Forum OpenACS Development: Re: PL/SQL: acs_permission__grant_permission lock problem

This is my proposal
CREATE OR REPLACE FUNCTION acs_permission__grant_permission(
   grant_permission__object_id integer,
   grant_permission__grantee_id integer,
   grant_permission__privilege varchar
) RETURNS integer AS $$
    exists_p                            boolean;
    -- lock table acs_permissions_lock;
    select count(*) > 0 into exists_p
      from acs_permissions
     where object_id = grant_permission__object_id
       and grantee_id = grant_permission__grantee_id
       and privilege = grant_permission__privilege;

    if not exists_p then
        insert into acs_permissions
          (object_id, grantee_id, privilege)
          (grant_permission__object_id, grant_permission__grantee_id, 

    end if;
    return 0;
-- handle exception, rather than lock table
    when unique_violation then
      return 0;
$$ LANGUAGE plpgsql;
As you can see I've just put exception handling translating from 'dup_val_on_index', Oracle flavour, to 'unique_violation', which is Postgres's. This came from:

This translation seems valid from our actual Postgres 8.2 to devel version, looking at doc.

This should fix permission granting. While testing, I've found out the same problem happens when we call acs_permission__revoke_permission, as also this proc locks permissions exclusively.

In this case solution is simpler as it is sufficient to comment lock and go on with our lives.

CREATE OR REPLACE FUNCTION acs_permission__revoke_permission(
   revoke_permission__object_id integer,
   revoke_permission__grantee_id integer,
   revoke_permission__privilege varchar
) RETURNS integer AS $$
--     lock table acs_permissions_lock;
    delete from acs_permissions
    where object_id = revoke_permission__object_id
    and grantee_id = revoke_permission__grantee_id
    and privilege = revoke_permission__privilege;

    return 0; 
$$ LANGUAGE plpgsql;
It is important to notice that Oracle codebase already behaves in this way, that is, in Oracle we don't lock any table and just handle exception/ignore the case

This solves our issue. If you think this solution is ok in general I can commit to cvs.

All the best

This looks fine, although i would recommend to remove the "select count(*)..." from acs_permission__grant_permission, since these two operations smell after a race condition. In most cases, the count() should return 0, and since the EXCEPTION deals with the the duplicate case anyhow, i see no reason for the count().


I have removed count from grant proc and committed changes. I've seen there is some work going on in acs-kernel, so my upgrade became from 5.9.0d5 to 5.9.0d6

Please let me know about any possible issue.

All the best