Public Permission without Id undeletable

[NilsBaumgartner1994]

Describe the Bug

So when i create via a fetch POST a new permission for the public role it did not have an id. This brings me to a point where i cannot delete it.

From the network inspection:

{
	"0": {
		"role": null,
		"collection": "eating_habit_templates_translations",
		"action": "read",
		"permissions": {},
		"validation": {},
		"presets": null,
		"fields": [
			"*"
		]
	},
        ....
}

How is that even possible to have a permissions object without an id?

To Reproduce

Just create a permission object

const response = await fetch(`${getUrlPermissions()}`, {
            agent: httpsAgent,
            method: 'POST',
            headers: {
                "Cookie": headers.get('cookie'),
                'Content-Type': 'application/json',
            },
            body: JSON.stringify({
                role: permission.role,
                collection: permission.collection,
                action: permission.action,
                fields: permission.fields,
                permissions: permission.permissions,
                validation: permission.validation,
            }),
        });

Sadly i could not reproduce it by again. It seems to be very odd that this even exists in first place.

Directus Version

v10.11.2

Hosting Strategy

Self-Hosted (Docker Image)

Database

Postgres 13

[NilsBaumgartner1994]

Seems to happen when posting a permission and setting "id" to undefined, that this kind of "soft-lock" is created.

[NilsBaumgartner1994]

So investigating the knex table "directus_permissions" showed that all items had an id. So that is good to know. The problem where, that there were dublicates (same collection, action, role). This somehow lead that the frontend could not show the id.

I would suggest:

• Remove dublicates automatically
• Use the first item if there are more than that, in order to show users that they can delete an item.