Remove Tabs, per Jococo

[aaf/authz.git] / auth / auth-cass / src / main / java / org / onap / aaf / auth / dao / hl / Function.java

diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
index 43e121a..dd367c5 100644 (file)
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
@@ -245,13 +245,13 @@ public class Function {
         
         // 2.1) Does role exist with that name
         if(cname!=null && q.roleDAO().read(trans, parent, cname).isOKhasData()) {
-               return Result.err(Status.ERR_ConflictAlreadyExists,
+            return Result.err(Status.ERR_ConflictAlreadyExists,
                     "Role exists with that name");
         }
 
         // 2.2) Do perms exist with that name
         if(cname!=null && q.permDAO().readByType(trans, parent, cname).isOKhasData()) {
-               return Result.err(Status.ERR_ConflictAlreadyExists,
+            return Result.err(Status.ERR_ConflictAlreadyExists,
                     "Perms exist with that name");
         }
 
@@ -628,12 +628,7 @@ public class Function {
                 return Result.err(Status.ERR_DependencyExists, sb.toString());
             }
 
-            if (move && parent == null) {
-                return Result
-                        .err(Status.ERR_DependencyExists,
-                                "Cannot move users, roles or permissions - parent is missing.\nDelete dependencies and try again");
-            }
-            else if (move && parent.type == NsType.COMPANY.type) {
+            if (move && (parent == null || parent.type == NsType.COMPANY.type)) {
                 return Result
                         .err(Status.ERR_DependencyExists,
                                 "Cannot move users, roles or permissions to [%s].\nDelete dependencies and try again",
@@ -1040,7 +1035,7 @@ public class Function {
 
         // Attached to any Roles?
         if (fullperm.roles != null) {
-            if (force) {
+            if (force || fullperm.roles.contains(user+":user")) {
                 for (String role : fullperm.roles) {
                     Result<Void> rv = null;
                     Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, q, role);
@@ -1060,8 +1055,8 @@ public class Function {
             } else if (!fullperm.roles.isEmpty()) {
                 return Result
                         .err(Status.ERR_DependencyExists,
-                                "Permission [%s.%s|%s|%s] cannot be deleted as it is attached to 1 or more roles.",
-                                fullperm.ns, fullperm.type, fullperm.instance, fullperm.action);
+                                "Permission [%s] cannot be deleted as it is attached to 1 or more roles.",
+                                fullperm.fullPerm());
             }
         }