REQUIRED_ORG filters out all private members

[Nezz]

I set up a mention-bot with access to our organization and its private repositories using the following configuration:
GITHUB_USER=bot_username GITHUB_PASSWORD=bot_pass GITHUB_TOKEN=bot_token_with_repo_scope REQUIRED_ORG=YousicianGit npm start

However, if the REQUIRED_ORG is set, metion-bot cannot find any reviewers:

https://github.com/YousicianGit/Foobar/pull/1234
Reviewers: []
Skipping because there are no reviewers found.

If I remove that env variable it starts to work:

https://github.com/YousicianGit/Foobar/pull/123
Reviewers: [ 'user1', 'user2', 'user3' ]

I noticed that most of our users have their membership in the organization set to Private, like this:

https://help.github.com/articles/publicizing-or-hiding-organization-membership/

I assume that this is the reason no reviewers are found. Would be nice to fix this somehow. In the meantime we won't use the REQUIRED_ORG.

[Nezz]

Seems like support was added for this in #106, so this can be a regression.

[dstufft]

This does not appear to be a regression (although it is affecting us too). It appears that #106 only functions for private repositories and operates independently of the REQUIRED_ORG setting. Looking at the code it appears that the function used github.orgs.getForUser({ ... }); is only capable of iterating over the public organizations for a user.

It seems like it would be better to use github.orgs.getMembers which is already exposed inside of mention-bot as getMembersOfOrg, and then filter the list by who is returned by getMembersOfOrg instead of by calling github.orgs.getForUser for each potential reviewer. If the bot user is not a member of the org, this should still have the result of only seeing public members, but if they are a member of the org, it should see private members as well.