From 7a3d6ec26efa2a916ac1a872dc83400820aa024f Mon Sep 17 00:00:00 2001 From: Bas van den Aakster Date: Thu, 18 Sep 2025 21:20:39 +0200 Subject: [PATCH] fix: restrict Claude workflows to only bvdaakster user MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Change issue implementation workflow to only allow bvdaakster - Update code review workflow to only trigger for bvdaakster's PRs - Update configuration to reflect single-user access - Remove other privileged users from the list Only bvdaakster can now: - Trigger Claude issue implementations with @claude comments - Have PRs automatically reviewed by Claude 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- .github/claude-config.json | 9 ++++----- .github/workflows/claude-code-review.yml | 7 ++----- .github/workflows/claude-implement-issue.yml | 6 ++---- 3 files changed, 8 insertions(+), 14 deletions(-) diff --git a/.github/claude-config.json b/.github/claude-config.json index 41d105f..1297271 100644 --- a/.github/claude-config.json +++ b/.github/claude-config.json @@ -1,16 +1,15 @@ { "privilegedUsers": [ - "bastiaan", - "xtr-dev-team" + "bvdaakster" ], "permissions": { "issueImplementation": { - "strategy": "adminOrPrivileged", - "description": "Allow admins and privileged users to request Claude implementations" + "strategy": "privilegedUsers", + "description": "Only bvdaakster can request Claude implementations" }, "codeReview": { "strategy": "privilegedUsers", - "description": "Only run Claude reviews for privileged users" + "description": "Only bvdaakster can trigger Claude reviews" } }, "strategies": { diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml index f425f6d..b91e38c 100644 --- a/.github/workflows/claude-code-review.yml +++ b/.github/workflows/claude-code-review.yml @@ -12,11 +12,8 @@ on: jobs: claude-review: - # Permission filter: Only allow specific users or admins to trigger reviews - if: | - contains(fromJSON('["bastiaan", "xtr-dev-team"]'), github.event.pull_request.user.login) || - github.event.pull_request.author_association == 'OWNER' || - github.event.pull_request.author_association == 'MEMBER' + # Permission filter: Only allow bvdaakster to trigger reviews + if: github.event.pull_request.user.login == 'bvdaakster' # Alternative filters (comment out the above and use one of these): # Only for external contributors: diff --git a/.github/workflows/claude-implement-issue.yml b/.github/workflows/claude-implement-issue.yml index ba520d3..9d121e4 100644 --- a/.github/workflows/claude-implement-issue.yml +++ b/.github/workflows/claude-implement-issue.yml @@ -30,9 +30,7 @@ jobs: // Method 1: Specific privileged users list const privilegedUsers = [ - 'bastiaan', // Repository owner - 'xtr-dev-team', // Core team members - // Add more usernames here + 'bvdaakster' // Only this user can use Claude ]; // Method 2: Check repository permission level @@ -74,7 +72,7 @@ jobs: const allowedByOrgAndWrite = isOrgMember && hasWriteAccess; // Set your chosen strategy here: - const isAllowed = allowedByAdminOrPrivileged; // Change this line to use your preferred strategy + const isAllowed = isPrivilegedUser; // Only bvdaakster can use Claude if (!isAllowed) { const errorMessage = `❌ **Access Denied**: Claude implementation is restricted to privileged users only.