move permissions check to the top

Author: Aslemammad

.github/workflows/ecosystem-ci-trigger.yml

@@ -50,6 +50,45 @@ jobs:
 
             return { exists: true, reaction: null }
 
+      - name: Check User Permissions
+        uses: actions/github-script@v7
+        id: check-permissions
+        with:
+          script: |
+            const user = context.payload.sender.login
+            console.log(`Validate user: ${user}`)
+
+            let hasTriagePermission = false
+            try {
+              const { data } = await github.rest.repos.getCollaboratorPermissionLevel({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                username: user,
+              });
+              hasTriagePermission = ['triage', 'write', 'admin'].some(p => data.user.permissions[p]);
+            } catch (e) {
+              console.warn(e)
+            }
+
+            if (allowed) {
+              console.log('User is allowed. Adding +1 reaction.')
+              await github.rest.reactions.createForIssueComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                comment_id: context.payload.comment.id,
+                content: '+1',
+              })
+            } else {
+              console.log('User is not allowed. Adding -1 reaction.')
+              await github.rest.reactions.createForIssueComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                comment_id: context.payload.comment.id,
+                content: '-1',
+              })
+              throw new Error('User does not have the necessary permissions.')
+            }
+
       - name: Generate Token
         id: generate-token
         uses: tibdex/github-app-token@v2
@@ -143,45 +182,6 @@ jobs:
               console.log('Removed "rocket" reaction.')
             }
 
-      - name: Check User Permissions
-        uses: actions/github-script@v7
-        id: check-permissions
-        with:
-          script: |
-            const user = context.payload.sender.login
-            console.log(`Validate user: ${user}`)
-
-            let hasTriagePermission = false
-            try {
-              const { data } = await github.rest.repos.getCollaboratorPermissionLevel({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                username: user,
-              });
-              hasTriagePermission = ['triage', 'write', 'admin'].some(p => data.user.permissions[p]);
-            } catch (e) {
-              console.warn(e)
-            }
-
-            if (allowed) {
-              console.log('User is allowed. Adding +1 reaction.')
-              await github.rest.reactions.createForIssueComment({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                comment_id: context.payload.comment.id,
-                content: '+1',
-              })
-            } else {
-              console.log('User is not allowed. Adding -1 reaction.')
-              await github.rest.reactions.createForIssueComment({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                comment_id: context.payload.comment.id,
-                content: '-1',
-              })
-              throw new Error('User does not have the necessary permissions.')
-            }
-
       - name: Trigger Downstream Workflow
         uses: actions/github-script@v7
         id: trigger