Merge "Sonar fix log exception"
diff --git a/pom.xml b/pom.xml
index 544af10..9648898 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@
 	<parent>
 		<groupId>org.onap.oparent</groupId>
 		<artifactId>oparent</artifactId>
-		<version>1.2.2</version>
+		<version>2.0.0</version>
 		<relativePath/>
 	</parent>
 	<build>
@@ -124,17 +124,6 @@
 			</plugin>
 
 			<!-- for Staging -->
-            <plugin>
-                <groupId>org.sonatype.plugins</groupId>
-                <artifactId>nexus-staging-maven-plugin</artifactId>
-                <version>1.6.7</version>
-                <extensions>true</extensions>
-                <configuration>
-                    <serverId>ecomp-staging</serverId>
-                    <nexusUrl>${nexusproxy}</nexusUrl>
-                    <stagingProfileId>176c31dfe190a</stagingProfileId>
-                </configuration>
-            </plugin>
 
 
 		<!-- for Distribution Managment -->
@@ -393,7 +382,7 @@
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<jettyVersion>9.4.12.RC2</jettyVersion> 
 		<eelf.version>1.0.0</eelf.version>
-		<artifact.version>1.0.29-SNAPSHOT</artifact.version>
+		<artifact.version>1.0.30-SNAPSHOT</artifact.version>
 		<junit.version>4.12</junit.version>
 		<!-- SONAR -->
 		<jacoco.version>0.7.7.201606060606</jacoco.version>
diff --git a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafEmpty.java b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafEmpty.java
new file mode 100644
index 0000000..87e56c4
--- /dev/null
+++ b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafEmpty.java
@@ -0,0 +1,28 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * org.onap.dmaap
+ * ================================================================================
+ * Copyright (C) 2019 Nokia Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dmaap.dbcapi.aaf;
+
+class AafEmpty extends AafObject {
+    @Override
+    String toJSON() {
+        return "";
+    }
+}
diff --git a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafService.java b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafService.java
index 30efbf2..3f009f8 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafService.java
@@ -33,14 +33,15 @@
 
     int addPerm(DmaapPerm perm);
 
+    int delPerm(DmaapPerm perm, boolean force);
+
     int addGrant(DmaapGrant grant);
 
     int addUserRole(AafUserRole ur);
 
-    int delGrant(DmaapGrant grant);
-
     int addRole(AafRole role);
 
-
     int addNamespace(AafNamespace ns);
+
+    int delNamespace(AafNamespace ns, boolean force);
 }
diff --git a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceFactory.java b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceFactory.java
new file mode 100644
index 0000000..cfde19b
--- /dev/null
+++ b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceFactory.java
@@ -0,0 +1,86 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * org.onap.dmaap
+ * ================================================================================
+ * Copyright (C) 2019 Nokia Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dmaap.dbcapi.aaf;
+
+import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
+import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
+import org.onap.dmaap.dbcapi.util.DmaapConfig;
+
+public class AafServiceFactory extends BaseLoggingClass {
+
+    private final DmaapConfig dmaapConfig;
+
+    public AafServiceFactory() {
+        this((DmaapConfig) DmaapConfig.getConfig());
+    }
+
+    AafServiceFactory(DmaapConfig dmaapConfig) {
+        this.dmaapConfig = dmaapConfig;
+    }
+
+    public AafService initAafService(ServiceType serviceType) {
+        boolean useAaf = "true".equalsIgnoreCase(dmaapConfig.getProperty("UseAAF", "false"));
+        String aafUrl = dmaapConfig.getProperty("aaf.URL", "https://authentication.domain.netset.com:8100/proxy/");
+        logger.info("AafService initAafService: useAaf={}, aafUrl={}", useAaf, aafUrl);
+
+        AafCred cred = getCred(serviceType);
+        return new AafServiceImpl(useAaf, aafUrl, cred.getIdentity(), new AafConnection(cred.toString()));
+    }
+
+    AafCred getCred(ServiceType ctype) {
+        String mechIdProperty;
+        String secretProperty;
+        AafDecrypt decryptor = new AafDecrypt();
+
+        if (ctype == ServiceType.AAF_Admin) {
+            mechIdProperty = "aaf.AdminUser";
+            secretProperty = "aaf.AdminPassword";
+        } else if (ctype == ServiceType.AAF_TopicMgr) {
+            mechIdProperty = "aaf.TopicMgrUser";
+            secretProperty = "aaf.TopicMgrPassword";
+        } else {
+            logger.error("Unexpected case for AAF credential type: " + ctype);
+            return null;
+        }
+        String identity = dmaapConfig.getProperty(mechIdProperty, "noMechId@domain.netset.com");
+        String pwd = decryptor.decrypt(dmaapConfig.getProperty(secretProperty, "notSet"));
+
+        return new AafCred(identity, pwd);
+    }
+
+    class AafCred {
+        private final String identity;
+        private final String pwd;
+
+        AafCred(String identity, String pwd) {
+            this.identity = identity;
+            this.pwd = pwd;
+        }
+
+        public String getIdentity() {
+            return identity;
+        }
+
+        public String toString() {
+            return identity + ":" + pwd;
+        }
+    }
+}
diff --git a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceImpl.java b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceImpl.java
index 4397a88..1491818 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceImpl.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceImpl.java
@@ -22,166 +22,96 @@
 
