Added support for the personal access tokens request review API

google · Jul 5, 2023 · 7ebd698 · 7ebd698
1 parent 9f7124c
commit 7ebd698
Show file tree

Hide file tree

Showing 2 changed files with 87 additions and 0 deletions.
diff --git a/github/orgs_personal_access_tokens.go b/github/orgs_personal_access_tokens.go
@@ -0,0 +1,30 @@
+package github
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+)
+
+// Approves or denies a pending request to access organization resources via a fine-grained personal access token.
+// Only GitHub Apps can call this API, using the `organization_personal_access_token_requests: write` permission.
+// `action` can be one of `approve` or `deny`.
+//
+// GitHub API docs: https://docs.github.com/en/rest/orgs/personal-access-tokens?apiVersion=2022-11-28#review-a-request-to-access-organization-resources-with-a-fine-grained-personal-access-token
+func (s *OrganizationsService) ReviewPersonalAccessTokenRequest(ctx context.Context, org, requestID, action, reason string) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/personal-access-token-requests/%v", org, requestID)
+	body := struct {
+		Action string `json:"action"`
+		Reason string `json:"reason,omitempty"`
+	}{
+		Action: action,
+		Reason: reason,
+	}
+
+	req, err := s.client.NewRequest(http.MethodPost, u, &body)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
diff --git a/github/orgs_personal_access_tokens_test.go b/github/orgs_personal_access_tokens_test.go
@@ -0,0 +1,57 @@
+package github
+
+import (
+	"context"
+	"encoding/json"
+	"net/http"
+	"testing"
+
+	"github.com/google/go-cmp/cmp"
+)
+
+func TestOrganizationsService_ReviewPersonalAccessTokenRequest(t *testing.T) {
+	type body struct {
+		Action string `json:"action"`
+		Reason string `json:"reason,omitempty"`
+	}
+
+	client, mux, _, teardown := setup()
+	defer teardown()
+
+	input := &body{
+		Action: "a",
+		Reason: "r",
+	}
+
+	mux.HandleFunc("/orgs/o/personal-access-token-requests/r", func(w http.ResponseWriter, r *http.Request) {
+		v := new(body)
+		json.NewDecoder(r.Body).Decode(v)
+
+		testMethod(t, r, http.MethodPost)
+		if !cmp.Equal(v, input) {
+			t.Errorf("Request body = %+v, want %+v", v, input)
+		}
+
+		w.WriteHeader(http.StatusNoContent)
+	})
+
+	ctx := context.Background()
+	res, err := client.Organizations.ReviewPersonalAccessTokenRequest(ctx, "o", "r", input.Action, input.Reason)
+	if err != nil {
+		t.Errorf("Organizations.ReviewPersonalAccessTokenRequest returned error: %v", err)
+	}
+
+	if res.StatusCode != http.StatusNoContent {
+		t.Errorf("Organizations.ReviewPersonalAccessTokenRequest returned %v, want %v", res.StatusCode, http.StatusNoContent)
+	}
+
+	const methodName = "ReviewPersonalAccessTokenRequest"
+	testBadOptions(t, methodName, func() (err error) {
+		_, err = client.Organizations.ReviewPersonalAccessTokenRequest(ctx, "\n", "", "", "")
+		return err
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		return client.Organizations.ReviewPersonalAccessTokenRequest(ctx, "o", "r", input.Action, input.Reason)
+	})
+}