Problem Statement : User role get deleted from x_portal_user_role table and login does not work when he tries to update his role to a restricted role for his profile by using Post method of API /service/users/ .
User having role 'ROLE_SYS_ADMIN' can change his role to 'ROLE_USER'
User having role 'ROLE_KEY_ADMIN' can change his role to 'ROLE_USER'
User having role 'ROLE_USER' should not able to change his role to any other role.
Proposed solution : User's new requested role should be validated and if requested role is invalid then server should return error message.
- links to