Open stuartpb opened 7 years ago
kpfleming
commented
6 years ago Indeed. just ran into this today. There's a significant difference between getting the list of the user's organizational memberships (and their statuses), and being able to obtain the contents inside those organizations. I really don't understand why read:user is not sufficient to obtain the complete list of the user's memberships.
jpsear
commented
4 years ago @stuartpb I'm also running into this issue right now. I've noticed that if you revoke the original oauth application from the authenticated user's settings, then trigger a re-auth flow, the new org is in the list and can be granted access.
However, the caveat here is the fact that the application needs to first be revoked, which is not acceptable for what I need — multiple, independent persistent authentications.
Have you taken this anywhere else?
This is a bug, and I haven't reported it to Github yet, because, given the caliber of their response to the last eight bugs I've reported to them, I'm certain they're just going to brush me off, misunderstand the issue without reading it, blame me, and deny anything's wrong, and I just do not have the energy to deal with that crap right now.
What I have below is the draft of what I would send to GitHub, if I weren't absolutely certain it'd end up in nothing but headaches for me.
The issue
Requesting a user's organization membership (see the docs) with a personal access token gives you the complete list of all organizations the user is a member of, public or private. This is good. This is what I want.
Requesting the same organization membership with a token obtained through an OAuth application returns only the organizations that the user allowed the application access to - not the ones they have private membership to (which are included with a personal access token), and not even the ones their membership is already public for.
Considering that part of the dialog when granting access says that the application will be able to read "public and private organization membership" or something like that, I'd say this is pretty messed up. I need API access to all the organizations I'm a member to as they emerge, and I don't want to have to go through the agony of re-approving every organization, to every application. every time I join a new org, just to keep this current.