Duplicated policies/role-policies can be created

[xinnong-wang]

> spctl create policy -c "grant user user1 get,del res1" --service-name=sbqoJ3xoe0Xj4vHe3fOVEeL-SgRj0mg0X
policy created
{"id":"2l5i5cjttxdfxf7aqu2w","name":"","effect":"grant","permissions":[{"resource":"res1","actions":["get","del"]}],"principals":[["user:user1"]],"metadata":{"createtime":"2019-04-09T13:23:36Z"}}
> spctl create policy -c "grant user user1 get,del res1" --service-name=sbqoJ3xoe0Xj4vHe3fOVEeL-SgRj0mg0X
policy created
{"id":"keg3dzc6f6dlv3mhpuc7","name":"","effect":"grant","permissions":[{"resource":"res1","actions":["get","del"]}],"principals":[["user:user1"]],"metadata":{"createtime":"2019-04-09T13:23:38Z"}}

We should order principals/resources/permissions and compare the policies (ignore name and metadata), if they are the same, return an error.

[fullymad]

There has been no activity in this repository for a while. Is this repository still being maintained? If yes, I would like to take up this issue.

[caiwl]

thanks Madhu. yes, the project is still maintained by Oracle employees and other open source contributors like me (though I left Oracle).

The behavior you mentioned above, duplicated policies/role policies can be created, is by design. The duplicated policies will have different policy ids, thus theoretically they are different policies. :) I will close this issue for now.

Thanks for paying attention to the project. It is alive! if you are interested in the project, here is a simple guidance for contribution. https://github.com/oracle/speedle/blob/master/CONTRIBUTING.md

thanks, William

[fullymad]

OK, thanks for the update, William. I guess you are closing it because it is harmless, though redundant. I will watch the repository for similar issues suitable for first-time contributors.