From f275b3ab6172922cef97822804e54e6513937c2a Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Thu, 31 Jul 2025 16:15:01 -0500
Subject: Prevent error in case sysadmin user already has access

In case any sysadmin user has access to the resource, we do not want
the query failing for other sysadmins.
---
 gn_auth/auth/authorisation/resources/common.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'gn_auth/auth/authorisation/resources/common.py')

diff --git a/gn_auth/auth/authorisation/resources/common.py b/gn_auth/auth/authorisation/resources/common.py
index 5a48704..fd358f1 100644
--- a/gn_auth/auth/authorisation/resources/common.py
+++ b/gn_auth/auth/authorisation/resources/common.py
@@ -42,6 +42,7 @@ def grant_access_to_sysadmins(
 
     cursor.executemany(
         "INSERT INTO user_roles(user_id, role_id, resource_id) "
-        "VALUES (?, ?, ?)",
+        "VALUES (?, ?, ?) "
+        "ON CONFLICT (user_id, role_id, resource_id) DO NOTHING",
         tuple((row["user_id"], sysadminroleid, str(resource_id))
               for row in cursor.fetchall()))
-- 
cgit 1.4.1