Ask Questions and Find Answers

We have a requirement to allow a user to propagate folder permissions in the document library. I have it partly working but I'm running into a problem that I don't understand. From what understand, each ResourcePermission is associated with a role. I can propagate permissions for some roles (e.g., Site Member) but not others, for example "Site Content Reviewer". Basically my code checks the roles for child folder permissions to look for the matching roles in the parent. If a parent ResourcePermission is for a role that doesn't match any child role, the code attempts to add a new ResourcePermission for that child role and child folder. This is the code:

                        // Create a new resource permission
                        ResourcePermission newResPerm = null;
                        long respermId = CounterLocalServiceUtil.increment();
                        newResPerm = ResourcePermissionLocalServiceUtil.createResourcePermission(respermId);
                        respermId = newResPerm.getResourcePermissionId();
                        _log.info(ID + "New ResourcePermission, ID = " + newResPerm.getResourcePermissionId());
                        _log.info(ID + "Folder ID = " + childFolderId);

                        newResPerm.setScope(scope);
                        newResPerm.setCompanyId(companyId);
                        newResPerm.setName(resourceName);
                        newResPerm.setRoleId(roleId);
                        newResPerm.setPrimaryKey(childFolderId);

                        for (ResourceAction action : actions) {
                            String actionId = action.getActionId();
                            try {
                                newResPerm.addResourceAction(actionId);
                            } catch (PortalException e) {
                                e.printStackTrace();
                            }
                        }

                        try {
                            ResourcePermission rp = ResourcePermissionLocalServiceUtil
                                    .updateResourcePermission(newResPerm);
                            _log.info(ID + "New ResourcePermission, ID = " + rp.getResourcePermissionId());
                        } catch (Exception ex) {
                            //ex.printStackTrace();
                            _log.error(ex.getMessage());
                        }
 

And this is the error I get:

2022-03-02 15:41:46.164 ERROR [http-nio-8080-exec-6][JDBCExceptionReporter:234] ORA-00001: unique constraint (LIFERAY72_10_4.SYS_C0038538) violated_ [Sanitized]
2022-03-02 15:41:46.164 ERROR [http-nio-8080-exec-6][JDBCExceptionReporter:234] ORA-00001: unique constraint (LIFERAY72_10_4.SYS_C0038538) violated_ [Sanitized]
2022-03-02 15:41:46.168 ERROR [http-nio-8080-exec-6][CustomEditFolderMVCActionCommand:326] Could not execute JDBC batch update; SQL [insert into ResourcePermission (mvccVersion, companyId, name, scope, primKey, primKeyId, roleId, ownerId, actionIds, viewActionId, resourcePermissionId) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)]; constraint [LIFERAY72_10_4.SYS_C0038538]; nested exception is org.hibernate.exception.ConstraintViolationException: Could not execute JDBC batch update
 

There is no corresponding record in the ResourcePermission table, and additionally, I'm calling update (which is supposed to update if the record exists and add if it doesn't).

If however, I manually add just one permission (say, VIEW) to a role that previously had no permissions associated with the child folder, and THEN propagate permissions from parent, all the parent permissions are propagated to that child folder.