starred/documenso

Fork 0

mirror of https://github.com/documenso/documenso.git synced 2026-04-24 21:36:01 +03:00

[GH-ISSUE #1577] Failed Edit Documents for Team Roles #443

New issue

Closed

opened 2026-02-26 18:47:04 +03:00 by kerem · 4 comments

kerem commented

2026-02-26 18:47:04 +03:00

Owner

Originally created by @williiam-tran on GitHub (Jan 9, 2025).
Original GitHub issue: https://github.com/documenso/documenso/issues/1577

Issue Description

Team hierarchy permissions are not working as expected:

Members: Can edit their own documents ✅
Managers/Admins: Cannot edit member documents ❌
Error: "Document not found" when attempting access:

Technical Details:

The issue appears to be in the document lookup logic at apps/web/src/app/(dashboard)/documents/[id]/edit-document.tsx.
The current implementation doesn't properly handle team role permissions when accessing documents:

  const onAddSignersFormSubmit = async (data: TAddSignersFormSchema) => {
    try {
      await Promise.all([
        setSigningOrderForDocument({
          documentId: document.id,
          signingOrder: data.signingOrder,
        }),

        addSigners({
          documentId: document.id,
          teamId: team?.id,
          signers: data.signers.map((signer) => ({
            ...signer,
            // Explicitly set to null to indicate we want to remove auth if required.
            actionAuth: signer.actionAuth || null,
          })),
        }),
      ]);
      // Router refresh is here to clear the router cache for when navigating to /documents.
      router.refresh();

      setStep('fields');
    } catch (err) {
      console.error(err);

      toast({
        title: _(msg`Error`),
        description: _(msg`An error occurred while adding signers.`),
        variant: 'destructive',
      });
    }
  };

I've tried a work-a-round by duplicating the document of the team's members but it's not working either. The duplicated document also has the previous owner.

Steps to Reproduce

Create a team with at least 2 users:

User A: Team Member
User B: Team Admin/Manager
Document Visibility: Everyone can access and view the document.

Create Document

Login as User A (Team Member)
Navigate to Documents
Upload a new document as Draft

Attempt Admin Edit

Login as User B (Admin/Manager)
Edit document created by User A
Failed at step 3 when adding fields for signers

✅ Reproduced in latest Docker image
✅ Reproduced with Dockerfile build
✅ Issue persists across clean installations

Expected Behavior

No response

Current Behavior

Current Behavior:

Regular team members can upload and edit their own documents.
Team managers and admins cannot edit documents owned by team members
Attempting to edit results in "Document not found" error

Screenshots (optional)

No response

Operating System [e.g., Windows 10]

No response

Browser [e.g., Chrome, Firefox]

No response

Version [e.g., 2.0.1]

No response

Please check the boxes that apply to this issue report.

I have searched the existing issues to make sure this is not a duplicate.
I have provided steps to reproduce the issue.
I have included relevant environment information.
I have included any relevant screenshots.
I understand that this is a voluntary contribution and that there is no guarantee of resolution.
I want to work on creating a PR for this issue if approved

Originally created by @williiam-tran on GitHub (Jan 9, 2025). Original GitHub issue: https://github.com/documenso/documenso/issues/1577 ### Issue Description ### Team hierarchy permissions are not working as expected: - Members: Can edit their own documents ✅ - Managers/Admins: Cannot edit member documents ❌ - Error: "Document not found" when attempting access: ![image](https://github.com/user-attachments/assets/93e86064-9e0f-4804-aa82-8cf6ef39b027) ### Technical Details: - The issue appears to be in the document lookup logic at `apps/web/src/app/(dashboard)/documents/[id]/edit-document.tsx.` - The current implementation doesn't properly handle team role permissions when accessing documents: ```ts const onAddSignersFormSubmit = async (data: TAddSignersFormSchema) => { try { await Promise.all([ setSigningOrderForDocument({ documentId: document.id, signingOrder: data.signingOrder, }), addSigners({ documentId: document.id, teamId: team?.id, signers: data.signers.map((signer) => ({ ...signer, // Explicitly set to null to indicate we want to remove auth if required. actionAuth: signer.actionAuth || null, })), }), ]); // Router refresh is here to clear the router cache for when navigating to /documents. router.refresh(); setStep('fields'); } catch (err) { console.error(err); toast({ title: _(msg`Error`), description: _(msg`An error occurred while adding signers.`), variant: 'destructive', }); } }; ``` I've tried a work-a-round by duplicating the document of the team's members but it's not working either. The duplicated document also has the previous owner. ### Steps to Reproduce ### Create a team with at least 2 users: - User A: Team Member - User B: Team Admin/Manager - Document Visibility: Everyone can access and view the document. ### Create Document 1. Login as User A (Team Member) 2. Navigate to Documents 3. Upload a new document as Draft ### Attempt Admin Edit 1. Login as User B (Admin/Manager) 2. Edit document created by User A 3. Failed at step 3 when adding fields for signers ✅ Reproduced in latest Docker image ✅ Reproduced with Dockerfile build ✅ Issue persists across clean installations ### Expected Behavior _No response_ ### Current Behavior ### Current Behavior: - Regular team members can upload and edit their own documents. - Team managers and admins cannot edit documents owned by team members - Attempting to edit results in "Document not found" error ### Screenshots (optional) _No response_ ### Operating System [e.g., Windows 10] _No response_ ### Browser [e.g., Chrome, Firefox] _No response_ ### Version [e.g., 2.0.1] _No response_ ### Please check the boxes that apply to this issue report. - [X] I have searched the existing issues to make sure this is not a duplicate. - [X] I have provided steps to reproduce the issue. - [X] I have included relevant environment information. - [X] I have included any relevant screenshots. - [X] I understand that this is a voluntary contribution and that there is no guarantee of resolution. - [X] I want to work on creating a PR for this issue if approved

