[PR #2772] [MERGED] allow the removal of non-confirmed owners #3146

New issue

Closed

opened 2026-03-03 09:26:11 +03:00 by kerem · 0 comments

kerem commented

2026-03-03 09:26:11 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/dani-garcia/vaultwarden/pull/2772
Author: @stefan0xC
Created: 9/27/2022
Status: ✅ Merged
Merged: 10/9/2022
Merged by: @dani-garcia

Base: main ← Head: allow-removal-of-invited-owners

📝 Commits (1)

2685099 allow the removal of non-confirmed owners

📊 Changes

1 file changed (+6 additions, -3 deletions)

View changed files

📝 src/api/core/organizations.rs (+6 -3)

📄 Description

If you invite a new user as another owner of an organization you cannot remove or change the role of the user until the user accepts the invitation and is confirmed. This behavior was introduced in 1722742a (previously, in 1.25.2 you could remove yourself as the owner as long as you had invited someone else as owner which would also be incorrect).

This change ensures user_to_edit and user_to_delete are actually confirmed users, before checking if they are the last owner of an organization.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/dani-garcia/vaultwarden/pull/2772 **Author:** [@stefan0xC](https://github.com/stefan0xC) **Created:** 9/27/2022 **Status:** ✅ Merged **Merged:** 10/9/2022 **Merged by:** [@dani-garcia](https://github.com/dani-garcia) **Base:** `main` ← **Head:** `allow-removal-of-invited-owners` --- ### 📝 Commits (1) - [`2685099`](https://github.com/dani-garcia/vaultwarden/commit/2685099720eb8656a3528ea8ab4c72476466fb19) allow the removal of non-confirmed owners ### 📊 Changes **1 file changed** (+6 additions, -3 deletions) <details> <summary>View changed files</summary> 📝 `src/api/core/organizations.rs` (+6 -3) </details> ### 📄 Description If you invite a new user as another owner of an organization you cannot remove or change the role of the user until the user accepts the invitation and is confirmed. This behavior was introduced in 1722742a (previously, in 1.25.2 you could remove yourself as the owner as long as you had invited someone else as owner which would also be incorrect). This change ensures user_to_edit and user_to_delete are actually confirmed users, before checking if they are the last owner of an organization. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>