Viewer not authorized to delete even when using GITHUB_TOKEN? #24302
-
Hi there, I’m developing a Javascript action that reads a list of issues from graphql api (works!) and then deletes them based on some rules (doesn’t work yet!). Looks like the error happens when using Instead if I set a repository secret using a personal token (created with permissions on repo) the deletion works as expected. So the question is: is the |
Beta Was this translation helpful? Give feedback.
Replies: 5 comments
-
Hi @dlondero, welcome to the community Just a couple of quick thoughts that may or may not be a constraint depending on your actual scenario. Is the issue you are trying to delete, in the same repository that contains your workflow. I read that The GITHUB_TOKEN secret permissions are limited to the repository that contains your workflow, if it is not you will need to go down the personal access token route you have already proven. Or is this a personal or organization repository, as by default issues cannot be deleted in an organization’s repositories. An organization owner must enable this feature for all of the organization’s repositories first. |
Beta Was this translation helpful? Give feedback.
-
Hi @byrneh, thanks for your help. Good questions. I’m trying to delete issues on the same repository where the workflow is running. This is an organisation repository and the configuration to That’s why I find it weird for the GITHUB_TOKEN to not work as expected even though the write permission appears to be available for the issues. |
Beta Was this translation helpful? Give feedback.
-
Ok so reading here Repository permission levels for an organization - GitHub Docs it looks like what is happening is the expected behaviour because So I guess going with the personal access token is the only option for this. |
Beta Was this translation helpful? Give feedback.
-
Yes I suspect that is the case, so working as designed from a GitHub standpoint. You have probably already seen, but if not, a summary in docs is here: permissions-for-the-github_token |
Beta Was this translation helpful? Give feedback.
-
Yep, saw that thanks! |
Beta Was this translation helpful? Give feedback.
Ok so reading here Repository permission levels for an organization - GitHub Docs it looks like what is happening is the expected behaviour because
Delete an issue
actually requiresAdmin
permissions which are not granted to theGITHUB_TOKEN
.So I guess going with the personal access token is the only option for this.