public function unassignRoleFromUserGroup(APIRole $role, UserGroup $userGroup)
{
if ($this->repository->canUser('role', 'assign', $userGroup, $role) !== true) {
throw new UnauthorizedException('role', 'assign');
}
$spiRoleAssignments = $this->userHandler->loadRoleAssignmentsByGroupId($userGroup->id);
$isAssigned = false;
foreach ($spiRoleAssignments as $spiRoleAssignment) {
if ($spiRoleAssignment->roleId === $role->id) {
$isAssigned = true;
break;
}
}
if (!$isAssigned) {
throw new InvalidArgumentException('$userGroup', 'Role is not assigned to the given UserGroup');
}
$this->repository->beginTransaction();
try {
$this->userHandler->unassignRole($userGroup->id, $role->id);
$this->repository->commit();
} catch (Exception $e) {
$this->repository->rollback();
throw $e;
}
}