Feature: Assign Reports about hackerone-client HOT 5 CLOSED

The endpoint expects an id and a type to be provided. Where type is one of user, group or nobody. The id is, of course, the id of the user or the id of the group.

To support this functionality in this gem, we introduce something like

def assign_to(type, user_or_group_id=nil)

report = Hackerone::Report.first
esjee = Hackerone::User.find 'esjee'
report.assign_to(esjee.id, 'user')

However, I'm doubting whether that's a perfect solution. Perhaps masking the details of how the API works is nicer, and we could do something like

def remove_assignee    #  assign_to 'nobody'
def assign(user_or_group_name)

report = Hackerone::Report.first
report.remove_assignee
report.assign_to 'esjee'
report.assign_to 'developers'

But maybe I'm just overthinking this. 😄

Do you have any thoughts on this? Do you plan to use this functionality, and if so, how would you like to use it?

from hackerone-client.

@esjee Woah, I didn't realize h1 had the option to assign issues to a group or even how that is managed.

report.assign_to(esjee.id, 'user')

What happens if you do something like report.assign_to(some_group.id, 'user')? Would the API reject that? It seems like supplying the type would only be useful as a sanity check, but the param is required so I'm assuming it matters greatly.

report.assign_to 'esjee'

Would this do a lookup to see if esjee is a group or a user? Same goes for developers. Assuming the assignment blows up if you supply the wrong type, I think this API is better even if it does cost an extra API call (although I'd prefer that the actual API treated the type as optional).

from hackerone-client.

What happens if you do something like report.assign_to(some_group.id, 'user')? Would the API reject that?

Well, that depends. It'll try to assign to a user with the id of the group. If you happen to have a user in your team that is lucky enough to have the same id as the group, then the API assumes you want to assign to that person. If no such user can be found, the request fails.

So yes, it matters greatly. 😕

Would this do a lookup to see if esjee is a group or a user? Same goes for developers. Assuming the assignment blows up if you supply the wrong type, I think this API is better even if it does cost an extra API call (although I'd prefer that the actual API treated the type as optional).

Cool! I'll try to implement this behavior.

from hackerone-client.

If you happen to have a user in your team that is lucky enough to have the same id as the group

Ah, I guess I was assuming a user ID couldn't be a group ID but I'm not sure where I'd get that feeling.

from hackerone-client.

Fixed in #16

from hackerone-client.