Add support to custom roles (#1369)

* Add support for custom roles

* Fix doc

* Fix wrong comment

github/data_source_github_collaborators.go

@@ -179,13 +179,8 @@ func flattenGitHubCollaborators(collaborators []*github.User) ([]interface{}, er
 		result["received_events_url"] = c.GetReceivedEventsURL()
 		result["type"] = c.GetType()
 		result["site_admin"] = c.GetSiteAdmin()
+		result["permission"] = getPermission(c.GetRoleName())
 
-		permissionName, err := getRepoPermission(c.GetPermissions())
-		if err != nil {
-			return nil, err
-		}
-
-		result["permission"] = permissionName
 		results = append(results, result)
 	}
 

github/resource_github_repository_collaborator.go

@@ -35,11 +35,10 @@ func resourceGithubRepositoryCollaborator() *schema.Resource {
 				ForceNew: true,
 			},
 			"permission": {
-				Type:         schema.TypeString,
-				Optional:     true,
-				ForceNew:     true,
-				Default:      "push",
-				ValidateFunc: validateValueFunc([]string{"pull", "triage", "push", "maintain", "admin"}),
+				Type:     schema.TypeString,
+				Optional: true,
+				ForceNew: true,
+				Default:  "push",
 				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
 					if d.Get("permission_diff_suppression").(bool) {
 						if new == "triage" || new == "maintain" {
@@ -115,10 +114,7 @@ func resourceGithubRepositoryCollaboratorRead(d *schema.ResourceData, meta inter
 	if invitation != nil {
 		username = invitation.GetInvitee().GetLogin()
 
-		permissionName, err := getInvitationPermission(invitation)
-		if err != nil {
-			return err
-		}
+		permissionName := getPermission(invitation.GetPermissions())
 
 		d.Set("repository", repoName)
 		d.Set("username", username)
@@ -141,14 +137,9 @@ func resourceGithubRepositoryCollaboratorRead(d *schema.ResourceData, meta inter
 
 		for _, c := range collaborators {
 			if strings.EqualFold(c.GetLogin(), username) {
-				permissionName, err := getRepoPermission(c.GetPermissions())
-				if err != nil {
-					return err
-				}
-
 				d.Set("repository", repoName)
 				d.Set("username", c.GetLogin())
-				d.Set("permission", permissionName)
+				d.Set("permission", getPermission(c.GetRoleName()))
 				return nil
 			}
 		}

github/resource_github_team_repository.go

@@ -131,13 +131,7 @@ func resourceGithubTeamRepositoryRead(d *schema.ResourceData, meta interface{})
 		d.Set("team_id", teamIdString)
 	}
 	d.Set("repository", repo.GetName())
-
-	permName, permErr := getRepoPermission(repo.GetPermissions())
-	if permErr != nil {
-		return permErr
-	}
-
-	d.Set("permission", permName)
+	d.Set("permission", getPermission(repo.GetRoleName()))
 
 	return nil
 }

github/util_permissions.go

@@ -1,59 +1,21 @@
 package github
 
-import (
-	"errors"
-	"fmt"
-
-	"github.com/google/go-github/v48/github"
-)
-
 const (
-	pullPermission     string = "pull"
-	triagePermission   string = "triage"
-	pushPermission     string = "push"
-	maintainPermission string = "maintain"
-	adminPermission    string = "admin"
-	writePermission    string = "write"
-	readPermission     string = "read"
+	pullPermission  string = "pull"
+	pushPermission  string = "push"
+	writePermission string = "write"
+	readPermission  string = "read"
 )
 
-func getRepoPermission(p map[string]bool) (string, error) {
-
-	// Permissions are returned in this map format such that if you have a certain level
-	// of permission, all levels below are also true. For example, if a team has push
-	// permission, the map will be: {"pull": true, "push": true, "admin": false}
-	if (p)[adminPermission] {
-		return adminPermission, nil
-	} else if (p)[maintainPermission] {
-		return maintainPermission, nil
-	} else if (p)[pushPermission] {
-		return pushPermission, nil
-	} else if (p)[triagePermission] {
-		return triagePermission, nil
-	} else {
-		if (p)[pullPermission] {
-			return pullPermission, nil
-		}
-		return "", errors.New("at least one permission expected from permissions map")
-	}
-}
-
-func getInvitationPermission(i *github.RepositoryInvitation) (string, error) {
+func getPermission(permission string) string {
 	// Permissions for some GitHub API routes are expressed as "read",
 	// "write", and "admin"; in other places, they are expressed as "pull",
 	// "push", and "admin".
-	permissions := i.GetPermissions()
-	if permissions == readPermission {
-		return pullPermission, nil
-	} else if permissions == writePermission {
-		return pushPermission, nil
-	} else if permissions == adminPermission {
-		return adminPermission, nil
-	} else if *i.Permissions == maintainPermission {
-		return maintainPermission, nil
-	} else if *i.Permissions == triagePermission {
-		return triagePermission, nil
+	if permission == readPermission {
+		return pullPermission
+	} else if permission == writePermission {
+		return pushPermission
 	}
 
-	return "", fmt.Errorf("unexpected permission value: %v", permissions)
+	return permission
 }

website/docs/r/repository_collaborator.html.markdown

@@ -44,7 +44,7 @@ The following arguments are supported:
 * `repository` - (Required) The GitHub repository
 * `username` - (Required) The user to add to the repository as a collaborator.
 * `permission` - (Optional) The permission of the outside collaborator for the repository.
-            Must be one of `pull`, `push`, `maintain`, `triage` or `admin` for organization-owned repositories.
+            Must be one of `pull`, `push`, `maintain`, `triage` or `admin` or the name of an existing [custom repository role](https://docs.github.com/en/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization) within the organization for organization-owned repositories.
             Must be `push` for personal repositories. Defaults to `push`.
 * `permission_diff_suppression` - (Optional) Suppress plan diffs for `triage` and `maintain`.  Defaults to `false`.