0

Actually i have an authentication that works with rbac. The problem is that, i encoutered a case where a user was deleted, but in the database, the user id and role were still present.

When the user was recreated he got the roles of a former user who had this id. Acutally i can't delete user role of a user that has been delete because it's an enum..

Is it possible to create a relationship between users and roles while keeping this enumeration principle? Or another solution ?

public class AppUser {

    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Integer id;

    ....

    @ElementCollection(fetch = FetchType.EAGER)
    @Enumerated(EnumType.STRING)
    List<AppUserRole> appUserRoles;
    
}

public enum AppUserRole implements GrantedAuthority {
    ROLE_ADMIN, ROLE_DEMO;

    public String getAuthority() {
        return name();
    }

}
Kévin
  • 497
  • 10
  • 37
  • 1
    Why is an id even re-issued? Also why wouldn't you be able to drop the records, it is just a couple of rows in another table (or toString in the original user table). There is nothing preventing you from removing it. – M. Deinum Mar 01 '22 at 10:59
  • You are right, the id is not re-issued. But the fact that i can't delete appuserole is true.. Maybe i have to delete them from AppUser table ? Enum is really new for me, i don't really understand how to manage them.. – Kévin Mar 01 '22 at 12:04
  • There is a table linking the role to the user, you need to remove the entries from that. – M. Deinum Mar 01 '22 at 12:19
  • Is there no way when i delete a user, to delete userrole too ? Because actually i delete the user'id but it keeps roles – Kévin Mar 01 '22 at 12:24
  • I don't understand what you deleted, the user, or the id? (The latter I think is highly unlikely). If you delete the user through the `EntityManager` the collection will be removed as well, if you used a query it won't. – M. Deinum Mar 01 '22 at 12:29
  • I used my UserJpaRepository with deleteById(userId); But only the user has been deleted – Kévin Mar 01 '22 at 12:34
  • Which is deleting with a query (i suspect) instead you should use the `delete` method and first retrieve the user. – M. Deinum Mar 01 '22 at 12:39
  • I don't think that. I think that i found something related : https://stackoverflow.com/questions/65994461/how-to-cascade-delete-set-of-enums-in-jpa Will try it in 1 hour – Kévin Mar 01 '22 at 12:42
  • You don't think what? Sorry don't see how that question ,regarding the DDL, is related to deleting a user properly through JPA. If you use `entitymanager.remove` with the `User` it should delete the links as well, unless you haven't shown everything and have some specialized mapping that interferes with that. – M. Deinum Mar 01 '22 at 12:44
  • I made a mistake.. Deletation is working properly as it, i have maybe delete by hand while testing.. Sry about that. You can post an answer that there is nothing preventing removing that i will validate. Many thanks for helping – Kévin Mar 01 '22 at 13:36

2 Answers2

1

When deleting an entity with an @ElementCollection the delete is cascaded automatically. When doing this through SQL this (might) not be the case, depending on how cascade rules are applied in your database.

But with your setup that should happen automatically.

See also https://stackoverflow.com/a/7696147/2696260

M. Deinum
  • 115,695
  • 22
  • 220
  • 224
0

Here is an example of how the roles table for the @ElementCollection can be created (PostgreSQL syntax):

CREATE TABLE user_roles (
  user_id int,
  role text,
  PRIMARY KEY (user_id, role),
  FOREIGN KEY (user_id) REFERENCES users (id) ON DELETE CASCADE
);

The foreign key with the ON DELETE CASCADE makes sure that the associated roles are deleted when user is deleted.

holmis83
  • 15,922
  • 5
  • 82
  • 83