Hello,
I'm new to using REST API and I'm seeking to know if there's an endpoint to simply get all repos that a specific group (such as Developers) in a Bitbucket Cloud Workspace can access. I've been looking thru the Bitbucket Cloud REST API documentation and also at articles in the community, but everything I found so far seems to indicate that this is not possible.
Thanks in advance for any guidance you can offer.
We offer temporary support for certain 1.0 API resources until we have a replacement in version 2.0 of our API.
You can use the group-privileges endpoint:
Check the section "GET a list of repositories with a specific privilege group" in that document which includes an example as well.
If you have any questions, please feel free to let me know.
Kind regards,
Theodora
Hi @Theodora Boudale - thanks for the information. I'm having trouble understanding what to indicate for the "group_owner." I'm an admin of the workspace but I don't see where this information is located when looking at any of our current groups.
https://api.bitbucket.org/1.0/group-privileges/{workspace_id}/{group_owner}/{group_slug}
Thanks very much for your time!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The "group_owner" should be the same as the workspace id where this user group belongs.
A few years back it was possible to add to a repo a user group belonging to another team account you had access to, so the group owner could have been different than the owner of the repo. However, we no longer allow that, so the group owner should be the same workspace where your repositories belong.
If your workspace id is e.g. workspace-a and the user group slug is e.g. developers, then the URL should be
https://api.bitbucket.org/1.0/group-privileges/workspace-a/workspace-a/developers
If you want to confirm, you can use the following URL, which will show all user groups having access to this workspace's repos, along with the owner of each group:
https://api.bitbucket.org/1.0/group-privileges/workspace-a/
If you have any other questions, please feel free to let me know!
Kind regards,
Theodora
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks, @Theodora Boudale - I appreciate the assistance. I've tried this:
https://api.bitbucket.org/1.0/group-privileges/workspace-a/workspace-a/developers
But I get the message, "Group is not owned by the workspace."
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I am unsure why you are seeing this error, the only time I get this error is if I misspell the group owner.
I would suggest doing the following:
(1) First, ensure you are using the correct workspace id by checking the following:
If you are not using the correct workspace id, please adjust it in the call. If you are using the correct one, please proceed with the following steps:
(2) Use this call to get all the groups with access to this workspace's repositories:
https://api.bitbucket.org/1.0/group-privileges/workspace-a/
For each group in the output, you will see the following fields:
"group": {
"name": "Developers",
"owner": {
"mention_id": null,
"avatar": "<....>",
"display_name": "workspace-a",
"nickname": "workspace-a",
"is_team": true,
"uuid": "{93fbe072-415f-3391-06c2-d6ff18679agf}",
"account_id": null,
"is_active": true
},
"slug": "developers",
<...>
}
Make note of the fields slug for the group (in my example it's developers) and also of the field uuid in the owner object (in my example it's {93fbe072-415f-3391-06c2-d6ff18679agf} ).
(3) Then use a call like the following to get the list of the repositories this group has access to:
https://api.bitbucket.org/1.0/group-privileges/workspace-a/%7B93fbe072-415f-3391-06c2-d6ff18679agf%7D/developers
where
workspace-a replace with the workspace ID for your workspace
%7B93fbe072-415f-3391-06c2-d6ff18679agf%7D replace with the uuid for the group owner that you got in the previous step - please note that we are replacing the curly brackets that surround the uuid, { with %7B and } with %7D
developers replace with the slug for your group
Please feel free to let me know if that works for you or if you're still experiencing any issues.
Kind regards,
Theodora
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Theodora Boudale - I really appreciate your assistance. I was able to construct the specific call based on your example. I wasn't able to retrieve the groups with the call below (CompanyAB is pretty similar to our workspace name, and I'm using the correct upper/lower case that's reflective in the 'Workspace ID'), but instead get the error "Something went wrong," and 500 Internal Server Error.
https://api.bitbucket.org/1.0/group-privileges/CompanyAB/
I was able to get the info regarding the developers group using this:
https://api.bitbucket.org/1.0/groups/CompanyAB
Then I was able to construct the call based on your input, but now I get the error,
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I checked the workspaces your account has access to and I believe the reason for this error is a timeout, which has to do with the large number of repos the workspace owns. Version 1 of our API doesn't have pagination, so it is not possible to return results in pages.
When there is a large number of repos, the API call will try to return all of them, and if the call takes more than 28 seconds it will time out. I'm afraid that it is not possible to increase the timeout.
A way to work around this issue:
It should be possible to iterate through the repos of the workspace and use the following API 2.0 endpoint for each repo, in order to get the permissions a specific group has on each repo:
If the permissions returned are 'none', this means the user group has no access to the repo.
Please note though that we have a rate limit of 1,000 requests per hour for any access to /2.0/repositories/*, for authenticated calls.
With a large number of repos, you will get 429 responses when the rate limit is hit.
If you are writing a script, a way to work around this would be by adding a sleep command for e.g. 10 or 30 seconds after each API call, to avoid hitting the rate limits (rate limits are divided into a one-hour rolling window).
This means that there will be a delay in getting the results, but it's the only way to get the info via API for a large number of repos.
If you have any questions, please feel free to let me know.
Kind regards,
Theodora
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
At what point do you just throw in the towel and say "move to a competent competitor"? This is ridiculous!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Durell Demartini and @Seth Miller,
I discussed this issue a bit further with the development team, you can try using the parameter ?exclude-members=true with the group-privileges endpoint and see if this helps.
The url would be
https://api.bitbucket.org/1.0/group-privileges/{workspace_id}/{group_owner}/{group_slug}?exclude-members=true
By default this endpoint will return the group members as well, which may lead to performance issues, but adding this parameter will not return the group members.
We have a feature request for adding a group-privileges endpoint to version 2.0 of our API that you can vote for to express your interest:
Kind regards,
Theodora
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.