Merge "Sonar fix: CSRMeta.java"

[aaf/authz.git] / auth / auth-cass / src / main / java / org / onap / aaf / auth / dao / hl / Function.java

diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
index 690ffa0..4ec70d4 100644 (file)
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
@@ -1035,7 +1035,7 @@ public class Function {
 
         // Attached to any Roles?
         if (fullperm.roles != null) {
-            if (force) {
+            if (force || fullperm.roles.contains(user+":user")) {
                 for (String role : fullperm.roles) {
                     Result<Void> rv = null;
                     Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, q, role);
@@ -1055,8 +1055,8 @@ public class Function {
             } else if (!fullperm.roles.isEmpty()) {
                 return Result
                         .err(Status.ERR_DependencyExists,
-                                "Permission [%s.%s|%s|%s] cannot be deleted as it is attached to 1 or more roles.",
-                                fullperm.ns, fullperm.type, fullperm.instance, fullperm.action);
+                                "Permission [%s] cannot be deleted as it is attached to 1 or more roles.",
+                                fullperm.fullPerm());
             }
         }