New translations en-us.json (Spanish)

[ci skip]

messages/bg-BG.json

@@ -156,6 +156,10 @@
     "shareErrorDeleteMessage": "Възникна грешка при изтриване на връзката",
     "shareDeleted": "Връзката беше изтрита",
     "shareDeletedDescription": "Връзката беше премахната",
+    "shareDelete": "Delete Share Link",
+    "shareDeleteConfirm": "Confirm Delete Share Link",
+    "shareQuestionRemove": "Are you sure you want to delete this share link?",
+    "shareMessageRemove": "Once deleted, the link will no longer work and anyone using it will lose access to the resource.",
     "shareTokenDescription": "Достъпният токен може да бъде предаван по два начина: като параметър или в хедърите на заявките. Те трябва да бъдат предавани от клиента при всяка заявка за удостоверен достъп.",
     "accessToken": "Достъп Токен",
     "usageExamples": "Примери за използване",
@@ -523,6 +527,12 @@
     "userMessageOrgRemove": "След като бъде премахнат, този потребител няма да има достъп до организацията. Винаги можете да го поканите отново по-късно, но той ще трябва да приеме отново поканата.",
     "userRemoveOrgConfirm": "Потвърдете премахването на потребителя",
     "userRemoveOrg": "Премахване на потребителя от организацията",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "Потребители",
     "accessRoleMember": "Член",
     "accessRoleOwner": "Собственик",
@@ -531,6 +541,11 @@
     "emailInvalid": "Невалиден имейл адрес",
     "inviteValidityDuration": "Моля, изберете продължителност",
     "accessRoleSelectPlease": "Моля, изберете роля",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "Необходимо е потребителско име",
     "idpSelectPlease": "Моля, изберете доставчик на идентичност",
     "idpGenericOidc": "Основен OAuth2/OIDC доставчик.",

messages/cs-CZ.json

@@ -156,6 +156,10 @@
     "shareErrorDeleteMessage": "Došlo k chybě při odstraňování odkazu",
     "shareDeleted": "Odkaz odstraněn",
     "shareDeletedDescription": "Odkaz byl odstraněn",
+    "shareDelete": "Delete Share Link",
+    "shareDeleteConfirm": "Confirm Delete Share Link",
+    "shareQuestionRemove": "Are you sure you want to delete this share link?",
+    "shareMessageRemove": "Once deleted, the link will no longer work and anyone using it will lose access to the resource.",
     "shareTokenDescription": "Přístupový token může být předán dvěma způsoby: jako parametr dotazu nebo v záhlaví požadavku. Tyto údaje musí být předány klientovi na každé žádosti o ověřený přístup.",
     "accessToken": "Přístupový token",
     "usageExamples": "Příklady použití",
@@ -523,6 +527,12 @@
     "userMessageOrgRemove": "Po odstranění tohoto uživatele již nebude mít přístup k organizaci. Vždy je můžete znovu pozvat později, ale budou muset pozvání znovu přijmout.",
     "userRemoveOrgConfirm": "Potvrdit odebrání uživatele",
     "userRemoveOrg": "Odebrat uživatele z organizace",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "Uživatelé",
     "accessRoleMember": "Člen",
     "accessRoleOwner": "Vlastník",
@@ -531,6 +541,11 @@
     "emailInvalid": "Neplatná e-mailová adresa",
     "inviteValidityDuration": "Zvolte prosím dobu trvání",
     "accessRoleSelectPlease": "Vyberte prosím roli",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "Uživatelské jméno je povinné",
     "idpSelectPlease": "Vyberte poskytovatele identity",
     "idpGenericOidc": "Generic OAuth2/OIDC provider.",

messages/de-DE.json

@@ -156,6 +156,10 @@
     "shareErrorDeleteMessage": "Fehler beim Löschen des Links",
     "shareDeleted": "Link gelöscht",
     "shareDeletedDescription": "Der Link wurde gelöscht",
+    "shareDelete": "Delete Share Link",
+    "shareDeleteConfirm": "Confirm Delete Share Link",
+    "shareQuestionRemove": "Are you sure you want to delete this share link?",
+    "shareMessageRemove": "Once deleted, the link will no longer work and anyone using it will lose access to the resource.",
     "shareTokenDescription": "Das Zugriffstoken kann auf zwei Arten übergeben werden: als Abfrageparameter oder in den Request-Headern. Diese müssen vom Client auf jeder Anfrage für authentifizierten Zugriff weitergegeben werden.",
     "accessToken": "Zugangs-Token",
     "usageExamples": "Nutzungsbeispiele",
@@ -523,6 +527,12 @@
     "userMessageOrgRemove": "Nach dem Entfernen hat dieser Benutzer keinen Zugriff mehr auf die Organisation. Sie können ihn später jederzeit wieder einladen, aber er muss die Einladung erneut annehmen.",
     "userRemoveOrgConfirm": "Entfernen des Benutzers bestätigen",
     "userRemoveOrg": "Benutzer aus der Organisation entfernen",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "Benutzer",
     "accessRoleMember": "Mitglied",
     "accessRoleOwner": "Eigentümer",
@@ -531,6 +541,11 @@
     "emailInvalid": "Ungültige E-Mail-Adresse",
     "inviteValidityDuration": "Bitte wählen Sie eine Dauer",
     "accessRoleSelectPlease": "Bitte wählen Sie eine Rolle",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "Benutzername ist erforderlich",
     "idpSelectPlease": "Bitte wählen Sie einen Identitätsanbieter",
     "idpGenericOidc": "Generischer OAuth2/OIDC-Anbieter.",