 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
 import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum;
-import org.onap.dmaap.dbcapi.util.DmaapConfig;
+
+import static java.lang.String.format;
 
 public class AafServiceImpl extends BaseLoggingClass implements AafService {
-    public enum ServiceType {
-        AAF_Admin,
-        AAF_TopicMgr
+
+    private static final int CREATED = 201;
+    private static final int OK = 200;
+    private static final String FORCE = "?force=true";
+    private final String aafUrl;
+    private final String identity;
+    private final boolean useAAF;
+    private final AafConnection aafConnection;
+
+    AafServiceImpl(boolean useAaf, String aafUrl, String identity, AafConnection aafConnection) {
+        this.useAAF = useAaf;
+        this.aafUrl = aafUrl;
+        this.identity = identity;
+        this.aafConnection = aafConnection;
     }
 
-    private AafConnection aaf;
-    private AafService.ServiceType ctype;
-    private String aafURL;
-    private String identity;
-    private boolean useAAF = false;
-
-
+    @Override
     public String getIdentity() {
         return identity;
     }
 
-
-    public void setIdentity(String identity) {
-        this.identity = identity;
-    }
-
-
-    private String getCred(boolean wPwd) {
-        String mechIdProperty = null;
-        String pwdProperty = null;
-        DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
-        AafDecrypt decryptor = new AafDecrypt();
-
-        if (ctype == AafService.ServiceType.AAF_Admin) {
-            mechIdProperty = "aaf.AdminUser";
-            pwdProperty = "aaf.AdminPassword";
-        } else if (ctype == AafService.ServiceType.AAF_TopicMgr) {
-            mechIdProperty = "aaf.TopicMgrUser";
-            pwdProperty = "aaf.TopicMgrPassword";
-        } else {
-            logger.error("Unexpected case for AAF credential type: " + ctype);
-            return null;
-        }
-        identity = p.getProperty(mechIdProperty, "noMechId@domain.netset.com");
-
-        String pwd = "";
-        String encPwd = p.getProperty(pwdProperty, "notSet");
-
-
-        pwd = decryptor.decrypt(encPwd);
-
-        if (wPwd) {
-            return identity + ":" + pwd;
-        } else {
-            return identity;
-        }
-
-
-    }
-
-
-    public AafServiceImpl(AafService.ServiceType t) {
-        DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
-        aafURL = p.getProperty("aaf.URL", "https://authentication.domain.netset.com:8100/proxy/");
-        initAafService(t);
-    }
-
-    public AafServiceImpl(AafService.ServiceType t, String url) {
-        aafURL = url;
-        initAafService(t);
-    }
-
-    private void initAafService(AafService.ServiceType t) {
-        DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
-        useAAF = "true".equalsIgnoreCase(p.getProperty("UseAAF", "false"));
-        logger.info("AafService initAafService: useAAF=" + useAAF);
-
-        ctype = t;
-        aaf = new AafConnection(getCred(true));
-    }
-
+    @Override
     public int addPerm(DmaapPerm perm) {
         logger.info("entry: addPerm() ");
-        return doPost(perm, "authz/perm", 201);
+        return doPost(perm, "authz/perm", CREATED);
     }
 
+    @Override
+    public int delPerm(DmaapPerm perm, boolean force) {
+        logger.info("entry: delPerm()");
+        return doDelete(new AafEmpty(), format(
+                "authz/perm/%s/%s/%s%s",
+                perm.getPermission(), perm.getPtype(), perm.getAction(), force ? FORCE : ""), OK);
+    }
+
+    @Override
     public int addGrant(DmaapGrant grant) {
         logger.info("entry: addGrant() ");
-        return doPost(grant, "authz/role/perm", 201);
+        return doPost(grant, "authz/role/perm", CREATED);
     }
 
+    @Override
     public int addUserRole(AafUserRole ur) {
         logger.info("entry: addUserRole() ");
-        return doPost(ur, "authz/userRole", 201);
+        return doPost(ur, "authz/userRole", CREATED);
     }
 
-    public int delGrant(DmaapGrant grant) {
-        int rc = -1;
-        logger.info("entry: delGrant() ");
-
-        String pURL = aafURL + "authz/role/:" + grant.getRole() + "/perm";
-
-        if (useAAF) {
-            rc = aaf.delAaf(grant, pURL);
-        } else {
-            rc = 200;
-        }
-        switch (rc) {
-            case 401:
-            case 403:
-                errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred(false));
-                System.exit(1);
-                break;
-
-            case 404:
-                logger.warn("Perm not found...ignore");
-                break;
-
-            case 200:
-                logger.info("expected response");
-                break;
-            default:
-                logger.error("Unexpected response: " + rc);
-                break;
-        }
-
-        return rc;
-    }
-
+    @Override
     public int addRole(AafRole role) {
         logger.info("entry: addRole() ");
-        return doPost(role, "authz/role", 201);
+        return doPost(role, "authz/role", CREATED);
     }
 
-
+    @Override
     public int addNamespace(AafNamespace ns) {
         logger.info("entry: addNamespace() ");
-        return doPost(ns, "authz/ns", 201);
+        return doPost(ns, "authz/ns", CREATED);
     }
 
+    @Override
+    public int delNamespace(AafNamespace ns, boolean force) {
+        logger.info("entry: delNamespace()");
+        return doDelete(new AafEmpty(), format(
+                "authz/ns/%s%s",
+                ns.getName(), force ? FORCE : ""), OK);
+    }
 
     private int doPost(AafObject obj, String uri, int expect) {
-        int rc = -1;
+        int rc;
         logger.info("entry: doPost() ");
-        String pURL = aafURL + uri;
+        String pURL = aafUrl + uri;
         logger.info("doPost: useAAF=" + useAAF);
         if (useAAF) {
             logger.info("doPost: " + obj.toJSON());
-            rc = aaf.postAaf(obj, pURL);
+            rc = aafConnection.postAaf(obj, pURL);
         } else {
             rc = expect;
         }
         switch (rc) {
             case 401:
             case 403:
-                errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred(false));
-                System.exit(1);
+                errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, identity);
+                break;
             case 409:
                 logger.warn("Object for " + uri + " already exists. Possible conflict.");
                 break;
-
-
             default:
                 if (rc == expect) {
                     logger.info("expected response: " + rc);
@@ -193,4 +123,41 @@
 
