From 25d062afebfe70a328c6c5bf2483fabf6a6d3918 Mon Sep 17 00:00:00 2001
From: Robin Salen <salenrobin@gmail.com>
Date: Wed, 26 Jun 2024 15:21:47 -0400
Subject: [PATCH] fix: fix pr_checking workflow

---
 .github/workflows/pr_checking.yml | 62 ++++++++++++++++++++++++-------
 1 file changed, 48 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/pr_checking.yml b/.github/workflows/pr_checking.yml
index 5bed881a3a..7799b94cc3 100644
--- a/.github/workflows/pr_checking.yml
+++ b/.github/workflows/pr_checking.yml
@@ -1,22 +1,56 @@
 name: PR check
 
 on:
-  pull_request_target:
-    types:
-      - opened
-      - edited
-      - synchronize
+  pull_request:
+    types: [opened, reopened, synchronize]
+
+permissions:
+  pull-requests: write
 
 jobs:
-  title:
+  pr_check:
     name: Validate PR
     runs-on: ubuntu-latest
-    if: ${{ 
-      github.event.pull_request.author_association != 'CONTRIBUTOR' &&
-      github.event.pull_request.author_association != 'MEMBER' &&
-      (
-        contains(fromJSON(secrets.RESTRICTED_KEYWORDS), github.event.pull_request.title) ||
-        contains(fromJSON(secrets.RESTRICTED_KEYWORDS), github.event.pull_request.description
-      ) }}
     steps:
-      - run: gh pr close
+      - name: Set up keywords
+        id: setup_keywords
+        run: echo "RESTRICTED_KEYWORDS=$(echo '${{ secrets.RESTRICTED_KEYWORDS }}' | jq -r '.[]' | tr '\n' ' ')" >> $GITHUB_ENV
+
+      - name: Check for spam PR
+        id: check
+        run: |
+          # Initialize variables to track spam presence
+          title_is_spam=false
+          description_is_spam=false
+          
+          # Check title for spam
+          for keyword in $RESTRICTED_KEYWORDS; do
+            if echo "${{ github.event.pull_request.title }}" | grep -i -q "$keyword"; then
+              title_is_spam=true
+              break
+            fi
+          done
+
+          # Check description for spam
+          for keyword in $RESTRICTED_KEYWORDS; do
+            if echo "${{ github.event.pull_request.body }}" | grep -i -q "$keyword"; then
+              description_is_spam=true
+              break
+            fi
+          done
+
+          # Set the output based on the presence of spam
+          if [ "$title_is_spam" = true ] || [ "$description_is_spam" = true ]; then
+            echo "is_spam=true" >> $GITHUB_ENV
+          else
+            echo "is_spam=false" >> $GITHUB_ENV
+          fi
+
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Close PR if spam are found and author is not a contributor or member
+        if: ${{ env.is_spam == 'true' && github.event.pull_request.author_association != 'CONTRIBUTOR' && github.event.pull_request.author_association != 'MEMBER' && github.event.pull_request.author_association != 'OWNER' }}
+        run: gh pr close ${{ github.event.pull_request.number }} --comment "Spam detected"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}