Fix denied login for users with many repos.

`isCollaborator` was created in #491 to block login if a user did not have write (push) permissions to a repo, by going through the list of a users repos until it found the right one. It did not institute pagination, however, so if a user had enough repos that the one in question was on another page, the CMS would assume that they did not have permission and block the login. This commit fixes the problem by calling the API for the specific repo instead of getting the whole list.
decaporg · Aug 20, 2017 · 6df35a2 · 6df35a2
1 parent de8db81
commit 6df35a2
Showing 1 changed file with 6 additions and 10 deletions.
diff --git a/src/backends/github/API.js b/src/backends/github/API.js
@@ -20,16 +20,12 @@ export default class API {
   }
 
   isCollaborator(user) {
-    return this.request('/user/repos').then((repos) => {
-      let contributor = false
-      for (const repo of repos) {
-        if (repo.full_name.toLowerCase() === this.repo.toLowerCase() && repo.permissions.push) contributor = true;
-      }
-      return contributor;
-    }).catch((error) => {
-      console.error("Problem with response of /user/repos from GitHub");
-      throw error;
-    })
+    return this.request(this.repoURL)
+      .then(repo => repo.permissions.push)
+      .catch(error => {
+        console.error("Problem fetching repo data from GitHub");
+        throw error;
+      });
   }
 
   requestHeaders(headers = {}) {