diff --git a/src/main/resources/db/changelog/050-rbac-base.sql b/src/main/resources/db/changelog/050-rbac-base.sql
index c477cf3b..44e5cba9 100644
--- a/src/main/resources/db/changelog/050-rbac-base.sql
+++ b/src/main/resources/db/changelog/050-rbac-base.sql
@@ -366,17 +366,17 @@ create trigger deleteRbacRolesOfRbacObject_Trigger
 
  */
 create domain RbacOp as varchar(67) -- TODO: shorten to 8, once the deprecated values are gone
--- FIXME: uncomment check
+-- FIXME:
 --     check (
---             VALUE = 'INSERT' or
---             VALUE = 'DELETE' or
---             VALUE = 'UPDATE' or
---             VALUE = 'SELECT' or
---             VALUE = 'ASSUME' or
---             -- TODO: all values below are deprecated, use insert with table
---             VALUE ~ '^add-[a-z]+$' or
---             VALUE ~ '^new-[a-z-]+$'
---         );
+--                VALUE = 'DELETE'
+--             or VALUE = 'UPDATE'
+--             or VALUE = 'SELECT'
+--             or VALUE = 'INSERT'
+--             or VALUE = 'ASSUME'
+--              -- TODO: all values below are deprecated, use insert with table
+--             or VALUE ~ '^add-[a-z]+$'
+--             or VALUE ~ '^new-[a-z-]+$'
+--         )
 ;
 
 create table RbacPermission
@@ -408,18 +408,20 @@ begin
 
     permissionUuid = (select uuid from RbacPermission where objectUuid = forObjectUuid and op = forOp and opTableName = forOpTableName);
     if (permissionUuid is null) then
-        insert
-            into RbacReference ("type")
+        insert into RbacReference ("type")
             values ('RbacPermission')
             returning uuid into permissionUuid;
-        raise warning 'for values (%, %, %, %)', permissionUuid, forObjectUuid, forOp, forOpTableName; -- TODO: remove
-        insert
-            into RbacPermission (uuid, objectUuid, op, opTableName)
-            values (permissionUuid, forObjectUuid, forOp, forOpTableName);
+        begin
+            insert into RbacPermission (uuid, objectUuid, op, opTableName)
+                values (permissionUuid, forObjectUuid, forOp, forOpTableName);
+        exception
+            when others then
+                raise exception 'insert into RbacPermission (uuid, objectUuid, op, opTableName)
+                values (%, %, %, %);', permissionUuid, forObjectUuid, forOp, forOpTableName;
+        end;
     end if;
     return permissionUuid;
-end;
-$$;
+end; $$;
 
 -- TODO: deprecated, remove and amend all usages to createPermission
 create or replace function createPermissions(forObjectUuid uuid, permitOps RbacOp[])