Skip to content

Implement the proper handling of restrictions to leave or be removed from a workspace in NewDot #56750

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
8 tasks done
trjExpensify opened this issue Feb 12, 2025 · 95 comments
Assignees
Labels
Bug Something is broken. Auto assigns a BugZero manager. Reviewing Has a PR in review Weekly KSv2

Comments

@trjExpensify
Copy link
Contributor

trjExpensify commented Feb 12, 2025

If you haven’t already, check out our contributing guidelines for onboarding and email [email protected] to request to join our Slack channel!

I'm consolidating #43508 and #55462 to get a handle on this afresh because it's a bit of a mess. Assigning everyone involved to clean it up.


Version Number:
Reproducible in staging?: Y
Reproducible in production?:
If this was caught on HybridApp, is this reproducible on New Expensify Standalone?:
If this was caught during regression testing, add the test name, ID and link from TestRail:
Email or phone of affected tester (no customers):
Logs: https://stackoverflow.com/c/expensify/questions/4856
Expensify/Expensify Issue URL:
Issue reported by:
Slack conversation (hyperlinked to channel name):

Action Performed:

Leaving a workspace

  1. Go to Settings > Workspaces
  2. Click the three dots
  3. Click "Leave"

Removing someone from a workspace

  1. Go to Settings > Members
  2. Click on the member row
  3. Click "Remove from workspace"

Expected Result:

Can leave and can be removed from the workspace:
All of these roles have the power to leave or be removed from the workspace if there aren't any other restrictions in play.

  • Any member
  • Any approver
  • Any auditor
  • Any non-owner admin

Can't leave the workspace:
These are the restrictions on being able to leave the workspace.

  • Workspace owner
  • Anyone with an outstanding processing report waiting on them to approve
  • Anyone on a domain that has "prevent workspace creation/removal" enabled
  • The workspace's designated reimburser.

Can't be removed from the workspace:
These are the restrictions on being able to be removed from the workspace.

  • Workspace owner
  • The workspace's designated reimburser.

Cases and Confirmation Modal Copy

CC: @jamesdeanexpensify if you have any feedback on this copy.

  • If the person trying to leave is a member, prompt with an alert modal warning on clicking Leave.

Leave workspace
If you leave this workspace, you won't be able to submit expenses to it.

[Leave workspace] <--- red button
[Cancel]

  • If the person trying to leave is an auditor, prompt with an alert modal warning on clicking Leave.

Leave workspace
If you leave this workspace, you won't be able to view its reports and settings.

[Leave workspace] <--- red button
[Cancel]

  • If the person trying to leave is a non-owner admin, prompt with an alert modal warning on clicking Leave.

Leave workspace
If you leave this workspace, you won't be able to manage its settings.

[Leave workspace] <--- red button
[Cancel]

  • If the person trying to leave is an approver, prompt with an alert modal warning on clicking Leave

Leave workspace
If you leave this workspace, you'll be replaced in the approval workflow by Anthony Davies, the workspace owner.

[Leave workspace] <--- red button
[Cancel]

  • If the person being removed is an approver, prompt with an alert modal warning on clicking Remove from workspace.

Remove from workspace
If you remove Bob Williams from this workspace, we'll replace them in the approval workflow with Anthony Davies, the workspace owner.

[Remove] <--- red button
[Cancel]

  • If the person trying to leave has an outstanding processing report to action on:

Leave workspace
Please approve any outstanding expense reports submitted to you before leaving the workspace.
[Got it] <--- Green button

  • If the person being removed has an outstanding processing report to action on:

Remove from workspace
Bob Williams has outstanding expense reports to approve. Please ask them to approve, or take control of their reports before removing them from the workspace.
[Got it] <--- green button

  • If the person trying to leave is the reimburser, prompt with an alert modal warning on clicking Leave

Leave workspace
You can't leave this workspace as the reimburser. Please set a new reimburser in Workspaces > Make or track payments, then try again.

[Got it] <--- green button

  • If the person being removed is the reimburser, prompt with an alert modal warning on clicking Remove from workspace.

Remove from workspace
You can't remove Bob Williams from this workspace. Please set a new reimburser in Workflows > Make or track payments, then try again.

