[PR #218] [MERGED] fix: gracefully handle SAML-protected orgs during GitHub import #1845

New Issue

Closed

opened 2026-04-27 19:13:02 -05:00 by GiteaMirror · 0 comments

GiteaMirror commented 2026-04-27 19:13:02 -05:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/RayLabsHQ/gitea-mirror/pull/218
Author: @arunavo4
Created: 3/6/2026
Status: ✅ Merged
Merged: 3/7/2026
Merged by: @arunavo4

Base: main ← Head: fix/graceful-saml-org-import

---

📝 Commits (1)

• 8f76f33 fix: gracefully handle SAML-protected orgs during GitHub import (#217)

📊 Changes

4 files changed (+151 additions, -43 deletions)

View changed files

📝 src/components/config/ConfigTabs.tsx (+21 -9)
📝 src/components/organizations/OrganizationsList.tsx (+17 -5)
📝 src/lib/github.ts (+38 -21)
📝 src/pages/api/sync/index.ts (+75 -8)

📄 Description

Summary

Closes #217

• Previously: If a user belonged to any GitHub org with SAML/SSO enforcement, the entire "Import GitHub Data" operation failed with a 403 error — no repos or orgs were imported.
• Now: SAML-protected orgs that return 403 are saved to the database with status: "failed" and the actual GitHub error message, while the rest of the import (repos, starred repos, other orgs) proceeds normally.

Changes

• src/lib/github.ts — getGithubOrganizations catches 403 errors per-org instead of failing entirely. Returns both successful orgs and failed orgs with the GitHub error message.
• src/pages/api/sync/index.ts — Inserts failed orgs into DB with status: "failed" + errorMessage. On re-import, recovers previously failed orgs that now succeed. Only updates error message for orgs already in failed state (never overwrites "mirrored" or other good states).
• src/components/config/ConfigTabs.tsx — Shows toast warnings for failed orgs ("2 orgs failed to import…") and success toasts for recovered orgs on re-import.
• src/components/organizations/OrganizationsList.tsx — Displays the GitHub error message on failed org cards. Shows "Re-import from Settings" button for import-failed orgs (vs existing "Retry Mirror" for mirror-failed orgs). Users can also ignore or delete failed orgs via the existing dropdown menu.

User flow

1. User imports GitHub data → SAML-protected orgs fail with a toast warning
2. Failed orgs appear in the Organizations tab with the error message and a "Failed" badge
3. User can either:
   • Ignore/Delete the org if they don't want it
   • Grant PAT SAML access on GitHub, then re-import → org recovers to "imported" status

Test plan

• All 163 existing tests pass
• Verify import works when user has no SAML-protected orgs (no regression)
• Verify import completes with warning toast when SAML-protected orgs exist
• Verify failed orgs show in Organizations tab with error message
• Verify "Ignore" and "Delete" work on failed orgs
• Verify re-import recovers failed orgs after granting PAT access
• Verify re-import does not overwrite already-mirrored orgs if they later fail

