[NAE-2288] Delete of process retains global role from user

[renczesstefan]

Description

Fixes NAE-2288

Dependencies

No new dependencies were introduced

Third party dependencies

• No new dependencies were introduced

Blocking Pull requests

There are no dependencies on other PR

How Has Been This Tested?

This was tested manually and with unit tests.

Test Configuration

Name	Tested on
OS	macOS Tahoe 26.0.1
Runtime	Java 21
Dependency Manager	Maven 3.9.9n
Framework version	Spring Boot 3.4.4
Run parameters
Other configuration

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• My changes have been checked, personally or remotely, with @machacjozef
• I have commented my code, particularly in hard-to-understand areas
• I have resolved all conflicts with the target branch of the PR
• I have updated and synced my code with the target branch
• I have added tests that prove my fix is effective or that my feature works
• New and existing tests pass locally with my changes:
  • Lint test
  • Unit tests
  • Integration tests
• I have checked my contribution with code analysis tools:
  • SonarCloud
  • Snyk
• I have made corresponding changes to the documentation:
  • Developer documentation
  • User Guides
  • Migration Guides

Summary by CodeRabbit

• Bug Fixes
  • Refined role management during Petri net deletion to exclude global roles from the removal process, ensuring more precise role handling when Petri nets are removed from the system.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

The removeRoleOfDeletedPetriNet method in UserServiceImpl now filters out global roles when selecting role IDs, narrowing the subset of roles considered during the role removal operation while maintaining the overall control flow.

Changes

Cohort / File(s)	Summary
Role filtering refinement nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/UserServiceImpl.java	Added filter to exclude global roles before collecting role IDs in removeRoleOfDeletedPetriNet method

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

• Verify that global roles should indeed be excluded from the removal operation in this context
• Confirm that the filtering logic correctly identifies and excludes global roles
• Check for any downstream impact on role removal behavior for affected users/realms

Possibly related PRs

• [NAE-2186] PetriNet objects gRPC serialization #351: Modifies the same removeRoleOfDeletedPetriNet method with related role selection and traversal logic changes
• [NAE-2193] Assign all roles to admin users #350: Updates other role-handling logic in UserServiceImpl, including admin role assignment changes

Suggested labels

bugfix

Pre-merge checks

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'NAE-2288 Delete of process retains global role from user' directly corresponds to the main change: filtering out global roles in removeRoleOfDeletedPetriNet to fix the bug where process deletion retained global roles.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Retoocs]

I'm a bit confused right now. The method PetriNetService.deletePetriNet calls:

1. userService.removeRoleOfDeletedPetriNet
2. processRoleService.deleteRolesOfNet

The first method finds every ProcessRole, which is not a global and remove them from every user. The second method finds every ProcessRole (also global ones) and removes it: 1. from the every user (again), 2. from the repository

I'm confused because in the first method you don't remove global roles and in the second method you do the same removal, but you remove also global roles.

Can you explain me, please, how the removal works? I thought, that this fix will prevent removing global role from the database and from the users when removing petriNet