diff --git a/.github/workflows/restrict-pr-authors.yaml b/.github/workflows/restrict-pr-authors.yaml new file mode 100644 index 000000000..e7c26348c --- /dev/null +++ b/.github/workflows/restrict-pr-authors.yaml @@ -0,0 +1,57 @@ +# Author: Moutaz (restrict PR authors) +name: Restrict PR Authors + +permissions: + contents: read + pull-requests: write + +on: + pull_request: + types: [opened, reopened] + branches: + - dev_odex-event + - dev_odex25_accounting + - dev_odex25_base + - dev_odex25_dms + - dev_odex25_fleet + - dev_odex25_hr + - dev_odex25_inventory + - dev_odex25_maintenance + - dev_odex25_mobile + - dev_odex25_pos + - dev_odex25_project + - dev_odex25_purchase + - dev_odex25_realstate + - dev_odex25_sales + - dev_odex25_survey + - dev_odex25_transactions + - dev_odex25_website + - dev_openeducat_erp-14.0.1.0 + - dev_odex25_ensan + - dev_odex25_helpdesk + - dev_odex25_donation + +jobs: + validate: + runs-on: linting_odex25-standard-modules_runner + + steps: + - name: Check PR Author + uses: actions/github-script@v7 + with: + github-token: ${{ secrets.PR_CLOSE_TOKEN }} + script: | + const allowed = ["expsa", "moutazmuhammad", "ronozoro", "Abubaker-Altaib", "altexp", "MohamedGad100", "the5abir", "esraa8mostafa", "zainab2097", "ahmadaking", "mohamed33", "mohammed-alkhazrji", "AwatifImam", "kchyounes19", "eslamtalaat744", "abuzaid4exp", "AbuzarExp", "yahyaDevelopOdoo", "MahmoudSalahEXP", "Nossibaelhadi"]; + const author = context.payload.pull_request.user.login; + + core.info(`PR Author: ${author}`); + + if (!allowed.includes(author)) { + core.error(`User '${author}' is NOT allowed. Closing PR...`); + await github.rest.pulls.update({ + owner: context.repo.owner, + repo: context.repo.repo, + pull_number: context.payload.pull_request.number, + state: "closed" + }); + }