anarsultanov
commented
1 month ago Additionally, this issue cannot be managed directly in JPA because the tenant_membership_role relationship is represented using @ElementCollection, which does not support cascading deletes.
This statement isn't entirely accurate. According to the Hibernate documentation, element collections "have a similar lifecycle to basic/embedded attributes in that their persistence is completely managed as part of the owner - they are created when referenced from an owner and automatically deleted when unreferenced". The issue here arises from the membership being removed through cascading from user deletions, rather than directly by JPA.
Anyway, thanks for reporting and addressing this issue! :)
Description:
When attempting to delete a user from the Keycloak admin UI, an error occurs because a foreign key reference still exists in the
tenant_membership_roletable. This prevents the user from being successfully deleted.Steps to Reproduce:
Expected Behavior:
The user should be deleted without any errors, with all associated references handled appropriately.
Actual Behavior:
An error is thrown, preventing the deletion of the user due to foreign key constraints in the tenant_membership_role table.
Root Cause:
The
tenant_membership_roletable has a foreign key reference totenant_membershipthat does not have a cascading delete policy. This causes a constraint violation when attempting to delete a user who has associated records in thetenant_membership_roletable. Additionally, this issue cannot be managed directly in JPA because thetenant_membership_rolerelationship is represented using @ElementCollection, which does not support cascading deletes.Fix:
The issue was resolved by enabling cascading delete on the foreign key reference in the
tenant_membership_roletable. This allows the deletion of a user and all associated records in thetenant_membership_roletable to be handled automatically.PR containing this fix coming soon