Merge pull request #5062 from AnuradhaSK/pre-check-role-deletion

Add pre check validation for role deletion
wso2 · Oct 26, 2023 · 66aa841 · 66aa841
2 parents 7fa0e89 + 6cb495d
commit 66aa841
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/...re/src/main/java/org/wso2/carbon/identity/role/v2/mgt/core/RoleManagementServiceImpl.java b/...re/src/main/java/org/wso2/carbon/identity/role/v2/mgt/core/RoleManagementServiceImpl.java
@@ -18,6 +18,7 @@
 
 package org.wso2.carbon.identity.role.v2.mgt.core;
 
+import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -248,6 +249,7 @@ public void deleteRole(String roleId, String tenantDomain) throws IdentityRoleMa
         RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy
                 .getInstance();
         roleManagementEventPublisherProxy.publishPreDeleteRoleWithException(roleId, tenantDomain);
+        doPreValidateRoleDeletion(roleId, tenantDomain);
         roleDAO.deleteRole(roleId, tenantDomain);
         roleManagementEventPublisherProxy.publishPostDeleteRole(roleId, tenantDomain);
         if (log.isDebugEnabled()) {
@@ -256,6 +258,20 @@ public void deleteRole(String roleId, String tenantDomain) throws IdentityRoleMa
         }
     }
 
+    private void doPreValidateRoleDeletion(String roleId, String tenantDomain) throws IdentityRoleManagementException {
+
+        RoleBasicInfo roleBasicInfo = getRoleBasicInfoById(roleId, tenantDomain);
+        String roleAudience = roleBasicInfo.getAudience();
+        if (APPLICATION.equalsIgnoreCase(roleAudience)) {
+            return;
+        }
+        List<String> associatedApplicationByRoleId = getAssociatedApplicationByRoleId(roleId, tenantDomain);
+        if (CollectionUtils.isNotEmpty(associatedApplicationByRoleId)) {
+            throw new IdentityRoleManagementClientException(INVALID_REQUEST.getCode(),
+                    "Unable to delete the role since it is associated with applications.");
+        }
+    }
+
     @Override
     public List<UserBasicInfo> getUserListOfRole(String roleId, String tenantDomain)
             throws IdentityRoleManagementException {