Refactor PR author validation in workflow

Updated the GitHub Actions workflow to restrict PR authors by modifying the allowed users list and changing the validation logic.

.github/workflows/restrict-pr-authors.yaml

@@ -1,6 +1,10 @@
 # Author: Moutaz (restrict PR authors)
 name: Restrict PR Authors
 
+permissions:
+  contents: read
+  pull-requests: write
+  
 on:
   pull_request:
     types: [opened, reopened]
@@ -28,36 +32,26 @@ on:
       - dev_odex25_donation
 
 jobs:
-  restrict-author:
+  validate:
     runs-on: linting_odex25-standard-modules_runner
 
     steps:
-      - name: Validate PR Author
+      - name: Check PR Author
         uses: actions/github-script@v7
         with:
+          github-token: ${{ secrets.PR_CLOSE_TOKEN }}   # 👈 ضروري
           script: |
-            const allowedUsers = [
+            const allowed = ["ahmad-samir", "moutazmuhammad"];
-              "ahmad-samir",
+            const author = context.payload.pull_request.user.login;
-              "expdevops",
-              "whatever-user"
-            ];
 
-            const pr = context.payload.pull_request;
+            core.info(`PR Author: ${author}`);
-            const author = pr.user.login;
-
-            console.log("PR Author:", author);
-
-            if (!allowedUsers.includes(author)) {
-              console.log(`❌ User '${author}' is NOT allowed to open PRs. Closing PR...`);
 
+            if (!allowed.includes(author)) {
+              core.error(`User '${author}' is NOT allowed. Closing PR...`);
               await github.rest.pulls.update({
                 owner: context.repo.owner,
                 repo: context.repo.repo,
-                pull_number: pr.number,
+                pull_number: context.payload.pull_request.number,
                 state: "closed"
               });
-
-              core.setFailed("PR automatically closed. Unauthorized author.");
-            } else {
-              console.log("✅ Author is allowed to open PR.");
             }