feat: Org Owners/Admins unable to access their own "Edit Member" menu

[Vibgitcode27]

What does this PR do?

This PR fixes an issue where Org Owners and Admins could not access the "Edit Member" menu for their own profiles.

Now, when viewing their own member card, the triple-dot menu shows only two options:

1. Open Edit Menu – opens the edit menu for self if the user is an Org Owner or Admin
2. Leave Team – allows the user to leave the team

• Fixes Allow org owners and admins to edit their own usernames in organizations #24377
• Fixes CAL-6554

Visual Demo (For contributors especially)

Before this feature :-

After this fix :-

2025-10-10.19-09-01.mp4

CAL_PR_24407.-.Made.with.Clipchamp.mp4

Mandatory Tasks (DO NOT REMOVE)

• I have self-reviewed the code (A decent size PR without self-review might be rejected).
• I have updated the developer docs in /docs if this PR makes changes that would require a documentation change. [N/A]
• I confirm automated tests are in place that prove my fix is effective or that my feature works.

How should this be tested?

Checklist

• I have read the contributing guide
• My code does follow the style guidelines of this project
• I have commented my code, particularly in hard-to-understand areas
• I have checked if my changes generate no new warnings

---

[vercel]

@Vibgitcode27 is attempting to deploy a commit to the cal Team on Vercel.

A member of the Team first needs to authorize it.

[coderabbitai]

Walkthrough

MemberList.tsx updates adjust action availability and labels based on whether the target member is the current user and on permission flags. Edit mode now depends solely on canChangeRole/canRemove/canImpersonate/canInvite. Impersonation excludes self. Resend invitation is hidden for self. Remove/leave text and confirmation dialog content switch based on self-targeting. Mobile action menus mirror desktop logic. The role column’s faceted value switch adds explicit block braces. A hook result variable was renamed to _fetchMoreOnBottomReached, replacing the previous reference.

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Out of Scope Changes Check	⚠️ Warning	The PR includes renaming of the fetchMoreOnBottomReached variable in a hook result and the addition of explicit block braces in the getFacetedUniqueValues switch, neither of which is related to exposing the Edit Member menu for Org Owners/Admins as outlined in the linked issues.	Move the fetchMoreOnBottomReached rename and switch-brace formatting changes into a separate refactoring PR to keep this change focused on the Edit Member menu fix.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title directly references the core change of exposing the “Edit Member” menu to Org Owners and Admins and clearly summarizes the main intent of the PR.
Linked Issues Check	✅ Passed	The changes introduce self-aware logic in the member list action menus so that Org Owners and Admins now see and can open the Edit Member sheet on their own card, directly addressing the objectives of issues #24377 and CAL-6554.
Description Check	✅ Passed	The description clearly explains the issue being fixed, outlines the resulting behavior changes, references the appropriate issues, and includes visual before/after context relevant to the PR.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

packages/features/ee/teams/components/MemberList.tsx (1)

594-630: Gate mobile edit action behind canChangeRole.

The mobile view shows the edit action whenever editMode is true (line 596), but editMode can be true even when canChangeRole is false (e.g., if only canRemove is true). This is inconsistent with the desktop view (lines 498-515), which properly gates the edit action behind canChangeRole.

Apply this diff to gate the edit action behind canChangeRole:

                         <DropdownMenuContent>
                           <DropdownMenuItem className="outline-none">
                             <DropdownItem
                               disabled={!user.accepted}
                               href={!user.accepted ? undefined : `/${user.username}`}
                               target="_blank"
                               type="button"
                               StartIcon="external-link">
                               {t("view_public_page")}
                             </DropdownItem>
                           </DropdownMenuItem>
-                          {editMode && (
+                          {canChangeRole && (
+                            <DropdownMenuItem>
+                              <DropdownItem
+                                type="button"
+                                onClick={() =>
+                                  dispatch({
+                                    type: "EDIT_USER_SHEET",
+                                    payload: {
+                                      user,
+                                      showModal: true,
+                                    },
+                                  })
+                                }
+                                StartIcon="pencil">
+                                {t("edit")}
+                              </DropdownItem>
+                            </DropdownMenuItem>
+                          )}
+                          {canRemove && (
-                            <>
-                              <DropdownMenuItem>
-                                <DropdownItem
-                                  type="button"
-                                  onClick={() =>
-                                    dispatch({
-                                      type: "EDIT_USER_SHEET",
-                                      payload: {
-                                        user,
-                                        showModal: true,
-                                      },
-                                    })
-                                  }
-                                  StartIcon="pencil">
-                                  {t("edit")}
-                                </DropdownItem>
-                              </DropdownMenuItem>
                               <DropdownMenuItem>
                                 <DropdownItem
                                   type="button"
                                   color="destructive"
                                   onClick={() =>
                                     dispatch({
                                       type: "SET_DELETE_ID",
                                       payload: {
                                         user,
                                         showModal: true,
                                       },
                                     })
                                   }
                                   StartIcon="user-x">
                                   {isSelf ? t("leave") : t("remove")}
                                 </DropdownItem>
                               </DropdownMenuItem>
-                            </>
                           )}
                         </DropdownMenuContent>

🧹 Nitpick comments (1)

packages/features/ee/teams/components/MemberList.tsx (1)

168-174: Consider using named export instead of default export.

Per coding guidelines, prefer named exports for better tree-shaking and easier refactoring. While this is a main component that might be exempt, named exports provide clearer imports.

As per coding guidelines.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between eae2711 and 83a2296.

📒 Files selected for processing (1)

• packages/features/ee/teams/components/MemberList.tsx (7 hunks)

🧰 Additional context used

📓 Path-based instructions (3)

**/*.tsx

📄 CodeRabbit inference engine (.cursor/rules/review.mdc)

Always use t() for text localization in frontend code; direct text embedding should trigger a warning

Files:

• packages/features/ee/teams/components/MemberList.tsx

**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/review.mdc)

Flag excessive Day.js use in performance-critical code; prefer native Date or Day.js .utc() in hot paths like loops

Files:

• packages/features/ee/teams/components/MemberList.tsx

**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

Flag default exports and encourage named exports. Named exports provide better tree-shaking, easier refactoring, and clearer imports. Exempt main components like pages, layouts, and components that serve as the primary export of a module.

Files:

• packages/features/ee/teams/components/MemberList.tsx

🧬 Code graph analysis (1)

packages/features/ee/teams/components/MemberList.tsx (1)

packages/features/auth/lib/next-auth-options.ts (1)

• session (746-771)

🔇 Additional comments (7)

packages/features/ee/teams/components/MemberList.tsx (7)

435-435: LGTM! Key fix for the reported issue.

The editMode calculation now correctly allows org owners/admins to access the triple-dot menu on their own member card. Removing the isSelf exclusion enables self-editing while maintaining proper permission checks.

---

437-442: LGTM! Correct security logic.

Properly excludes self-impersonation by adding !isSelf to the conditions. Users should not be able to impersonate themselves.

---

537-552: LGTM! Correct business logic.

Properly excludes the resend invitation option for self by adding !isSelf. It doesn't make sense to resend an invitation to yourself.

---

671-679: LGTM! Good practice for block scoping.

Adding explicit block braces to the case "role" statement prevents potential variable scoping issues in switch statements.

---

689-694: LGTM! Correct pattern for side-effect hooks.

The underscore prefix correctly indicates the return value is intentionally unused. The useFetchMoreOnBottomReached hook likely sets up scroll listeners as a side effect, so the call must be preserved even though the return value isn't needed.

---

568-568: Translation keys "leave" and "remove" verified in all locale files.

---

772-781: Approve confirmation dialog changes
All new translation keys are present in the i18n files across locales.

[Vibgitcode27]

@dhairyashiil I believe the other PR doesn’t fully address the issue, so I’ve created this. Could you please review it?

[dhairyashiil]

@dhairyashiil I believe the other PR doesn’t fully address the issue, so I’ve created this. Could you please review it?

Everything looks good to me so far, but could you please check the following?

1. Can you change the role of the owner to admin or member?
2. Also, could you click on “Leave Team”? I mean, is the owner able to leave the team? Please check this as well.

Record both scenarios and please attach a video here.

[cubic-dev-ai]

No issues found across 1 file

[Vibgitcode27]

@dhairyashiil I believe the other PR doesn’t fully address the issue, so I’ve created this. Could you please review it?

Everything looks good to me so far, but could you please check the following?

1. Can you change the role of the owner to admin or member?

2. Also, could you click on “Leave Team”? I mean, is the owner able to leave the team? Please check this as well.

Record both scenarios and please attach a video here.

@dhairyashiil I’ve added the video to the main PR README under After this fix :- section. It covers both scenarios you mentioned. I also made a small change where the user is redirected to the /teams page after leaving a team. Otherwise, the user sees a tRPC “not allowed to view this page” error, which looks ugly.

By the way, slightly off topic, I noticed I have around 5–6 PRs that are approved but not yet merged. Just wanted to check if there’s any update or if the merges are being held for some reason.

[Vibgitcode27]

@dhairyashiil Also owner can change role to admin or member. But the owner cannot leave team, that is default logic of the app(I didn't want to change that), owner has to first change role then only he would be able to leave.

I have updated the video to show you just that. Let me know if you need any changes here!

[Vibgitcode27]

@dhairyashiil Can you take a look?

[github-actions]

This PR has been marked as stale due to inactivity. If you're still working on it or need any help, please let us know or update the PR to keep it active.

[dhairyashiil]

@dhairyashiil Can you take a look?

Yes, checked, thanks.
I’ll ask the team about this behaviour to make sure it’s the expected one.

[github-actions]

This PR has been marked as stale due to inactivity. If you're still working on it or need any help, please let us know or update the PR to keep it active.

[github-actions]

Devin AI is resolving merge conflicts

This PR has merge conflicts with the main branch. A Devin session has been created to automatically resolve them.

View Devin Session

Devin will:

1. Merge the latest main into this branch
2. Resolve any conflicts intelligently
3. Run lint/type checks to ensure validity
4. Push the resolved changes

If you prefer to resolve conflicts manually, you can close the Devin session and handle it yourself.

[github-actions]

Devin AI is resolving merge conflicts

This PR has merge conflicts with the main branch. A Devin session has been created to automatically resolve them.

View Devin Session

Devin will:

1. Merge the latest main into this branch
2. Resolve any conflicts intelligently
3. Run lint/type checks to ensure validity
4. Push the resolved changes

If you prefer to resolve conflicts manually, you can close the Devin session and handle it yourself.

[github-actions]

Devin AI is resolving merge conflicts

This PR has merge conflicts with the main branch. A Devin session has been created to automatically resolve them.

View Devin Session

Devin will:

1. Merge the latest main into this branch
2. Resolve any conflicts intelligently
3. Run lint/type checks to ensure validity
4. Push the resolved changes

If you prefer to resolve conflicts manually, you can close the Devin session and handle it yourself.

[devin-ai-integration]

Devin Review found 1 potential issue.

View 5 additional findings in Devin Review.

[sahitya-chandra]

Screencast.from.2026-02-19.15-29-49.webm