/changes/2013-10-04-oauth-changes-coming/ )