sutt0n
diff --git a/‎content/changes/2014-08-05-team-memberships-api.md‎
Lines changed: 40 additions & 0 deletions b/‎content/changes/2014-08-05-team-memberships-api.md‎
Lines changed: 40 additions & 0 deletions
diff --git a/‎content/v3/orgs/teams.md‎
Lines changed: 132 additions & 3 deletions b/‎content/v3/orgs/teams.md‎
Lines changed: 132 additions & 3 deletions
diff --git a/‎lib/resources.rb‎
Lines changed: 12 additions & 0 deletions b/‎lib/resources.rb‎
Lines changed: 12 additions & 0 deletions
@@ -0,0 +1,40 @@
+---
+kind: change
+title: We're changing the way you add new members to your organization
+created_at: 2014-08-05
+author_name: jakeboxer
+---
+
+Today, we're announcing a change to the way organization owners add new members to their organization.
+
+Previously, if you were an organization owner, you could use the [add team member][add-team-member] endpoint to add any GitHub user to any team on your organization without any sort of approval from them. Now, we're increasing user security by sending [invitations][org-invitations] to users when they're added to teams on organizations that they aren't yet a part of.
+
+With this change, if you use the [add team member][add-team-member] endpoint to add a user to a team and that user isn't already on another team in your organization, the request will fail.
+
+### The new Team Memberships API
+
+You should change all your [add team member][add-team-member] requests to use the new [add team membership][add-team-membership] endpoint. This new endpoint works exactly the same as the old one, with one important change: if the membership being added is for a user who is unaffiliated with the team's organization, that user will be sent an invitation via email.
+
+Unlike the [add team member][add-team-member] endpoint, a successful request to the [add team membership][add-team-membership] endpoint does *not* guarantee that the user is now a member of the team. If you're trying to migrate to the new endpoint and need to know when a user has been successfully added (not just invited) to a team, please check out [TeamAddEvent][team-add-event].
+
+### Preview period
+
+We're making the new Team Memberships API (and the breaking changes to the [add team member][add-team-member] API) available today for developers to preview. During this period, we may change aspects of these endpoints. If we do, we will announce the changes on the developer blog, but we will not provide any advance notice.
+
+While these new APIs are in their preview period, you'll need to provide the following custom media type in the `Accept` header:
+
+    application/vnd.github.the-wasp-preview+json
+
+We expect the preview period to last 30-60 days. At the end of the preview period, the Team Memberships API will become an official component of GitHub API v3, as will the [add team member][add-team-member] API's breaking changes.
+
+If you have any questions or feedback, please [get in touch with us][contact]!
+
+[contact]: https://github.com/contact?form[subject]=Team+Memberships+API
+[org-invitations]: https://help.github.com/articles/adding-or-inviting-members-to-a-team-in-an-organization
+[add-team-member]: /v3/orgs/teams/#add-team-member
+[add-team-membership]: /v3/orgs/teams/#add-team-membership
+[get-team-member]: /v3/orgs/teams/#get-team-member
+[get-team-membership]: /v3/orgs/teams/#get-team-membership
+[remove-team-member]: /v3/orgs/teams/#remove-team-member
+[remove-team-member]: /v3/orgs/teams/#remove-team-membership
+[team-add-event]: /v3/activity/events/types/#teamaddevent
@@ -122,8 +122,9 @@ must be a member of the team.
 ## Add team member
 
 In order to add a user to a team, the authenticated user must have
-'admin' permissions to the team or be an owner of the org that the team
-is associated with.
+'admin' permissions to the team or be an owner of the organization that the team
+is associated with, and the user being added must already be a member of at
+least one other team on the same organization.
 
     PUT /teams/:id/members/:username
 
@@ -145,19 +146,147 @@ If you attempt to add an organization to a team, you will get this:
     }]
 %>
 
+If you attempt to add a user to a team and that user is not a member of at least
+one other team on the same organization, you will get this:
+
+<%= headers 422 %>
+<%=
+  json :message => "Validation Failed",
+    :errors => [{
+      :code     => "unaffiliated",
+      :field    => :user,
+      :resource => :TeamMember
+    }]
+%>
+
 ## Remove team member
 
 In order to remove a user from a team, the authenticated user must have
 'admin' permissions to the team or be an owner of the org that the team
 is associated with.
-NOTE: This does not delete the user, it just remove them from the team.
+NOTE: This does not delete the user, it just removes them from the team.
 
     DELETE /teams/:id/members/:username
 
 ### Response
 
 <%= headers 204 %>
 
+## Get team membership
+
+<div class="alert">
+  <p>
+    The Team Memberships API is currently available for developers to preview.
+    During the preview period, the API may change without notice.
+    Please see the <a href="/changes/2014-08-05-team-memberships-api/">blog post</a> for full details.
+  </p>
+
+  <p>
+    To access the API during the preview period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
+    <pre>application/vnd.github.the-wasp-preview+json</pre>
+  </p>
+</div>
+
+In order to get a user's membership with a team, the authenticated user must be
+a member of the team or an owner of the team's organization.
+
+    GET /teams/:id/memberships/:username
+
+### Response if user has an active membership with team
+
+<%= headers 200 %>
+<%= json(:active_team_membership) %>
+
+### Response if user has a pending membership with team
+
+<%= headers 200 %>
+<%= json(:pending_team_membership) %>
+
+### Response if user has no membership with team
+
+<%= headers 404 %>
+
+## Add team membership
+
+<div class="alert">
+  <p>
+    The Team Memberships API is currently available for developers to preview.
+    During the preview period, the API may change without notice.
+    Please see the <a href="/changes/2014-08-05-team-memberships-api/">blog post</a> for full details.
+  </p>
+
+  <p>
+    To access the API during the preview period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
+    <pre>application/vnd.github.the-wasp-preview+json</pre>
+  </p>
+</div>
+
+In order to add a membership between a user and a team, the authenticated user
+must have 'admin' permissions to the team or be an owner of the organization
+that the team is associated with.
+
+If the user is already a part of the team's organization (meaning they're on at
+least one other team in the organization), this endpoint will add the user to
+the team.
+
+If the user is completely unaffiliated with the team's organization (meaning
+they're on none of the organization's teams), this endpoint will send an
+invitation to the user via email. This newly-created membership will be in the
+"pending" state until the user accepts the invitation, at which point the
+membership will transition to the "active" state and the user will be added as a
+member of the team.
+
+    PUT /teams/:id/memberships/:username
+
+### Response if user's membership with team is now active
+
+<%= headers 200 %>
+<%= json(:active_team_membership) %>
+
+### Response if user's membership with team is now pending
+
+<%= headers 200 %>
+<%= json(:active_team_membership) %>
+
+If you attempt to add an organization to a team, you will get this:
+
+<%= headers 422 %>
+<%=
+  json :message => "Validation Failed",
+    :errors => [{
+      :code     => "org",
+      :field    => :user,
+      :resource => :TeamMember
+    }]
+%>
+
+## Remove team membership
+
+<div class="alert">
+  <p>
+    The Team Memberships API is currently available for developers to preview.
+    During the preview period, the API may change without notice.
+    Please see the <a href="/changes/2014-08-05-team-memberships-api/">blog post</a> for full details.
+  </p>
+
+  <p>
+    To access the API during the preview period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
+    <pre>application/vnd.github.the-wasp-preview+json</pre>
+  </p>
+</div>
+
+In order to remove a membership between a user and a team, the authenticated
+user must have 'admin' permissions to the team or be an owner of the
+organization that the team is associated with.
+NOTE: This does not delete the user, it just removes their membership from the
+team.
+
+    DELETE /teams/:id/memberships/:username
+
+### Response
+
+<%= headers 204 %>
+
 ## List team repos
 
     GET /teams/:id/repos
 
@@ -712,6 +712,18 @@ def fetch_content(key)
       "organization" =>  ORG
     })
 
+    TEAM_MEMBERSHIP = {
+      "url" => "https://api.github.com/teams/1/memberships/octocat"
+    }
+
+    ACTIVE_TEAM_MEMBERSHIP = TEAM_MEMBERSHIP.merge(
+      "status" => "active"
+    )
+
+    PENDING_TEAM_MEMBERSHIP = TEAM_MEMBERSHIP.merge(
+      "status" => "pending"
+    )
+
     LABEL = {
       "url"   => "https://api.github.com/repos/octocat/Hello-World/labels/bug",
       "name"  => "bug",