Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create .graphql files for checking 2FA status of enterprise members… #759

Merged
merged 2 commits into from
Nov 26, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 28 additions & 0 deletions graphql/queries/enterprise-members-2fa-disabled.graphql
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# This GraphQL query will list any enterprise members who have yet to enable 2FA on their personal GitHub account.
# This does not list any outside collaborators, and will not work with Enterprise Managed Users other than the setup user.

query GetEnterpriseMembersWith2faDisabled {
enterprise(slug: "ENTERPRISE_SLUG") {
enterprise_id: id
enterprise_slug: slug
members_with_no_2fa: members(
first: 100
twoFactorMethodSecurity: DISABLED
) {
num_of_members: totalCount
edges {
node {
... on EnterpriseUserAccount {
login
}
}
}
pageInfo {
endCursor
startCursor
hasNextPage
hasPreviousPage
}
}
}
}
28 changes: 28 additions & 0 deletions graphql/queries/enterprise-members-2fa-insecure.graphql
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# This GraphQL query will list any enterprise members who have enabled 2FA on their GitHub account, but amongst their 2FA methods is SMS (which is deemed insecure).
# This does not list any outside collaborators, and will not work with Enterprise Managed Users other than the setup user.

query GetEnterpriseMembersWithInsecure2fa {
enterprise(slug: "ENTERPRISE_SLUG") {
enterprise_id: id
enterprise_slug: slug
members_with_insecure_2fa: members(
first: 100
twoFactorMethodSecurity: INSECURE
) {
num_of_members: totalCount
edges {
node {
... on EnterpriseUserAccount {
login
}
}
}
pageInfo {
endCursor
startCursor
hasNextPage
hasPreviousPage
}
}
}
}
28 changes: 28 additions & 0 deletions graphql/queries/enterprise-members-2fa-secure.graphql
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# This GraphQL query will list any enterprise members who have enabled 2FA on their GitHub account with a secure (non-SMS) method.
# This does not list any outside collaborators, and will not work with Enterprise Managed Users other than the setup user.

query GetEnterpriseMembersWithSecure2fa {
enterprise(slug: "ENTERPRISE_SLUG") {
enterprise_id: id
enterprise_slug: slug
members_with_secure_2fa: members(
first: 100
twoFactorMethodSecurity: SECURE
) {
num_of_members: totalCount
edges {
node {
... on EnterpriseUserAccount {
login
}
}
}
pageInfo {
endCursor
startCursor
hasNextPage
hasPreviousPage
}
}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# This GraphQL query will list any outside collaborators in an enterprise who have yet to enable 2FA on their GitHub account.

query GetEnterpriseollaboratorsWith2faDisabled {
enterprise(slug: "ENTERPRISE_SLUG") {
enterprise_id: id
enterprise_slug: slug
enterprise_owner_info: ownerInfo {
collaborators_with_no_2fa: outsideCollaborators(
twoFactorMethodSecurity: DISABLED
first: 100
) {
num_of_collaborators: totalCount
nodes {
login
}
pageInfo {
endCursor
startCursor
hasNextPage
hasPreviousPage
}
}
}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# This GraphQL query will list any outside collaborators in an enterprise who have enabled 2FA on their GitHub account, but amongst the 2FA methods is SMS (which is deemed insecure).

query GetEnterpriseCollaboratorsWithInsecure2fa {
enterprise(slug: "ENTERPRISE_SLUG") {
enterprise_id: id
enterprise_slug: slug
enterprise_owner_info: ownerInfo {
collaborators_with_insecure_2fa: outsideCollaborators(
twoFactorMethodSecurity: INSECURE
first: 100
) {
num_of_collaborators: totalCount
nodes {
login
}
pageInfo {
endCursor
startCursor
hasNextPage
hasPreviousPage
}
}
}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# This GraphQL query will list any outside collaborators in an enterprise who have enabled 2FA on their GitHub account with a secure (non-SMS) method.

query GetEnterpriseCollaboratorsWithSecure2fa {
enterprise(slug: "ENTERPRISE_SLUG") {
enterprise_id: id
enterprise_slug: slug
enterprise_owner_info: ownerInfo {
collaborators_with_secure_2fa: outsideCollaborators(
twoFactorMethodSecurity: SECURE
first: 100
) {
num_of_collaborators: totalCount
nodes {
login
}
pageInfo {
endCursor
startCursor
hasNextPage
hasPreviousPage
}
}
}
}
}
Loading