protected branches duplicate bug

Summary

With curl or with the interface, it's possible to create duplicate protection on a branch or a wildcard branch.

Steps to reproduce

In a existing project, this command curl curl --header "PRIVATE-TOKEN: XXXXXXXX" -X POST "https://XXXXX:XXXX/api/v4/projects/XXX/protected_branches?name=master&push_access_level=0&merge_access_level=40&unprotect_access_level=40" add a new protection visible in the interface different to first In the interface, it's possible too to reproduce the duplication. In "Settings>Repository>Protected branches", create a wildcard master, then select roles and you can create multiple protection duplications for the same branch ou wildcard.

What is the current bug behavior?

When we're testing the protection, the lowest protection is applied. With curl it's not possible to update the existing protection, we have to delete et recreate

What is the expected correct behavior?

With curl, the protection must be updated With interface, a error must be thrown