Hi guys, while importing roles with permissions sometimes we get an ‘A permission with the same role, permission type and target already exists’ error message
- in platform we have unique index IDX_SEC_PERMISSION_UNIQUE which applied to not deleted records only;
create unique index IDX_SEC_PERMISSION_UNIQUE on SEC_PERMISSION (ROLE_ID, PERMISSION_TYPE, TARGET) where DELETE_TS is null;
- for example we have two records like on screen below:
-
in previously exported json file we have dropped role like on previous screen ID = FAF70AD6-78EC-3092-17D5-2B48A19955DE9;
-
if we’ll try to import role again then system should make first record non dropped and second one as dropped (by updating related delete_ts attribute);
-
all changes will be made in same transaction;
-
in this method will be made commit of our changes: org.eclipse.persistence.internal.sessions.CommitManager::commitChangedObjectsForClassWithChangeSet
-
in our case it’ll be two updates which will be wrapped in next class each org.eclipse.persistence.internal.sessions.ObjectChangeSet
Like on screen below:
- before applying all records will be sorted (in our case by id of ObjectChangeSet, id of change set equals to permission id);
- because of that sort, sometimes first will be applied script which make dropped record as non-dropped and mentioned constraint will be fired
Looks like a bug in role import functionality. To reproduce that problem next steps should be performed:
- for some entity read permission should be done;
- role with this permission should be exported;
- remove this permission;
- save role;
- add read permission for the same entity again;
- import previously exported role
It possible that mentioned error will be shown if no, repeat 3) - 6) steps