[Got it] <--- green button

  • If the person trying to leave is the technical contact, prompt with an alert modal warning on clicking Leave

Leave workspace
If you leave this workspace, you'll be replaced as the technical contact with Anthony Davies, the workspace owner.

[Leave workspace] <--- red button
[Cancel]

  • If the person trying to leave is the preferred exporter, prompt with an alert modal warning on clicking Leave

Leave workspace
If you leave this workspace, you'll be replaced as the preferred exporter with Anthony Davies, the workspace owner.

[Leave workspace] <--- red button
[Cancel]

  • If the person being removed is the technical contact, prompt with an alert modal warning on clicking Remove from workspace.

Remove from workspace
If you remove Bob Williams from this workspace, we'll replace them as the technical contact with Anthony Davies, the workspace owner.

[Remove] <--- red button
[Cancel]

  • If the person being removed is the preferred exporter, prompt with an alert modal warning on clicking Remove from workspace.

Remove from workspace
If you remove Bob Williams from this workspace, we'll replace them as the preferred exporter with Anthony Davies, the workspace owner. You can change the preferred exporter in Accounting > Export.

[Remove] <--- red button
[Cancel]

  • Do not show the Leave button to:

    • The workspace owner
    • Any user on a domain which has "prevent workspace creation/removal" enabled.
  • Do not show the Remove from workspace button on:

    • The workspace owner

Actual Result:

A lot of inconsistencies where the frontend doesn't match the backend, for example in this recording below. This is an approver who has an outstanding processing report submitted to them. As per the BE logic for leaving a workspace, they shouldn't be allowed to leave the workspace. In NewDot we're showing them a Leave button, they click it and it appears as though they've left the workspace successfully, but in reality they haven't.

2025-02-12_08-48-41.mp4

Platforms:

Which of our officially supported platforms is this issue occurring on?

  • Android: Standalone
  • Android: HybridApp
  • Android: mWeb Chrome
  • iOS: Standalone
  • iOS: HybridApp
  • iOS: mWeb Safari
  • MacOS: Chrome / Safari
  • MacOS: Desktop

Screenshots/Videos

Alert modal examples.

Warn - can be removed.

Image

Warn - can't be removed.

Image

Warn - can leave.

Image

Warn - can't leave.

Image

View all open jobs on GitHub

Issue OwnerCurrent Issue Owner: @MonilBhavsar
@trjExpensify trjExpensify added Bug Something is broken. Auto assigns a BugZero manager. Daily KSv2 labels Feb 12, 2025
Copy link

melvin-bot bot commented Feb 12, 2025

Current assignee @trjExpensify is eligible for the Bug assigner, not assigning anyone new.

@trjExpensify
Copy link
Contributor Author

@huult you'll need to comment for me to co-assign you as well.

@huult
Copy link
Contributor

huult commented Feb 12, 2025

@trjExpensify Please assign this to me, thanks.

@jamesdeanexpensify
Copy link
Contributor

@trjExpensify for any copy edits, would it be best for me to just edit them right where you posted them above?

@trjExpensify
Copy link
Contributor Author

@trjExpensify for any copy edits, would it be best for me to just edit them right where you posted them above?

Yeah, go for it. I can check the edit diff if needs be.

@jamesdeanexpensify
Copy link
Contributor

Updated! One question - I noticed in this one we give instructions on where to update (last line):

If you remove Bob Williams from this workspace, we'll replace them as the preferred exporter with Anthony Davies, the workspace owner. You can change the preferred exporter in Accounting > Export.

Should we do the same in others, like the "technical contact" or no?

@MonilBhavsar
Copy link
Contributor

Thanks for consolidating this, Tom. Looks great! 🙌

For the case Warn - can be removed

We throw and ask user to manually change technical contact as per this code https://github.com/Expensify/Web-Expensify/blob/5736bed558d4ec9a1414c481435e5cc5f66ce6ff/lib/PolicyAPI.php#L946-L948

Are we automating that now?

@MonilBhavsar
Copy link
Contributor

If the person trying to leave is a non-owner admin, prompt with an alert modal warning on clicking Leave.

Also, we don't allow admins to leave
https://github.com/Expensify/Auth/blob/a0f38feeefb552f79b57f1da5b753745df29aeb0/auth/command/LeavePolicy.cpp#L50

We have this access controls on leaving/removing https://github.com/Expensify/App?tab=readme-ov-file#workspace

@trjExpensify
Copy link
Contributor Author

Should we do the same in others, like the "technical contact" or no?

