Add RemoveClaimFromAllRolesAsync method to IIdentityRoleRepository.

modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/IIdentityRoleRepository.cs

@@ -22,7 +22,7 @@ Task<List<IdentityRoleWithUserCount>> GetListWithUserCountAsync(
         bool includeDetails = false,
         CancellationToken cancellationToken = default
     );
-    
+
     Task<List<IdentityRole>> GetListAsync(
         string sorting = null,
         int maxResultCount = int.MaxValue,
@@ -45,4 +45,10 @@ Task<long> GetCountAsync(
         string filter = null,
         CancellationToken cancellationToken = default
     );
+
+    Task RemoveClaimFromAllRolesAsync(
+        string claimType,
+        bool autoSave = false,
+        CancellationToken cancellationToken = default
+    );
 }

modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/IdentityClaimTypeManager.cs

@@ -9,11 +9,16 @@ public class IdentityClaimTypeManager : DomainService
 {
     protected IIdentityClaimTypeRepository IdentityClaimTypeRepository { get; }
     protected IIdentityUserRepository IdentityUserRepository { get; }
+    protected IIdentityRoleRepository IdentityRoleRepository { get; }
 
-    public IdentityClaimTypeManager(IIdentityClaimTypeRepository identityClaimTypeRepository, IIdentityUserRepository identityUserRepository)
+    public IdentityClaimTypeManager(
+        IIdentityClaimTypeRepository identityClaimTypeRepository,
+        IIdentityUserRepository identityUserRepository,
+        IIdentityRoleRepository identityRoleRepository)
     {
         IdentityClaimTypeRepository = identityClaimTypeRepository;
         IdentityUserRepository = identityUserRepository;
+        IdentityRoleRepository = identityRoleRepository;
     }
 
     public virtual async Task<IdentityClaimType> CreateAsync(IdentityClaimType claimType)
@@ -38,7 +43,6 @@ public virtual async Task<IdentityClaimType> UpdateAsync(IdentityClaimType claim
             throw new AbpException($"Can not update a static ClaimType.");
         }
 
-
         return await IdentityClaimTypeRepository.UpdateAsync(claimType);
     }
 
@@ -50,8 +54,10 @@ public virtual async Task DeleteAsync(Guid id)
             throw new AbpException($"Can not delete a static ClaimType.");
         }
 
-        //Remove claim of this type from all users
+        //Remove claim of this type from all users and roles
         await IdentityUserRepository.RemoveClaimFromAllUsersAsync(claimType.Name);
+        await IdentityRoleRepository.RemoveClaimFromAllRolesAsync(claimType.Name);
+
         await IdentityClaimTypeRepository.DeleteAsync(id);
     }
 }

modules/identity/src/Volo.Abp.Identity.EntityFrameworkCore/Volo/Abp/Identity/EntityFrameworkCore/EfCoreIdentityRoleRepository.cs

@@ -29,26 +29,26 @@ public virtual async Task<IdentityRole> FindByNormalizedNameAsync(
     }
 
     public virtual async Task<List<IdentityRoleWithUserCount>> GetListWithUserCountAsync(
-        string sorting = null, 
+        string sorting = null,
         int maxResultCount = int.MaxValue,
         int skipCount = 0,
         string filter = null,
-        bool includeDetails = false, 
+        bool includeDetails = false,
         CancellationToken cancellationToken = default)
     {
         var roles = await GetListInternalAsync(sorting, maxResultCount, skipCount, filter, includeDetails, cancellationToken: cancellationToken);
-        
+
         var roleIds = roles.Select(x => x.Id).ToList();
         var userCount = await (await GetDbContextAsync()).Set<IdentityUserRole>()
             .Where(userRole => roleIds.Contains(userRole.RoleId))
             .GroupBy(userRole => userRole.RoleId)
-            .Select(x => new  
+            .Select(x => new
             {
                 RoleId = x.Key,
                 Count = x.Count()
             })
             .ToListAsync(GetCancellationToken(cancellationToken));
-        
+
         return roles.Select(role => new IdentityRoleWithUserCount(role, userCount.FirstOrDefault(x => x.RoleId == role.Id)?.Count ?? 0)).ToList();
     }
 
@@ -92,6 +92,20 @@ public virtual async Task<long> GetCountAsync(
             .LongCountAsync(GetCancellationToken(cancellationToken));
     }
 
+    public virtual async Task RemoveClaimFromAllRolesAsync(string claimType, bool autoSave = false, CancellationToken cancellationToken = default)
+    {
+        var dbContext = await GetDbContextAsync();
+        var roleClaims = await dbContext.Set<IdentityRoleClaim>().Where(uc => uc.ClaimType == claimType).ToListAsync(cancellationToken: cancellationToken);
+        if (roleClaims.Any())
+        {
+            (await GetDbContextAsync()).Set<IdentityRoleClaim>().RemoveRange(roleClaims);
+            if (autoSave)
+            {
+                await dbContext.SaveChangesAsync(GetCancellationToken(cancellationToken));
+            }
+        }
+    }
+
     protected virtual async Task<List<IdentityRole>> GetListInternalAsync(
         string sorting = null,
         int maxResultCount = int.MaxValue,

modules/identity/src/Volo.Abp.Identity.MongoDB/Volo/Abp/Identity/MongoDB/MongoIdentityRoleRepository.cs

@@ -42,13 +42,13 @@ public virtual async Task<List<IdentityRoleWithUserCount>> GetListWithUserCountA
             .Where(user => user.Roles.Any(role => roleIds.Contains(role.RoleId)))
             .SelectMany(user => user.Roles)
             .GroupBy(userRole => userRole.RoleId)
-            .Select(x => new  
+            .Select(x => new
             {
                 RoleId = x.Key,
                 Count = x.Count()
             })
             .ToListAsync(GetCancellationToken(cancellationToken));
-        
+
         return roles.Select(role => new IdentityRoleWithUserCount(role, userCount.FirstOrDefault(x => x.RoleId == role.Id)?.Count ?? 0)).ToList();
     }
 
@@ -99,6 +99,20 @@ public virtual async Task<long> GetCountAsync(
             .LongCountAsync(GetCancellationToken(cancellationToken));
     }
 
+    public virtual async Task RemoveClaimFromAllRolesAsync(string claimType, bool autoSave = false, CancellationToken cancellationToken = default)
+    {
+        var roles = await (await GetMongoQueryableAsync(cancellationToken))
+            .Where(r => r.Claims.Any(c => c.ClaimType == claimType))
+            .ToListAsync(GetCancellationToken(cancellationToken));
+
+        foreach (var role in roles)
+        {
+            role.Claims.RemoveAll(c => c.ClaimType == claimType);
+        }
+
+        await UpdateManyAsync(roles, cancellationToken: cancellationToken);
+    }
+
     protected virtual async Task<List<IdentityRole>> GetListInternalAsync(
         string sorting = null,
         int maxResultCount = int.MaxValue,

modules/identity/test/Volo.Abp.Identity.TestBase/Volo/Abp/Identity/IdentityClaimTypeRepository_Tests.cs

@@ -17,19 +17,25 @@ public abstract class IdentityClaimTypeRepository_Tests<TStartupModule> : AbpIde
     where TStartupModule : IAbpModule
 {
     protected IIdentityClaimTypeRepository ClaimTypeRepository { get; }
+    protected IdentityClaimTypeManager IdentityClaimTypeManager { get; }
     protected IGuidGenerator GuidGenerator { get; }
     protected IUnitOfWorkManager UnitOfWorkManager { get; }
     protected IIdentityUserRepository UserRepository { get; }
     protected IdentityUserManager IdentityUserManager { get; }
+    protected IIdentityRoleRepository RoleRepository { get; }
+    protected IdentityRoleManager IdentityRoleManager { get; }
     protected IdentityTestData IdentityTestData { get; }
 
     public IdentityClaimTypeRepository_Tests()
     {
         ClaimTypeRepository = ServiceProvider.GetRequiredService<IIdentityClaimTypeRepository>();
+        IdentityClaimTypeManager = ServiceProvider.GetRequiredService<IdentityClaimTypeManager>();
         GuidGenerator = ServiceProvider.GetRequiredService<IGuidGenerator>();
         UnitOfWorkManager = ServiceProvider.GetRequiredService<IUnitOfWorkManager>();
         IdentityUserManager = ServiceProvider.GetRequiredService<IdentityUserManager>();
         UserRepository = ServiceProvider.GetRequiredService<IIdentityUserRepository>();
+        RoleRepository = ServiceProvider.GetRequiredService<IIdentityRoleRepository>();
+        IdentityRoleManager = ServiceProvider.GetRequiredService<IdentityRoleManager>();
         IdentityTestData = ServiceProvider.GetRequiredService<IdentityTestData>();
     }
 
@@ -72,25 +78,32 @@ public async Task DeleteAsync()
             var john = await UserRepository.FindAsync(IdentityTestData.UserJohnId);
             john.ShouldNotBeNull();
             await IdentityUserManager.AddClaimAsync(john, new Claim(ageClaim.Name, "18"));
-
             var userClaims = await IdentityUserManager.GetClaimsAsync(john);
             userClaims.ShouldContain(c => c.Type == ageClaim.Name && c.Value == "18");
 
+            var saleRole = await RoleRepository.FindAsync(IdentityTestData.RoleSaleId);
+            saleRole.ShouldNotBeNull();
+            await IdentityRoleManager.AddClaimAsync(saleRole, new Claim(ageClaim.Name, "18"));
+            var roleClaims = await IdentityRoleManager.GetClaimsAsync(saleRole);
+            roleClaims.ShouldContain(c => c.Type == ageClaim.Name && c.Value == "18");
+
             await uow.CompleteAsync();
         }
 
-        await ClaimTypeRepository.DeleteAsync(ageClaim.Id);
-        await UserRepository.RemoveClaimFromAllUsersAsync(ageClaim.Name);
+        await IdentityClaimTypeManager.DeleteAsync(ageClaim.Id);
 
         using (var uow = UnitOfWorkManager.Begin())
         {
             var john = await UserRepository.FindAsync(IdentityTestData.UserJohnId);
             john.ShouldNotBeNull();
-
             var userClaims = await IdentityUserManager.GetClaimsAsync(john);
-
             userClaims.ShouldNotContain(c => c.Type == ageClaim.Name && c.Value == "18");
 
+            var saleRole = await RoleRepository.FindAsync(IdentityTestData.RoleSaleId);
+            saleRole.ShouldNotBeNull();
+            var roleClaims = await IdentityRoleManager.GetClaimsAsync(saleRole);
+            roleClaims.ShouldNotContain(c => c.Type == ageClaim.Name && c.Value == "18");
+
             await uow.CompleteAsync();
         }
     }