Revoke roles a user has on group when they are removed as a member.

author: Frederick Muriuki Muriithi 2025-07-31 16:18:03 -0500
committer: Frederick Muriuki Muriithi 2025-07-31 16:18:03 -0500
commit: a5d512f2e42352e5eb3298d1fa44d59ea25262f7 (patch)
tree: 714421b2d13a58f423176e0633428398bf8acb63
parent: 065309242ab1c7bd378faa49f25545bad4761d89 (diff)
download: gn-auth-a5d512f2e42352e5eb3298d1fa44d59ea25262f7.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/gn_auth/auth/authorisation/resources/groups/models.py b/gn_auth/auth/authorisation/resources/groups/models.py
index 3189302..e027b2c 100644
--- a/gn_auth/auth/authorisation/resources/groups/models.py
+++ b/gn_auth/auth/authorisation/resources/groups/models.py
@@ -359,6 +359,9 @@ def remove_user_from_group(
             "DELETE FROM group_users "
             "WHERE group_id=:group_id AND user_id=:user_id",
             {"group_id": str(group.group_id), "user_id": str(user.user_id)})
+        cursor.execute(
+            "DELETE FROM user_roles WHERE user_id=? AND resource_id=?",
+            (str(user.user_id), str(grp_resource.resource_id)))
         assign_user_role_by_name(cursor,
                                  user,
                                  grp_resource.resource_id,
author	Frederick Muriuki Muriithi	2025-07-31 16:18:03 -0500
committer	Frederick Muriuki Muriithi	2025-07-31 16:18:03 -0500
commit	a5d512f2e42352e5eb3298d1fa44d59ea25262f7 (patch)
tree	714421b2d13a58f423176e0633428398bf8acb63
parent	065309242ab1c7bd378faa49f25545bad4761d89 (diff)
download	gn-auth-a5d512f2e42352e5eb3298d1fa44d59ea25262f7.tar.gz