         return rc;
     }
+
+    private int doDelete(AafObject obj, String uri, int expect) {
+        int rc;
+        String pURL = aafUrl + uri;
+        if (useAAF) {
+            logger.info("doDelete: " + obj.toJSON());
+            rc = aafConnection.delAaf(obj, pURL);
+        } else {
+            rc = expect;
+        }
+        switch (rc) {
+            case 401:
+            case 403:
+                errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, identity);
+                break;
+            case 404:
+                logger.warn("Object not found...ignore");
+                break;
+            case OK:
+                logger.info("expected response");
+                break;
+            default:
+                logger.error("Unexpected response: " + rc);
+                break;
+        }
+
+        return rc;
+    }
+
+    String getAafUrl() {
+        return aafUrl;
+    }
+
+    boolean isUseAAF() {
+        return useAAF;
+    }
+
 }
\ No newline at end of file
diff --git a/src/main/java/org/onap/dmaap/dbcapi/authentication/ApiPerms.java b/src/main/java/org/onap/dmaap/dbcapi/authentication/ApiPerms.java
index 02bab63..b082102 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/authentication/ApiPerms.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/authentication/ApiPerms.java
@@ -26,7 +26,7 @@
 import com.att.eelf.configuration.EELFManager;
 
 import org.onap.dmaap.dbcapi.aaf.AafService;
-import org.onap.dmaap.dbcapi.aaf.AafServiceImpl;
+import org.onap.dmaap.dbcapi.aaf.AafServiceFactory;
 import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
 import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
 import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
@@ -90,7 +90,7 @@
 			DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
 			String api = p.getProperty("ApiNamespace", "apiNamespace.not.set");
 
-			AafService aaf = new AafServiceImpl(ServiceType.AAF_Admin);
+			AafService aaf = new AafServiceFactory().initAafService(ServiceType.AAF_Admin);
 			
 			for ( int i = 0; i < pmap.length ; i++ ) {
 				String uri = new String( api + "." + pmap[i].getUri());
diff --git a/src/main/java/org/onap/dmaap/dbcapi/model/MR_Client.java b/src/main/java/org/onap/dmaap/dbcapi/model/MR_Client.java
index f182fd6..0631f07 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/model/MR_Client.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/model/MR_Client.java
@@ -64,11 +64,11 @@
 		this.clientRole = cR;
 		int i = 0;
 		
-		if ( this.action == null ) {
+		if (a != null) {
 			this.action = new String[a.length];
-		}
-		for( String aa : a ) {
-			this.action[i++] = new String( aa );
+			for (String aa : a) {
+				this.action[i++] = new String(aa);
+			}
 		}
 		this.setStatus( DmaapObject_Status.NEW );
 		this.mrClientId = DatabaseClass.getNextClientId();
diff --git a/src/main/java/org/onap/dmaap/dbcapi/resources/MR_ClientResource.java b/src/main/java/org/onap/dmaap/dbcapi/resources/MR_ClientResource.java
index 6df8ef6..80ee0a6 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/resources/MR_ClientResource.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/resources/MR_ClientResource.java
@@ -7,9 +7,9 @@
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *      http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -24,8 +24,14 @@
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiResponse;
 import io.swagger.annotations.ApiResponses;
-
-import java.util.List;
+import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
+import org.onap.dmaap.dbcapi.model.ApiError;
+import org.onap.dmaap.dbcapi.model.MR_Client;
+import org.onap.dmaap.dbcapi.model.MR_Cluster;
+import org.onap.dmaap.dbcapi.model.Topic;
+import org.onap.dmaap.dbcapi.service.MR_ClientService;
+import org.onap.dmaap.dbcapi.service.MR_ClusterService;
+import org.onap.dmaap.dbcapi.service.TopicService;
 
 import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
@@ -39,15 +45,7 @@
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;
-
-import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
-import org.onap.dmaap.dbcapi.model.ApiError;
-import org.onap.dmaap.dbcapi.model.MR_Client;
-import org.onap.dmaap.dbcapi.model.MR_Cluster;
-import org.onap.dmaap.dbcapi.model.Topic;
-import org.onap.dmaap.dbcapi.service.MR_ClientService;
-import org.onap.dmaap.dbcapi.service.MR_ClusterService;
-import org.onap.dmaap.dbcapi.service.TopicService;
+import java.util.List;
 
 import static javax.ws.rs.core.Response.Status.NO_CONTENT;
 
@@ -118,15 +116,7 @@
 			logger.warn(apiError.toString());
 			return responseBuilder.error(apiError);
 		}
-		String url = cluster.getFqdn();
-		if ( url == null || url.isEmpty() ) {
 
-			apiError.setCode(Status.BAD_REQUEST.getStatusCode());
-			apiError.setMessage("FQDN not set for dcaeLocation " + client.getDcaeLocationName() );
-			apiError.setFields("fqdn");
-			logger.warn(apiError.toString());
-			return responseBuilder.error(apiError);
-		}
 		TopicService topics = new TopicService();
 
 		Topic t = topics.getTopic(client.getFqtn(), apiError);
@@ -189,12 +179,6 @@
 	public Response deleteMr_Client(@PathParam("subId") String id){
 		ApiError apiError = new ApiError();
 
