Sync changes from upstream repository

Hubot · gjtorikian · commit b54a2afed782 · 2014-12-10T11:40:05.000-08:00
diff --git a/content/changes/2014-12-08-organization-permissions-api-preview.md b/content/changes/2014-12-08-organization-permissions-api-preview.md
@@ -0,0 +1,88 @@
+---
+kind: change
+title: Preview the upcoming organization permission changes
+created_at: 2014-12-08
+author_name: jakeboxer
+---
+We have some upcoming changes that will affect the way organization members and repositories are managed. The most important changes are:
+
+- The Owners team will no longer be special.
+- The [List your repositories][list-your-repos] API will include organization-owned repositories.
+- The [List user organizations][list-user-organizations] API will only include public organization memberships.
+
+## What's happening to the Owners team?
+
+Currently, members of your Owners team are administrators of your organization. Soon, your Owners team will become a totally normal team. Adding and removing Owners team members won't change their administrator status anymore. Instead, you'll be able to directly grant admin permissions to your organization's members without adding them to any special teams.
+
+We won't delete your Owners team, but you'll be able to delete or rename it yourself if you want. Organizations created after the change won't have an Owners team.
+
+### What should you do?
+
+In preparation for this change to the Owners team, we're releasing a few new APIs. You'll be able to use these APIs to manage organization admins without relying on the Owners team.
+
+#### Adding an organization admin
+
+To add a new organization admin, use the new [Add or update organization membership][add-org-membership] endpoint, specifying a role of `"admin"` in the request body. This replaces adding or inviting people to the Owners team.
+
+#### Removing an organization admin
+
+To remove someone from the organization role but keep them as a member of their teams, use the new [Add or update organization membership][add-org-membership] endpoint, specifying a role of `"member"` in the request body. This replaces removing people from the Owners team.
+
+#### Listing organization admins
+
+To get a list of all your organization's admins, use the [Organization members list][list-org-members] endpoint, specifying a role of `"admin"` in the query string. This replaces listing the members of the Owners team.
+
+#### Checking if someone is an organization admin
+
+To check if a given user is an organization admin, use the new [Get organization membership][get-org-membership] endpoint. If the returned `"role"` attribute is set to `"admin"` and the returned `"state"` attribute is set to `"active"`, the user is an organization admin. This replaces checking if a user is on the Owners team.
+
+## What's happening to the "List your repositories" API?
+
+Currently, the [List your repositories][list-your-repos] API only returns repositories that are owned by users, not by organizations. If you want a list of *all* the repositories that the authenticated user has access to, you need to use multiple API methods.
+
+Soon, this API will include all repositories that the authenticated user has access to (whether they're owned by a user or by an organization).
+
+### What should you do?
+
+Many apps use the [List your repositories][list-your-repos] API in conjunction with the [List your organizations][list-your-orgs] and [List organization repositories][list-org-repos] APIs to build up a list of all the repositories the authenticated user has access to. If your app is doing this, you'll be able to get rid of all the organization-related API calls and just use the [List your repositories][list-your-repos] API.
+
+If your app uses the [List your repositories][list-your-repos] API for another purpose, you'll need to update your app to handle the new organization-owned repositories we'll be returning.
+
+## What's happening to the "List user organizations" API?
+
+The [List user organizations][list-user-organizations] API is intended provide [public organization memberships][public-org-membership] for any user. When you use this API to fetch *your own* organizations, this API currently returns your public and private organization memberships.
+
+Soon, this API will only return public organization memberships.
+
+### What should you do?
+
+If your app uses the [List user organizations][list-user-organizations] API to fetch all of the organization memberships (public and private) for the authenticated user, you'll need to update your app to use the [List your organizations][list-your-organizations] API instead. The [List your organizations][list-your-organizations] API returns all organizations (public and private) that your app is authorized to access.
+
+## Preview period
+
+Starting **today**, these new APIs are available for developers to preview. We expect the preview period to last for four weeks. (Stay tuned to the developer blog for updates.) At the end of the preview period, these additions will become official components of the GitHub API.
+
+While these additions are in their preview period, you'll need to provide the following custom media type in the `Accept` header:
+
+    application/vnd.github.moondragon-preview+json
+
+During the preview period, we may change aspects of these endpoints. If we do, we will announce the changes on the developer blog, but we will not provide any advance notice.
+
+## Migration period
+
+At the end of the preview period, we will announce the start of a migration period. At that time, developers should update their applications to use the new APIs for managing organization admins. During this period, you will still be able to use the Owners team to manage your organization's admins, so that you have time to update your applications to use the new APIs without breakage. We expect the migration period to last for four weeks.
+
+At the end of the migration period, the Owners team will no longer be special, and you'll no longer be able to rely on it for managing organization admins.
+
+If you have any questions or feedback, please [get in touch with us][contact]!
+
+[contact]: https://github.com/contact?form[subject]=Organization+Admin+Pre-release+Preview
+[list-your-repos]: /v3/repos/#list-your-repositories
+[list-your-orgs]: /v3/orgs/#list-your-organizations
+[list-org-repos]: /v3/repos/#list-organization-repositories
+[add-org-membership]: /v3/orgs/members/#add-or-update-organization-membership
+[list-org-members]: /v3/orgs/members/#members-list
+[get-org-membership]: /v3/orgs/members/#get-organization-membership
+[list-user-organizations]: /v3/orgs/#list-user-organizations
+[list-your-organizations]: /v3/orgs/#list-your-organizations
+[public-org-membership]: https://help.github.com/articles/publicizing-or-concealing-organization-membership
diff --git a/content/v3/orgs.md b/content/v3/orgs.md
@@ -11,6 +11,10 @@ title: Organizations | GitHub API
 