kerem

2026-02-26 18:47:04 +03:00

closed this issue
added the
type: bug

Stale

needs-replication
labels

kerem commented

2026-02-26 18:47:05 +03:00

Author

Owner

@github-actions[bot] commented on GitHub (Jan 9, 2025):

Thank you for opening your first issue and for being a part of the open signing revolution!

One of our team members will review it and get back to you as soon as it possible 💚

Meanwhile, please feel free to hop into our community in Discord

@github-actions[bot] commented on GitHub (Jan 9, 2025): Thank you for opening your first issue and for being a part of the open signing revolution! <br /> One of our team members will review it and get back to you as soon as it possible 💚 <br /> Meanwhile, please feel free to hop into our community in [Discord](https://documen.so/discord)

kerem commented

2026-02-26 18:47:05 +03:00

Author

Owner

@dguyen commented on GitHub (Jan 20, 2025):

Hey, I can't reproduce this issue on production

Just to check, you are self hosting right?

@dguyen commented on GitHub (Jan 20, 2025): Hey, I can't reproduce this issue on production Just to check, you are self hosting right?

kerem commented

2026-02-26 18:47:05 +03:00

Author

Owner

@williiam-tran commented on GitHub (Jan 23, 2025):

Yes, I'm self-hosting. I managed to fix it by updating the input when calling getDocumentWithDetailsById in edit-document.tsx. Previously, it was trying to retrieve personal document instead of team's document.

Before:

  const { data: document, refetch: refetchDocument } =
    trpc.document.getDocumentWithDetailsById.useQuery(
      {
        documentId: initialDocument.id,
      },
      {
        initialData: initialDocument,
        ...SKIP_QUERY_BATCH_META,
      },
    );

After:

  const { data: document, refetch: refetchDocument } =
    trpc.document.getDocumentWithDetailsById.useQuery(
      {
        documentId: initialDocument.id,
        teamId: team?.id, // append this
      },
      {
        initialData: initialDocument,
        ...SKIP_QUERY_BATCH_META,
      },
    );

@williiam-tran commented on GitHub (Jan 23, 2025): Yes, I'm self-hosting. I managed to fix it by updating the input when calling `getDocumentWithDetailsById` in `edit-document.tsx`. Previously, it was trying to retrieve personal document instead of team's document. - Before: ```typescript const { data: document, refetch: refetchDocument } = trpc.document.getDocumentWithDetailsById.useQuery( { documentId: initialDocument.id, }, { initialData: initialDocument, ...SKIP_QUERY_BATCH_META, }, ); ``` - After: ```typescript const { data: document, refetch: refetchDocument } = trpc.document.getDocumentWithDetailsById.useQuery( { documentId: initialDocument.id, teamId: team?.id, // append this }, { initialData: initialDocument, ...SKIP_QUERY_BATCH_META, }, ); ```

kerem commented

2026-02-26 18:47:05 +03:00

Author

Owner

@catalinpit commented on GitHub (Sep 1, 2025):

Thanks for reporting this, but it seems to be fixed now.

@catalinpit commented on GitHub (Sep 1, 2025): Thanks for reporting this, but it seems to be fixed now.

kerem referenced this issue

2026-02-26 19:31:19 +03:00

[PR #453] [MERGED] fix: add hack for root zod validation with hook form #982

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/documenso#443

No description provided.

Rows
Columns