This (and the other references to idOrName) can become problematic, if we ever grant individual permissions, because then it is not clear which one to use when editing the permission: the id or the name.
I think it is better to load the DTO before and then check the permission on the id and never the names.
@kroepke I added this for consistency with other resources in our system. We are using this everywhere, basically. When addressing a single resource, we put the ID in the URL. I think it's a good practice and common in many other HTTP APIs.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.