chore: use repo permissions instead of org membership for maintainer override (#36191)

The `require_issue_link` workflow's maintainer override (reopen PR or
remove `missing-issue-link` to bypass enforcement) has never worked. It
calls `orgs.getMembershipForUser` to verify the sender is an org member,
but `GITHUB_TOKEN` is a GitHub App installation token — not an org
member — so the endpoint always returns 403. The catch block only
handled 404, so the unhandled 403 crashed the entire job, blocking even
the normal issue-link validation from running.

## Changes
- Replace `orgs.getMembershipForUser` with
`repos.getCollaboratorPermissionLevel` in `senderIsOrgMember()` — checks
if the event sender (the user who reopened the PR or removed the label)
has write/maintain/admin access on the repo, which works with
`GITHUB_TOKEN` and is a better proxy for "maintainer" than org
membership