allow editing self and owner user roles

2026-05-12 07:14:14 +00:00 · 2026-05-08 17:48:26 -07:00
parent 88d8414eb8
commit 9fb677e952
10 changed files with 153 additions and 80 deletions
--- a/server/private/routers/user/removeUserRole.ts
+++ b/server/private/routers/user/removeUserRole.ts
@@ -98,11 +98,11 @@ export async function removeUserRole(
            );
        }

-        if (existingUser.isOwner) {
+        if (existingUser.isOwner && role.isAdmin === true) {
            return next(
                createHttpError(
                    HttpCode.FORBIDDEN,
-                    "Cannot change the roles of the owner of the organization"
+                    "Cannot remove the administrator role from the organization owner"
                )
            );
        }