Code Review / aaf / authz.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Enable Organizations to have a subset of users the user roles of which do not expire
[aaf/authz.git] / auth / auth-cass / src / main / java / org / onap / aaf / auth / dao / hl / PermLookup.java
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java
index 5a27e5e..5a66be8 100644 (file)
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java
@@ -82,7 +82,7 @@ public class PermLookup {
                 List<UserRoleDAO.Data> lurdd = new ArrayList<>();
                 Date now = new Date();
                 for (UserRoleDAO.Data urdd : userRoles.value) {
-                    if (urdd.expires.after(now)) { // Remove Expired
+                    if (urdd.expires.after(now) || trans.org().isUserExpireExempt(user, urdd.expires)) { // Remove Expired
                         lurdd.add(urdd);
                     }
                 }
ARCHIVED- 2022-02-15 at the request of the project