Validate that a custom role is not associated with any users before allowing deletion
We should not allow a custom role (MemberRole
) to be deleted until it is not associated with any users/memberships.(require all users associated with a custom role to be disassociated from custom role before it can be deleted)
From @hsutor :
In an ideal world, we could give some kind of error that would say:
"Guest+1 cannot be deleted because [User X] is assigned."
Then give them a choice:
- Assign a different role to User X
- Ok/Acknowledge
This issue originally began as a follow-up to an MR discussion about a database constraint that was believed to delete custom roles if any of the membership records for that custom role is deleted. That was tested out and seems not to be the case. But the opposite is true: deleting a custom role removes all memberships associated with that custom role. To avoid any unintended member removals, we should add this validation/warning step.
Because custom roles are currently only destroy-able via the API, the above suggestion on assign/ok is not going to work. For now, the validation should just prevent the deletion and advice the Owner to remove all custom role users before deleting the custom role.