-		try {
-			checker.required( "clientId", id);
-		} catch ( RequiredFieldException rfe ) {
-			logger.debug( rfe.getApiError().toString() );
-			return responseBuilder.error(rfe.getApiError());
-		}
 		mr_clientService.removeMr_Client(id, true, apiError);
 		if (apiError.is2xx()) {
 			return responseBuilder.success(NO_CONTENT.getStatusCode(), null);
@@ -212,15 +196,9 @@
 	    @ApiResponse( code = 400, message = "Error", response = ApiError.class )
 	})
 	@Path("/{subId}")
-	public Response test(@PathParam("subId") String id) {
+	public Response getMr_Client(@PathParam("subId") String id) {
 		ApiError apiError = new ApiError();
 
-		try {
-			checker.required( "clientId", id);
-		} catch ( RequiredFieldException rfe ) {
-			logger.debug( rfe.getApiError().toString() );
-			return responseBuilder.error(rfe.getApiError());
-		}
 		MR_Client nClient =  mr_clientService.getMr_Client(id, apiError);
 		if (apiError.is2xx()) {
 			return responseBuilder.success(nClient);
diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/AafPermissionService.java b/src/main/java/org/onap/dmaap/dbcapi/service/AafPermissionService.java
index 0be6c28..1997633 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/service/AafPermissionService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/AafPermissionService.java
@@ -21,7 +21,6 @@
 package org.onap.dmaap.dbcapi.service;
 
 import org.onap.dmaap.dbcapi.aaf.AafService;
-import org.onap.dmaap.dbcapi.aaf.AafServiceImpl;
 import org.onap.dmaap.dbcapi.aaf.AafUserRole;
 import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
 import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
@@ -32,16 +31,12 @@
 
 import static java.lang.String.format;
 
-public class AafPermissionService extends BaseLoggingClass {
+class AafPermissionService extends BaseLoggingClass {
 
     private static final String INSTANCE_PREFIX = ":topic.";
     private final AafService aafService;
     private final DmaapService dmaapService;
 
-    public AafPermissionService() {
-        this(new AafServiceImpl(AafService.ServiceType.AAF_TopicMgr), new DmaapService());
-    }
-
     AafPermissionService(AafService aafService, DmaapService dmaapService) {
         this.aafService = aafService;
         this.dmaapService = dmaapService;
@@ -61,10 +56,6 @@
         return forEachClientAction(client, this::grantPermForClientRole);
     }
 
-    ApiError revokeClientPerms(MR_Client client) {
-        return forEachClientAction(client, this::revokePermForClientRole);
-    }
-
     private ApiError forEachClientAction(MR_Client client, PermissionUpdate permissionUpdate) {
         try {
             String instance = INSTANCE_PREFIX + client.getFqtn();
@@ -93,16 +84,6 @@
         }
     }
 
-    private void revokePermForClientRole(String clientRole, String instance, String action) throws PermissionServiceException {
-        DmaapPerm perm = new DmaapPerm(dmaapService.getTopicPerm(), instance, action);
-        DmaapGrant g = new DmaapGrant(perm, clientRole);
-        int code = aafService.delGrant(g);
-        if (code != 200 && code != 404) {
-            throw new PermissionServiceException(code, format("Revoke of %s|%s|%s failed for %s",
-                    dmaapService.getTopicPerm(), instance, action, clientRole));
-        }
-    }
-
     private ApiError handleErrorStatus(int code, MR_Client client, String message) {
         ApiError apiError = new ApiError(code, message);
         client.setStatus(DmaapObject_Status.INVALID);
diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/AafTopicSetupService.java b/src/main/java/org/onap/dmaap/dbcapi/service/AafTopicSetupService.java
index 7608557..16ffa08 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/service/AafTopicSetupService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/AafTopicSetupService.java
@@ -27,19 +27,21 @@
 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
 import org.onap.dmaap.dbcapi.model.ApiError;
 import org.onap.dmaap.dbcapi.model.Topic;
+import org.onap.dmaap.dbcapi.util.DmaapConfig;
 
 import static java.lang.String.format;
+import static org.apache.commons.lang3.StringUtils.isNumeric;
 
 class AafTopicSetupService extends BaseLoggingClass {
 
     private final AafService aafService;
     private final DmaapService dmaapService;
-    private final boolean createTopicRoles;
+    private final DmaapConfig dmaapConfig;
 
-    AafTopicSetupService(AafService aafService, DmaapService dmaapService, boolean createTopicRoles) {
+    AafTopicSetupService(AafService aafService, DmaapService dmaapService, DmaapConfig dmaapConfig) {
         this.aafService = aafService;
         this.dmaapService = dmaapService;
-        this.createTopicRoles = createTopicRoles;
+        this.dmaapConfig = dmaapConfig;
     }
 
     ApiError aafTopicSetup(Topic topic) {
@@ -55,7 +57,7 @@
             // For backwards compatibility, only do this if the feature is enabled.
             // Also, if the namespace of the topic is a foreign namespace, (i.e. not the same as our root ns)
             // then we likely don't have permission to create sub-ns and Roles so don't try.
-            if (createTopicRoles && topic.getFqtn().startsWith(getTopicsNsRoot())) {
+            if (createTopicRoles() && topic.getFqtn().startsWith(getTopicsNsRoot())) {
                 createNamespace(topic);
 
                 AafRole pubRole = createRole(topic, "publisher");
@@ -78,6 +80,25 @@
         return okStatus();
     }
 
