Duplicate Roles allowed

[rihadavid]

It is allowed to create two roles with the same name. Is it a bug or are we supposed to look for existing roles with the specified name before creating a new role?

From the docs: "name: The name for the role. This value is required, must be unique" it seems to me that it shouldn't be possible.

BTW Also would be nice, if we could just add users to existing role without querying it, by its unique name :)

[natanrolnik]

I just tried to add a role with an existing name (from the Dashboard), and it didn't allow the creation, giving me the following message:
A duplicate value for a field with unique values was provided.

Can you please fill the issue template correctly (providing as much information as possible)? In case it's really a bug, we will reopen.

[rihadavid]

Ok, sorry.

Issue Description

I can create two roles with the same name while it should not be possible.

Steps to reproduce

1. create a role with name "myRole"

2. then call this function:

   Parse.Cloud.define("followProfile", function (request, response) {
   
   //now I will create the role again and add a user to id, I was just trying to add the user to previously created role without querying it
   
   var roleACL = new Parse.ACL();
   roleACL.setPublicReadAccess(false);
   roleACL.setPublicWriteAccess(false);
   var myRole = new Parse.Role("myRole", roleACL);
   myRole.getUsers().add(request.user);
   myRole.save(null, { useMasterKey: true }).then(
       function (saved) {
           response.success();
       }, function (error) {
           response.error();
       });
   });
   

..I know that this function is wrong, I was just trying to find a way how to add user to role without querying the role. No matter how incorrect the code is, still it creates a duplicate role, which I guess should not happen.

Expected Results

Throw exception that I can't create duplicate role

Actual Outcome

Second role with the same name is created

Environment Setup

• Server

  • parse-server version 2.3.5
  • Windows 10
  • Localhost

• Database

  • MongoDB version: 3.2.12
  • mLab (sandbox)

[rihadavid]

Well, I have tested and I can do it even in Dashboard, so the code is not relevant. Will try to update to latest parse server.

[rihadavid]

Also happening on parse server 2.3.6, I can do it in dashboard without any error.

[natanrolnik]

@rihadavid thank you for providing the information.

Ok, can you please do the following things:

1. Query for _Role where the name is myRole (master key needed) and provide the results;
2. Provide the server logs of the operation you said, when running with VERBOSE=1
3. If possible, can you also record/screenshot the dashboard showing different Role rows with the same name?

[rihadavid]

Ok, here it is:

[natanrolnik]

One last question:
Was this a migrated app from Parse.com, or you started it from parse-server? I think I know what's going on.

[rihadavid]

The app was originally developed for parse.com, but the running parse-server is clean installation. We are using cloud code that we developed for parse.com and changed it to comply with parse server syntax. We did not migrate any data.

[natanrolnik]

So I believe that Parse.com created a unique index for name on _Role (I just checked the database from one of my migrated apps) and Parse Server doesn't create this index. We'll fix it.
Thanks a lot for reporting and providing all the data, @rihadavid.

[natanrolnik]

@rihadavid can you please update to 2.3.7 and see if you still have this error? I fixed it and it was released in the latest version.

[rihadavid]

Yes, it seems fixed, when I try to add second Role with the same name in Dashboard, it shows me an error and the row is not created. Thanks!

[natanrolnik]

Great! Thanks for providing a good and actionable bug report!

[imana97]

Hi,
this error is happening again in parse-server 3.0.0 using posgreSQL.
I can create multiple roles with the same name and I can even change the role name.