feat: org ownership transfer

[nimish-ks]

🔍 Overview

This PR implements the functionality to transfer organisation ownership from the current owner to another member. It introduces a new "Danger Zone" section in the Organisation Settings page, allowing the owner to securely transfer their role. Additionally, it includes UI fixes for double scrollbars observed in the Settings and Access pages.

Docs: phasehq/docs#201

💡 Proposed Changes

Organisation Ownership Transfer

• New Feature Location: Moved the ownership transfer workflow from the Member's Role dropdown to Settings > Organisation > Danger Zone.
• New Component: Created TransferOwnershipSection which handles the UI for initiating the transfer.
• Backend Mutation: Added transferOrganisationOwnership mutation which:
  • Verifies the new owner has global access (Admin role).
  • Swaps the roles (Current Owner → Admin, New Owner → Owner).
  • Updates the Organisation's identity_key to match the new owner's.
  • Updates the Stripe customer email (Cloud mode only).
• Billing Email: Added an input field in the confirmation dialog (Cloud mode only) to allow updating the billing email address during transfer.
• Safety Checks: The UI restricts selection to members who already have Global Access to ensure cryptographic keys are available.

UI/UX Improvements

• Scrollbar Fixes: Resolved double scrollbar issues in:
  • app/[team]/settings/page.tsx
  • app/[team]/access/layout.tsx
  • app/[team]/access/members/[memberId]/page.tsx
• Revert: Reverted previous changes to RoleSelector.tsx to maintain separation of concerns.

🖼️ Screenshots or Demo

(Add screenshots of the new Danger Zone section and the Transfer Ownership modal here)

📝 Release Notes

• New Feature: Organisation Owners can now transfer ownership to another Admin via Settings > Organisation.
• Improvement: Fixed layout issues causing double scrollbars in Settings and Member pages.
• Note: Transferring ownership is irreversible and requires the new owner to have a valid account recovery kit backed up.

❓ Open Questions

• None at this time.

🧪 Testing

• Ownership Transfer: Verified that ownership can be transferred to an existing Admin.
• Permissions: Verified that non-global users cannot be selected as new owners.
• Stripe Integration: Checked that update_stripe_customer_email is called with the provided email.
• UI Layout: Confirmed that double scrollbars are removed on the targeted pages.

🎯 Reviewer Focus

• frontend/components/settings/organisation/TransferOwnershipSection.tsx: Main UI logic for the feature.
• backend/backend/graphene/mutations/organisation.py: Core backend logic for the transfer.
• frontend/app/[team]/settings/page.tsx: Integration of the new section and layout fixes.

➕ Additional Context

The transfer process requires the new owner to have global access (Admin role) because they need to be able to decrypt all environment keys. The backend enforces this check.

✨ How to Test the Changes Locally

1. Log in as an Organisation Owner.
2. Navigate to Settings > Organisation.
3. Scroll to the Danger Zone at the bottom.
4. Click Transfer Ownership.
5. Select a user (must be an Admin) from the dropdown.
6. (Optional) Update the billing email if visible.
7. Confirm the warnings and click Transfer.
8. Verify you are logged out and the role has changed upon logging back in.

💚 Did You...

• Ensure linting passes (code style checks)?
• Update dependencies and lockfiles (if required)
• Update migrations (if required)
• Regenerate graphql schema and types (if required)
• Verify the app builds locally?
• Manually test the changes on different browsers/devices?

[Copilot]

Pull request overview

This PR implements organisation ownership transfer functionality, allowing owners to transfer their role to another admin member. The feature is implemented with a new "Danger Zone" section in Organisation Settings, includes backend validation and Stripe billing integration, and fixes UI scrollbar issues.

Changes:

• Adds organisation ownership transfer mutation and UI workflow with security validations
• Integrates Stripe customer email update for cloud-hosted instances
• Fixes double scrollbar issues in Settings and Access pages

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 13 comments.

Show a summary per file

File	Description
frontend/graphql/mutations/organisation/transferOwnership.gql	GraphQL mutation definition for transferring organisation ownership
frontend/components/settings/organisation/TransferOwnershipSection.tsx	Main UI component implementing the ownership transfer workflow with member selection and confirmation
frontend/app/[team]/settings/page.tsx	Integrates TransferOwnershipSection into settings page and removes overflow-y-auto to fix scrollbar issue
frontend/app/[team]/access/layout.tsx	Updates layout styling to use flex-1 overflow-y-auto to fix double scrollbar
backend/ee/billing/stripe.py	Adds update_stripe_customer_email function to update Stripe customer when ownership changes
backend/backend/schema.py	Registers the new TransferOrganisationOwnershipMutation in the GraphQL schema
backend/backend/graphene/mutations/organisation.py	Implements backend mutation with role swapping, org identity_key update, and Stripe integration

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

[Copilot]

Pull request overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated 9 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[rohan-chaturvedi]

A few suggestions. Also, I think you missed updating the graphql schema and frontend types