grant-permissions should check if rules already exist

[rkpattnaik780]

Feature or problem description

Creating the same rules twice prints success message

Originally discussed here

[rkpattnaik780]

While it is possible to check if a rule exists before every creation using filters, it might slow down commands that create multiple rules using synchronoyus API requests. My take would be to - close it or keep it blocked till API supports batch creation and lookup. Wdyt @craicoverflow @wtrocki ?

[craicoverflow]

I agree with you. Due to the idempotent nature of the command, nothing dangerous or unexpected can happen from running the command twice.

Another option: is there a different status code returned if an ACL already exists? If so, we could track the number of successful requests and diff it against the total number of requests.

[wtrocki]

I like us to bounce those ideas with Kafka sounding board to ask kafka experts what they would typically expect. I'm happy to facilitate them with their group

I'm in no means expert but it feels like this will be hard to do as grant access commands have non binary results so it will be hard to check if access is there without false negatives

[wtrocki]

Example. If first rule exist but others do not user experience is to delete it manually? Or cli delete it?

Sometimes easier solutions have better UX as users understand behaviour. Command creates set of acl always etc.

[craicoverflow]

I'm in no means expert but it feels like this will be hard to do

Since a couple of approaches are mentioned in this issue, could you go into which option you think will be hard to do? Just so that there are no misunderstandings.

[rkpattnaik780]

Another option: is there a different status code returned if an ACL already exists? If so, we could track the number of successful requests and diff it against the total number of requests.

Upon investigating, same status code is returned if the ACL already exists.

[wtrocki]

Since a couple of approaches are mentioned in this issue, could you go into which option you think will be hard to do?

I really do not want to discuss any technical solutions without understanding if that requirement makes sense. Core issue here is that we seem to bring this new requirement in GitHub, so first for us would be to bring and validate that requirement with stakeholders etc. I'm happy to help with getting this sorted with UX/UI/PM/Kafka experts

[wtrocki]

Upon validation it looks like there is no duplicate ACLs possible so IMHO we should ask backend to implement ability to detect existing acl/return different code

[craicoverflow]

Yes, this is the approach suggested earlier. What has changed so that we should not bring this to the Kafka sounding board?