Bug: When we clone a permission from role A to role B. The migration should not change permission of role A. #3985
Description
- Detail of the problem
After I clone a permission (e.g. Select) from a role to another role in hasura web console, and then trying to run npx hasura --project ./migrate migrate apply --down 1 to undo changes in the db schema.
I get error like this:
> npx hasura --project ./migrate migrate apply --down 1
time="2020-02-29T23:38:00+08:00" level=fatal msg="apply failed: [unexpected] postgres query error ($.args[1].args)\r\nFile: '1582990072304_apply_same_permissions_public_table_schoolRankings\\down.yaml'\r\n{\n \"permission\": {\n \"allow_aggregations\": false,\n \"columns\": [\n
\"isActive\",\n \"ARWURanking\",\n \"id\",\n \"QSRanking\",\n \"school_id\",\n \"THERanking\",\n \"year\",\n \"url\",\n \"created_at\",\n \"updated_at\"\n ],\n \"computed_fields\": [],\n \"filter\": {}\n },\n \"role\": \"anonymous_role\",\n \"table\": {\n \"name\": \"schoolRankings\",\n \"schema\":
\"public\"\n }\n}\r\n[23505] FatalError: duplicate key value violates unique constraint \"hdb_permission_pkey\"\r\nDescription: Key (table_schema,
table_name, role_name, perm_type)=(public, schoolRankings, anonymous_role, select) already exists."
And content of \migrations\1582990072304_apply_same_permissions_public_table_schoolRankings\down.yaml is:
- args:
role: user
table:
name: schoolRankings
schema: public
type: drop_select_permission
- args:
permission:
allow_aggregations: false
columns:
- isActive
- ARWURanking
- id
- QSRanking
- school_id
- THERanking
- year
- url
- created_at
- updated_at
computed_fields: []
filter: {}
role: anonymous_role
table:
name: schoolRankings
schema: public
type: create_select_permission
- args:
role: anonymous_role
table:
name: schoolRankings
schema: public
type: drop_select_permissionThen, I have manually removed last 2 items in down.yaml and up.yaml and run npx hasura --project ./migrate migrate apply --down 1 and npx hasura --project ./migrate migrate apply --up 1 without error.
- How to replicate the issue
My hasura version is 1.1 and I use Docker Desktop for Windows to run it on my laptop.
My postgres version is PostgreSQL 9.5.19 on x86_64-pc-linux-gnu, compiled by gcc (Ubuntu 5.4.0-6ubuntu1~16.04.10) 5.4.0 20160609, 64-bit running on windows wsl.
After cloned a permission to another role in console, /migrations folder should has a new migration folder of that change. It has a down.yaml file and its second item should be trying to create a new record but another record of the same (table_schema,
table_name, role_name, perm_type) already exists.
- Expected behavior
When we clone a permission from role A to role B. The migration should not change permission of role A.