messages/en-US.json

@@ -523,6 +523,12 @@
     "userMessageOrgRemove": "Once removed, this user will no longer have access to the organization. You can always re-invite them later, but they will need to accept the invitation again.",
     "userRemoveOrgConfirm": "Confirm Remove User",
     "userRemoveOrg": "Remove User from Organization",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "Users",
     "accessRoleMember": "Member",
     "accessRoleOwner": "Owner",
@@ -531,6 +537,11 @@
     "emailInvalid": "Invalid email address",
     "inviteValidityDuration": "Please select a duration",
     "accessRoleSelectPlease": "Please select a role",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "Username is required",
     "idpSelectPlease": "Please select an identity provider",
     "idpGenericOidc": "Generic OAuth2/OIDC provider.",

messages/es-ES.json

@@ -156,6 +156,10 @@
     "shareErrorDeleteMessage": "Se ha producido un error al eliminar el enlace",
     "shareDeleted": "Enlace eliminado",
     "shareDeletedDescription": "El enlace ha sido eliminado",
+    "shareDelete": "Delete Share Link",
+    "shareDeleteConfirm": "Confirm Delete Share Link",
+    "shareQuestionRemove": "Are you sure you want to delete this share link?",
+    "shareMessageRemove": "Once deleted, the link will no longer work and anyone using it will lose access to the resource.",
     "shareTokenDescription": "El token de acceso puede ser pasado de dos maneras: como parámetro de consulta o en las cabeceras de solicitud. Estos deben ser pasados del cliente en cada solicitud de acceso autenticado.",
     "accessToken": "Token de acceso",
     "usageExamples": "Ejemplos de uso",
@@ -523,6 +527,12 @@
     "userMessageOrgRemove": "Una vez eliminado, este usuario ya no tendrá acceso a la organización. Siempre puede volver a invitarlos más tarde, pero tendrán que aceptar la invitación de nuevo.",
     "userRemoveOrgConfirm": "Confirmar eliminar usuario",
     "userRemoveOrg": "Eliminar usuario de la organización",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "Usuarios",
     "accessRoleMember": "Miembro",
     "accessRoleOwner": "Propietario",
@@ -531,6 +541,11 @@
     "emailInvalid": "Dirección de correo inválida",
     "inviteValidityDuration": "Por favor, seleccione una duración",
     "accessRoleSelectPlease": "Por favor, seleccione un rol",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "Nombre de usuario requerido",
     "idpSelectPlease": "Por favor, seleccione un proveedor de identidad",
     "idpGenericOidc": "Proveedor OAuth2/OIDC genérico.",

messages/fr-FR.json

@@ -156,6 +156,10 @@
     "shareErrorDeleteMessage": "Une erreur s'est produite lors de la suppression du lien",
     "shareDeleted": "Lien supprimé",
     "shareDeletedDescription": "Le lien a été supprimé",
+    "shareDelete": "Delete Share Link",
+    "shareDeleteConfirm": "Confirm Delete Share Link",
+    "shareQuestionRemove": "Are you sure you want to delete this share link?",
+    "shareMessageRemove": "Once deleted, the link will no longer work and anyone using it will lose access to the resource.",
     "shareTokenDescription": "Le jeton d'accès peut être passé de deux façons : en tant que paramètre de requête ou dans les en-têtes de la requête. Elles doivent être transmises par le client à chaque demande d'accès authentifié.",
     "accessToken": "Jeton d'accès",
     "usageExamples": "Exemples d'utilisation",
@@ -523,6 +527,12 @@
     "userMessageOrgRemove": "Une fois retiré, cet utilisateur n'aura plus accès à l'organisation. Vous pouvez toujours le réinviter plus tard, mais il devra accepter l'invitation à nouveau.",
     "userRemoveOrgConfirm": "Confirmer la suppression de l'utilisateur",
     "userRemoveOrg": "Retirer l'utilisateur de l'organisation",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "Utilisateurs",
     "accessRoleMember": "Membre",
     "accessRoleOwner": "Propriétaire",
@@ -531,6 +541,11 @@
     "emailInvalid": "Adresse e-mail invalide",
     "inviteValidityDuration": "Veuillez sélectionner une durée",
     "accessRoleSelectPlease": "Veuillez sélectionner un rôle",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "Le nom d'utilisateur est requis",
     "idpSelectPlease": "Veuillez sélectionner un fournisseur d'identité",
     "idpGenericOidc": "Fournisseur OAuth2/OIDC générique.",

