From 1d0a7acc65200a10908a753af491cefc762be6ec Mon Sep 17 00:00:00 2001
From: jkoberg <jkoberg@owncloud.com>
Date: Thu, 22 Jun 2023 17:45:01 +0200
Subject: [PATCH] do not return an error when detecting too many roles

Signed-off-by: jkoberg <jkoberg@owncloud.com>
---
 changelog/unreleased/fix-oidc-role-assigner.md | 7 +++++++
 services/proxy/pkg/userroles/oidcroles.go      | 4 +---
 2 files changed, 8 insertions(+), 3 deletions(-)
 create mode 100644 changelog/unreleased/fix-oidc-role-assigner.md

diff --git a/changelog/unreleased/fix-oidc-role-assigner.md b/changelog/unreleased/fix-oidc-role-assigner.md
new file mode 100644
index 00000000000..797eb7311b8
--- /dev/null
+++ b/changelog/unreleased/fix-oidc-role-assigner.md
@@ -0,0 +1,7 @@
+Bugfix: Fix the oidc role assigner
+
+The update role method did not allow to set a role when the user already has two roles.
+This makes no sense as the user is supposed to have only one and the update will fix that.
+We still log an error level log to make the admin aware of that.
+
+https://github.com/owncloud/ocis/pull/6605
diff --git a/services/proxy/pkg/userroles/oidcroles.go b/services/proxy/pkg/userroles/oidcroles.go
index 65a5a2aa016..e51232dda31 100644
--- a/services/proxy/pkg/userroles/oidcroles.go
+++ b/services/proxy/pkg/userroles/oidcroles.go
@@ -89,9 +89,7 @@ func (ra oidcRoleAssigner) UpdateUserRoleAssignment(ctx context.Context, user *c
 		return nil, err
 	}
 	if len(assignedRoles) > 1 {
-		err := errors.New("too many roles assigned")
-		logger.Error().Err(err).Msg("The user has too many roles assigned")
-		return nil, err
+		logger.Error().Str("userID", user.GetId().GetOpaqueId()).Int("numRoles", len(assignedRoles)).Msg("The user has too many roles assigned")
 	}
 	logger.Debug().Interface("assignedRoleIds", assignedRoles).Msg("Currently assigned roles")