X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-cass%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fdao%2Fhl%2FFunction.java;h=761ebec974b1863ee7c24fae6135cf69b174ef5d;hb=HEAD;hp=0d5c487d51c66035cebdb88e4b2dfdb475119d14;hpb=c353159903bf9c7f3f4426e66cad9af2c657fb1d;p=aaf%2Fauthz.git

diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
index 0d5c487d..761ebec9 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
@@ -227,7 +227,6 @@ public class Function {
         if (rparent.notOK()) {
             return Result.err(rparent);
         }
-        parent = rparent.value.parent;
         if (!fromApproval) {
             rparent = q.mayUser(trans, user, rparent.value, Access.write);
             if (rparent.notOK()) {
@@ -760,7 +759,7 @@ public class Function {
             }
 
             for (CredDAO.Data cd : cdr.value) {
-                if (cd.expires.after(now)) {
+                if (cd.expires.after(now) || trans.org().isUserExpireExempt(cd.id, cd.expires)) {
                     return Result.ok();
                 }
             }
@@ -1441,7 +1440,7 @@ public class Function {
         List<UserRoleDAO.Data> list = rurdd.value;
         List<String> rv = new ArrayList<>(list.size()); // presize
         for (UserRoleDAO.Data urdd : rurdd.value) {
-            if (includeExpired || urdd.expires.after(now)) {
+            if (includeExpired || urdd.expires.after(now) || trans.org().isUserExpireExempt(urdd.user, urdd.expires)) {
                 rv.add(urdd.user);
             }
         }