messages/it-IT.json

@@ -156,6 +156,10 @@
     "shareErrorDeleteMessage": "Si è verificato un errore durante l'eliminazione del link",
     "shareDeleted": "Link eliminato",
     "shareDeletedDescription": "Il link è stato eliminato",
+    "shareDelete": "Delete Share Link",
+    "shareDeleteConfirm": "Confirm Delete Share Link",
+    "shareQuestionRemove": "Are you sure you want to delete this share link?",
+    "shareMessageRemove": "Once deleted, the link will no longer work and anyone using it will lose access to the resource.",
     "shareTokenDescription": "Il token di accesso può essere passato in due modi: come parametro di interrogazione o nelle intestazioni della richiesta. Questi devono essere passati dal client su ogni richiesta di accesso autenticato.",
     "accessToken": "Token Di Accesso",
     "usageExamples": "Esempi Di Utilizzo",
@@ -523,6 +527,12 @@
     "userMessageOrgRemove": "Una volta rimosso questo utente non avrà più accesso all'organizzazione. Puoi sempre reinvitarlo in seguito, ma dovrà accettare nuovamente l'invito.",
     "userRemoveOrgConfirm": "Conferma Rimozione Utente",
     "userRemoveOrg": "Rimuovi Utente dall'Organizzazione",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "Utenti",
     "accessRoleMember": "Membro",
     "accessRoleOwner": "Proprietario",
@@ -531,6 +541,11 @@
     "emailInvalid": "Indirizzo email non valido",
     "inviteValidityDuration": "Seleziona una durata",
     "accessRoleSelectPlease": "Seleziona un ruolo",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "Username richiesto",
     "idpSelectPlease": "Seleziona un provider di identità",
     "idpGenericOidc": "Provider OAuth2/OIDC generico.",

messages/ko-KR.json

@@ -156,6 +156,10 @@
     "shareErrorDeleteMessage": "링크 삭제 중 오류가 발생했습니다.",
     "shareDeleted": "링크가 삭제되었습니다.",
     "shareDeletedDescription": "링크가 삭제되었습니다.",
+    "shareDelete": "Delete Share Link",
+    "shareDeleteConfirm": "Confirm Delete Share Link",
+    "shareQuestionRemove": "Are you sure you want to delete this share link?",
+    "shareMessageRemove": "Once deleted, the link will no longer work and anyone using it will lose access to the resource.",
     "shareTokenDescription": "액세스 토큰은 쿼리 매개변수 또는 요청 헤더의 두 가지 방법으로 전달될 수 있습니다. 이는 인증된 액세스를 위해 클라이언트에서 모든 요청마다 전달되어야 합니다.",
     "accessToken": "액세스 토큰",
     "usageExamples": "사용 예",
@@ -523,6 +527,12 @@
     "userMessageOrgRemove": "이 사용자가 제거되면 더 이상 조직에 접근할 수 없습니다. 나중에 다시 초대할 수 있지만, 초대를 다시 수락해야 합니다.",
     "userRemoveOrgConfirm": "사용자 제거 확인",
     "userRemoveOrg": "조직에서 사용자 제거",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "사용자",
     "accessRoleMember": "회원",
     "accessRoleOwner": "소유자",
@@ -531,6 +541,11 @@
     "emailInvalid": "유효하지 않은 이메일 주소입니다.",
     "inviteValidityDuration": "지속 시간을 선택하십시오.",
     "accessRoleSelectPlease": "역할을 선택하세요",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "사용자 이름은 필수입니다.",
     "idpSelectPlease": "신원 제공자를 선택하십시오",
     "idpGenericOidc": "일반 OAuth2/OIDC 공급자.",

messages/nb-NO.json

@@ -156,6 +156,10 @@
     "shareErrorDeleteMessage": "En feil oppstod ved sletting av lenke",
     "shareDeleted": "Lenke slettet",
     "shareDeletedDescription": "Lenken har blitt slettet",
+    "shareDelete": "Delete Share Link",
+    "shareDeleteConfirm": "Confirm Delete Share Link",
+    "shareQuestionRemove": "Are you sure you want to delete this share link?",
+    "shareMessageRemove": "Once deleted, the link will no longer work and anyone using it will lose access to the resource.",
     "shareTokenDescription": "Adgangstoken kan sendes på to måter: som en spørringsparameter eller i forespørselsoverskriftene. Disse må sendes fra klienten på hver forespørsel om autentisert tilgang.",
     "accessToken": "Tilgangsnøkkel",
     "usageExamples": "Brukseksempler",
@@ -523,6 +527,12 @@
     "userMessageOrgRemove": "Når denne brukeren er fjernet, vil de ikke lenger ha tilgang til organisasjonen. Du kan alltid invitere dem på nytt senere, men de vil måtte godta invitasjonen på nytt.",
     "userRemoveOrgConfirm": "Bekreft fjerning av bruker",
     "userRemoveOrg": "Fjern bruker fra organisasjon",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "Brukere",
     "accessRoleMember": "Medlem",
     "accessRoleOwner": "Eier",
@@ -531,6 +541,11 @@
     "emailInvalid": "Ugyldig e-postadresse",
     "inviteValidityDuration": "Vennligst velg en varighet",
     "accessRoleSelectPlease": "Vennligst velg en rolle",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "Brukernavn er påkrevd",
     "idpSelectPlease": "Vennligst velg en identitetsleverandør",
     "idpGenericOidc": "Generisk OAuth2/OIDC-leverandør.",

messages/nl-NL.json

@@ -156,6 +156,10 @@
     "shareErrorDeleteMessage": "Fout opgetreden tijdens het verwijderen link",
     "shareDeleted": "Link verwijderd",
     "shareDeletedDescription": "De link is verwijderd",
+    "shareDelete": "Delete Share Link",
+    "shareDeleteConfirm": "Confirm Delete Share Link",
+    "shareQuestionRemove": "Are you sure you want to delete this share link?",
+    "shareMessageRemove": "Once deleted, the link will no longer work and anyone using it will lose access to the resource.",
     "shareTokenDescription": "De toegangstoken kan op twee manieren worden doorgegeven: als queryparameter of in de aanvraagheaders. Deze moeten worden doorgegeven van de client op elk verzoek voor geverifieerde toegang.",
     "accessToken": "Toegangs-token",
     "usageExamples": "Voorbeelden van gebruik",
@@ -523,6 +527,12 @@
     "userMessageOrgRemove": "Eenmaal verwijderd, heeft deze gebruiker geen toegang meer tot de organisatie. Je kunt ze later altijd opnieuw uitnodigen, maar ze zullen de uitnodiging opnieuw moeten accepteren.",
     "userRemoveOrgConfirm": "Bevestig verwijderen gebruiker",
     "userRemoveOrg": "Gebruiker uit organisatie verwijderen",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "Gebruikers",
     "accessRoleMember": "Lid",
     "accessRoleOwner": "Eigenaar",
@@ -531,6 +541,11 @@
     "emailInvalid": "Ongeldig e-mailadres",
     "inviteValidityDuration": "Selecteer een tijdsduur",
     "accessRoleSelectPlease": "Selecteer een rol",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "Gebruikersnaam is verplicht",
     "idpSelectPlease": "Selecteer een identiteitsprovider",
     "idpGenericOidc": "Algemene OAuth2/OIDC provider.",

messages/pl-PL.json

@@ -156,6 +156,10 @@
     "shareErrorDeleteMessage": "Wystąpił błąd podczas usuwania linku",
     "shareDeleted": "Link usunięty",
     "shareDeletedDescription": "Link został usunięty",
+    "shareDelete": "Delete Share Link",
+    "shareDeleteConfirm": "Confirm Delete Share Link",
+    "shareQuestionRemove": "Are you sure you want to delete this share link?",
+    "shareMessageRemove": "Once deleted, the link will no longer work and anyone using it will lose access to the resource.",
     "shareTokenDescription": "Token dostępu może być przekazywany na dwa sposoby: jako parametr zapytania lub w nagłówkach żądania. Muszą być przekazywane z klienta na każde żądanie uwierzytelnionego dostępu.",
     "accessToken": "Token dostępu",
     "usageExamples": "Przykłady użycia",
@@ -523,6 +527,12 @@
     "userMessageOrgRemove": "Po usunięciu ten użytkownik nie będzie miał już dostępu do organizacji. Zawsze możesz ponownie go zaprosić później, ale będzie musiał ponownie zaakceptować zaproszenie.",
     "userRemoveOrgConfirm": "Potwierdź usunięcie użytkownika",
     "userRemoveOrg": "Usuń użytkownika z organizacji",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "Użytkownicy",
     "accessRoleMember": "Członek",
     "accessRoleOwner": "Właściciel",
@@ -531,6 +541,11 @@
     "emailInvalid": "Nieprawidłowy adres e-mail",
     "inviteValidityDuration": "Proszę wybrać okres ważności",
     "accessRoleSelectPlease": "Proszę wybrać rolę",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "Nazwa użytkownika jest wymagana",
     "idpSelectPlease": "Proszę wybrać dostawcę tożsamości",
     "idpGenericOidc": "Ogólny dostawca OAuth2/OIDC.",

messages/pt-PT.json

@@ -156,6 +156,10 @@
     "shareErrorDeleteMessage": "Ocorreu um erro ao apagar o link",
     "shareDeleted": "Link excluído",
     "shareDeletedDescription": "O link foi eliminado",
+    "shareDelete": "Delete Share Link",
+    "shareDeleteConfirm": "Confirm Delete Share Link",
+    "shareQuestionRemove": "Are you sure you want to delete this share link?",
+    "shareMessageRemove": "Once deleted, the link will no longer work and anyone using it will lose access to the resource.",
     "shareTokenDescription": "O token de acesso pode ser passado de duas maneiras: como um parâmetro de consulta ou nos cabeçalhos da solicitação. Estes devem ser passados do cliente em todas as solicitações para acesso autenticado.",
     "accessToken": "Token de acesso",
     "usageExamples": "Exemplos de uso",
@@ -523,6 +527,12 @@
     "userMessageOrgRemove": "Uma vez removido, este utilizador não terá mais acesso à organização. Você sempre pode reconvidá-lo depois, mas eles precisarão aceitar o convite novamente.",
     "userRemoveOrgConfirm": "Confirmar Remoção do Usuário",
     "userRemoveOrg": "Remover Usuário da Organização",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "Utilizadores",
     "accessRoleMember": "Membro",
     "accessRoleOwner": "Proprietário",
@@ -531,6 +541,11 @@
     "emailInvalid": "Endereço de email inválido",
     "inviteValidityDuration": "Por favor, selecione uma duração",
     "accessRoleSelectPlease": "Por favor, selecione uma função",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "Nome de utilizador é obrigatório",
     "idpSelectPlease": "Por favor, selecione um provedor de identidade",
     "idpGenericOidc": "Provedor genérico OAuth2/OIDC.",

messages/ru-RU.json

@@ -156,6 +156,10 @@
     "shareErrorDeleteMessage": "Произошла ошибка при удалении ссылки",
     "shareDeleted": "Ссылка удалена",
     "shareDeletedDescription": "Ссылка была успешно удалена",
+    "shareDelete": "Delete Share Link",
+    "shareDeleteConfirm": "Confirm Delete Share Link",
+    "shareQuestionRemove": "Are you sure you want to delete this share link?",
+    "shareMessageRemove": "Once deleted, the link will no longer work and anyone using it will lose access to the resource.",
     "shareTokenDescription": "Токен доступа может быть передан двумя способами: как параметр запроса или в заголовках запроса. Они должны быть переданы от клиента по каждому запросу для аутентифицированного доступа.",
     "accessToken": "Токен доступа",
     "usageExamples": "Примеры использования",
@@ -523,6 +527,12 @@
     "userMessageOrgRemove": "После удаления этот пользователь больше не будет иметь доступ к организации. Вы всегда можете пригласить его заново, но ему нужно будет снова принять приглашение.",
     "userRemoveOrgConfirm": "Подтвердить удаление пользователя",
     "userRemoveOrg": "Удалить пользователя из организации",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "Пользователи",
     "accessRoleMember": "Участник",
     "accessRoleOwner": "Владелец",
@@ -531,6 +541,11 @@
     "emailInvalid": "Неверный адрес Email",
     "inviteValidityDuration": "Пожалуйста, выберите продолжительность",
     "accessRoleSelectPlease": "Пожалуйста, выберите роль",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "Имя пользователя обязательно",
     "idpSelectPlease": "Пожалуйста, выберите Identity Provider",
     "idpGenericOidc": "Обычный OAuth2/OIDC provider.",

messages/tr-TR.json

@@ -156,6 +156,10 @@
     "shareErrorDeleteMessage": "Bağlantı silinirken bir hata oluştu",
     "shareDeleted": "Bağlantı silindi",
     "shareDeletedDescription": "Bağlantı silindi",
+    "shareDelete": "Delete Share Link",
+    "shareDeleteConfirm": "Confirm Delete Share Link",
+    "shareQuestionRemove": "Are you sure you want to delete this share link?",
+    "shareMessageRemove": "Once deleted, the link will no longer work and anyone using it will lose access to the resource.",
     "shareTokenDescription": "Erişim jetonunuz iki şekilde iletilebilir: sorgu parametresi olarak veya istek başlıklarında. Kimlik doğrulanmış erişim için her istekten müşteri tarafından iletilmelidir.",
     "accessToken": "Erişim Jetonu",
     "usageExamples": "Kullanım Örnekleri",
@@ -523,6 +527,12 @@
     "userMessageOrgRemove": "Kaldırıldığında, bu kullanıcı organizasyona artık erişim sağlayamayacak. Kullanıcı tekrar davet edilebilir, ancak daveti kabul etmesi gerekecek.",
     "userRemoveOrgConfirm": "Kullanıcıyı Kaldırmayı Onayla",
     "userRemoveOrg": "Kullanıcıyı Organizasyondan Kaldır",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "Kullanıcılar",
     "accessRoleMember": "Üye",
     "accessRoleOwner": "Sahip",
@@ -531,6 +541,11 @@
     "emailInvalid": "Geçersiz e-posta adresi",
     "inviteValidityDuration": "Lütfen bir süre seçin",
     "accessRoleSelectPlease": "Lütfen bir rol seçin",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "Kullanıcı adı gereklidir",
     "idpSelectPlease": "Lütfen bir kimlik sağlayıcı seçin",
     "idpGenericOidc": "Genel OAuth2/OIDC sağlayıcısı.",

messages/zh-CN.json

@@ -156,6 +156,10 @@
     "shareErrorDeleteMessage": "删除链接时出错",
     "shareDeleted": "链接已删除",
     "shareDeletedDescription": "链接已删除",
+    "shareDelete": "Delete Share Link",
+    "shareDeleteConfirm": "Confirm Delete Share Link",
+    "shareQuestionRemove": "Are you sure you want to delete this share link?",
+    "shareMessageRemove": "Once deleted, the link will no longer work and anyone using it will lose access to the resource.",
     "shareTokenDescription": "访问令牌可以通过两种方式传递：作为查询参数或请求标题。 每次验证访问请求都必须从客户端传递。",
     "accessToken": "访问令牌",
     "usageExamples": "用法示例",
@@ -523,6 +527,12 @@
     "userMessageOrgRemove": "一旦删除，这个用户将不再能够访问组织。 你总是可以稍后重新邀请他们，但他们需要再次接受邀请。",
     "userRemoveOrgConfirm": "确认删除用户",
     "userRemoveOrg": "从组织中删除用户",
+    "userQuestionOrgRemoveSelf": "Are you sure you want to remove yourself from this organization?",
+    "userMessageOrgRemoveSelf": "You will lose access immediately. An administrator can invite you again later, but you will need to accept a new invitation.",
+    "userRemoveOrgConfirmSelf": "Confirm Remove Myself",
+    "userRemoveOrgSelf": "Remove yourself from the organization",
+    "userRemoveOrgSelfWarning": "You will lose access to this organization immediately.",
+    "userRemoveOrgConfirmPhraseSelf": "REMOVE MYSELF FROM ORG",
     "users": "用户",
     "accessRoleMember": "成员",
     "accessRoleOwner": "所有者",
@@ -531,6 +541,11 @@
     "emailInvalid": "无效的电子邮件地址",
     "inviteValidityDuration": "请选择持续时间",
     "accessRoleSelectPlease": "请选择一个角色",
+    "removeOwnAdminRoleConfirmTitle": "Remove your administrator access?",
+    "removeOwnAdminRoleConfirmDescription": "You will no longer have administrator permissions in this organization after saving. Another administrator can restore access if needed.",
+    "removeOwnAdminRoleConfirmButton": "Remove My Administrator Access",
+    "removeOwnAdminRoleConfirmPhrase": "REMOVE MY ADMIN ACCESS",
+    "ownerMustRetainAdminRole": "The organization owner must keep at least one administrator role.",
     "usernameRequired": "必须输入用户名",
     "idpSelectPlease": "请选择身份提供商",
     "idpGenericOidc": "通用的 OAuth2/OIDC 提供商。",

server/private/routers/user/addUserRole.ts

@@ -98,15 +98,6 @@ export async function addUserRole(
             );
         }
 
-        if (existingUser[0].isOwner) {
-            return next(
-                createHttpError(
-                    HttpCode.FORBIDDEN,
-                    "Cannot change the role of the owner of the organization"
-                )
-            );
-        }
-
         const roleExists = await db
             .select()
             .from(roles)

server/private/routers/user/removeUserRole.ts

@@ -98,11 +98,11 @@ export async function removeUserRole(
             );
         }
 
-        if (existingUser.isOwner) {
+        if (existingUser.isOwner && role.isAdmin === true) {
             return next(
                 createHttpError(
                     HttpCode.FORBIDDEN,
-                    "Cannot change the roles of the owner of the organization"
+                    "Cannot remove the administrator role from the organization owner"
                 )
             );
         }

server/private/routers/user/setUserOrgRoles.ts

@@ -87,17 +87,8 @@ export async function setUserOrgRoles(
             );
         }
 
-        if (existingUser.isOwner) {
-            return next(
-                createHttpError(
-                    HttpCode.FORBIDDEN,
-                    "Cannot change the roles of the owner of the organization"
-                )
-            );
-        }
-
         const orgRoles = await db
-            .select({ roleId: roles.roleId })
+            .select({ roleId: roles.roleId, isAdmin: roles.isAdmin })
             .from(roles)
             .where(
                 and(
@@ -115,6 +106,18 @@ export async function setUserOrgRoles(
             );
         }
 
+        if (existingUser.isOwner) {
+            const hasAdminRole = orgRoles.some((r) => r.isAdmin === true);
+            if (!hasAdminRole) {
+                return next(
+                    createHttpError(
+                        HttpCode.FORBIDDEN,
+                        "The organization owner must retain an administrator role"
+                    )
+                );
+            }
+        }
+
         let orgClientsToRebuild: Client[] = [];
         await db.transaction(async (trx) => {
             await trx

server/routers/user/addUserRoleLegacy.ts

@@ -88,11 +88,11 @@ export async function addUserRoleLegacy(
             );
         }
 
-        if (existingUser.isOwner) {
+        if (existingUser.isOwner && role.isAdmin !== true) {
             return next(
                 createHttpError(
                     HttpCode.FORBIDDEN,
-                    "Cannot change the role of the owner of the organization"
+                    "The organization owner must retain an administrator role"
                 )
             );
         }

server/routers/user/getOrgUser.ts

@@ -47,10 +47,7 @@ export async function queryUser(orgId: string, userId: string) {
         .from(userOrgRoles)
         .leftJoin(roles, eq(userOrgRoles.roleId, roles.roleId))
         .where(
-            and(
+            and(eq(userOrgRoles.userId, userId), eq(userOrgRoles.orgId, orgId))
-                eq(userOrgRoles.userId, userId),
-                eq(userOrgRoles.orgId, orgId)
-            )
         );
 
     const isAdmin = roleRows.some((r) => r.isAdmin);
@@ -61,7 +58,8 @@ export async function queryUser(orgId: string, userId: string) {
         roleIds: roleRows.map((r) => r.roleId),
         roles: roleRows.map((r) => ({
             roleId: r.roleId,
-            name: r.roleName ?? ""
+            name: r.roleName ?? "",
+            isAdmin: r.isAdmin === true
         }))
     };
 }

src/app/[orgId]/settings/access/users/[userId]/access-controls/page.tsx

@@ -1,5 +1,6 @@
 "use client";
 
+import ConfirmDeleteDialog from "@app/components/ConfirmDeleteDialog";
 import IdpTypeBadge from "@app/components/IdpTypeBadge";
 import OrgRolesTagField from "@app/components/OrgRolesTagField";
 import {
@@ -25,6 +26,7 @@ import { useEnvContext } from "@app/hooks/useEnvContext";
 import { userOrgUserContext } from "@app/hooks/useOrgUserContext";
 import { usePaidStatus } from "@app/hooks/usePaidStatus";
 import { toast } from "@app/hooks/useToast";
+import { useUserContext } from "@app/hooks/useUserContext";
 import { createApiClient, formatAxiosError } from "@app/lib/api";
 import { zodResolver } from "@hookform/resolvers/zod";
 import { build } from "@server/build";
@@ -32,7 +34,7 @@ import { tierMatrix } from "@server/lib/billing/tierMatrix";
 import { UserType } from "@server/types/UserTypes";
 import { useTranslations } from "next-intl";
 import { useParams } from "next/navigation";
-import { useActionState, useEffect } from "react";
+import { useEffect, useState } from "react";
 import { useForm } from "react-hook-form";
 import { z } from "zod";
 
@@ -42,13 +44,15 @@ const accessControlsFormSchema = z.object({
     roles: z.array(
         z.object({
             id: z.string(),
-            text: z.string()
+            text: z.string(),
+            isAdmin: z.boolean().optional()
         })
     )
 });
 
 export default function AccessControlsPage() {
     const { orgUser: user, updateOrgUser } = userOrgUserContext();
+    const { user: sessionUser } = useUserContext();
     const { env } = useEnvContext();
 
     const api = createApiClient({ env });
@@ -72,7 +76,8 @@ export default function AccessControlsPage() {
             autoProvisioned: user.autoProvisioned || false,
             roles: (user.roles ?? []).map((r) => ({
                 id: r.roleId.toString(),
-                text: r.name
+                text: r.name,
+                isAdmin: r.isAdmin === true
             }))
         }
     });
@@ -84,7 +89,8 @@ export default function AccessControlsPage() {
             "roles",
             (user.roles ?? []).map((r) => ({
                 id: r.roleId.toString(),
-                text: r.name
+                text: r.name,
+                isAdmin: r.isAdmin === true
             }))
         );
         form.setValue("autoProvisioned", user.autoProvisioned || false);
@@ -95,11 +101,11 @@ export default function AccessControlsPage() {
             ? t("singleRolePerUserPlanNotice")
             : t("singleRolePerUserEditionNotice");
 
-    const [, action, isSubmitting] = useActionState(onSubmit, null);
+    const [isSaving, setIsSaving] = useState(false);
-    async function onSubmit() {
+    const [confirmRemoveOwnAdminOpen, setConfirmRemoveOwnAdminOpen] =
-        const isValid = await form.trigger();
+        useState(false);
-        if (!isValid) return;
 
+    async function executeSave() {
         const values = form.getValues();
 
         if (values.roles.length === 0) {
@@ -111,6 +117,7 @@ export default function AccessControlsPage() {
             return;
         }
 
+        setIsSaving(true);
         try {
             const roleIds = values.roles.map((r) => parseInt(r.id, 10));
             const updateRoleRequest = supportsMultipleRolesPerUser
@@ -130,7 +137,8 @@ export default function AccessControlsPage() {
                 roleIds,
                 roles: values.roles.map((r) => ({
                     roleId: parseInt(r.id, 10),
-                    name: r.text
+                    name: r.text,
+                    isAdmin: r.isAdmin === true
                 })),
                 autoProvisioned: values.autoProvisioned
             });
@@ -149,11 +157,61 @@ export default function AccessControlsPage() {
                     t("accessRoleErrorAddDescription")
                 )
             });
+        } finally {
+            setIsSaving(false);
         }
     }
 
+    async function handleAccessControlsSubmit(e: React.FormEvent) {
+        e.preventDefault();
+
+        const isValid = await form.trigger();
+        if (!isValid) return;
+
+        const values = form.getValues();
+
+        if (values.roles.length === 0) {
+            toast({
+                variant: "destructive",
+                title: t("accessRoleErrorAdd"),
+                description: t("accessRoleSelectPlease")
+            });
+            return;
+        }
+
+        const willHaveAdminRole = values.roles.some(
+            (r) => r.isAdmin === true
+        );
+
+        const isRemovingOwnAdmin =
+            sessionUser.userId === user.userId &&
+            user.isAdmin &&
+            !willHaveAdminRole;
+
+        if (isRemovingOwnAdmin) {
+            setConfirmRemoveOwnAdminOpen(true);
+            return;
+        }
+
+        await executeSave();
+    }
+
     return (
         <SettingsContainer>
+            <ConfirmDeleteDialog
+                open={confirmRemoveOwnAdminOpen}
+                setOpen={setConfirmRemoveOwnAdminOpen}
+                title={t("removeOwnAdminRoleConfirmTitle")}
+                dialog={
+                    <div className="space-y-2">
+                        <p>{t("removeOwnAdminRoleConfirmDescription")}</p>
+                    </div>
+                }
+                buttonText={t("removeOwnAdminRoleConfirmButton")}
+                string={t("removeOwnAdminRoleConfirmPhrase")}
+                onConfirm={executeSave}
+            />
+
             <SettingsSection>
                 <SettingsSectionHeader>
                     <SettingsSectionTitle>
@@ -168,7 +226,7 @@ export default function AccessControlsPage() {
                     <SettingsSectionForm>
                         <Form {...form}>
                             <form
-                                action={action}
+                                onSubmit={(e) => void handleAccessControlsSubmit(e)}
                                 className="space-y-4"
                                 id="access-controls-form"
                             >
@@ -237,8 +295,8 @@ export default function AccessControlsPage() {
                 <SettingsSectionFooter>
                     <Button
                         type="submit"
-                        loading={isSubmitting}
+                        loading={isSaving}
-                        disabled={isSubmitting}
+                        disabled={isSaving}
                         form="access-controls-form"
                     >
                         {t("accessControlsSubmit")}

src/components/UsersTable.tsx

@@ -99,6 +99,14 @@ export default function UsersTable({
         ];
     }, [searchParams.toString()]);
 