 List organizations for the authenticated user.
 
+### OAuth scope requirements
+
+When using [OAuth](/v3/oauth/#scopes), authorizations must include `user` scope or `read:org` scope.
+
     GET /user/orgs
 
 ### Response
@@ -20,7 +24,24 @@ List organizations for the authenticated user.
 
 ## List user organizations
 
-If you make an unauthenticated call, you will list all [public memberships](https://help.github.com/articles/publicizing-or-concealing-organization-membership) in organizations for any user. If you make an authenticated call, you will also list hidden memberships in organizations, but only for the currently authenticated user.
+List [public organization memberships](https://help.github.com/articles/publicizing-or-concealing-organization-membership) for the specified user.
+
+Currently, if you make an authenticated call, you can also list your private memberships in organizations (but only for the currently authenticated user).
+
+With the new Organization Permissions API (described below), this method will only list *public* memberships, regardless of authentication. If you need to fetch all of the organization memberships (public and private) for the authenticated user, use the [List your organizations](#list-your-organizations) API instead.
+
+<div class="alert">
+  <p>
+    The Organization Permissions API is currently available for developers to preview.
+    During the preview period, the API may change without notice.
+    Please see the <a href="/changes/2014-12-08-organization-permissions-api-preview/">blog post</a> for full details.
+  </p>
+
+  <p>
+    To access the API during the preview period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
+    <pre>application/vnd.github.moondragon-preview+json</pre>
+  </p>
+</div>
 
     GET /users/:username/orgs
 
diff --git a/content/v3/orgs/members.md b/content/v3/orgs/members.md
@@ -21,9 +21,23 @@ be returned.
 Name    | Type    | Description
 --------|---------|--------------
 `filter`|`string` | Filter members returned in the list. Can be one of:<br/>* `2fa_disabled`: Members without [two-factor authentication][2fa-blog] enabled. Available for owners of organizations with private repositories.<br/>* `all`: All members the authenticated user can see.<br/><br/>Default: `all`
+`role`  |`string` | Filter members returned by their role. If specified, must be set to `admin`, which will only return users with admin permissions on the org. **This parameter requires a custom media type to be specified. Please see more in the alert below.**
 
 [2fa-blog]: https://github.com/blog/1614-two-factor-authentication
 
+<div class="alert">
+  <p>
+    The Organization Permissions API is currently available for developers to preview.
+    During the preview period, the API may change without notice.
+    Please see the <a href="/changes/2014-12-08-organization-permissions-api-preview/">blog post</a> for full details.
+  </p>
+
+  <p>
+    To access the API during the preview period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
+    <pre>application/vnd.github.moondragon-preview+json</pre>
+  </p>
+</div>
+
 ### Response
 
 <%= headers 200, :pagination => default_pagination_rels %>
@@ -116,6 +130,100 @@ The user can publicize their own membership.
 
 <%= headers 204 %>
 
+## Get organization membership
+
+<div class="alert">
+  <p>
+    The Organization Permissions API is currently available for developers to preview.
+    During the preview period, the API may change without notice.
+    Please see the <a href="/changes/2014-12-08-organization-permissions-api-preview/">blog post</a> for full details.
+  </p>
+
+  <p>
+    To access the API during the preview period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
+    <pre>application/vnd.github.moondragon-preview+json</pre>
+  </p>
+</div>
+
+In order to get a user's membership with an organization, the authenticated user must be an organization admin.
+
+    GET /orgs/:org/memberships/:username
+
+### Response if user has an active admin membership with organization
+
+<%= headers 200 %>
+<%= json(:active_admin_org_membership) %>
+
+### Response if user has an active membership with organization
+
+<%= headers 200 %>
+<%= json(:active_limited_org_membership) %>
+
+### Response if user has a pending membership with organization
+
+<%= headers 200 %>
+<%= json(:pending_limited_org_membership) %>
+
+## Add or update organization membership
+
+<div class="alert">
+  <p>
+    The Organization Permissions API is currently available for developers to preview.
+    During the preview period, the API may change without notice.
+    Please see the <a href="/changes/2014-12-08-organization-permissions-api-preview/">blog post</a> for full details.
+  </p>
+
+  <p>
+    To access the API during the preview period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
+    <pre>application/vnd.github.moondragon-preview+json</pre>
+  </p>
+</div>
+
+In order to create or update a user's membership with an organization, the authenticated user must be an organization admin.
+
+    PUT /orgs/:org/memberships/:username
+
+### Parameters
+
+Name  | Type   | Description
+------|--------|--------------
+`role`|`string`| **Required**. The role to give the user in the organization. Can be one of:<br/> * `admin` - The user will become an administrator of the organization.<br/> * `member` - The user will become a non-admin member of the organization. Use this only to demote an existing admin to a non-admin.
+
+### Response if user was previously unaffiliated with organization
+
+<%= headers 200 %>
+<%= json(:pending_admin_org_membership) %>
+
+### Response if user already had membership with organization
+
+<%= headers 200 %>
+<%= json(:active_admin_org_membership) %>
+
+## Remove organization membership
+
+<div class="alert">
+  <p>
+    The Organization Permissions API is currently available for developers to preview.
+    During the preview period, the API may change without notice.
+    Please see the <a href="/changes/2014-12-08-organization-permissions-api-preview/">blog post</a> for full details.
+  </p>
+
+  <p>
+    To access the API during the preview period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
+    <pre>application/vnd.github.moondragon-preview+json</pre>
+  </p>
+</div>
+
+In order to remove a user's membership with an organization, the authenticated user must be an organization admin.
+
+    DELETE /orgs/:org/memberships/:username
+
+If the specified user is an active member of the organization, this will remove them from the organization. If the specified user has been invited to the organization, this will cancel their invitation.
+
+### Response
+
+<%= headers 204 %>
+
 ## List your organization memberships
 
     GET /user/memberships/orgs
@@ -138,7 +246,7 @@ Name | Type | Description
 ### Response
 
 <%= headers 200 %>
-<%= json(:pending_org_membership) %>
+<%= json(:pending_admin_org_membership) %>
 
 ## Edit your organization membership
 
@@ -159,4 +267,4 @@ Name | Type | Description
 ### Response
 
 <%= headers 200 %>
-<%= json(:active_org_membership) %>
+<%= json(:active_admin_org_membership) %>
diff --git a/content/v3/repos.md b/content/v3/repos.md
@@ -9,12 +9,32 @@ title: Repositories | GitHub API
 
 ## List your repositories
 
-List repositories for the authenticated user. Note that this does not include
-repositories owned by organizations which the user can access. You can
-[list user organizations](/v3/orgs/#list-your-organizations) and
+List repositories for the authenticated user.
+
+Note that this currently does not include repositories owned by organizations
+which the user can access. You can
+[list your organizations](/v3/orgs/#list-your-organizations) and
 [list organization repositories](/v3/repos/#list-organization-repositories)
 separately.
 
+With the new Organization Permissions API (described below), this *will* include
+repositories owned by organizations which the user can access. If you provide
+the custom media type (described below), you won't need to use other APIs to
+list the authenticated user's organization-owned repositories.
+
+<div class="alert">
+  <p>
+    The Organization Permissions API is currently available for developers to preview.
+    During the preview period, the API may change without notice.
+    Please see the <a href="/changes/2014-12-08-organization-permissions-api-preview/">blog post</a> for full details.
+  </p>
+
+  <p>
+    To access the API during the preview period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
+    <pre>application/vnd.github.moondragon-preview+json</pre>
+  </p>
+</div>
+
     GET /user/repos
 
 ### Parameters
diff --git a/lib/resources.rb b/lib/resources.rb
