# Author: Moutaz (restrict PR authors)
name: Restrict PR Authors

permissions:
  contents: read
  pull-requests: write
  
on:
  pull_request:
    types: [opened, reopened]
    branches:
      - dev_odex-event
      - dev_odex25_accounting
      - dev_odex25_base
      - dev_odex25_dms
      - dev_odex25_fleet
      - dev_odex25_hr
      - dev_odex25_inventory
      - dev_odex25_maintenance
      - dev_odex25_mobile
      - dev_odex25_pos
      - dev_odex25_project
      - dev_odex25_purchase
      - dev_odex25_realstate
      - dev_odex25_sales
      - dev_odex25_survey
      - dev_odex25_transactions
      - dev_odex25_website
      - dev_openeducat_erp-14.0.1.0
      - dev_odex25_ensan
      - dev_odex25_helpdesk
      - dev_odex25_donation

jobs:
  validate:
    runs-on: linting_odex25-standard-modules_runner

    steps:
      - name: Check PR Author
        uses: actions/github-script@v7
        with:
          github-token: ${{ secrets.PR_CLOSE_TOKEN }}
          script: |
            const allowed = ["expsa", "moutazmuhammad", "ronozoro", "Abubaker-Altaib", "altexp", "MohamedGad100", "the5abir", "esraa8mostafa", "zainab2097", "ahmadaking", "mohamed33", "mohammed-alkhazrji", "AwatifImam", "kchyounes19", "eslamtalaat744", "abuzaid4exp", "AbuzarExp", "yahyaDevelopOdoo", "MahmoudSalahEXP", "Nossibaelhadi"];
            const author = context.payload.pull_request.user.login;

            core.info(`PR Author: ${author}`);

            if (!allowed.includes(author)) {
              core.error(`User '${author}' is NOT allowed. Closing PR...`);
              await github.rest.pulls.update({
                owner: context.repo.owner,
                repo: context.repo.repo,
                pull_number: context.payload.pull_request.number,
                state: "closed"
              });
            }