Skip to content

[INC-300] baton-github: optimize Grants() for org Resource #97

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Bencheng21 merged 3 commits into from
Jul 24, 2025
Merged

[INC-300] baton-github: optimize Grants() for org Resource #97

Bencheng21 merged 3 commits into from
Jul 24, 2025

Conversation

@Bencheng21
Copy link
Contributor

@Bencheng21 Bencheng21 commented Jul 24, 2025
edited
Loading

image

cursor[bot]
cursor bot reviewed Jul 24, 2025
View reviewed changes
Bencheng21
Bencheng21 commented Jul 24, 2025
View reviewed changes
pkg/connector/org.go
bag, page, err := parsePageToken(pToken.Token, resource.Id)
if err != nil {
return nil, "", nil, err
}
Copy link
Contributor Author

@Bencheng21 Bencheng21 Jul 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I want to use bag. But looks like we need to push resourceTypes to bag. bag.push(resourceTypes)
How to handle pagination nicely? in this case.

Copy link
Contributor

@ggreer ggreer Jul 24, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The resource.Id should contain the resource type, right? You should be able to push page tokens for different resources and resource types, then pop stuff off and switch based on the resource type. See https://github.com/ConductorOne/baton-microsoft-entra/blob/main/pkg/connector/enterprise_applications.go#L267 for an example.

Copy link
Contributor

@laurenleach laurenleach Jul 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes need to use pagination bag

Copy link
Contributor Author

@Bencheng21 Bencheng21 Jul 24, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

image retested it.

it's a little confusing. I push admin and member as resourceTypeId, but it works.
Thanks!

cursor[bot]
cursor bot reviewed Jul 24, 2025
View reviewed changes
pkg/connector/org.go
if rId == orgRoleAdmin {
rv = append(rv, o.orgRoleGrant(orgRoleMember, resource, ur.Id, user.GetID()))
}
rv = append(rv, o.orgRoleGrant(rId, resource, ur.Id, user.GetID()))
Copy link

@cursor cursor bot Jul 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Pending Memberships Included in Grants

The optimization removed the check for pending organization memberships. Previously, users with pending invitations were explicitly skipped. The new code, using role-filtered ListMembers() API calls, no longer performs this check, leading to pending members being incorrectly included in grants.

Locations (1)

Fix in CursorFix in Web

@Bencheng21 Bencheng21 requested a review from laurenleach July 24, 2025 20:17
@Bencheng21 Bencheng21 merged commit f903bb1 into main Jul 24, 2025
3 checks passed
@ggreer ggreer deleted the INC300 branch July 24, 2025 20:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ggreer ggreer ggreer left review comments

@cursor cursor[bot] cursor[bot] left review comments

@laurenleach laurenleach laurenleach approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Bencheng21 @ggreer @laurenleach