From 80c40f6afd64e7e2a178ebc64de964d4ad270cde Mon Sep 17 00:00:00 2001
From: netmindz <will@netmindz.net>
Date: Sat, 14 Jun 2025 19:10:45 +0000
Subject: [PATCH] Update pr-merge.yaml

try and fix permissions issue of missing secret on PRs
---
 .github/workflows/pr-merge.yaml | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/.github/workflows/pr-merge.yaml b/.github/workflows/pr-merge.yaml
index 7363b498a..db5937dff 100644
--- a/.github/workflows/pr-merge.yaml
+++ b/.github/workflows/pr-merge.yaml
@@ -8,6 +8,25 @@
       notify:
         runs-on: ubuntu-latest
         steps:
+        - name: Get User Permission
+          id: checkAccess
+          uses: actions-cool/check-user-permission@v2
+          with:
+            require: write
+            username: ${{ github.triggering_actor }}
+          env:
+            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        - name: Check User Permission
+          if: steps.checkAccess.outputs.require-result == 'false'
+          run: |
+            echo "${{ github.triggering_actor }} does not have permissions on this repo."
+            echo "Current permission level is ${{ steps.checkAccess.outputs.user-permission }}"
+            echo "Job originally triggered by ${{ github.actor }}"
+            exit 1
+        - name: Checkout code
+          uses: actions/checkout@v3
+          with:
+            ref: ${{  github.event.pull_request.head.sha }} # This is dangerous without the first access check
         - name: Send Discord notification
           shell: bash
           env: