Skip to content

Board ownership transfer to non-existent user #7747

New issue
New issue
Open
Open
Board ownership transfer to non-existent user#7747
Labels
1. to developbug
@DorraJaouad

Description

@DorraJaouad
DorraJaouad
opened on Mar 12, 2026

How to use GitHub

  • Please use the 👍 reaction to show that you are affected by the same issue.
  • Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
  • Subscribe to receive notifications on status change and new comments.

Describe the bug
The API endpoint responsible for transferring board ownership allows a user to specify a new owner via the newOwner parameter. However, the backend service does not validate whether the specified user actually exists in the system.

To Reproduce
Steps to reproduce the behavior:

  1. Create a new Deck board.
  2. Transfer ownership with /apps/deck/boards/26/transferOwner using wrong new owner.
  3. The requests is successful

Expected behavior
It returns an error Invalid request

Metadata

Metadata

Assignees

No one assigned

    Labels

    1. to developbug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions