From b1770ebb762bc85567c001c7379875434099651e Mon Sep 17 00:00:00 2001
From: sbwalker <shaun.walker@siliqon.com>
Date: Tue, 29 Jul 2025 08:40:38 -0400
Subject: [PATCH] fix #5346 - deleting role should remove associated
 permissions

---
 Oqtane.Server/Repository/RoleRepository.cs | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/Oqtane.Server/Repository/RoleRepository.cs b/Oqtane.Server/Repository/RoleRepository.cs
index 1c4aa0c4..e9d1590d 100644
--- a/Oqtane.Server/Repository/RoleRepository.cs
+++ b/Oqtane.Server/Repository/RoleRepository.cs
@@ -2,6 +2,8 @@ using System.Collections.Generic;
 using System.Linq;
 using Microsoft.EntityFrameworkCore;
 using Oqtane.Models;
+using Oqtane.Modules.Admin.Users;
+using Oqtane.Shared;
 
 namespace Oqtane.Repository
 {
@@ -71,7 +73,19 @@ namespace Oqtane.Repository
         public void DeleteRole(int roleId)
         {
             using var db = _dbContextFactory.CreateDbContext();
+
             Role role = db.Role.Find(roleId);
+
+            // remove permissions for this role
+            var permissions = db.Permission.Where(item => item.SiteId == role.SiteId).ToList();
+            foreach (var permission in permissions)
+            {
+                if (permission.RoleId == roleId)
+                {
+                    db.Permission.Remove(permission);
+                }
+            }
+
             db.Role.Remove(role);
             db.SaveChanges();
         }