flagsmith icon indicating copy to clipboard operation
flagsmith copied to clipboard

Published 20 hours ago verified publisher icon Flagsmith

Users are removed from organisation with no warning if subscription is cancelled

Open rolodato opened this issue 10 months ago • 0 comments

How are you running Flagsmith

  • [ ] Self Hosted with Docker
  • [ ] Self Hosted with Kubernetes
  • [x] SaaS at flagsmith.com
  • [ ] Some other way (add details in description below)

Describe the bug

In https://github.com/Flagsmith/flagsmith/issues/2197, we added behaviour for removing all but the first admin user from an organisation if its subscription is cancelled for any reason. This includes accidentally not paying/renewing the subscription and having it be automatically canceled.

This is not a good user experience for several reasons:

  • The first admin is not necessarily the one actually using Flagsmith, and they might be unavailable to do anything.
  • Even if the first admin is available, they might not have access to the billing portal.
  • There is no warning or notification anywhere that this will happen or has happened.
  • If a customer wants to re-instate their paid subscription, they have to renew the subscription AND also invite the additional admins. From the customer's perspective, this is data loss and does not inspire confidence.
  • If an admin was removed and they log in to Flagsmith, they will not see any indication they were removed. They might see a forever-loading screen or a blank organisation switcher with no other context.

Slack discussion here: https://flagsmith.slack.com/archives/CTF0THS2D/p1736773771007339

Steps To Reproduce

On a paid organisation with more than 1 admin user, cancel the subscription. All admins that joined after the first one are removed with no explanation or context.

Expected behavior

Never automatically remove users from organisations without user interaction or consent.

One alternative might be introduce the following behaviour. If the following are true:

  • Organisation is on a free plan
  • Organisation has more than 1 admin which does not have is_staff (this allows support staff to add themselves to free organisations)

Then, block access for all users in this organisation to the whole dashboard except the following:

  • Organisation page (to allow switching to another non-blocked org)
  • Account page
  • Organisation Users & Permissions page
  • Usage
  • Organisation Settings (specifically Billing page at a minimum)

All admins including staff users should be blocked from accessing this org, so that they can see exactly what the customer is seeing in this situation.

A message explaining the situation with suggested action items should be displayed to the user, so they can resolve the situation themselves.

The current blocking mechanism we have is at the organisation level and is more restrictive, since it does not allow access to the Users & Permissions page. The mechanism proposed here should be more lenient to allow users to unblock themselves after they run into this situation.

Screenshots

No response

rolodato avatar Jan 13 '25 16:01 rolodato