Skip to content

Permissions Model

Single team, all automata

Access to every automaton in the Hall is controlled by one GitHub team: automata-invokers.

Members of this team can invoke any automaton via label or @hall-of-automata assignment. Non-members trigger a hard workflow failure: the invocation is aborted, an explanatory comment is posted tagging both @automata-invokers and the invoker, and no usage counter is incremented.

%%{init: {'theme': 'base', 'themeVariables': {'fontSize': '15px', 'primaryColor': '#1e3a5f', 'primaryTextColor': '#e2e8f0', 'primaryBorderColor': '#3b82f6', 'lineColor': '#60a5fa', 'secondaryColor': '#1e293b', 'tertiaryColor': '#0f1929', 'clusterBkg': '#0d1b2e', 'clusterBorder': '#334155', 'titleColor': '#c0cfe4', 'edgeLabelBackground': '#1e293b'}}}%%

flowchart TD
    A([Label applied or assignment]) --> B{sender in\nautomata-invokers?}
    B -- Yes --> C([Invocation proceeds])
    B -- No --> D[Workflow exits non-zero]
    D --> E[Comment posted\ntags @automata-invokers and sender]
    E --> F([No label applied\nno counter incremented])

    classDef trigger fill:#4c1d95,stroke:#7c3aed,color:#ede9fe,stroke-width:2px
    classDef decision fill:#78350f,stroke:#f59e0b,color:#fef3c7,stroke-width:2px
    classDef success fill:#14532d,stroke:#22c55e,color:#dcfce7,stroke-width:2px
    classDef failure fill:#7f1d1d,stroke:#ef4444,color:#fee2e2,stroke-width:2px

    class A trigger
    class B decision
    class C success
    class D,E,F failure

Team membership check

The Hall App is registered with Members: read organization permission. Authorization uses the App's installation token — no separate ORG_READ_TOKEN PAT is needed.

const res = await github.rest.teams.getMembershipForUserInOrg({
  org: context.repo.owner,
  team_slug: 'automata-invokers',
  username: context.payload.sender.login
});
return res.data.state === 'active';

A failed API call (user not found, token issue, API error) returns false and triggers the hard-fail path. Fail closed — invocation never proceeds on ambiguity.

Federation and team membership

Federating an automaton does not automatically grant its invoker invocation rights. The invoker must be added to automata-invokers separately, or already be a member.

Adding a member: - Org → Teams → automata-invokers → Add member - No code change, no PR required - Takes effect immediately

Removing a member: - Remove from team in GitHub UI - Takes effect immediately

What this does not protect

  • Label application itself — any org member (or anyone with repo write access on a public repo) can apply labels. The workflow is the gate, not GitHub's label UI.
  • Org admins — admins can modify team membership and environment secrets. The model assumes org admins are trusted.
  • Workflow source — a malicious modification to workflow files could bypass the check. See ../security.md for branch protection controls.