+    const isRemovingSelf = useMemo(() => {
+        if (!selectedUser || !user) return false;
+        return (
+            `${selectedUser.username}-${selectedUser.idpId}` ===
+            `${user.username}-${user.idpId}`
+        );
+    }, [selectedUser, user]);
+
     function handleFilterChange(
         column: string,
         value: string | undefined | null
@@ -223,10 +231,7 @@ export default function UsersTable({
             header: () => <span className="p-3"></span>,
             cell: ({ row }) => {
                 const userRow = row.original;
-                const isCurrentUser =
+                const canRemoveFromOrg = !userRow.isOwner;
-                    `${userRow.username}-${userRow.idpId}` ===
-                    `${user?.username}-${user?.idpId}`;
-                const isDisabled = userRow.isOwner || isCurrentUser;
                 return (
                     <div className="flex items-center justify-end">
                         <div>
@@ -235,7 +240,6 @@ export default function UsersTable({
                                     <Button
                                         variant="ghost"
                                         className="h-8 w-8 p-0"
-                                        disabled={isDisabled}
                                     >
                                         <span className="sr-only">
                                             {t("openMenu")}
@@ -247,16 +251,12 @@ export default function UsersTable({
                                     <Link
                                         href={`/${org?.org.orgId}/settings/access/users/${userRow.id}`}
                                         className="block w-full"
-                                        aria-disabled={isDisabled}
-                                        onClick={(e) =>
-                                            isDisabled && e.preventDefault()
-                                        }
                                     >
-                                        <DropdownMenuItem disabled={isDisabled}>
+                                        <DropdownMenuItem>
                                             {t("accessUserManage")}
                                         </DropdownMenuItem>
                                     </Link>
-                                    {!isDisabled && (
+                                    {canRemoveFromOrg && (
                                         <DropdownMenuItem
                                             onClick={() => {
                                                 setIsDeleteModalOpen(true);
@@ -271,16 +271,6 @@ export default function UsersTable({
                                 </DropdownMenuContent>
                             </DropdownMenu>
                         </div>
-                        {isDisabled ? (
-                            <Button
-                                variant={"outline"}
-                                className="ml-2"
-                                disabled
-                            >
-                                {t("manage")}
-                                <ArrowRight className="ml-2 w-4 h-4" />
-                            </Button>
-                        ) : (
                         <Link
                             href={`/${org?.org.orgId}/settings/access/users/${userRow.id}`}
                         >
@@ -289,7 +279,6 @@ export default function UsersTable({
                                 <ArrowRight className="ml-2 w-4 h-4" />
                             </Button>
                         </Link>
-                        )}
                     </div>
                 );
             }
@@ -359,14 +348,35 @@ export default function UsersTable({
                 }}
                 dialog={
                     <div className="space-y-2">
-                        <p>{t("userQuestionOrgRemove")}</p>
+                        <p>
-                        <p>{t("userMessageOrgRemove")}</p>
+                            {t(
+                                isRemovingSelf
+                                    ? "userQuestionOrgRemoveSelf"
+                                    : "userQuestionOrgRemove"
+                            )}
+                        </p>
+                        <p>
+                            {t(
+                                isRemovingSelf
+                                    ? "userMessageOrgRemoveSelf"
+                                    : "userMessageOrgRemove"
+                            )}
+                        </p>
                     </div>
                 }
-                buttonText={t("userRemoveOrgConfirm")}
+                buttonText={t(
+                    isRemovingSelf
+                        ? "userRemoveOrgConfirmSelf"
+                        : "userRemoveOrgConfirm"
+                )}
+                warningText={
+                    isRemovingSelf ? t("userRemoveOrgSelfWarning") : undefined
+                }
                 onConfirm={async () => startTransition(removeUser)}
                 string={
-                    selectedUser
+                    isRemovingSelf
+                        ? t("userRemoveOrgConfirmPhraseSelf")
+                        : selectedUser
                           ? getUserDisplayName({
                                 email: selectedUser.email,
                                 name: selectedUser.name,
@@ -374,7 +384,9 @@ export default function UsersTable({
                             })
                           : ""
                 }
-                title={t("userRemoveOrg")}
+                title={t(
+                    isRemovingSelf ? "userRemoveOrgSelf" : "userRemoveOrg"
+                )}
             />
 
             <ControlledDataTable

src/components/multi-select/multi-select-content.tsx

@@ -11,7 +11,7 @@ import { cn } from "@app/lib/cn";
 import { CheckIcon } from "lucide-react";
 import { useTranslations } from "next-intl";
 
-export type TagValue = { text: string; id: string };
+export type TagValue = { text: string; id: string; isAdmin?: boolean };
 
 export type MultiSelectTagsProps<T extends TagValue> = {
     emptyPlaceholder?: string;

src/components/roles-selector.tsx

@@ -6,7 +6,7 @@ import { useDebounce } from "use-debounce";
 import { useTranslations } from "next-intl";
 import { MultiSelectTagInput } from "./multi-select/multi-select-tag-input";
 
-export type SelectedRole = { id: string; text: string };
+export type SelectedRole = { id: string; text: string; isAdmin?: boolean };
 
 export type RolesSelectorProps = {
     orgId: string;