+    ApiError aafTopicCleanup(Topic topic) {
+        try {
+            if (performCleanup()) {
+                String instance = ":topic." + topic.getFqtn();
+                String topicPerm = dmaapService.getTopicPerm();
+                removePermission(topicPerm, instance, "pub");
+                removePermission(topicPerm, instance, "sub");
+                removePermission(topicPerm, instance, "view");
+
+                if (createTopicRoles() && topic.getFqtn().startsWith(getTopicsNsRoot())) {
+                    removeNamespace(topic);
+                }
+            }
+        } catch (TopicSetupException ex) {
+            return new ApiError(ex.getCode(), ex.getMessage(), ex.getFields());
+        }
+        return okStatus();
+    }
+
     private String getTopicsNsRoot() throws TopicSetupException {
         String nsr = dmaapService.getDmaap().getTopicNsRoot();
         if (nsr == null) {
@@ -119,9 +140,8 @@
     }
 
     private AafRole createRole(Topic topic, String roleName) throws TopicSetupException {
-        int rc;
         AafRole role = new AafRole(topic.getFqtn(), roleName);
-        rc = aafService.addRole(role);
+        int rc = aafService.addRole(role);
         if (rc != 201 && rc != 409) {
             throw new TopicSetupException(500,
                     format("Unexpected response from AAF: %d topic=%s role=%s",
@@ -130,11 +150,44 @@
         return role;
     }
 
+    private void removePermission(String permission, String instance, String action) throws TopicSetupException {
+        DmaapPerm perm = new DmaapPerm(permission, instance, action);
+        int rc = aafService.delPerm(perm, true);
+        if (rc != 200 && rc != 404) {
+            throw new TopicSetupException(500,
+                    format("Unexpected response from AAF: %d permission=%s instance=%s action=%s",
+                            rc, perm, instance, action));
+        }
+    }
+
+    private void removeNamespace(Topic topic) throws TopicSetupException {
+        AafNamespace ns = new AafNamespace(topic.getFqtn(), aafService.getIdentity());
+        int rc = aafService.delNamespace(ns, true);
+        if (rc != 200 && rc != 404) {
+            throw new TopicSetupException(500,
+                    format("Unexpected response from AAF: %d namespace=%s identity=%s",
+                            rc, topic.getFqtn(), aafService.getIdentity()));
+        }
+    }
+
     private ApiError okStatus() {
         return new ApiError(200, "OK");
     }
 
+    private boolean createTopicRoles() {
+        return "true".equalsIgnoreCase(dmaapConfig.getProperty("aaf.CreateTopicRoles", "true"));
+    }
+
+    private boolean performCleanup() {
+        String deleteLevel = dmaapConfig.getProperty("MR.ClientDeleteLevel", "0");
+        if (!isNumeric(deleteLevel)) {
+            return false;
+        }
+        return Integer.valueOf(deleteLevel) >= 2;
+    }
+
     private class TopicSetupException extends Exception {
+
         private final int code;
         private final String message;
         private final String fields;
diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/DmaapService.java b/src/main/java/org/onap/dmaap/dbcapi/service/DmaapService.java
index 92455cd..c54fce8 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/service/DmaapService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/DmaapService.java
@@ -24,7 +24,7 @@
 
 import java.util.ArrayList;
 import org.onap.dmaap.dbcapi.aaf.AafService;
-import org.onap.dmaap.dbcapi.aaf.AafServiceImpl;
+import org.onap.dmaap.dbcapi.aaf.AafServiceFactory;
 import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
 import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
 import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
@@ -86,7 +86,7 @@
 			nd.setLastMod();
 			dmaapholder.update(nd);
 			
-			AafService aaf = new AafServiceImpl( ServiceType.AAF_Admin);
+			AafService aaf = new AafServiceFactory().initAafService(ServiceType.AAF_Admin);
 			ApiPolicy apiPolicy = new ApiPolicy();
 			if ( apiPolicy.isPermissionClassSet() ) {
 				ApiPerms p = new ApiPerms();
@@ -135,7 +135,7 @@
 				ApiPerms p = new ApiPerms();
 				p.setEnvMap();
 			}
-			AafService aaf = new AafServiceImpl( ServiceType.AAF_Admin);
+			AafService aaf = new AafServiceFactory().initAafService(ServiceType.AAF_Admin);
 			if ( multiSite ) {
 				anythingWrong = setTopicMgtPerms(  nd,  aaf ) || createMmaTopic();
 			}
diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/MR_ClientService.java b/src/main/java/org/onap/dmaap/dbcapi/service/MR_ClientService.java
index 5fe6b66..bcf5408 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/service/MR_ClientService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/MR_ClientService.java
@@ -23,7 +23,7 @@
 package org.onap.dmaap.dbcapi.service;
 
 import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
-import org.onap.dmaap.dbcapi.aaf.AafServiceImpl;
+import org.onap.dmaap.dbcapi.aaf.AafServiceFactory;
 import org.onap.dmaap.dbcapi.client.MrProvConnection;
 import org.onap.dmaap.dbcapi.database.DatabaseClass;
 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
@@ -49,7 +49,7 @@
     private Map<String, DcaeLocation> locations = DatabaseClass.getDcaeLocations();
     private DmaapService dmaap = new DmaapService();
     private AafPermissionService aafPermissionService =
-            new AafPermissionService(new AafServiceImpl(ServiceType.AAF_TopicMgr), dmaap);
+            new AafPermissionService(new AafServiceFactory().initAafService(ServiceType.AAF_TopicMgr), dmaap);
     private String centralCname;
 
     public MR_ClientService() {
@@ -85,7 +85,6 @@
         return results;
     }
 
-
     public MR_Client getMr_Client(String key, ApiError apiError) {
         MR_Client c = mr_clients.get(key);
         if (c == null) {
@@ -221,13 +220,6 @@
 
         }
 
-        // remove from AAF
-        if (deleteLevel >= 2) {
-            updateApiError(apiError, aafPermissionService.revokeClientPerms(client));
-            if (!apiError.is2xx()) {
-                return;
-            }
-        }
         // remove from DB
         if (deleteLevel >= 1) {
             mr_clients.remove(key);
diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java b/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java
index 3386b97..009b745 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java
@@ -23,7 +23,7 @@
 package org.onap.dmaap.dbcapi.service;
 
 import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
-import org.onap.dmaap.dbcapi.aaf.AafServiceImpl;
+import org.onap.dmaap.dbcapi.aaf.AafServiceFactory;
 import org.onap.dmaap.dbcapi.database.DatabaseClass;
 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
 import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum;
@@ -71,10 +71,8 @@
         this(DatabaseClass.getTopics(), new MR_ClientService(), (DmaapConfig) DmaapConfig.getConfig(),
                 new MR_ClusterService(), new DcaeLocationService(), new MirrorMakerService(),
                 new AafTopicSetupService(
-                        new AafServiceImpl(ServiceType.AAF_TopicMgr),
-                        dmaapSvc,
-                        "true".equalsIgnoreCase(DmaapConfig.getConfig().getProperty("aaf.CreateTopicRoles", "true"))));
-
+                        new AafServiceFactory().initAafService(ServiceType.AAF_TopicMgr),
+                        dmaapSvc, (DmaapConfig) DmaapConfig.getConfig()));
     }
 
