search

grafana / oncall

Developer-friendly incident response with brilliant Slack integration
GNU Affero General Public License v3.0
3.51k stars 290 forks source link

Slack's usergroup update using separate admin user token (workspaces with restrictions) #4728

Open vills opened 3 months ago

vills commented 3 months ago

What would you like to see!

Please add the ability to specify a separate Slack user token to allow modification of the usergroups members list when only admins are allowed to do so in Slack's workspace

Product Area

Chatops

Anything else to add?

As described in the red rectangle here: https://api.slack.com/methods/usergroups.users.update#markdown

If user group permissions cannot be changed and are restricted to admins only, use the user token from a user with the correct permissions. A bot token can be used only if permissions are set to everyone.

In such workspaces, the limitation can be solved by providing the Oncall Slack client with a separate user token with the additional scope "usergroups.write" and authorized by an admin user.

Currently, Oncall just throws an error: "Cannot update the user group, make sure to grant user group modification rights to non-admin users in Slack workspace settings". But this might be fixed by the proposed workaround.

github-actions[bot] commented 3 months ago

The current version of Grafana OnCall, at the time this issue was opened, is v1.8.5. If your issue pertains to an older version of Grafana OnCall, please be sure to list it in the PR description. Thank you :smile:!