Use collaborator permission check instead of org membership (#147)

.github/workflows/close-external-prs.yml

@@ -13,21 +13,25 @@ jobs:
     if: vars.DISABLE_EXTERNAL_PR_CHECK != 'true'
     runs-on: ubuntu-latest
     steps:
-      - name: Check if author is org member
+      - name: Check if author has write access
         uses: actions/github-script@v7
         with:
           script: |
-            const org = 'anthropics';
             const author = context.payload.pull_request.user.login;
 
-            try {
-              await github.rest.orgs.checkMembershipForUser({
-                org: org,
+            const { data } = await github.rest.repos.getCollaboratorPermissionLevel({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
               username: author
             });
-              console.log(`${author} is an org member, allowing PR`);
-            } catch (e) {
-              if (e.status === 404) {
+
+            if (['admin', 'write'].includes(data.permission)) {
+              console.log(`${author} has ${data.permission} access, allowing PR`);
+              return;
+            }
+
+            console.log(`${author} has ${data.permission} access, closing PR`);
+
             await github.rest.issues.createComment({
               owner: context.repo.owner,
               repo: context.repo.repo,
@@ -41,7 +45,3 @@ jobs:
               pull_number: context.payload.pull_request.number,
               state: 'closed'
             });
-
-                console.log(`Closed PR from external contributor: ${author}`);
-              }
-            }