The error message is not user-friendly when adding duplicate permission.

plugin-default-impl/nacos-default-auth-plugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/roles/NacosRoleServiceImpl.java

@@ -303,6 +303,11 @@ public void addPermission(String role, String resource, String action) {
         if (!roleSet.contains(role)) {
             throw new IllegalArgumentException("role " + role + " not found!");
         }
+
+        if (hasDuplicatePermission(role, resource, action)) {
+            throw new IllegalArgumentException("permission already exists!");
+        }
+
         permissionPersistService.addPermission(role, resource, action);
     }
 
@@ -393,5 +398,27 @@ public boolean hasRoleWithUsername(@NotNull String role, @NotNull String usernam
         return CollectionUtils.isNotEmpty(roleInfos) && roleInfos.stream()
                 .anyMatch(roleInfo -> role.equals(roleInfo.getRole()));
     }
+
+    /**
+     * judge whether the permission is duplicate.
+     *
+     * @param role role name
+     * @param resource resource
+     * @param action action
+     * @return true if duplicate, false otherwise
+     */
+    public boolean hasDuplicatePermission(String role, String resource, String action) {
+        List<PermissionInfo> permissionInfos = getPermissions(role);
+        if (CollectionUtils.isEmpty(permissionInfos)) {
+            return false;
+        }
+        return CollectionUtils.isNotEmpty(permissionInfos) && permissionInfos.stream()
+                .anyMatch(permissionInfo ->
+                        StringUtils.equals(role, permissionInfo.getRole()) &&
+                        StringUtils.equals(resource, permissionInfo.getResource()) &&
+                                (StringUtils.equals(action, permissionInfo.getAction())
+                                        || "rw".equals(permissionInfo.getAction()))
+                );
+    }
 
 }