delete tenant user when tenant user roles not exist
This commit is contained in:
parent
26dfe834ea
commit
0e983f04e5
|
@ -365,6 +365,10 @@ public class UserServiceImpl implements UserService {
|
|||
|
||||
this.syncKeycloakRoles(data.getId());
|
||||
|
||||
if (model.getRoles().stream().noneMatch(authorizationConfiguration.getAuthorizationProperties().getAllowedTenantRoles()::contains)){
|
||||
this.deleteTenantUser(model.getId());
|
||||
}
|
||||
|
||||
this.userTouchedIntegrationEventHandler.handle(data.getId());
|
||||
return this.builderFactory.builder(UserBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, User._id), data);
|
||||
}
|
||||
|
@ -448,6 +452,16 @@ public class UserServiceImpl implements UserService {
|
|||
|
||||
}
|
||||
|
||||
private void deleteTenantUser(UUID userId) throws InvalidApplicationException {
|
||||
if (!this.tenantScope.isSet()) throw new MyForbiddenException("tenant scope required");
|
||||
if (this.tenantScope.isDefaultTenant()) return;
|
||||
|
||||
TenantUserEntity tenantUser = this.queryFactory.query(TenantUserQuery.class).isActive(IsActive.Active).userIds(userId).tenantIds(this.tenantScope.getTenant()).first();
|
||||
if (tenantUser == null) throw new MyApplicationException("tenant user not found");
|
||||
|
||||
this.deleterFactory.deleter(TenantUserDeleter.class).delete(List.of(tenantUser));
|
||||
}
|
||||
|
||||
//region mine
|
||||
|
||||
@Override
|
||||
|
|
Loading…
Reference in New Issue