@Transactional
 public AccessKey create(@NotNull User user, @NotNull AccessKey accessKey) {
   if (accessKey.getLabel() == null) {
     throw new IllegalParametersException(Messages.LABEL_IS_REQUIRED);
   }
   Optional<AccessKey> akOpt =
       genericDAO
           .createNamedQuery(
               AccessKey.class, "AccessKey.getByUserAndLabel", Optional.<CacheConfig>empty())
           .setParameter("userId", user.getId())
           .setParameter("label", accessKey.getLabel())
           .getResultList()
           .stream()
           .findFirst();
   if (akOpt.isPresent()) {
     logger.error("Access key with label {} already exists", accessKey.getLabel());
     throw new ActionNotAllowedException(Messages.DUPLICATE_LABEL_FOUND);
   }
   if (accessKey.getId() != null) {
     logger.error("Access key id shouldn't be present in request parameters");
     throw new IllegalParametersException(Messages.INVALID_REQUEST_PARAMETERS);
   }
   authenticationUtils.validateActions(accessKey);
   AccessKeyProcessor keyProcessor = new AccessKeyProcessor();
   String key = keyProcessor.generateKey();
   accessKey.setKey(key);
   accessKey.setUser(user);
   genericDAO.persist(accessKey);
   for (AccessKeyPermission current : accessKey.getPermissions()) {
     AccessKeyPermission permission = preparePermission(current);
     permission.setAccessKey(accessKey);
     genericDAO.persist(permission);
   }
   return genericDAO.find(AccessKey.class, accessKey.getId());
 }
 private void deleteAccessKeyPermissions(AccessKey key) {
   logger.debug("Deleting all permission of access key {}", key.getId());
   int deleted =
       genericDAO
           .createNamedQuery(
               "AccessKeyPermission.deleteByAccessKey", Optional.<CacheConfig>empty())
           .setParameter("accessKey", key)
           .executeUpdate();
   logger.info("Deleted {} permissions by access key {}", deleted, key.getId());
 }