diff --git a/backend/src/baserow/api/serializers.py b/backend/src/baserow/api/serializers.py
index 715066235..a5aa7af1f 100644
--- a/backend/src/baserow/api/serializers.py
+++ b/backend/src/baserow/api/serializers.py
@@ -54,8 +54,13 @@ class NaturalKeyRelatedField(serializers.ListField):
A related field that use the natural key instead of the Id to reference the object.
"""
- def __init__(self, model=None, **kwargs):
+ def __init__(
+ self, model=None, custom_does_not_exist_exception_class=None, **kwargs
+ ):
self._model = model
+ self._custom_does_not_exist_exception_class = (
+ custom_does_not_exist_exception_class
+ )
super().__init__(**kwargs)
def to_representation(self, value):
@@ -71,4 +76,12 @@ class NaturalKeyRelatedField(serializers.ListField):
data = [data]
natural_key = super().to_internal_value(data)
- return self._model.objects.get_by_natural_key(*natural_key)
+ try:
+ return self._model.objects.get_by_natural_key(*natural_key)
+ except self._model.DoesNotExist as e:
+ if self._custom_does_not_exist_exception_class:
+ raise self._custom_does_not_exist_exception_class(
+ f"Object with natural key {natural_key} for model {self._model} does not exist."
+ )
+ else:
+ raise e
diff --git a/changelog/entries/unreleased/bug/2574_the_member_role_should_not_be_visible_when_creating_a_team.json b/changelog/entries/unreleased/bug/2574_the_member_role_should_not_be_visible_when_creating_a_team.json
new file mode 100644
index 000000000..2fc13965c
--- /dev/null
+++ b/changelog/entries/unreleased/bug/2574_the_member_role_should_not_be_visible_when_creating_a_team.json
@@ -0,0 +1,7 @@
+{
+ "type": "bug",
+ "message": "Show only visible roles in the team member creation/edit modal.",
+ "issue_number": 2574,
+ "bullet_points": [],
+ "created_at": "2024-04-29"
+}
\ No newline at end of file
diff --git a/enterprise/backend/src/baserow_enterprise/api/teams/serializers.py b/enterprise/backend/src/baserow_enterprise/api/teams/serializers.py
index f23e53510..32c035b64 100644
--- a/enterprise/backend/src/baserow_enterprise/api/teams/serializers.py
+++ b/enterprise/backend/src/baserow_enterprise/api/teams/serializers.py
@@ -2,6 +2,7 @@ from rest_framework import serializers
from baserow.api.mixins import UnknownFieldRaisesExceptionSerializerMixin
from baserow_enterprise.api.role.serializers import RoleField
+from baserow_enterprise.exceptions import RoleNotExist
from baserow_enterprise.role.models import Role
from baserow_enterprise.teams.handler import SUPPORTED_SUBJECT_TYPES
from baserow_enterprise.teams.models import Team, TeamSubject
@@ -57,6 +58,7 @@ class TeamSerializer(
):
default_role = RoleField(
model=Role,
+ custom_does_not_exist_exception_class=RoleNotExist,
required=False,
allow_null=True,
help_text=(
diff --git a/enterprise/backend/src/baserow_enterprise/api/teams/views.py b/enterprise/backend/src/baserow_enterprise/api/teams/views.py
index 57f24cc1b..7f083f2b7 100755
--- a/enterprise/backend/src/baserow_enterprise/api/teams/views.py
+++ b/enterprise/backend/src/baserow_enterprise/api/teams/views.py
@@ -35,7 +35,7 @@ from baserow_enterprise.api.teams.serializers import (
TeamSubjectResponseSerializer,
TeamSubjectSerializer,
)
-from baserow_enterprise.exceptions import RoleUnsupported
+from baserow_enterprise.exceptions import RoleNotExist, RoleUnsupported
from baserow_enterprise.role.constants import NO_ACCESS_ROLE_UID
from baserow_enterprise.role.handler import RoleAssignmentHandler
from baserow_enterprise.teams.actions import (
@@ -159,6 +159,7 @@ class TeamsView(APIView, SearchableViewMixin, SortableViewMixin):
{
UserNotInWorkspace: ERROR_USER_NOT_IN_GROUP,
RoleUnsupported: ERROR_ROLE_DOES_NOT_EXIST,
+ RoleNotExist: ERROR_ROLE_DOES_NOT_EXIST,
WorkspaceDoesNotExist: ERROR_GROUP_DOES_NOT_EXIST,
TeamNameNotUnique: ERROR_TEAM_NAME_NOT_UNIQUE,
TeamSubjectBadRequest: ERROR_SUBJECT_BAD_REQUEST,
diff --git a/enterprise/backend/tests/baserow_enterprise_tests/compat/api/teams/test_group_teams_views.py b/enterprise/backend/tests/baserow_enterprise_tests/compat/api/teams/test_group_teams_views.py
index 69195288c..5bba3593a 100755
--- a/enterprise/backend/tests/baserow_enterprise_tests/compat/api/teams/test_group_teams_views.py
+++ b/enterprise/backend/tests/baserow_enterprise_tests/compat/api/teams/test_group_teams_views.py
@@ -1,7 +1,7 @@
from django.shortcuts import reverse
import pytest
-from rest_framework.status import HTTP_200_OK
+from rest_framework.status import HTTP_200_OK, HTTP_404_NOT_FOUND
@pytest.fixture(autouse=True)
@@ -87,7 +87,16 @@ def test_create_team(api_client, data_fixture, group_compat_timebomb):
workspace = data_fixture.create_workspace(user=user)
response = api_client.post(
- reverse("api:enterprise:teams:list", kwargs={"group_id": workspace.id}),
+ reverse("api:enterprise:teams:list", kwargs={"workspace_id": workspace.id}),
+ {"name": "Executives", "default_role": "ThisRoleDoesNotExist"},
+ format="json",
+ HTTP_AUTHORIZATION=f"JWT {token}",
+ )
+ assert response.status_code == HTTP_404_NOT_FOUND
+ assert response.json()["error"] == "ERROR_ROLE_DOES_NOT_EXIST"
+
+ response = api_client.post(
+ reverse("api:enterprise:teams:list", kwargs={"workspace_id": workspace.id}),
{"name": "Executives"},
format="json",
HTTP_AUTHORIZATION=f"JWT {token}",
diff --git a/enterprise/web-frontend/modules/baserow_enterprise/utils/roles.js b/enterprise/web-frontend/modules/baserow_enterprise/utils/roles.js
index 0f34aaf0a..ff52e7147 100644
--- a/enterprise/web-frontend/modules/baserow_enterprise/utils/roles.js
+++ b/enterprise/web-frontend/modules/baserow_enterprise/utils/roles.js
@@ -11,7 +11,9 @@ export const filterRoles = (roles, { scopeType, subjectType }) => {
({
allowed_scope_types: allowedScopeTypes,
allowed_subject_types: allowedSubjectTypes,
+ isVisible,
}) =>
+ isVisible &&
(scopeType === undefined ||
!Array.isArray(allowedScopeTypes) ||
allowedScopeTypes.includes(scopeType)) &&