From 818dbf12b9b0f61c37eafe2485f8fdf13d553a2d Mon Sep 17 00:00:00 2001 From: Zhi Date: Thu, 12 Mar 2026 12:13:14 +0000 Subject: [PATCH] fix: add member.remove permission check --- app/api/routers/projects.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/api/routers/projects.py b/app/api/routers/projects.py index 5c8a039..925615a 100644 --- a/app/api/routers/projects.py +++ b/app/api/routers/projects.py @@ -298,7 +298,7 @@ def remove_project_member( db: Session = Depends(get_db), current_user: models.User = Depends(get_current_user_or_apikey), ): - check_project_role(db, current_user.id, project_id, min_role="admin") + check_permission(db, current_user.id, project_id, "member.remove") member = db.query(models.ProjectMember).filter( models.ProjectMember.project_id == project_id, models.ProjectMember.user_id == user_id ).first()