ci: ✨ check PR author and not actor

Allowing external contributors to run actions would be quite bad. We just need to expand the rights of some of the team members
teia-community · Aug 9, 2023 · 9248161 · 9248161
1 parent 5fea800
commit 9248161
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/.github/workflows/pr-preview.yml b/.github/workflows/pr-preview.yml
@@ -23,11 +23,12 @@ jobs:
     outputs:
       level: ${{ steps.access_check.outputs.has-write }}
     steps:
-      - name: 🗝️ Check if initiator has write access
+      - name: 🗝️ Check if author has write access
         id: access_check
         run: |
-          PERMISSION=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" "https://api.github.com/repos/${{ github.repository }}/collaborators/${{ github.actor }}/permission" | jq -r .permission)
-          echo "Permissions of ${{ github.actor }}: ${PERMISSION}"
+          PERMISSION=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" "https://api.github.com/repos/${{ github.repository }}/collaborators/${{ github.event.pull_request.user.login }}/permission" | jq -r .permission)
+          echo "Workflow ran by ${{ github.actor }}"
+          echo "Permissions of ${{ github.event.pull_request.user.login }}: ${PERMISSION}"
           echo "has-write=${PERMISSION}" >> $GITHUB_OUTPUT
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}