You can't change the technical contact in NewDot yet (and it's unclear if we'll ever carry it over), so I left the instruction out. I don't expect this one to throw much for a NewDot company as they likely won't change it away from the workspace owner as a result. That said, if they happen to do it over on OldDot, we'll update the technical contact to the workspace owner on leave/removal if they proceed. @MonilBhavsar same reason for now automating updating the technical contact to answer that question.

Also, we don't allow admins to leave
https://github.com/Expensify/Auth/blob/a0f38feeefb552f79b57f1da5b753745df29aeb0/auth/command/LeavePolicy.cpp#L50
We have this access controls on leaving/removing https://github.com/Expensify/App?tab=readme-ov-file#workspace

Yeah, that was a mistake with whoever/whenever this was added to NewDot. On OldDot a non-owner admin has historically been able to leave a workspace -- providing there aren't other restrictions in play with that user.

Image

@dangrous
Copy link
Contributor

Hi! So what are the next steps here? We should probably figure out what needs to get changed on the front end, what needs to get changed on the backend, and then split up that work accordingly...

Can we also confirm whether we want to move forward with the (reverted) Leave button on the individual workspace settings page, as well as the option in the 3-dot in the workspace list? Or just keep the latter?

@MonilBhavsar
Copy link
Contributor

Sounds good. So we might want to update server to not throw when removing technical contact

Yeah, that was a mistake with whoever/whenever this was added to NewDot.

It was discussed here. Should we bring this discussion back again?
https://expensify.slack.com/archives/C0671JDRKQW/p1703547218740349?thread_ts=1703547187.140519&cid=C0671JDRKQW

@trjExpensify
Copy link
Contributor Author

That discussion was about permission for leaving different types of chats, not the actual workspace.

@melvin-bot melvin-bot bot added the Overdue label Feb 17, 2025
@trjExpensify
Copy link
Contributor Author

What are the next steps here, and who's taking that on?

@melvin-bot melvin-bot bot removed the Overdue label Feb 17, 2025
@MonilBhavsar
Copy link
Contributor

That discussion was about permission for leaving different types of chats, not the actual workspace.

It was in a similar thread but hard to find in archived channel. The conclusion was noted in this SO and I think we're doing right as per it https://stackoverflowteams.com/c/expensify/questions/18263/18264

@MonilBhavsar
Copy link
Contributor

@huult @shubham1206agra do you please mind opening a draft PR. I am happy to help with backend changes. Would be good to test backend against frontend changes

@huult
Copy link
Contributor

huult commented Feb 18, 2025

@MonilBhavsar Sure! I'll open a draft PR shortly.

@MonilBhavsar
Copy link
Contributor

How's it going here?

@huult
Copy link
Contributor

huult commented Apr 11, 2025

@MonilBhavsar I was sick for two days. I'll test it this weekend—thank you!

@trjExpensify
Copy link
Contributor Author

👋 Catching up after OoO! @huult what's the latest on your PR? Let's get this squared away!

No, if policy restriction is in place, user can still leave the policy from newDot. We only hide the leave button on oldDot. We don't have backend check 🏃‍♂

@MonilBhavsar on this one for the DC restriction to leave. Interesting, so the way OldDot handles it is just by hiding the front-end button to "leave" the workspace if there's a domain control restriction, not actually restricting it from the backend. Meaning, if we "do nothing" for now in NewDot they will be able to actually leave the workspace properly. Admittedly, that's better than it "appearing" like they left but didn't, albeit a loophole.

I appreciate your point that domain settings haven't been added to onyx yet, and it might be jumping the gun to add this one, as domain control is on the roadmap for Q3 and not yet fleshed out. I'm a little hesitant about a platform specific loophole though, but it's not a super widely used feature, so I guess I'm probably okay with leaving it for the time being. CC: @JmillsExpensify for a second opinion.

@MonilBhavsar
Copy link
Contributor

@huult any updates to share?

@huult
Copy link
Contributor

huult commented Apr 21, 2025

@MonilBhavsar Sorry for the delay. I will complete and send the final feedback to you by the end of Wednesday

@MonilBhavsar
Copy link
Contributor

Thanks

@huult
Copy link
Contributor

huult commented Apr 23, 2025

@MonilBhavsar

As a user set a technical contact to an employee on oldDot from Workspace > Connections.
As a user from newDot, try to leave the policy
Verified it succeeds and technical contact is updated in oldDot - Workspace > Connections.

