From e1ee9ba89e756e2ae4985a8d18ea7095e5f0fb77 Mon Sep 17 00:00:00 2001
From: Darshan <itznotabug@gmail.com>
Date: Fri, 30 May 2025 18:04:57 +0530
Subject: [PATCH 1/2] fix: logic.

---
 app/controllers/api/teams.php | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/app/controllers/api/teams.php b/app/controllers/api/teams.php
index ede61115e2..7e52b16911 100644
--- a/app/controllers/api/teams.php
+++ b/app/controllers/api/teams.php
@@ -1359,10 +1359,12 @@ App::delete('/v1/teams/:teamId/memberships/:membershipId')
                 max: 2
             );
 
-            // Is the deletion being requested by the user on their own membership?
-            $isCurrentUserAnOwner =  $user->getInternalId() === $membership->getAttribute('userInternalId');
+            // Is the deletion being requested by the user on their own membership and they are also the owner?
+            $isSelfOwner =
+                in_array('owner', $membership->getAttribute('roles')) &&
+                $membership->getAttribute('userInternalId') === $user->getInternalId();
 
-            if ($ownersCount === 1 && $isCurrentUserAnOwner) {
+            if ($ownersCount === 1 && $isSelfOwner) {
                 /* Prevent removal if the user is the only owner. */
                 throw new Exception(Exception::MEMBERSHIP_DELETION_PROHIBITED, 'There must be at least one owner in the organization.');
             }

From 67cb3aad2f505946cb649c27f8ee79503fd40e32 Mon Sep 17 00:00:00 2001
From: Darshan <itznotabug@gmail.com>
Date: Fri, 30 May 2025 18:05:03 +0530
Subject: [PATCH 2/2] fix: test.

---
 tests/e2e/Services/Teams/TeamsConsoleClientTest.php | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/tests/e2e/Services/Teams/TeamsConsoleClientTest.php b/tests/e2e/Services/Teams/TeamsConsoleClientTest.php
index dda7f8e4ae..7949761d7f 100644
--- a/tests/e2e/Services/Teams/TeamsConsoleClientTest.php
+++ b/tests/e2e/Services/Teams/TeamsConsoleClientTest.php
@@ -212,9 +212,6 @@ class TeamsConsoleClientTest extends Scope
         $this->assertEquals(401, $response['headers']['status-code']);
         $this->assertEquals('The current user is not authorized to perform the requested action.', $response['body']['message']);
 
-        /**
-         * Test for when a user other than the owner tries to delete their membership
-         */
         $response = $this->client->call(Client::METHOD_DELETE, '/teams/' . $teamUid . '/memberships/' . $membershipUid, [
             'origin' => 'http://localhost',
             'content-type' => 'application/json',
@@ -222,7 +219,7 @@ class TeamsConsoleClientTest extends Scope
             'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,
         ]);
 
-        $this->assertEquals(400, $response['headers']['status-code']);
+        $this->assertEquals(204, $response['headers']['status-code']);
 
         $response = $this->client->call(Client::METHOD_GET, '/teams/' . $teamUid . '/memberships', array_merge([
             'content-type' => 'application/json',
@@ -230,7 +227,7 @@ class TeamsConsoleClientTest extends Scope
         ], $this->getHeaders()));
 
         $this->assertEquals(200, $response['headers']['status-code']);
-        $this->assertEquals(3, $response['body']['total']);
+        $this->assertEquals(2, $response['body']['total']);
 
         /**
          * Test for when the owner tries to delete their membership