Skip to content

feat: add Hugging Face org pool access#5

Merged
osolmaz merged 3 commits into
mainfrom
feat/org-membership-grants
Jul 6, 2026
Merged

feat: add Hugging Face org pool access#5
osolmaz merged 3 commits into
mainfrom
feat/org-membership-grants

Conversation

@osolmaz

@osolmaz osolmaz commented Jul 6, 2026

Copy link
Copy Markdown
Member

Summary

Pool admins could only invite individual Hugging Face users.
This change lets admins grant pool access to members of a Hugging Face organization, such as huggingface, without giving those people repo or dataset permissions.
The Space still owns dataset writes, and org-derived app tokens are shorter-lived so org membership changes eventually take effect.

What Changed

Org access is now part of the same pool membership system as individual users.
Admins can add or remove allowed member organizations from the Space Admin tab.

  • Added member_orgs to config/pool.json snapshots with stable Hugging Face org IDs.
  • Added a server-side HF org resolver that maps an org slug to the stable org ID from HF's org overview endpoint.
  • Updated HF OAuth login to include configured orgIds and parse OAuth userinfo org identities.
  • Extended signed session and pool tokens to carry OAuth-proven org IDs while keeping old username-only tokens valid.
  • Kept admin access explicit; org grants make users pool members only.
  • Added admin API and explorer UI support for managing allowed member organizations.
  • Updated README and implementation docs for org-based access.

Testing

I tested the full local gate and production build after the final changes.
The actual Hugging Face browser OAuth consent screen still needs deployed verification because it depends on HF's live OAuth flow.

  • npm run check
  • npm run build

Risks

The main behavior is covered by backend and explorer tests.
The remaining risk is HF OAuth provider behavior around orgIds in the live consent flow, which cannot be fully simulated locally.

  • Existing explicit user/admin access remains supported.
  • Existing username-only signed tokens still verify.
  • Org-derived tokens expire sooner than explicit user tokens.

@osolmaz

osolmaz commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

Final validation before merge:

  • npm run check passed locally.
  • npm run build passed locally.
  • codex review --base main passed on the final branch head with no actionable correctness findings. The review sandbox could not run Vitest because it is read-only and Vite writes a temp config cache, but the writable local test gate passed.
  • GitHub Actions check passed on head dce4a5ffe6a4bebaf3101d1f3cc4ad6aff8095ef.
  • PR comments and reviews were checked after the post-push wait window; none were present.

@osolmaz osolmaz merged commit 6a2853e into main Jul 6, 2026
1 check passed
@osolmaz osolmaz deleted the feat/org-membership-grants branch July 6, 2026 17:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant