Idea #18693
Updated by Peter Amstutz about 2 years ago
It's confusing and potentially error prone to have multiple identical permission links, e.g. three link records all granting "can_read" going from the same user to the same project. For example, there's 50 users with read access to a project, but one user is listed 3 times. Someone goes it to remove that user's access, but only deletes one or two of the links, not all three. Proposed change: conflicting: permission link with same or lower permission (e.g. adding a write permission conflicts with an existing read permission) * "create" command: if there is a conflicting permission link, update there's already an equivalent permission, return the existing permission link and return that * "update" command: if a link it is updated so it conflicts with another permission link, where there is already an equivalent permission, delete either the other conflicting new or old link * "delete" command: delete doesn't change because there shouldn't be multiple conflicting all links with equivalent permission * perform a data migration to remove any duplicated links