(core) allow non-owners to remove themselves from sites/workspaces/docs

Summary: For users who cannot otherwise change access to a resource, let them remove themselves. Implemented via the standard endpoints as a special exception that will process a request from a user that would otherwise be denied, if the only contents of that request are a removal of themselves. Users who can change access are still not permitted to change their own permissions or to remove themselves, as a precaution against orphaning resources. Test Plan: extended and updated tests Reviewers: cyprien Reviewed By: cyprien Subscribers: dsagal Differential Revision: https://phab.getgrist.com/D3367
2026-03-02 04:09:24 +00:00 · 2022-04-12 15:31:41 -04:00
parent 25e40bfa9b
commit 20dd2fc70d
10 changed files with 165 additions and 48 deletions
--- a/app/client/ui/DocMenu.ts
+++ b/app/client/ui/DocMenu.ts
@@ -432,6 +432,7 @@ export function makeDocOptionsMenu(home: HomeModel, doc: Document, renaming: Obs
      activeEmail: user ? user.email : null,
      resourceType: 'document',
      resourceId: doc.id,
+      resource: doc,
      linkToCopy: urlState().makeUrl(docUrl(doc)),
      reload: () => api.getDocAccess(doc.id),
      appModel: home.app,
@@ -463,10 +464,9 @@ export function makeDocOptionsMenu(home: HomeModel, doc: Document, renaming: Obs
      dom.cls('disabled', !roles.canEdit(orgAccess)),
      testId('pin-doc')
    ),
-    menuItem(manageUsers, "Manage Users",
-      dom.cls('disabled', !roles.canEditAccess(doc.access)),
+    menuItem(manageUsers, roles.canEditAccess(doc.access) ? "Manage Users" : "Access Details",
      testId('doc-access')
-    ),
+    )
  ];
 }