Skip to content

Commit 625588f

Browse files
aslilacaslilac
committed
can't delete self
1 parent 440a058 commit 625588f

File tree

2 files changed

+30
-19
lines changed

2 files changed

+30
-19
lines changed

coderd/members.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -91,6 +91,7 @@ func (api *API) postOrganizationMember(rw http.ResponseWriter, r *http.Request)
9191
func (api *API) deleteOrganizationMember(rw http.ResponseWriter, r *http.Request) {
9292
var (
9393
ctx = r.Context()
94+
apiKey = httpmw.APIKey(r)
9495
organization = httpmw.OrganizationParam(r)
9596
member = httpmw.OrganizationMemberParam(r)
9697
auditor = api.Auditor.Load()
@@ -105,6 +106,11 @@ func (api *API) deleteOrganizationMember(rw http.ResponseWriter, r *http.Request
105106
aReq.Old = member.OrganizationMember.Auditable(member.Username)
106107
defer commitAudit()
107108

109+
if member.UserID == apiKey.UserID {
110+
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{Message: "cannot remove self from an organization"})
111+
return
112+
}
113+
108114
err := api.Database.DeleteOrganizationMember(ctx, database.DeleteOrganizationMemberParams{
109115
OrganizationID: organization.ID,
110116
UserID: member.UserID,

site/src/pages/ManagementSettingsPage/OrganizationMembersPage.tsx

Lines changed: 24 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -33,10 +33,12 @@ import { Pill } from "components/Pill/Pill";
3333
import { Stack } from "components/Stack/Stack";
3434
import { UserAutocomplete } from "components/UserAutocomplete/UserAutocomplete";
3535
import { UserAvatar } from "components/UserAvatar/UserAvatar";
36+
import { useAuthenticated } from "contexts/auth/RequireAuth";
3637

3738
const OrganizationMembersPage: FC = () => {
3839
const queryClient = useQueryClient();
3940
const { organization } = useParams() as { organization: string };
41+
const { user: me } = useAuthenticated();
4042

4143
const membersQuery = useQuery(organizationMembers(organization));
4244
const addMemberMutation = useMutation(
@@ -48,6 +50,7 @@ const OrganizationMembersPage: FC = () => {
4850

4951
const error =
5052
membersQuery.error ?? addMemberMutation.error ?? removeMemberMutation.error;
53+
const members = membersQuery.data;
5154

5255
return (
5356
<div>
@@ -76,7 +79,7 @@ const OrganizationMembersPage: FC = () => {
7679
</TableRow>
7780
</TableHead>
7881
<TableBody>
79-
{membersQuery.data?.map((member) => (
82+
{members?.map((member) => (
8083
<TableRow key={member.user_id}>
8184
<TableCell>
8285
<AvatarData
@@ -107,24 +110,26 @@ const OrganizationMembersPage: FC = () => {
107110
))}
108111
</TableCell>
109112
<TableCell>
110-
<MoreMenu>
111-
<MoreMenuTrigger>
112-
<ThreeDotsButton />
113-
</MoreMenuTrigger>
114-
<MoreMenuContent>
115-
<MoreMenuItem
116-
danger
117-
onClick={async () => {
118-
await removeMemberMutation.mutateAsync(
119-
member.user_id,
120-
);
121-
void membersQuery.refetch();
122-
}}
123-
>
124-
Remove&hellip;
125-
</MoreMenuItem>
126-
</MoreMenuContent>
127-
</MoreMenu>
113+
{member.user_id !== me.id && (
114+
<MoreMenu>
115+
<MoreMenuTrigger>
116+
<ThreeDotsButton />
117+
</MoreMenuTrigger>
118+
<MoreMenuContent>
119+
<MoreMenuItem
120+
danger
121+
onClick={async () => {
122+
await removeMemberMutation.mutateAsync(
123+
member.user_id,
124+
);
125+
void membersQuery.refetch();
126+
}}
127+
>
128+
Remove&hellip;
129+
</MoreMenuItem>
130+
</MoreMenuContent>
131+
</MoreMenu>
132+
)}
128133
</TableCell>
129134
</TableRow>
130135
))}

0 commit comments

Comments
 (0)