Could you kindly share a video demonstrating the steps above? Thank you!

@MonilBhavsar
Copy link
Contributor

Screen.Recording.2025-04-25.at.4.25.29.PM.mov

@huult
Copy link
Contributor

huult commented Apr 27, 2025

thank you, I'm checking!

@huult
Copy link
Contributor

huult commented Apr 29, 2025

New dot
Image

Old dot

Image

@MonilBhavsar What role do we use to identify the member who is the technical contact on newDot?

@MonilBhavsar
Copy link
Contributor

We can't figure out technical contact from the role. Can you share the exact problem? Are you trying to figure out technical contact of policy on newDot?

@huult
Copy link
Contributor

huult commented Apr 29, 2025

@MonilBhavsar

Can you share the exact problem?

I need to know how to detect the member who is the technical contact in order to update the prompt message when they leave.

Are you trying to figure out technical contact of policy on newDot?

Image

I tried, but I didn't find any information about this. Can you help or suggest something?

@MonilBhavsar
Copy link
Contributor

Got it. Let me check

@MonilBhavsar
Copy link
Contributor

I have sent a PR to send technical contact in the policy onyx update

Image

I think you can do Onyx.merge('technicalContact', '<email>') in the console to continue with the tests and not block on the deploy

@huult
Copy link
Contributor

huult commented May 2, 2025

@MonilBhavsar Got it. I’ll do it today. Thanks!

@huult
Copy link
Contributor

huult commented May 2, 2025

I'm finished updating the technical contact. I'm testing it now!

@MonilBhavsar
Copy link
Contributor

@huult any new update?

@huult
Copy link
Contributor

huult commented May 8, 2025

I will update the new code and maunal tests tonight and tomorrow.

@MonilBhavsar
Copy link
Contributor

Thanks!

@huult
Copy link
Contributor

huult commented May 8, 2025

@MonilBhavsar

Image I think you can do `Onyx.merge('technicalContact', '')` in the console to continue with the tests and not block on the deploy
Image

technicalContact: If we don't set it, the field won't appear in the policy data, right?

@MonilBhavsar
Copy link
Contributor

Looks like personal policy from type: personal, and yes technical contact is not set for personal policy.

@huult
Copy link
Contributor

huult commented May 9, 2025

thanks

@huult
Copy link
Contributor

huult commented May 9, 2025

@MonilBhavsar I was able to get the technicalContact and update the code. Continuing testing, thanks.

@huult
Copy link
Contributor

huult commented May 12, 2025

I'm testing the PR now.

@MonilBhavsar
Copy link
Contributor

Thanks for the updates!

@huult
Copy link
Contributor

huult commented May 13, 2025

@shubham1206agra
Copy link
Contributor

@MonilBhavsar Can we create an Onyx key in BE where we can detect if any error happens when leaving workspace / removing someone from workspace? It will help us implement pending processing reports case without any issues (sync and performance).

@huult
Copy link
Contributor

huult commented May 28, 2025

@MonilBhavsar Could you check @shubham1206agra 's comment?

@MonilBhavsar
Copy link
Contributor

@MonilBhavsar Can we create an Onyx key in BE where we can detect if any error happens when leaving workspace / removing someone from workspace? It will help us implement pending processing reports case without any issues (sync and performance).

Could you please explain why we need that additional key, and if we use similar pattern elsewhere in the App?

@shubham1206agra
Copy link
Contributor

@MonilBhavsar Can we create an Onyx key in BE where we can detect if any error happens when leaving workspace / removing someone from workspace? It will help us implement pending processing reports case without any issues (sync and performance).

Could you please explain why we need that additional key, and if we use similar pattern elsewhere in the App?

@MonilBhavsar We need this key to determine which error happened when removing/leaving the workspace, since we can't know this before the response from BE. Also, we generally avoid side effects in API. Not sure about similar patterns

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Bug Something is broken. Auto assigns a BugZero manager. Reviewing Has a PR in review Weekly KSv2
Projects
Status: Bugs and Follow Up Issues
Development

No branches or pull requests

7 participants