'Default access token' doesn't seem to allow link previews at all #84
Comments
|
PAT are not able to get user notifications so the dashboard widget can't work with it. There will be an admin setting to globally disable the dashboard widget which can be useful if providing a global default access token. I tried creating a PAT and leave the default permissions, I've set it as the default access token in the NC admin settings and I'm able to see link previews. Keep in mind the link preview data is cached on the server side (one hour) and on the browser side (one hour as well but you can force-reload the page to get rid of the browser cache). |
|
Thanks - I didn't even know about a 'dashboard widget', the widget I'm referring to is the link previews within actual docs themselves. Can you clarify your PAT, was this a 'fine-grained' PAT or the 'classic' mode (which enables potentially write access to private repos, since only the beta fine-gained PATs can allow 'read only' only). Can you clarify what scopes you gave the token? |
|
Yeah sorry, i was talking about a fine grained token. I just created it and didn't change anything (leave the "Repository access" to "Public Repositories (read-only)". Link previews to issues/PRs to public repos work fine with it (whether it's used by a user or as a "default access token" in NC admin settings). I then tried to check "All repositories" for this token and gave it the read-only access for Issues. Link previews work fine as well for links to issues in private repos. Try using new GitHub links each time you make tests. Also, I think you're right, classic GitHub access token can't provide read-only access to private repos. I tried a token which has "Full control of private repositories" and it had write permissions, but a token with no scope selected could not even read the repo (get info for a specific issue for example). |
|
Thanks! Seems to be working. Part of the confusion we experienced was due to a user who had selected 'Enable Link previews' under their own personal settings area for 'Connected accounts', but had not set a Personal Access Token there. The checkbox, when enabled at the user-level, seems to be enough to override the global setting, even if the global setting was the only place where a Personal Access Token has been set. Slightly confusing UX :) I would expect the personal setting to not overrule until the user had entered a credential to make it work. (or not allow the checkbox to be ticked until a Personal Access Token has been entered first?) Anyway, all working now with a fine-grained personal access token, cheers! |
|
Actually @julien-nc , perhaps you can help me with one last thing. For private repositories, the link preview is no longer throwing an API error, however it does not really 'preview' the content such as the issue title/description summary. Instead the 'preview' bubble just shows a URL to the issue. It's clickable but it's not as nice as with public repositories, where the actual content is loaded into the bubble. Do you have any idea how to solve that? My fine-grained token is scoped to "Read access to issues, metadata, and pull requests". I can't seem to find a scope that would actually show the content of the issue or pull request... |
|
@julien-nc just wanted to bump this, would you have any idea why 'private repositories' don't show the preview contents of, say, an issue (even if the token's scope allows it)? I don't get the API error but the 'link preview' contains only the link itself in the preview bubble, no text from the issue (or PR). This despite the fact that the Github user who generated the token can access the private repo. |
MB-Finski
added
the
needs research
Hi
I want to enable link previews in Nextcloud documents for Github issues that are in private repositories.
I don't wish for my Nextcloud users to connect their own Github accounts to their Nextcloud accounts via OAuth.
I created a personal access token (the 'beta' kind, with finely scoped Read-Only access to: code, discussions, issues, metadata, and pull requests
I added that PAT to the global administrative settings in Nextcloud under settings/admin/connected-accounts as the 'Default access token'.
I ticked the box 'Enable Github link previews'
I still get 'Github API error Not Found' widgets appear in my documents when I paste a link to a Github issue in a private repository that this Github user has access to. The widget wants me to go to my personal account settings in Nextcloud to configure Github access, but I thought the 'default' access token should take care of it.
What's the problem? Is it the beta 'fine-grained' PAT method? I don't want to use the Classic method because I don't want Nextcloud to have write access to private repos through this token.
Otherwise, what are the scopes required for the PAT to work, with the beta method?
Do I still have to set up an OAuth2.0 app even though my use case is limited to link previews?
I am running Nextcloud 25.0.8, Github integration app 1.0.15
The text was updated successfully, but these errors were encountered: