diff --git a/src/model/assertion.rs b/src/model/assertion.rs
index 9afde39e..081cfe68 100644
--- a/src/model/assertion.rs
+++ b/src/model/assertion.rs
@@ -47,13 +47,13 @@ impl Assertion {
 
     pub fn build_role_links(&mut self, rm: Arc<RwLock<dyn RoleManager>>) -> Result<()> {
         let count = self.value.chars().filter(|&c| c == '_').count();
+        if count < 2 {
+            return Err(ModelError::P(
+                r#"the number of "_" in role definition should be at least 2"#.to_owned(),
+            )
+            .into());
+        }
         for rule in &self.policy {
-            if count < 2 {
-                return Err(ModelError::P(
-                    r#"the number of "_" in role definition should be at least 2"#.to_owned(),
-                )
-                .into());
-            }
             if rule.len() < count {
                 return Err(PolicyError::UnmatchPolicyDefinition(count, rule.len()).into());
             }
@@ -78,6 +78,12 @@ impl Assertion {
         d: EventData,
     ) -> Result<()> {
         let count = self.value.chars().filter(|&c| c == '_').count();
+        if count < 2 {
+            return Err(ModelError::P(
+                r#"the number of "_" in role definition should be at least 2"#.to_owned(),
+            )
+            .into());
+        }
 
         if let Some((insert, rules)) = match d {
             EventData::AddPolicy(_, _, rule) => Some((true, vec![rule])),
@@ -88,12 +94,6 @@ impl Assertion {
             _ => None,
         } {
             for rule in rules {
-                if count < 2 {
-                    return Err(ModelError::P(
-                        r#"the number of "_" in role definition should be at least 2"#.to_owned(),
-                    )
-                    .into());
-                }
                 if rule.len() < count {
                     return Err(PolicyError::UnmatchPolicyDefinition(count, rule.len()).into());
                 }