     TopicService(Map<String, Topic> mr_topics, MR_ClientService clientService, DmaapConfig p,
@@ -246,11 +244,16 @@
             apiError.setFields("fqtn");
             return null;
         }
+
+        ApiError topicSetupError = aafTopicSetupService.aafTopicCleanup(topic);
+        updateApiError(apiError, topicSetupError);
+        if (apiError.getCode() >= 400) {
+            return null;
+        }
+
         ArrayList<MR_Client> clients = new ArrayList<MR_Client>(clientService.getAllMrClients(pubId));
         for (Iterator<MR_Client> it = clients.iterator(); it.hasNext(); ) {
             MR_Client c = it.next();
-
-
             clientService.removeMr_Client(c.getMrClientId(), false, apiError);
             if (!apiError.is2xx()) {
                 return null;
diff --git a/src/test/java/org/onap/dmaap/dbcapi/aaf/AafServiceFactoryTest.java b/src/test/java/org/onap/dmaap/dbcapi/aaf/AafServiceFactoryTest.java
new file mode 100644
index 0000000..45ff2b1
--- /dev/null
+++ b/src/test/java/org/onap/dmaap/dbcapi/aaf/AafServiceFactoryTest.java
@@ -0,0 +1,103 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * org.onap.dmaap
+ * ================================================================================
+ * Copyright (C) 2019 Nokia Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dmaap.dbcapi.aaf;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.runners.MockitoJUnitRunner;
+import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
+import org.onap.dmaap.dbcapi.util.DmaapConfig;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.BDDMockito.given;
+
+@RunWith(MockitoJUnitRunner.class)
+public class AafServiceFactoryTest {
+
+    private static final String USE_AAF = "true";
+    private static final String AAF_URL = "https://aaf.url/api";
+    private static final String ADMIN_USER = "admin_user";
+    private static final String TOPIC_MANAGER = "topic_manager";
+    private static final String ADMIN_PASS = "admin_pass";
+    private static final String MANAGER_PASS = "manager_pass";
+    @Mock
+    private DmaapConfig dmaapConfig;
+    private AafServiceFactory aafServiceFactory;
+
+    @Before
+    public void setUp() throws Exception {
+        aafServiceFactory = new AafServiceFactory(dmaapConfig);
+    }
+
+    @Test
+    public void shouldBuildAafServiceForAafAdmin() {
+        givenDmaapConfig();
+
+        AafServiceImpl aafService = (AafServiceImpl) aafServiceFactory.initAafService(ServiceType.AAF_Admin);
+
+        assertEquals(ADMIN_USER, aafService.getIdentity());
+        assertEquals(AAF_URL, aafService.getAafUrl());
+        assertTrue(aafService.isUseAAF());
+    }
+
+    @Test
+    public void shouldBuildAafServiceForTopicManager() {
+        givenDmaapConfig();
+
+        AafServiceImpl aafService = (AafServiceImpl) aafServiceFactory.initAafService(ServiceType.AAF_TopicMgr);
+
+        assertEquals(TOPIC_MANAGER, aafService.getIdentity());
+        assertEquals(AAF_URL, aafService.getAafUrl());
+        assertTrue(aafService.isUseAAF());
+    }
+
+    @Test
+    public void shouldCorrectlyCreateCredentialsForAafAdmin() {
+        givenDmaapConfig();
+
+        AafServiceFactory.AafCred cred = aafServiceFactory.getCred(ServiceType.AAF_Admin);
+
+        assertEquals(ADMIN_USER, cred.getIdentity());
+        assertEquals(ADMIN_USER + ":" + new AafDecrypt().decrypt(ADMIN_PASS), cred.toString());
+    }
+
+    @Test
+    public void shouldCorrectlyCreateCredentialsForTopicManager() {
+        givenDmaapConfig();
+
+        AafServiceFactory.AafCred cred = aafServiceFactory.getCred(ServiceType.AAF_TopicMgr);
+
+        assertEquals(TOPIC_MANAGER, cred.getIdentity());
+        assertEquals(TOPIC_MANAGER + ":" + new AafDecrypt().decrypt(MANAGER_PASS), cred.toString());
+    }
+
+    private void givenDmaapConfig() {
+        given(dmaapConfig.getProperty("UseAAF", "false")).willReturn(USE_AAF);
+        given(dmaapConfig.getProperty("aaf.URL", "https://authentication.domain.netset.com:8100/proxy/")).willReturn(AAF_URL);
+        given(dmaapConfig.getProperty("aaf.AdminUser", "noMechId@domain.netset.com")).willReturn(ADMIN_USER);
+        given(dmaapConfig.getProperty("aaf.TopicMgrUser", "noMechId@domain.netset.com")).willReturn(TOPIC_MANAGER);
+        given(dmaapConfig.getProperty("aaf.AdminPassword", "notSet")).willReturn(ADMIN_PASS);
+        given(dmaapConfig.getProperty("aaf.TopicMgrPassword", "notSet")).willReturn(MANAGER_PASS);
+    }
+}
\ No newline at end of file
diff --git a/src/test/java/org/onap/dmaap/dbcapi/aaf/AafServiceImplTest.java b/src/test/java/org/onap/dmaap/dbcapi/aaf/AafServiceImplTest.java
new file mode 100644
index 0000000..efce4a2
--- /dev/null
+++ b/src/test/java/org/onap/dmaap/dbcapi/aaf/AafServiceImplTest.java
@@ -0,0 +1,208 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * org.onap.dmaap
+ * ================================================================================
+ * Copyright (C) 2019 Nokia Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dmaap.dbcapi.aaf;
+
+import junitparams.JUnitParamsRunner;
+import junitparams.Parameters;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+import static org.junit.Assert.assertEquals;
+import static org.mockito.BDDMockito.given;
+import static org.mockito.BDDMockito.then;
+import static org.mockito.Matchers.any;
+import static org.mockito.Matchers.anyString;
+import static org.mockito.Matchers.eq;
+import static org.mockito.Mockito.verifyZeroInteractions;
+
+@RunWith(JUnitParamsRunner.class)
+public class AafServiceImplTest {
+
+    private static final String AAF_URL = "https://aaf.url/";
+    private static final String IDENTITY = "dmaap-bc@onap.org";
+    private static final boolean USE_AAF = true;
+    private static final int CREATED = 201;
+    private static final int OK = 200;
+    @Mock
+    private AafConnection aafConnection;
+    private AafServiceImpl aafService;
+
+    @Before
+    public void setUp() throws Exception {
+        MockitoAnnotations.initMocks(this);
+        given(aafConnection.postAaf(any(AafObject.class), anyString())).willReturn(CREATED);
+        given(aafConnection.delAaf(any(AafObject.class), anyString())).willReturn(OK);
+        aafService = new AafServiceImpl(USE_AAF, AAF_URL, IDENTITY, aafConnection);
+    }
+
+    @Test
+    public void shouldReturnCorrectIdentity() {
+
+        assertEquals(IDENTITY, aafService.getIdentity());
+    }
+
+    @Test
+    public void shouldAddPermission() {
+        DmaapPerm perm = new DmaapPerm("perm", "type", "action");
+
+        int status = aafService.addPerm(perm);
+
+        then(aafConnection).should().postAaf(perm, AAF_URL + "authz/perm");
+        assertEquals(CREATED, status);
+    }
+
+
+    @Test
+    public void shouldAddDmaapGrant() {
+        DmaapGrant grant = new DmaapGrant(new DmaapPerm("perm", "type", "action"), "roles");
+
+        int status = aafService.addGrant(grant);
+
+        then(aafConnection).should().postAaf(grant, AAF_URL + "authz/role/perm");
+        assertEquals(CREATED, status);
+    }
+
+    @Test
+    public void shouldAddUserRole() {
+        AafUserRole userRole = new AafUserRole("ident", "role");
+
+        int status = aafService.addUserRole(userRole);
+
+        then(aafConnection).should().postAaf(userRole, AAF_URL + "authz/userRole");
+        assertEquals(CREATED, status);
+    }
+
+    @Test
+    public void shouldAddRole() {
