Revert to issues.createComment with proper permissions

.github/workflows/close-external-prs.yml

@@ -13,25 +13,21 @@ jobs:
     if: vars.DISABLE_EXTERNAL_PR_CHECK != 'true'
     runs-on: ubuntu-latest
     steps:
-      - name: Check if author has write access
+      - name: Check if author is org member
         uses: actions/github-script@v7
         with:
           script: |
+            const org = 'anthropics';
             const author = context.payload.pull_request.user.login;
 
-            const { data } = await github.rest.repos.getCollaboratorPermissionLevel({
+            try {
-              owner: context.repo.owner,
+              await github.rest.orgs.checkMembershipForUser({
-              repo: context.repo.repo,
+                org: org,
                 username: author
               });
-
+              console.log(`${author} is an org member, allowing PR`);
-            if (['admin', 'write'].includes(data.permission)) {
+            } catch (e) {
-              console.log(`${author} has ${data.permission} access, allowing PR`);
+              if (e.status === 404) {
-              return;
-            }
-
-            console.log(`${author} has ${data.permission} access, closing PR`);
-
                 await github.rest.issues.createComment({
                   owner: context.repo.owner,
                   repo: context.repo.repo,
@@ -45,3 +41,7 @@ jobs:
                   pull_number: context.payload.pull_request.number,
                   state: 'closed'
                 });
+
+                console.log(`Closed PR from external contributor: ${author}`);
+              }
+            }