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/RayLabsHQ/gitea-mirror/pull/218 **Author:** [@arunavo4](https://github.com/arunavo4) **Created:** 3/6/2026 **Status:** ✅ Merged **Merged:** 3/7/2026 **Merged by:** [@arunavo4](https://github.com/arunavo4) **Base:** `main` ← **Head:** `fix/graceful-saml-org-import` --- ### 📝 Commits (1) - [`8f76f33`](https://github.com/RayLabsHQ/gitea-mirror/commit/8f76f332f198740d6f64cf553ef65913f4208558) fix: gracefully handle SAML-protected orgs during GitHub import (#217) ### 📊 Changes **4 files changed** (+151 additions, -43 deletions) <details> <summary>View changed files</summary> 📝 `src/components/config/ConfigTabs.tsx` (+21 -9) 📝 `src/components/organizations/OrganizationsList.tsx` (+17 -5) 📝 `src/lib/github.ts` (+38 -21) 📝 `src/pages/api/sync/index.ts` (+75 -8) </details> ### 📄 Description ## Summary Closes #217 - **Previously:** If a user belonged to any GitHub org with SAML/SSO enforcement, the entire "Import GitHub Data" operation failed with a 403 error — no repos or orgs were imported. - **Now:** SAML-protected orgs that return 403 are saved to the database with `status: "failed"` and the actual GitHub error message, while the rest of the import (repos, starred repos, other orgs) proceeds normally. ### Changes - **`src/lib/github.ts`** — `getGithubOrganizations` catches 403 errors per-org instead of failing entirely. Returns both successful orgs and failed orgs with the GitHub error message. - **`src/pages/api/sync/index.ts`** — Inserts failed orgs into DB with `status: "failed"` + `errorMessage`. On re-import, recovers previously failed orgs that now succeed. Only updates error message for orgs already in failed state (never overwrites `"mirrored"` or other good states). - **`src/components/config/ConfigTabs.tsx`** — Shows toast warnings for failed orgs ("2 orgs failed to import…") and success toasts for recovered orgs on re-import. - **`src/components/organizations/OrganizationsList.tsx`** — Displays the GitHub error message on failed org cards. Shows "Re-import from Settings" button for import-failed orgs (vs existing "Retry Mirror" for mirror-failed orgs). Users can also ignore or delete failed orgs via the existing dropdown menu. ### User flow 1. User imports GitHub data → SAML-protected orgs fail with a toast warning 2. Failed orgs appear in the Organizations tab with the error message and a "Failed" badge 3. User can either: - **Ignore/Delete** the org if they don't want it - **Grant PAT SAML access** on GitHub, then re-import → org recovers to "imported" status ## Test plan - [x] All 163 existing tests pass - [ ] Verify import works when user has no SAML-protected orgs (no regression) - [ ] Verify import completes with warning toast when SAML-protected orgs exist - [ ] Verify failed orgs show in Organizations tab with error message - [ ] Verify "Ignore" and "Delete" work on failed orgs - [ ] Verify re-import recovers failed orgs after granting PAT access - [ ] Verify re-import does not overwrite already-mirrored orgs if they later fail --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

GiteaMirror added the pull-request label 2026-04-27 19:13:02 -05:00

GiteaMirror closed this issue 2026-04-27 19:13:04 -05:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

fix/mirror-sync-bugs-262-263-264

v3.15.10

v3.15.9

v3.15.8

v3.15.7

v3.15.6

v3.15.5

v3.15.4

v3.15.3

v3.15.2

v3.15.1

v3.15.0

v3.14.2

v3.14.1

v3.14.0

v3.13.4

v3.13.3

v3.13.2

v3.13.1

v3.13.0

v3.12.5

v3.12.4

v3.12.3

v3.12.2

v3.12.1

v3.12.0

v3.11.0

v3.10.1

v3.10.0

v3.9.6

v3.9.5

v3.9.4

v3.9.3

v3.9.2

v3.9.0

v3.8.11

v3.8.10

v3.8.9

v3.8.8

v3.8.7

v3.8.6

v3.8.5

v3.8.4

v3.8.3

v3.8.2

v3.8.1

v3.8.0

v3-sso

v3.7.2

v3.7.1

v3.7.0

v3.6.0

v3.5.4

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.0

v3.3.0

v3.2.6

v3.2.5

v3.2.4

v3.2.3

v3.2.2

v3.2.1

v3.2.0

v3.1.1

v3.1.0

v3.0.1

v3.0.0

v2.22.0

v2.21.0

v2.20.1

v2.20.0

v2.18.0

v2.17.0

v2.16.3

v2.16.2

v2.16.1

v2.16.0

v2.15.0

v2.14.0

v2.13.2

v2.13.1

v2.13.0

v2.12.0

v2.11.2

v2.11.1

v2.11.0

v2.10.0

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.8.0

v2.7.0

v2.6.0

v2.5.4

v2.5.3

v2.5.2

v2.5.1

v2.5.0

v2.1.0

v2.0.0

v1.0.0

Labels

Clear labels

bug

documentation

enhancement

help wanted

pull-request

Mirrored from GitHub Pull Request

question

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/gitea-mirror#1845