fix: Add cascading delete to tenant membership role (#43)

Author: geoffreyfourmis

src/main/resources/META-INF/keycloak-multi-tenancy-changelog-20240521-0014.xml

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+
+<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.2.xsd">
+
+    <changeSet id="20240521-0014-2" author="keycloak-multi-tenancy">
+        <dropForeignKeyConstraint baseTableName="TENANT_MEMBERSHIP_ROLE" constraintName="FK_TENANT_MEMBERSHIP_ROLE_TENANT_MEMBERSHIP_ID"/>
+    </changeSet>
+
+    <changeSet id="20240521-0014-3" author="keycloak-multi-tenancy">
+        <addForeignKeyConstraint baseColumnNames="TENANT_MEMBERSHIP_ID" baseTableName="TENANT_MEMBERSHIP_ROLE"
+                                 constraintName="FK_TENANT_MEMBERSHIP_ROLE_TENANT_MEMBERSHIP_ID" referencedColumnNames="ID" referencedTableName="TENANT_MEMBERSHIP" onDelete="CASCADE"/>
+    </changeSet>
+</databaseChangeLog>

src/main/resources/META-INF/keycloak-multi-tenancy-changelog-master.xml

@@ -2,5 +2,6 @@
 <databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.2.xsd">
 
   <include file="META-INF/keycloak-multi-tenancy-changelog-20221217-2113.xml"/>
+  <include file="META-INF/keycloak-multi-tenancy-changelog-20240521-0014.xml"/>
 
 </databaseChangeLog>

src/test/java/dev/sultanov/keycloak/multitenancy/ApiIntegrationTest.java

@@ -97,4 +97,35 @@ void adminUpdatesTenant_shouldReturnConflict_whenUpdatedTenantNameAlreadyExists(
             assertThat(response.getStatus()).isEqualTo(HttpStatus.SC_CONFLICT);
         }
     }
+
+    @Test
+    void userRemoval_shouldRemoveTheirMembership() {
+        // given
+        var adminUser = keycloakAdminClient.createVerifiedUser();
+        var tenantResource = adminUser.createTenant();
+
+        var user = keycloakAdminClient.createVerifiedUser();
+
+        var invitation = new TenantInvitationRepresentation();
+        invitation.setEmail(user.getUserData().getEmail());
+        try (var response = tenantResource.invitations().createInvitation(invitation)) {
+            assertThat(CreatedResponseUtil.getCreatedId(response)).isNotNull();
+        }
+
+        var nextPage = AccountPage.open()
+                .signIn()
+                .fillCredentials(user.getUserData().getEmail(), user.getUserData().getPassword())
+                .signIn();
+        assertThat(nextPage).isInstanceOf(ReviewInvitationsPage.class);
+        ((ReviewInvitationsPage) nextPage).accept();
+
+        // when
+        try (var response = keycloakAdminClient.getRealmResource().users().delete(user.getUserId())) {
+
+            //then
+            assertThat(response.getStatus()).isEqualTo(HttpStatus.SC_NO_CONTENT);
+            assertThat(tenantResource.memberships().listMemberships(null, null, null))
+                    .noneMatch(membership -> membership.getUser().getEmail().equalsIgnoreCase(user.getUserData().getEmail()));
+        }
+    }
 }