I just don't think we should "automatically" do something like that. If you
want to delete them, you can do it by yourself.
This is a critical thing. Not sure if we should do that internally, but just allow users
to do it if they want.
You can query all u/r/g for a specific partition and delete them by yourself, using the
Query API.
----- Original Message -----
From: "Bill Burke" <bburke(a)redhat.com>
To: "Pedro Igor Silva" <psilva(a)redhat.com>
Cc: security-dev(a)lists.jboss.org
Sent: Friday, June 14, 2013 2:02:32 PM
Subject: Re: [security-dev] deleting a partition
I don't agree. What's your reasoning? At least in my case, because an
Application is going to be a Partition, i'll need to have an operation
somewhere that deletes the roles/role mappings somewhere.
On 6/14/2013 12:10 PM, Pedro Igor Silva wrote:
IMO, we should not delete u/g/r and raise an exception instead.
Telling the user that a partition can not be removed because of the associated data
(u/r/g).
If he wants to remove, he must remove first all related identity data.
Btw, we were doing that before the last refactoring to the Partition API.
----- Original Message -----
From: "Bill Burke" <bburke(a)redhat.com>
To: security-dev(a)lists.jboss.org
Sent: Friday, June 14, 2013 12:38:12 PM
Subject: [security-dev] deleting a partition
I'm looking at how to delete a partition and its not that simple. Is
this good enough? First I delete all Agents, users, groups, and roles.
Relationships should be deleted too right?
List<AttributedType> toRemove = new ArrayList<AttributedType>();
{
IdentityQuery<IdentityType> query = new
DefaultIdentityQuery(context, Agent.class, this);
List<IdentityType> resultSet = fetchQueryResults(context,
query);
toRemove.addAll(resultSet);
}
{
IdentityQuery<IdentityType> query = new
DefaultIdentityQuery(context, User.class, this);
List<IdentityType> resultSet = fetchQueryResults(context,
query);
toRemove.addAll(resultSet);
}
{
IdentityQuery<IdentityType> query = new
DefaultIdentityQuery(context, Group.class, this);
List<IdentityType> resultSet = fetchQueryResults(context,
query);
toRemove.addAll(resultSet);
}
{
IdentityQuery<IdentityType> query = new
DefaultIdentityQuery(context, Role.class, this);
List<IdentityType> resultSet = fetchQueryResults(context,
query);
toRemove.addAll(resultSet);
}
I do this all at the IdentityStore level, after this, I delete the
partition entry using IdentityStore specific routines.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com