Skip to content

Leave farm functionality #461

New issue
New issue
Open
Open
Leave farm functionality#461
@SvenVw

Description

@SvenVw
SvenVw
opened on Feb 13, 2026

Overview

Allow users and organizations to voluntarily revoke their own access to a farm. This enables advisors, researchers, or partner organizations to "clean up" their own dashboard without needing the farm owner's intervention.

1. Core Logic Updates (fdm-core)

farm.ts

  • revokePrincipalFromFarm (Refactor):
    • Self-Revocation Detection: If target_id === principal_id (individual) OR if target_id is an Organization and principal_id is an Admin/Owner of that Organization, bypass the share permission requirement.
    • Ownership Guard: Check if the principal being revoked is an "owner". If so, verify that at least one other owner (individual or organization) remains.
    • Active Farm Cleanup: If the individual user leaving has this farm set as farm_active in their user profile, clear that field.
    • Audit Logging: Ensure the audit trail distinguishes between "Revoked by Admin" and "Self-Revoked/Left".

authorization.ts

  • Ensure revokePrincipal remains the underlying atomic operation for removing the role record.

2. Application Layer (fdm-app)

farm.$b_id_farm.settings.access.tsx

  • UI Logic:
    • Add a "Leave Farm" button for the current user's personal role.
    • If the user is an Admin/Owner of an Organization listed in the access list, add a "Remove Organization from Farm" button for that organization.
    • Inherited Access: If a user's access is inherited via an organization but they have no direct role, the personal "Leave" button should be disabled with a tooltip: "Access granted via Organization [Name]".
  • Confirmation & Redirect:
    • Use a confirmation dialog: "Are you sure? You will lose all access to this farm immediately."
    • Crucial: Upon successful revocation, the action must redirect the user to the dashboard (/farm) to avoid a 403 error on the settings page.

3. Security & Permissions

  • Individual Self-Revocation: Always allowed for the authenticated user.
  • Organization Self-Revocation: Restricted to Admins and Owners of the target organization.
  • The "Last Owner" Rule: A farm cannot be orphaned. The last principal with the "owner" role cannot leave; they must either transfer ownership or delete the farm.

Benefits

  • User Autonomy: Users and organization leads can manage their own farm lists.
  • Data Hygiene: Prevents dashboard clutter for consultants and researchers.
  • Safety: Prevents accidentally orphaning a farm by enforcing the last-owner rule.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions