It is not possible to remove editors. This is a problem.
What can we do today?
We will add a feature granting users with the Audit Editor role the ability to remove that role from others.
We will not allow users with the Audit Editor role to remove themselves from that role. (In practice, this will mean that they must add another user with that role, and that user must then remove them.)
We will not add the ability to remove Certifying Official roles without supplying new users for those roles; we will evaluate how many requests we get that are for exactly this operation.
We will not add any out-of-band processes for adding or removing users from submissions.
### Requirements
- [ ] Add a Remove link to the current access management table
- [ ] Add a Remove page for deleting an Auditor Access role
- [ ] Create a method for audit.views.manage_submission_access.ChangeOrAddRoleView to support deletion
- [ ] Ensure that the new method does not allow deletion when the email in the Access object being deleted matches the email of the current user
- [ ] Add documentation for this feature
- [ ] Track how many requests we get for removing Certifying Official roles without supplying a replacement
- [ ] Potentially add documentation suggesting that larger organizations always add at least two of their staff in the Audit Editor role, to ensure that they do not get stuck without access to an audit if one of their staff members leaves
What problems are we trying to solve?
Currently, it is possible to:
It is not possible to remove editors. This is a problem.
What can we do today?
Context and further reading
We have discussed via the ADR process.
Link to ADR when it is complete.