Error while unsharing organization role audienced application

[shashimalcse]

Describe the issue:
Error while unsharing organization role audienced application.

[2024-05-13 16:33:55,553] [8b41937d-ed07-4cb2-9076-49de2f6a9695] ERROR {org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils} - errorCode: ORG-65080 | message: Server encountered an error when removing fragment app: 36e3c298-0eae-441f-83ab-de165ba3c680 in organization: f4154b37-16d4-48f0-b4a4-c7b6185f862d. org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementServerException: Unable to remove the fragment application
	at org.wso2.carbon.identity.organization.management.service.util.Utils.handleServerException(Utils.java:113)
	at org.wso2.carbon.identity.organization.management.application.OrgApplicationManagerImpl.deleteSharedApplication(OrgApplicationManagerImpl.java:379)
	at org.wso2.carbon.identity.organization.management.application.OrgApplicationManagerImpl.deleteSharedApplication(OrgApplicationManagerImpl.java:269)
	at org.wso2.carbon.identity.api.server.application.management.v1.core.ServerApplicationSharingService.deleteAllSharedApplications(ServerApplicationSharingService.java:146)
	at org.wso2.carbon.identity.api.server.application.management.v1.impl.ApplicationsApiServiceImpl.sharedApplicationsAllDelete(ApplicationsApiServiceImpl.java:338)
	at org.wso2.carbon.identity.api.server.application.management.v1.ApplicationsApi.sharedApplicationsAllDelete(ApplicationsApi.java:1105)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:179)
	at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
	at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:201)
	at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:104)
	at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)
	at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96)
	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
	at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
	at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:265)
	at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
	at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:225)
	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:304)
	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doDelete(AbstractHTTPServlet.java:228)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:561)
	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:279)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:168)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:481)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
	at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:119)
	at org.wso2.carbon.identity.context.rewrite.valve.OrganizationContextRewriteValve.invoke(OrganizationContextRewriteValve.java:123)
	at org.wso2.carbon.tomcat.ext.valves.SameSiteCookieValve.invoke(SameSiteCookieValve.java:38)
	at org.wso2.carbon.identity.cors.valve.CORSValve.invoke(CORSValve.java:83)
	at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:183)
	at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:144)
	at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:110)
	at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:49)
	at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:71)
	at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:152)
	at org.wso2.carbon.extension.identity.x509Certificate.valve.X509CertificateAuthenticationValve.invoke(X509CertificateAuthenticationValve.java:59)
	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:670)
	at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:63)
	at org.wso2.carbon.tomcat.ext.valves.RequestEncodingValve.invoke(RequestEncodingValve.java:49)
	at org.wso2.carbon.tomcat.ext.valves.RequestCorrelationIdValve.invoke(RequestCorrelationIdValve.java:137)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:928)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1794)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
	at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
	at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: org.wso2.carbon.identity.application.common.IdentityApplicationManagementException: Error while deleting organization roles associated to the app.
	at org.wso2.carbon.identity.organization.management.handler.listener.SharedRoleMgtListener.doPreDeleteApplication(SharedRoleMgtListener.java:456)
	at org.wso2.carbon.identity.application.mgt.ApplicationManagementServiceImpl.deleteApplication(ApplicationManagementServiceImpl.java:816)
	at org.wso2.carbon.identity.organization.management.application.OrgApplicationManagerImpl.deleteSharedApplication(OrgApplicationManagerImpl.java:373)
	... 61 more
Caused by: org.wso2.carbon.identity.role.v2.mgt.core.exception.IdentityRoleManagementException: Error occurred while deleting role : db5eb4b7-0a65-47ac-812c-6b7d3e2cecaa and tenant domain : f4154b37-16d4-48f0-b4a4-c7b6185f862d
	at org.wso2.carbon.identity.application.mgt.listener.DefaultRoleManagementListener.preDeleteRole(DefaultRoleManagementListener.java:257)
	at org.wso2.carbon.identity.role.v2.mgt.core.RoleManagementServiceImpl.deleteRole(RoleManagementServiceImpl.java:361)
	at org.wso2.carbon.identity.organization.management.handler.listener.SharedRoleMgtListener.handleOrganizationAudiencedSharedRoleDeletion(SharedRoleMgtListener.java:504)
	at org.wso2.carbon.identity.organization.management.handler.listener.SharedRoleMgtListener.doPreDeleteApplication(SharedRoleMgtListener.java:453)
	... 63 more
Caused by: org.wso2.carbon.identity.role.v2.mgt.core.exception.IdentityRoleManagementClientException: Role id: db5eb4b7-0a65-47ac-812c-6b7d3e2cecaa does not exist in the tenant: f4154b37-16d4-48f0-b4a4-c7b6185f862d
	at org.wso2.carbon.identity.role.v2.mgt.core.dao.RoleDAOImpl.getRole(RoleDAOImpl.java:430)
	at org.wso2.carbon.identity.role.v2.mgt.core.RoleManagementServiceImpl.getRole(RoleManagementServiceImpl.java:278)
	at org.wso2.carbon.identity.application.mgt.listener.DefaultRoleManagementListener.preDeleteRole(DefaultRoleManagementListener.java:250)
	... 66 more

Screen.Recording.2024-05-13.at.16.33.52.mov

How to reproduce:

1. Create a sub organization
2. Create a application and switch to organization audience
3. Share the application in shared access section
4. Unshare the application

Environment information (Please complete the following information; remove any unnecessary fields) :

• Product Version: [e.g., IS 5.10.0, IS 5.9.0]
• OS: [e.g., Windows, Linux, Mac]
• Database: [e.g., MySQL, H2]
• Userstore: [e.g., LDAP, JDBC]

---

Optional Fields

Related issues:

Suggested labels:

[shashimalcse]

Error happened because we are trying to delete the admin role twice. The offset passed to retrieving organization roles should be 1 instead of 0. Since we are passing 0, we get the admin roles twice due to the pagination logic. Setting the initial offset to 1 will fix the issue.