diff --git a/github/data_source_github_collaborators.go b/github/data_source_github_collaborators.go index 99b515f46c..d2825373a3 100644 --- a/github/data_source_github_collaborators.go +++ b/github/data_source_github_collaborators.go @@ -179,7 +179,13 @@ func flattenGitHubCollaborators(collaborators []*github.User) ([]interface{}, er result["received_events_url"] = c.GetReceivedEventsURL() result["type"] = c.GetType() result["site_admin"] = c.GetSiteAdmin() - result["permission"] = c.GetRoleName() + + permissionName, err := getRepoPermission(c.GetPermissions()) + if err != nil { + return nil, err + } + + result["permission"] = permissionName results = append(results, result) } diff --git a/github/resource_github_repository_collaborator.go b/github/resource_github_repository_collaborator.go index 7dbc998438..1ffa1f5523 100644 --- a/github/resource_github_repository_collaborator.go +++ b/github/resource_github_repository_collaborator.go @@ -35,10 +35,11 @@ func resourceGithubRepositoryCollaborator() *schema.Resource { ForceNew: true, }, "permission": { - Type: schema.TypeString, - Optional: true, - ForceNew: true, - Default: "push", + Type: schema.TypeString, + Optional: true, + ForceNew: true, + Default: "push", + ValidateFunc: validateValueFunc([]string{"pull", "triage", "push", "maintain", "admin"}), DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool { if d.Get("permission_diff_suppression").(bool) { if new == "triage" || new == "maintain" { @@ -140,9 +141,14 @@ func resourceGithubRepositoryCollaboratorRead(d *schema.ResourceData, meta inter for _, c := range collaborators { if strings.EqualFold(c.GetLogin(), username) { + permissionName, err := getRepoPermission(c.GetPermissions()) + if err != nil { + return err + } + d.Set("repository", repoName) d.Set("username", c.GetLogin()) - d.Set("permission", c.GetRoleName()) + d.Set("permission", permissionName) return nil } } diff --git a/github/resource_github_team_repository.go b/github/resource_github_team_repository.go index dea3210238..447ca307cc 100644 --- a/github/resource_github_team_repository.go +++ b/github/resource_github_team_repository.go @@ -131,7 +131,13 @@ func resourceGithubTeamRepositoryRead(d *schema.ResourceData, meta interface{}) d.Set("team_id", teamIdString) } d.Set("repository", repo.GetName()) - d.Set("permission", repo.GetRoleName()) + + permName, permErr := getRepoPermission(repo.GetPermissions()) + if permErr != nil { + return permErr + } + + d.Set("permission", permName) return nil } diff --git a/github/util_permissions.go b/github/util_permissions.go index 13c7e6d2f4..399c693c46 100644 --- a/github/util_permissions.go +++ b/github/util_permissions.go @@ -1,6 +1,7 @@ package github import ( + "errors" "fmt" "github.com/google/go-github/v45/github" @@ -16,6 +17,27 @@ const ( readPermission string = "read" ) +func getRepoPermission(p map[string]bool) (string, error) { + + // Permissions are returned in this map format such that if you have a certain level + // of permission, all levels below are also true. For example, if a team has push + // permission, the map will be: {"pull": true, "push": true, "admin": false} + if (p)[adminPermission] { + return adminPermission, nil + } else if (p)[maintainPermission] { + return maintainPermission, nil + } else if (p)[pushPermission] { + return pushPermission, nil + } else if (p)[triagePermission] { + return triagePermission, nil + } else { + if (p)[pullPermission] { + return pullPermission, nil + } + return "", errors.New("At least one permission expected from permissions map.") + } +} + func getInvitationPermission(i *github.RepositoryInvitation) (string, error) { // Permissions for some GitHub API routes are expressed as "read", // "write", and "admin"; in other places, they are expressed as "pull", diff --git a/website/docs/r/repository_collaborator.html.markdown b/website/docs/r/repository_collaborator.html.markdown index bcede71307..f3f065d17e 100644 --- a/website/docs/r/repository_collaborator.html.markdown +++ b/website/docs/r/repository_collaborator.html.markdown @@ -44,7 +44,7 @@ The following arguments are supported: * `repository` - (Required) The GitHub repository * `username` - (Required) The user to add to the repository as a collaborator. * `permission` - (Optional) The permission of the outside collaborator for the repository. - Must be one of `pull`, `push`, `maintain`, `triage` or `admin` or the name of an existing [custom repository role](https://docs.github.com/en/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization) within the organization for organization-owned repositories. + Must be one of `pull`, `push`, `maintain`, `triage` or `admin` for organization-owned repositories. Must be `push` for personal repositories. Defaults to `push`. * `permission_diff_suppression` - (Optional) Suppress plan diffs for `triage` and `maintain`. Defaults to `false`. @@ -60,4 +60,4 @@ GitHub Repository Collaborators can be imported using an ID made up of `reposito ``` $ terraform import github_repository_collaborator.collaborator terraform:someuser -``` +``` \ No newline at end of file