Skip to content

feat: allow users to remove themselves from a vault#290

Merged
saifsmailbox98 merged 2 commits into
mainfrom
saif/age2-35-allow-users-to-remove-themselves-from-a-vault
Jun 22, 2026
Merged

feat: allow users to remove themselves from a vault#290
saifsmailbox98 merged 2 commits into
mainfrom
saif/age2-35-allow-users-to-remove-themselves-from-a-vault

Conversation

@saifsmailbox98

Copy link
Copy Markdown
Collaborator

Summary

Adds POST /v1/vaults/{name}/leave endpoint and corresponding frontend UI so users can remove themselves from a vault. Previously the only way to lose vault access was for an admin to remove you or to delete the entire vault.

Backend - new handleVaultLeave handler that revokes the caller's own vault grant. Guards:

  • Blocks the last admin from leaving (prevents orphaned vaults with no admin)
  • Blocks scoped sessions (they can't modify their own access)
  • Requires an explicit grant (implicit owner access can't be "left")

Frontend - two entry points:

  • Vault list cards show a leave icon (door-arrow) for all explicit-membership vaults
  • Users tab shows a "Leave vault" dropdown action on the current user's row (visible to all roles, not just admins)

Both surfaces open a confirmation modal before calling the API. Leaving from the Users tab redirects to the home page.

Type of change

  • Bug fix
  • New feature
  • Refactor / cleanup
  • Documentation
  • CI / build

Test plan

  • Existing tests pass (make test)
  • Added/updated tests for new behavior
  • Manual testing (describe below)

Security checklist

  • No secrets or credentials in code
  • No new unauthenticated endpoints
  • Input validation on new API surfaces
  • Checked for OWASP top 10 (injection, XSS, etc.)

Add POST /v1/vaults/{name}/leave endpoint and frontend UI for users
to leave vaults they have explicit access to. Guards against the last
admin leaving a vault.
@linear

linear Bot commented Jun 22, 2026

Copy link
Copy Markdown

AGE2-35

@infisical-review-police

Copy link
Copy Markdown

💬 Discussion in Slack: #pr-review-agent-vault-290-feat-allow-users-to-remove-themselves-from-a-vault

Posted by Review Police — reviews, comments, new commits, and CI failures will stream into this channel.

@greptile-apps

greptile-apps Bot commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

Adds a POST /v1/vaults/{name}/leave endpoint and matching frontend UI so users can remove themselves from a vault without admin involvement. The backend guards (last-admin block, scoped-session rejection, explicit-grant requirement) are correct and consistent with the existing handleVaultUserRemove pattern; the route is registered with the full middleware chain including limitBody.

  • Backend (handle_vaults.go): handleVaultLeave follows existing error-handling conventions; guards are properly ordered and prevent orphaned admin-less vaults.
  • Frontend (VaultsListTab, UsersTab): Both surfaces confirm before calling the API, encode vault names in URLs, and handle error responses. UsersTab correctly redirects to / after a successful leave. The RowActions refactor (always-rendered column, per-row role check) is clean.
  • Tests: Four new test cases cover the happy path for members, the last-admin rejection, an admin leaving when a second admin exists, and no-access rejection.

Confidence Score: 5/5

Safe to merge — the new handler correctly enforces all access boundaries and the frontend confirms destructive actions before calling the API.

All backend guards (last-admin protection, scoped-session check, explicit-grant requirement) are in place and match the existing remove-user flow. The route registration includes limitBody. Frontend paths URI-encode vault names and handle errors. Tests cover the main acceptance scenarios. No logic errors or missing validations were found.

Both modal confirm buttons (UsersTab.tsx and VaultsListTab.tsx) are missing a loading/disabled state; worth addressing before users on slow connections report confusing double-submission behaviour.

Important Files Changed

Filename Overview
internal/server/handle_vaults.go Adds handleVaultLeave handler with correct guards: scoped-session check, explicit-grant check, and last-admin block. Error-handling follows existing patterns in the file.
internal/server/server.go Registers POST /v1/vaults/{name}/leave with the full middleware chain including limitBody, consistent with all other mutating vault routes.
internal/server/server_test.go Adds four test cases: successful member leave, last-admin blocked (409), admin leaves with a second admin present, and no-access rejection (403). Coverage is solid.
web/src/pages/home/VaultsListTab.tsx Adds leave icon to VaultCard and a confirmation Modal; vault name is properly URI-encoded in the API call. The canLeave guard contains a dead is_default branch (always undefined in the list response) but causes no functional issue.
web/src/pages/vault/UsersTab.tsx Exposes Leave vault action in the current-user row's DropdownMenu for all roles; non-admin other-user rows correctly return null. Post-leave navigation to "/" is correct. Both modals lack a submitting/disabled state on the confirm button.

Reviews (2): Last reviewed commit: "fix: add limitBody wrapper to leave rout..." | Re-trigger Greptile

Comment thread internal/server/handle_vaults.go
Comment thread internal/server/handle_vaults.go
Comment thread internal/server/server.go Outdated
Comment thread internal/server/handle_vaults.go
Comment thread internal/server/handle_vaults.go
@veria-ai

veria-ai Bot commented Jun 22, 2026

Copy link
Copy Markdown

PR overview

All previously flagged issues have been addressed. No open security concerns remain on this pull request.

Security review

No open security issues remain on this pull request.

Fixed/addressed: 1 · PR risk: 0/10

@saifsmailbox98

Copy link
Copy Markdown
Collaborator Author

@greptile review

@saifsmailbox98 saifsmailbox98 merged commit 3e4f57d into main Jun 22, 2026
11 checks passed
@saifsmailbox98 saifsmailbox98 deleted the saif/age2-35-allow-users-to-remove-themselves-from-a-vault branch June 22, 2026 12:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant