From 7dd53d8c16fd192990ae8e9a2db84fa36071aee9 Mon Sep 17 00:00:00 2001
From: maliming <malimings@gmail.com>
Date: Wed, 31 Dec 2025 13:34:24 +0800
Subject: [PATCH] Add ClientDeletedEventHandler for permission cleanup

---
 .../ClientDeletedEventHandler.cs              | 31 +++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 modules/identityserver/src/Volo.Abp.PermissionManagement.Domain.IdentityServer/Volo/Abp/PermissionManagement/IdentityServer/ClientDeletedEventHandler.cs

diff --git a/modules/identityserver/src/Volo.Abp.PermissionManagement.Domain.IdentityServer/Volo/Abp/PermissionManagement/IdentityServer/ClientDeletedEventHandler.cs b/modules/identityserver/src/Volo.Abp.PermissionManagement.Domain.IdentityServer/Volo/Abp/PermissionManagement/IdentityServer/ClientDeletedEventHandler.cs
new file mode 100644
index 0000000000..2a5ebbfb71
--- /dev/null
+++ b/modules/identityserver/src/Volo.Abp.PermissionManagement.Domain.IdentityServer/Volo/Abp/PermissionManagement/IdentityServer/ClientDeletedEventHandler.cs
@@ -0,0 +1,31 @@
+using System.Threading.Tasks;
+using Volo.Abp.Authorization.Permissions;
+using Volo.Abp.Authorization.Permissions.Resources;
+using Volo.Abp.DependencyInjection;
+using Volo.Abp.Domain.Entities.Events.Distributed;
+using Volo.Abp.EventBus.Distributed;
+using Volo.Abp.IdentityServer.Clients;
+using Volo.Abp.Uow;
+
+namespace Volo.Abp.PermissionManagement.IdentityServer;
+
+public class ClientDeletedEventHandler :
+    IDistributedEventHandler<EntityDeletedEto<ClientEto>>,
+    ITransientDependency
+{
+    protected IPermissionManager PermissionManager { get; }
+    protected IResourcePermissionManager ResourcePermissionManager { get; }
+
+    public ClientDeletedEventHandler(IPermissionManager permissionManager, IResourcePermissionManager resourcePermissionManager)
+    {
+        PermissionManager = permissionManager;
+        ResourcePermissionManager = resourcePermissionManager;
+    }
+
+    [UnitOfWork]
+    public virtual async Task HandleEventAsync(EntityDeletedEto<ClientEto> eventData)
+    {
+        await PermissionManager.DeleteAsync(ClientPermissionValueProvider.ProviderName, eventData.Entity.ClientId);
+        await ResourcePermissionManager.DeleteAsync(ClientResourcePermissionValueProvider.ProviderName, eventData.Entity.ClientId);
+    }
+}