Treasury App – Unable to add members (e.g. stays in infinite loading mode)

[ori-near]

Affected Portal: Infinex

Description: Our customer (Infinex) has tried adding users to their treasury, but run into the infinite loading screen every time.

User Type: User with Manage Members permission.

Reproduction Steps

1. Open production Treasury app
2. Go to Settings page
3. Click add new member
4. Enter username and select any permissions
5. Click submit
6. See infinite loading screen error

Expected behavior User with Manage Members should be able to add multiple users without running into the error message.

Visual Reference

Priority Critical (P0) – Cannot complete critical action

Environment Details

• Device: Desktop
• OS: Mac
• Browser: Safari
• Version:Version 18.0.1 (20619.1.26.31.7)

Additional Context I spoke with @Tguntenaar, who will add his findings below.

[Tguntenaar]

Investigation report

TLDR; the dao policy is not correclty set.

To see the policy run; near contract call-function as-read-only infinex.sputnik-dao.near get_policy json-args {} network-config mainnet now.

The group called "Create Request" has permissions to do anything and the threshold to add members is 20 percent. Right now there are 5 members added to this group so it will not be more than 20 percent using this group.

      "name": "Create Requests",
      "permissions": [
        "*:*" <====== SHOULD BE MORE STRICT
      ],
     "vote_policy": {
           "add_member_to_role": {
          "quorum": "0",
          "threshold": [
            20, <========== IS TOO HIGH
            100
          ],
          "weight_kind": "RoleWeight"
        }

The fix

The Create Request group should only be limited to Creating Requests. That way when a user is added by adding/acting on a proposal the permission check will check the correct group. Which is Manage Members. And the threshold should be low enough that it will always be 1 vote.