@@ -25,33 +25,27 @@ jobs:
2525 echo "github.triggering_actor ${{ github.triggering_actor }}"
2626 echo "github.actor ${{ github.actor }}"
2727
28+ run : |
29+ if [[ ! -z "${{ inputs.pr_user_login }}" ]]; then
30+ echo "USER=${{ inputs.pr_user_login }}" >> $GITHUB_ENV
31+ else
32+ echo "USER=${{ github.triggering_actor }}" >> $GITHUB_ENV
33+ fi
34+
2835name : get user permission
2936 id : checkAccess
3037 uses : actions-cool/check-user-permission@v2
3138 with :
3239 require : write
33- username : ${{ github.triggering_actor }}
40+ username : ${{ env.USER }}
3441 env :
3542 GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
3643
3744 - name : check user permission (non-PR)
38- if : ${{ inputs.pr_user_login }} == '' && steps.checkAccess.outputs.require-result == 'false'
39- run : |
40- echo "${{ github.triggering_actor }} does not have permissions on this repo."
41- echo "Current permission level is ${{ steps.checkAccess.outputs.user-permission }}"
42- echo "Job originally triggered by ${{ github.actor }}"
43- exit 1
44-
45- name : check user permission
46- if : |
47- !(
48- (${{ inputs.pr_user_login }} == 'dependabot[bot]' && github.triggering_actor != 'dependabot[bot]') ||
49- (${{ inputs.pr_user_login }} == 'renovate[bot]' && github.triggering_actor != 'renovate[bot]')
50- )
51- &&
52- steps.checkAccess.outputs.require-result == 'false'
45+ if : env.USER != 'dependabot[bot]' && env.USER != 'renovate[bot]' && steps.checkAccess.outputs.require-result == 'false'
5346 run : |
54- echo "${{ github.triggering_actor }} does not have permissions on this repo."
47+ echo "${{ env.USER }} does not have permissions on this repo."
48+ echo "require-resuilt is ${{ steps.checkAccess.outputs.require-result }}"
5549 echo "Current permission level is ${{ steps.checkAccess.outputs.user-permission }}"
5650 echo "Job originally triggered by ${{ github.actor }}"
5751 exit 1
0 commit comments