Verify_repository_collaborators/main.py

import requests
import json
import config
from enum import Enum
from tqdm import tqdm

Git = Enum('Git', [
    'TEA',
    'LAB',
    'HUB',
])

GIT_INSTANCE_URL = 'https://api.github.com'
GIT_INSTANCE_TYPE = Git.HUB

if GIT_INSTANCE_TYPE == Git.HUB:
    USERNAME = getApi('user')['login']

headers = {}

match GIT_INSTANCE_TYPE:
    case Git.TEA:
        headers['Authorization'] = f'token {config.TOKEN}'
    case Git.HUB:
        headers['Authorization'] = f'Bearer {config.TOKEN}'

def getApi(url):
    if GIT_INSTANCE_TYPE == Git.TEA:
        url = f'api/v1/{url}'
    response = requests.get(f'{GIT_INSTANCE_URL}/{url}', headers = headers)
    return response.json()

match GIT_INSTANCE_TYPE:
    case Git.TEA:
        repositories = getApi(f'user/repos')
    case Git.HUB:
        repositories = getApi(f'search/repositories?q=user:{USERNAME}&per_page=1000')['items']

for repository in tqdm(repositories):
    repositoryFullName = repository['full_name']
    collaborators = getApi(f'repos/{repositoryFullName}/collaborators')
    for collaborator in collaborators:
        # Does not seem necessary for GitHub.
        permission = getApi(f'repos/{repositoryFullName}/collaborators/{collaborator["login"]}/permission')
        login = permission['user']['login']
        toPrint = [
            repositoryFullName,
            login,
        ]
        match GIT_INSTANCE_TYPE:
            case Git.TEA:
                if permission.get('message') == 'Only admins can query all permissions, repo admins can query all repo permissions, collaborators can query only their own':
                    continue
                if permission['permission'] != 'read':
                    print(*toPrint)
            case Git.HUB:
                if login != USERNAME:
                    print(*toPrint)