Add symetric removeRoles to user management api

2 files changed, 10 insertions, 0 deletions

diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/stubs/MockUserManagement.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/stubs/MockUserManagement.java
index 145b468688c..cdec8e60072 100644
--- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/stubs/MockUserManagement.java
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/stubs/MockUserManagement.java
@@ -55,6 +55,13 @@ public class MockUserManagement implements UserManagement {
     }
 
     @Override
+    public void removeRoles(UserId user, Collection<Role> roles) {
+        for (Role role : roles) {
+            removeUsers(role, Collections.singletonList(user));
+        }
+    }
+
+    @Override
     public List<User> listUsers(Role role) {
         return List.copyOf(memberships.get(role));
     }
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/UserManagement.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/UserManagement.java
index efe31f6f118..ee3c48e85d3 100644
--- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/UserManagement.java
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/UserManagement.java
@@ -27,6 +27,9 @@ public interface UserManagement {
     /** Ensures none of the given users are part of the given role, or throws if the role does not exist. */
     void removeUsers(Role role, Collection<UserId> users);
 
+    /** Ensures the given users are not part of the given role, or throws if the roles does not exist. */
+    void removeRoles(UserId  user, Collection<Role> roles);
+
     /** Returns all users in the given role, or throws if the role does not exist. */
     List<User> listUsers(Role role);