From 9adb36b82c574d8566874ceb6b69400d92e008c2 Mon Sep 17 00:00:00 2001
From: abhishek9686 <abhi281342@gmail.com>
Date: Fri, 2 Aug 2024 13:53:41 +0530
Subject: [PATCH] delete netID if net roles are empty

---
 pro/controllers/users.go | 10 ++++++----
 pro/logic/user_mgmt.go   |  5 +++++
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/pro/controllers/users.go b/pro/controllers/users.go
index ca8edc3f..bef5e3b2 100644
--- a/pro/controllers/users.go
+++ b/pro/controllers/users.go
@@ -22,10 +22,7 @@ import (
 )
 
 func UserHandlers(r *mux.Router) {
-	r.HandleFunc("/api/users/{username}/remote_access_gw/{remote_access_gateway_id}", logic.SecurityCheck(true, http.HandlerFunc(attachUserToRemoteAccessGw))).Methods(http.MethodPost)
-	r.HandleFunc("/api/users/{username}/remote_access_gw/{remote_access_gateway_id}", logic.SecurityCheck(true, http.HandlerFunc(removeUserFromRemoteAccessGW))).Methods(http.MethodDelete)
-	r.HandleFunc("/api/users/{username}/remote_access_gw", logic.SecurityCheck(false, logic.ContinueIfUserMatch(http.HandlerFunc(getUserRemoteAccessGwsV1)))).Methods(http.MethodGet)
-	r.HandleFunc("/api/users/ingress/{ingress_id}", logic.SecurityCheck(true, http.HandlerFunc(ingressGatewayUsers))).Methods(http.MethodGet)
+
 	r.HandleFunc("/api/oauth/login", proAuth.HandleAuthLogin).Methods(http.MethodGet)
 	r.HandleFunc("/api/oauth/callback", proAuth.HandleAuthCallback).Methods(http.MethodGet)
 	r.HandleFunc("/api/oauth/headless", proAuth.HandleHeadlessSSO)
@@ -58,6 +55,11 @@ func UserHandlers(r *mux.Router) {
 	r.HandleFunc("/api/users_pending/user/{username}", logic.SecurityCheck(true, http.HandlerFunc(deletePendingUser))).Methods(http.MethodDelete)
 	r.HandleFunc("/api/users_pending/user/{username}", logic.SecurityCheck(true, http.HandlerFunc(approvePendingUser))).Methods(http.MethodPost)
 
+	r.HandleFunc("/api/users/{username}/remote_access_gw/{remote_access_gateway_id}", logic.SecurityCheck(true, http.HandlerFunc(attachUserToRemoteAccessGw))).Methods(http.MethodPost)
+	r.HandleFunc("/api/users/{username}/remote_access_gw/{remote_access_gateway_id}", logic.SecurityCheck(true, http.HandlerFunc(removeUserFromRemoteAccessGW))).Methods(http.MethodDelete)
+	r.HandleFunc("/api/users/{username}/remote_access_gw", logic.SecurityCheck(false, logic.ContinueIfUserMatch(http.HandlerFunc(getUserRemoteAccessGwsV1)))).Methods(http.MethodGet)
+	r.HandleFunc("/api/users/ingress/{ingress_id}", logic.SecurityCheck(true, http.HandlerFunc(ingressGatewayUsers))).Methods(http.MethodGet)
+
 }
 
 // swagger:route POST /api/v1/users/invite-signup user userInviteSignUp
diff --git a/pro/logic/user_mgmt.go b/pro/logic/user_mgmt.go
index ac68a918..fb928e0a 100644
--- a/pro/logic/user_mgmt.go
+++ b/pro/logic/user_mgmt.go
@@ -679,11 +679,16 @@ func IsGroupsValid(groups map[models.UserGroupID]struct{}) error {
 
 func IsNetworkRolesValid(networkRoles map[models.NetworkID]map[models.UserRoleID]struct{}) error {
 	for netID, netRoles := range networkRoles {
+
 		if netID != models.AllNetworks {
 			_, err := logic.GetNetwork(netID.String())
 			if err != nil {
 				return fmt.Errorf("failed to fetch network %s ", netID)
 			}
+			if len(netRoles) == 0 {
+				delete(networkRoles, netID)
+				continue
+			}
 		}
 		for netRoleID := range netRoles {
 			role, err := logic.GetRole(netRoleID)