actions-cool · xrkffgg · Jan 26, 2021 · Jan 26, 2021
diff --git a/README.en-US.md b/README.en-US.md
@@ -403,12 +403,12 @@ jobs:
 | labels | Replace the labels of the issue | string | ✖ |
 | contents | Add [reaction](#reactions-types) for this comment | string | ✖ |
 | close-issue | Whether to close the issue at the same time | string | ✖ |
-| require-permission | Permission required | string | ✖ |
+| require-permission | Permission required, default is `write` | string | ✖ |
 
 - `duplicate-command`: When setting concise commands, while still supporting the original `Duplicate of`. Block content contains `?`
 - `labels`: Highest priority
 - `close-issue`: Both `true` or `'true'` can take effect
-- `require-permission`: When you do not input, there is no limit. Anyone comment will trigger. Optional values are `admin`, `write`, `read`, `none`
+- `require-permission`: Optional values are `admin`, `write`, `read`, `none`
   - If the team member sets the `read` permission, it is `read`
   - If the external Collaborator is set to `read` permission, it is `read`
   - Ordinary users have `read` permission

diff --git a/README.md b/README.md
@@ -403,12 +403,12 @@ jobs:
 | labels | 替换该 issue 的 labels | string | ✖ |
 | contents | 为该评论的增加 [reaction](#reactions-types) | string | ✖ |
 | close-issue | 是否同时关闭该 issue | string | ✖ |
-| require-permission | 要求权限 | string | ✖ |
+| require-permission | 要求权限，默认为 `write` | string | ✖ |
 
 - `duplicate-command`：当设置简洁命令时，同时仍支持原有 `Duplicate of`。屏蔽内容包含 `?`
 - `labels`：优先级最高
 - `close-issue`：`true` 或 `'true'` 均可生效
-- `require-permission`：当不输时，即无限制，任何人评论都会触发。可选值有 `admin`，`write`，`read`，`none`
+- `require-permission`：可选值有 `admin`，`write`，`read`，`none`
   - 团队成员若设置 `read` 权限，则为 `read`
   - 外部 Collaborator 若设置 `read` 权限，则为 `read`
   - 普通用户为 `read` 权限

diff --git a/dist/index.js b/dist/index.js
@@ -8020,7 +8020,7 @@ async function doMarkDuplicate(owner, repo, labels) {
     const duplicateLabels = core.getInput('duplicate-labels');
     const removeLables = core.getInput('remove-labels');
     const closeIssue = core.getInput('close-issue');
-    const requirePermission = core.getInput('require-permission');
+    const requirePermission = core.getInput('require-permission') || 'write';
 
     const commentId = context.payload.comment.id;
     const commentBody = context.payload.comment.body;
@@ -8029,17 +8029,15 @@ async function doMarkDuplicate(owner, repo, labels) {
 
     const ifCommandInput = !!duplicateCommand;
 
-    if (requirePermission) {
-      const res = await octokit.repos.getCollaboratorPermissionLevel({
-        owner,
-        repo,
-        username: commentUser,
-      });
-      const { permission } = res.data;
-      if (!checkPermission(requirePermission, permission)) {
-        core.info(`The user ${commentUser} is not allow!`);
-        return false;
-      }
+    const res = await octokit.repos.getCollaboratorPermissionLevel({
+      owner,
+      repo,
+      username: commentUser,
+    });
+    const { permission } = res.data;
+    if (!checkPermission(requirePermission, permission)) {
+      core.info(`The user ${commentUser} is not allow!`);
+      return false;
     }
 
     if (

diff --git a/docs/base.en-US.md b/docs/base.en-US.md
@@ -267,12 +267,12 @@ jobs:
 | labels | Replace the labels of the issue | string | ✖ |
 | contents | Add [reaction](/en-US/guide/ref#-reactions-type) for this comment | string | ✖ |
 | close-issue | Whether to close the issue at the same time | string | ✖ |
-| require-permission | Permission required | string | ✖ |
+| require-permission | Permission required, default is `write` | string | ✖ |
 
 - `duplicate-command`: When setting concise commands, while still supporting the original `Duplicate of`. Block content contains `?`
 - `labels`: Highest priority
 - `close-issue`: Both `true` or `'true'` can take effect
-- `require-permission`: When you do not input, there is no limit. Anyone comment will trigger. Optional values are `admin`, `write`, `read`, `none`
+- `require-permission`: Optional values are `admin`, `write`, `read`, `none`
   - If the team member sets the `read` permission, it is `read`
   - If the external Collaborator is set to `read` permission, it is `read`
   - Ordinary users have `read` permission

diff --git a/docs/base.md b/docs/base.md
@@ -267,12 +267,12 @@ jobs:
 | labels | 替换该 issue 的 labels | string | ✖ |
 | contents | 为该评论的增加 [reaction](/guide/ref#-reactions-类型) | string | ✖ |
 | close-issue | 是否同时关闭该 issue | string | ✖ |
-| require-permission | 要求权限 | string | ✖ |
+| require-permission | 要求权限，默认为 `write` | string | ✖ |
 
 - `duplicate-command`：当设置简洁命令时，同时仍支持原有 `Duplicate of`。屏蔽内容包含 `?`
 - `labels`：优先级最高
 - `close-issue`：`true` 或 `'true'` 均可生效
-- `require-permission`：当不输时，即无限制，任何人评论都会触发。可选值有 `admin`，`write`，`read`，`none`
+- `require-permission`：可选值有 `admin`，`write`，`read`，`none`
   - 团队成员若设置 `read` 权限，则为 `read`
   - 外部 Collaborator 若设置 `read` 权限，则为 `read`
   - 普通用户为 `read` 权限

diff --git a/src/base.js b/src/base.js
@@ -157,7 +157,7 @@ async function doMarkDuplicate(owner, repo, labels) {
     const duplicateLabels = core.getInput('duplicate-labels');
     const removeLables = core.getInput('remove-labels');
     const closeIssue = core.getInput('close-issue');
-    const requirePermission = core.getInput('require-permission');
+    const requirePermission = core.getInput('require-permission') || 'write';
 
     const commentId = context.payload.comment.id;
     const commentBody = context.payload.comment.body;
@@ -166,17 +166,15 @@ async function doMarkDuplicate(owner, repo, labels) {
 
     const ifCommandInput = !!duplicateCommand;
 
-    if (requirePermission) {
-      const res = await octokit.repos.getCollaboratorPermissionLevel({
-        owner,
-        repo,
-        username: commentUser,
-      });
-      const { permission } = res.data;
-      if (!checkPermission(requirePermission, permission)) {
-        core.info(`The user ${commentUser} is not allow!`);
-        return false;
-      }
+    const res = await octokit.repos.getCollaboratorPermissionLevel({
+      owner,
+      repo,
+      username: commentUser,
+    });
+    const { permission } = res.data;
+    if (!checkPermission(requirePermission, permission)) {
+      core.info(`The user ${commentUser} is not allow!`);
+      return false;
     }
 
     if (