[NAE-2186] PetriNet objects gRPC serialization

[Smotanka]

Description

• Removing redundant param realmIds in removeRoleOfDeletedPetriNet method in UserServiceImpl, using deafult realm instead.
• Added removeRoleOfDeletedPetriNet with Set as param. This is mainly to prevent sending unnecessary data in Cluster version of NAE

Implements [NAE-2186]

Dependencies

None

Third party dependencies

None

Blocking Pull requests

None

How Has Been This Tested?

This was tested via Docker in cluster version

Test Configuration

Name	Tested on
OS	Fedora Workstation 42
Runtime	Java 21
Dependency Manager	Maven 3.9.9
Framework version	Spring Boot 3.2.5
Run parameters
Other configuration

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• My changes have been checked, personally or remotely, with @...
• I have commented my code, particularly in hard-to-understand areas
• I have resolved all conflicts with the target branch of the PR
• I have updated and synced my code with the target branch
• I have added tests that prove my fix is effective or that my feature works
• New and existing tests pass locally with my changes:
  • Lint test
  • Unit tests
  • Integration tests
• I have checked my contribution with code analysis tools:
  • SonarCloud
  • Snyk
• I have made corresponding changes to the documentation:
  • Developer documentation
  • User Guides
  • Migration Guides

Summary by CodeRabbit

• Refactor

  • Role-cleanup flow simplified to target the default realm only and consolidated into focused removal operations.
  • API surface adjusted to accept either a process reference or an explicit set of roles for deletion workflows.

• Bug Fixes

  • More reliable removal of roles tied to deleted processes in the default realm, reducing orphaned roles and inconsistent permissions.
  • Improved paging and batch removal to ensure all affected users are processed.

[coderabbitai]

Walkthrough

Replaced the two-parameter removeRoleOfDeletedPetriNet(PetriNet, Collection) API with two overloads: removeRoleOfDeletedPetriNet(PetriNet) and removeRoleOfDeletedPetriNet(Set). PetriNetService now calls the single-argument overload. UserServiceImpl now removes roles scoped to the default realm and pages users by role IDs.

Changes

Cohort / File(s)	Summary
Service invocation update application-engine/src/main/java/com/netgrif/application/engine/petrinet/service/PetriNetService.java	Call in deletePetriNet changed from userService.removeRoleOfDeletedPetriNet(petriNet, null) to userService.removeRoleOfDeletedPetriNet(petriNet); no other delete flow changes.
UserService API nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/UserService.java	Removed removeRoleOfDeletedPetriNet(PetriNet, Collection<String>); added removeRoleOfDeletedPetriNet(PetriNet) and removeRoleOfDeletedPetriNet(Set<ProcessRole>).
UserService implementation nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/UserServiceImpl.java	Replaced multi-realm traversal with default-realm-only logic. Added removeRoleOfDeletedPetriNet(PetriNet) delegating to removeRoleOfDeletedPetriNet(Set<ProcessRole>). New Set-based overload builds role-id collection, pages through users via searchUsersByRoleIds, and removes roles per page using removeRoles; paging advances with pageable.next() in a do-while loop. Removed unused import java.time.LocalDate.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Admin
  participant PNService as PetriNetService
  participant UserSvc as UserServiceImpl
  participant UserRepo as UserRepository

  Admin->>PNService: deletePetriNet(petriNetId)
  PNService->>UserSvc: removeRoleOfDeletedPetriNet(petriNet)
  rect rgb(245,250,255)
    note right of UserSvc: operate on default realm only
    UserSvc->>UserSvc: extract Set<ProcessRole> from PetriNet
    loop per page (do-while)
      UserSvc->>UserRepo: searchUsersByRoleIds(roleIds, realm=default, page)
      UserRepo-->>UserSvc: Page<User>
      alt users in page
        UserSvc->>UserSvc: removeRoles(user, roleIds)
      end
      UserSvc->>UserSvc: pageable.next()
    end
  end
  PNService-->>Admin: continue deletion flow

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• [NAE-2199] Force delete of processes #354: Modifies PetriNetService.deletePetriNet and related role-removal invocation/signature — strong overlap with this change.
• [NAE-2126] Admin - Assign & Manage Roles #325: Changes ProcessRole shape (adds processIdentifier/processTitle), which is relevant because the new overloads operate on Set.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/UserService.java (1)

351-364: Fix Javadoc: method no longer operates on “specified realms”

Docs still mention “specified realms” despite default-realm behavior and missing realm parameter. Update to avoid misleading API consumers.

