summaryrefslogtreecommitdiffstats
path: root/auth/auth-cass/src/main
diff options
context:
space:
mode:
authorInstrumental <jonathan.gathman@att.com>2019-11-27 15:57:10 -0600
committerInstrumental <jonathan.gathman@att.com>2019-11-27 15:57:14 -0600
commitd131f7ed38fd65d7f04b7d71368ba03e9000665c (patch)
treeb7e9d1fa5662251f1f20c0ca79d9c94c8f5b1f54 /auth/auth-cass/src/main
parentdb3e010fec901487ca23199566ff205a523f7b45 (diff)
Fixes from Regression Tests
Issue-ID: AAF-1058 Change-Id: I7d3ace9cef69a163c2ec0c9a48583fdfa9ca20af Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'auth/auth-cass/src/main')
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java12
1 files changed, 9 insertions, 3 deletions
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
index 1809686a..39578f83 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
@@ -786,11 +786,17 @@ public class Question {
return Result.err(Status.ERR_BadData,
"[%s] cannot be a delegate for self", dd.user);
}
- if (!isUser && !isGranted(trans, trans.user(), ROOT_NS,DELG,
- org.getDomain(), Question.CREATE)) {
- return Result.err(Status.ERR_Denied,
+ if (!isUser) {
+ String supportedDomain = org.supportedDomain(dd.user);
+ if(supportedDomain==null) {
+ return Result.err(Status.ERR_Denied,
+ "[%s] may not create a delegate for the domain for [%s]",
+ trans.user(), dd.user);
+ } else if(!isGranted(trans, trans.user(), ROOT_NS,DELG,supportedDomain,Question.CREATE)) {
+ return Result.err(Status.ERR_Denied,
"[%s] may not create a delegate for [%s]",
trans.user(), dd.user);
+ }
}
break;
case read: