In this story, we add to some text to the instructor course page that indicates the current setting of the "base permission" for members in the organization, along with a warning if it is set to something other than "None".
User Story
As an instructor
I can see the base permission for users in my organization on my course page
So that I can avoid students in my course having access to one another's private repos by accident
Background
Most use cases for GitHub orgs in courses should have the Organization settings => Member privileges => Base permissions
Set to "No permission"; otherwise students in a course can see each other's code, even if the repos are private.
That is, this is the desired setting:
However, the default setting when a new organization is created is that the base permission is "Read".
What we want to do in this story is, as a first step, to add visibility to this setting on the instructor course page.
That could be followed by, if the setting is not set to None, a warning message indicating that the recommended setting is "None", along with a link to the settings page where it can be changed.
In this story, we add to some text to the instructor course page that indicates the current setting of the "base permission" for members in the organization, along with a warning if it is set to something other than "None".
User Story
Background
Most use cases for GitHub orgs in courses should have the Organization settings => Member privileges => Base permissions Set to "No permission"; otherwise students in a course can see each other's code, even if the repos are private.
That is, this is the desired setting:
However, the default setting when a new organization is created is that the base permission is "Read".
What we want to do in this story is, as a first step, to add visibility to this setting on the instructor course page.
That could be followed by, if the setting is not set to None, a warning message indicating that the recommended setting is "None", along with a link to the settings page where it can be changed.
Implementation Suggestion:
Look at: https://docs.github.com/en/rest/orgs/orgs
The REST api for Github allows us to get the
default_repository_permissionlike this: