Can a non-owner of a team invite other members?

In my application, I logged in as a member with the role of "admin" of a team (invited using an "owner" of the team). When trying to call teams.createMembership to create another member, i.e. of role "staff" it's throwing the error "User is not allowed to send invitations for this team".

Looking at the code at https://github.com/appwrite/appwrite/blob/1.1.x/app/controllers/api/teams.php#L320 and https://github.com/appwrite/appwrite/blob/1.1.x/src/Appwrite/Auth/Auth.php#L383, shouldn't the "admin" member considered as a privileged user?

Can a non-owner of a team invite other members?

The isPrivilegedUser function isn't relate to the end-user teams, but the current execution level. The admin in this function is it for the internal project team.

The part that check if the current user is owner is here: https://github.com/appwrite/appwrite/blob/1.1.x/app/controllers/api/teams.php#L384

This mean that any permission except owner will be treated the same.

I see

So.. in our applications, if we need to allow an app admin to invite members, it must be done with a function?

You can give them the owner role

You can have more then one owner

hmmm ok, I think that works, but that also means these app admins can delete the team

Yep.

The only other way would be through teams.

If you think that the need to have moderators-level in team, then, I suggest to create an issue for that feature request

Alright, I'll first see what kind of workaround is possible. Otherwise will create a feature request

Thanks for your help!

<a:agooglethumbsup:635256484682530825>

For future reference: I think the "User labels" Eldad mentioned in https://github.com/appwrite/appwrite/issues/4834#issuecomment-1574944467 may fit the use case

I think this is roles, but, without teams

hmm ok, yeah that makes sense