github-actions[bot]
commented
3 months ago Size Change: +78 B (+0.01%)
Total Size: 1.07 MB
Closed zlwaterfield closed 2 months ago
github-actions[bot]
commented
3 months ago Size Change: +78 B (+0.01%)
Total Size: 1.07 MB
posthog-bot
commented
2 months ago This PR hasn't seen activity in a week! Should it be merged, closed, or further worked on? If you want to keep it open, post a comment or remove the stale label – otherwise this will be closed in another week.
posthog-bot
commented
2 months ago This PR was closed due to lack of activity. Feel free to reopen if it's still relevant.
Changes
We've received feedback about how our invite permissions work. Right now any user can invite other users to their organization. We do limit the roles they can invite (only their role or lower) but not if they can send invites. Until we fully support RBAC (later this year) this will allow us to turn on a feature flag for users that request something like this.
This PR adds a
isAllowToSendInvitesvalue to the invite logic that returns an object with a bool if allowed and a disabled reason if not allowed. The selector will check for the feature flag (owner-admin-organization-invites-only), if not present, it will default to allowed. If it is present it will check the current users' org member level and only return allowed if they are an admin or owner.I've updated all instances of where the invite modal can be opened. I've also updated the invite modal submit button just in case a user finds their way into the modal.
Note: this is a frontend change only. Technically, they can still perform the functionality via the API.
👉 Stay up-to-date with PostHog coding conventions for a smoother review.
Does this work well for both Cloud and self-hosted?
How did you test this code?