-    /**
-     * Removes roles associated with a deleted Petri net from users in specified realms.
-     *
-     * @param process the deleted Petri net
-     */
+    /**
+     * Removes roles associated with the deleted Petri net from all users in the default realm.
+     *
+     * @param process the deleted Petri net
+     */
     void removeRoleOfDeletedPetriNet(PetriNet process);

-    /**
-     * Removes roles associated with a deleted Petri net from users in specified realms.
-     *
-     * @param petriNetRoles roles of deleted Petri net
-     */
+    /**
+     * Removes roles associated with the deleted Petri net from all users in the default realm.
+     * Prefer this overload in distributed/GRPC setups to minimize payload.
+     *
+     * @param petriNetRoles roles of the deleted Petri net
+     */
     void removeRoleOfDeletedPetriNet(Set<ProcessRole> petriNetRoles);

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 43c7009 and 606968d.

📒 Files selected for processing (3)

• application-engine/src/main/java/com/netgrif/application/engine/petrinet/service/PetriNetService.java (1 hunks)
• nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/UserServiceImpl.java (2 hunks)
• nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/UserService.java (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Build

🔇 Additional comments (2)

nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/UserService.java (1)

19-19: LGTM: import for Set added

Needed for the new overload.

nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/UserServiceImpl.java (1)

215-221: Null guard on realmIds is a safe improvement

Avoids NPE when the caller passes null.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (2)

application-engine/src/main/java/com/netgrif/application/engine/petrinet/service/PetriNetService.java (1)

541-541: Prefer roles-only overload to cut gRPC payload (NAE-2186).

Pass only the roles to avoid serializing the whole PetriNet over gRPC.

-        userService.removeRoleOfDeletedPetriNet(petriNet);
+        userService.removeRoleOfDeletedPetriNet(new HashSet<>(petriNet.getRoles().values()));

nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/UserServiceImpl.java (1)

530-539: Paging bug: advancing pages while mutating results can skip users; loop page 0 until empty.

After removals, later matches shift into page 0. Re-query page 0 until no users remain. Also short-circuit on null/empty roles.

     @Override
     public void removeRoleOfDeletedPetriNet(Set<ProcessRole> petriNetRoles) {
-        String defaultRealmCollection = collectionNameProvider.getDefaultRealmCollection();
-        Pageable pageable = PageRequest.of(0, paginationProperties.getBackendPageSize());
-        Collection<ProcessResourceId> roleIds = petriNetRoles.stream().map(ProcessRole::get_id).collect(Collectors.toSet());
-        Page<AbstractUser> users;
-        do {
-            users = searchUsersByRoleIds(roleIds, defaultRealmCollection, pageable);
-            users.getContent().forEach(u -> removeRoles(u, petriNetRoles));
-            pageable = pageable.next();
-        } while (users.hasNext());
+        if (petriNetRoles == null || petriNetRoles.isEmpty()) {
+            return;
+        }
+        String collectionName = collectionNameProvider.getDefaultRealmCollection();
+        Pageable page0 = PageRequest.of(0, paginationProperties.getBackendPageSize());
+        Collection<ProcessResourceId> roleIds =
+                petriNetRoles.stream().map(ProcessRole::get_id).collect(Collectors.toSet());
+        while (true) {
+            Page<AbstractUser> users = searchUsersByRoleIds(roleIds, collectionName, page0);
+            if (users.isEmpty()) {
+                break;
+            }
+            users.getContent().forEach(u -> removeRoles(u, petriNetRoles));
+        }
     }

Optional: implement a single repository-level updateMany with $pull for roleIds to avoid paging and per-user saves.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 4ff9286 and 970942d.

📒 Files selected for processing (3)

• application-engine/src/main/java/com/netgrif/application/engine/petrinet/service/PetriNetService.java (1 hunks)
• nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/UserServiceImpl.java (1 hunks)
• nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/UserService.java (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Test
• GitHub Check: task-list-completed
• GitHub Check: task-list-completed
• GitHub Check: task-list-completed
• GitHub Check: task-list-completed

🔇 Additional comments (2)

nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/UserService.java (1)

19-19: LGTM: Set import added for new API.

nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/UserServiceImpl.java (1)

525-527: Delegation to Set-based overload is correct.