Skip to content

Permissions Model

Single team, all automata

Access to every automaton in the Hall is controlled by one GitHub team: automata-invokers.

Members of this team can invoke any automaton via label or @hall-of-automata assignment. Non-members trigger a hard workflow failure: the invocation is aborted, an explanatory comment is posted tagging both @automata-invokers and the invoker, and no usage counter is incremented.

%%{init: {'theme': 'base', 'themeVariables': {'fontSize': '15px', 'primaryColor': '#1e3a5f', 'primaryTextColor': '#e2e8f0', 'primaryBorderColor': '#3b82f6', 'lineColor': '#60a5fa', 'secondaryColor': '#1e293b', 'tertiaryColor': '#0f1929', 'clusterBkg': '#0d1b2e', 'clusterBorder': '#334155', 'titleColor': '#c0cfe4', 'edgeLabelBackground': '#1e293b'}}}%%

flowchart TD
    A([Label applied or assignment]) --> B{sender in\nautomata-invokers?}
    B -- Yes --> C([Invocation proceeds])
    B -- No --> D[Workflow exits non-zero]
    D --> E[Comment posted\ntags @automata-invokers and sender]
    E --> F([No label applied\nno counter incremented])

    classDef trigger fill:#4c1d95,stroke:#7c3aed,color:#ede9fe,stroke-width:2px
    classDef decision fill:#78350f,stroke:#f59e0b,color:#fef3c7,stroke-width:2px
    classDef success fill:#14532d,stroke:#22c55e,color:#dcfce7,stroke-width:2px
    classDef failure fill:#7f1d1d,stroke:#ef4444,color:#fee2e2,stroke-width:2px

    class A trigger
    class B decision
    class C success
    class D,E,F failure

Team membership check

The Hall App is registered with Members: read organization permission. Authorization uses the App's installation token — no separate ORG_READ_TOKEN PAT is needed.

const res = await github.rest.teams.getMembershipForUserInOrg({
  org: context.repo.owner,
  team_slug: 'automata-invokers',
  username: context.payload.sender.login
});
return res.data.state === 'active';

A failed API call (user not found, token issue, API error) returns false and triggers the hard-fail path. Fail closed — invocation never proceeds on ambiguity.

Federation and team membership

Installing the Hall App in an org does not automatically grant any user invocation rights. The invoker must be added to automata-invokers separately, or already be a member.

Adding a member: - Org → Teams → automata-invokers → Add member - No code change, no PR required - Takes effect immediately

Removing a member: - Remove from team in GitHub UI - Takes effect immediately

What this does not protect

  • Label application itself — any org member (or anyone with repo write access on a public repo) can apply labels. The workflow is the gate, not GitHub's label UI.
  • Org admins — admins can modify team membership and environment secrets. The model assumes org admins are trusted.
  • Workflow source — a malicious modification to workflow files could bypass the check. See ../security.md for branch protection controls.