+        AafRole role = new AafRole("ns", "role");
+
+        int status = aafService.addRole(role);
+
+        then(aafConnection).should().postAaf(role, AAF_URL + "authz/role");
+        assertEquals(CREATED, status);
+    }
+
+    @Test
+    public void shouldAddNamespace() {
+        AafNamespace ns = new AafNamespace("ns", "ident");
+
+        int status = aafService.addNamespace(ns);
+
+        then(aafConnection).should().postAaf(ns, AAF_URL + "authz/ns");
+        assertEquals(CREATED, status);
+    }
+
+    @Test
+    public void shouldNotConnectToAafDuringCreate() {
+        aafService = new AafServiceImpl(false, AAF_URL, IDENTITY, aafConnection);
+        DmaapPerm perm = new DmaapPerm("perm", "type", "action");
+
+        int status = aafService.addPerm(perm);
+
+        verifyZeroInteractions(aafConnection);
+        assertEquals(CREATED, status);
+    }
+
+    @Test
+    @Parameters({"401", "403", "409", "200", "500"})
+    public void shouldHandleErrorDuringCreate(int aafServiceReturnedCode) {
+        given(aafConnection.postAaf(any(AafObject.class), anyString())).willReturn(aafServiceReturnedCode);
+        DmaapPerm perm = new DmaapPerm("perm", "type", "action");
+
+        int status = aafService.addPerm(perm);
+
+        assertEquals(aafServiceReturnedCode, status);
+    }
+
+    @Test
+    @Parameters({"401", "403", "404", "200", "500"})
+    public void shouldHandleErrorDuringDelete(int aafServiceReturnedCode) {
+        given(aafConnection.delAaf(any(AafObject.class), anyString())).willReturn(aafServiceReturnedCode);
+        DmaapPerm perm = new DmaapPerm("perm", "type", "action");
+
+        int status = aafService.delPerm(perm, false);
+
+        assertEquals(aafServiceReturnedCode, status);
+    }
+
+    @Test
+    public void shouldDeletePermission() {
+        DmaapPerm perm = new DmaapPerm("permName", "type", "action");
+
+        int status = aafService.delPerm(perm, false);
+
+        then(aafConnection).should().delAaf(any(AafEmpty.class), eq(AAF_URL + "authz/perm/permName/type/action"));
+        assertEquals(OK, status);
+    }
+
+    @Test
+    public void shouldDeletePermissionWithForce() {
+        DmaapPerm perm = new DmaapPerm("permName", "type", "action");
+
+        int status = aafService.delPerm(perm, true);
+
+        then(aafConnection).should().delAaf(any(AafEmpty.class), eq(AAF_URL + "authz/perm/permName/type/action?force=true"));
+        assertEquals(OK, status);
+    }
+
+    @Test
+    public void shouldDeleteNamespace() {
+        AafNamespace ns = new AafNamespace("nsName", "ident");
+
+        int status = aafService.delNamespace(ns, false);
+
+        then(aafConnection).should().delAaf(any(AafEmpty.class), eq(AAF_URL + "authz/ns/nsName"));
+        assertEquals(OK, status);
+    }
+
+    @Test
+    public void shouldDeleteNamespaceWithForce() {
+        AafNamespace ns = new AafNamespace("nsName", "ident");
+
+        int status = aafService.delNamespace(ns, true);
+
+        then(aafConnection).should().delAaf(any(AafEmpty.class), eq(AAF_URL + "authz/ns/nsName?force=true"));
+        assertEquals(OK, status);
+    }
+
+    @Test
+    public void shouldReturnExpectedCodeDuringPostWhenUseAffIsSetToFalse() {
+        aafService = new AafServiceImpl(false, AAF_URL, IDENTITY, aafConnection);
+        DmaapPerm perm = new DmaapPerm("perm", "type", "action");
+
+        int status = aafService.addPerm(perm);
+
+        assertEquals(CREATED, status);
+    }
+
+    @Test
+    public void shouldReturnExpectedCodeDuringDeleteWhenUseAffIsSetToFalse() {
+        aafService = new AafServiceImpl(false, AAF_URL, IDENTITY, aafConnection);
+        DmaapPerm perm = new DmaapPerm("perm", "type", "action");
+
+        int status = aafService.delPerm(perm, false);
+
+        assertEquals(OK, status);
+    }
+}
\ No newline at end of file
diff --git a/src/test/java/org/onap/dmaap/dbcapi/resources/MR_ClientResourceTest.java b/src/test/java/org/onap/dmaap/dbcapi/resources/MR_ClientResourceTest.java
new file mode 100644
index 0000000..abe2e45
--- /dev/null
+++ b/src/test/java/org/onap/dmaap/dbcapi/resources/MR_ClientResourceTest.java
@@ -0,0 +1,304 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * org.onap.dmaap
+ * ================================================================================
+ * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dmaap.dbcapi.resources;
+
+import org.glassfish.jersey.server.ResourceConfig;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.onap.dmaap.dbcapi.database.DatabaseClass;
+import org.onap.dmaap.dbcapi.model.ApiError;
+import org.onap.dmaap.dbcapi.model.MR_Client;
+import org.onap.dmaap.dbcapi.model.MR_Cluster;
+import org.onap.dmaap.dbcapi.model.Topic;
+import org.onap.dmaap.dbcapi.testframework.DmaapObjectFactory;
+
+import javax.ws.rs.client.Entity;
+import javax.ws.rs.core.Response;
+
+import static javax.ws.rs.client.Entity.entity;
+import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+public class MR_ClientResourceTest {
+
+    private static final DmaapObjectFactory DMAAP_OBJECT_FACTORY = new DmaapObjectFactory();
+    private static FastJerseyTestContainer testContainer;
+
+    @BeforeClass
+    public static void setUpClass() throws Exception {
+        DatabaseClass.getDmaap().init(DMAAP_OBJECT_FACTORY.genDmaap());
+
+        testContainer = new FastJerseyTestContainer(new ResourceConfig()
+                .register(MR_ClientResource.class).register(MR_ClusterResource.class).register(TopicResource.class));
+        testContainer.init();
+    }
+
+    @AfterClass
+    public static void tearDownClass() throws Exception {
+        testContainer.destroy();
+        /*TODO: Cannot cleanup yet until still other Resources tests depends on the static DB content
+
+        DatabaseClass.getDmaap().remove();
+        DatabaseClass.clearDatabase();*/
+    }
+
+    @Test
+    public void addMr_Client_shouldReturnErrorWhenNoFqtnProvided() {
+        Entity<MR_Client> requestedEntity = entity(
+                new MR_Client("dcaeLocation", null, "clientRole", new String[]{"GET"}), APPLICATION_JSON);
+
+        Response response = testContainer.target("mr_clients")
+                .request()
+                .post(requestedEntity, Response.class);
+
+        assertEquals(400, response.getStatus());
+        ApiError responseError = response.readEntity(ApiError.class);
+        assertNotNull(responseError);
+        assertEquals("fqtn", responseError.getFields());
+    }
+
+    @Test
+    public void addMr_Client_shouldReturnErrorWhenNoLocationProvided() {
+        Entity<MR_Client> requestedEntity = entity(
+                new MR_Client(null, "fqtn", "clientRole", new String[]{"GET"}), APPLICATION_JSON);
+
+        Response response = testContainer.target("mr_clients")
+                .request()
+                .post(requestedEntity, Response.class);
+
+        assertEquals(400, response.getStatus());
+        ApiError responseError = response.readEntity(ApiError.class);
+        assertNotNull(responseError);
+        assertEquals("dcaeLocationName", responseError.getFields());
+    }
+
+    @Test
+    public void addMr_Client_shouldReturnErrorWhenNoClientRoleProvided() {
+        Entity<MR_Client> requestedEntity = entity(
+                new MR_Client("dcaeLocation", "fqtn", null, new String[]{"GET"}), APPLICATION_JSON);
+
+        Response response = testContainer.target("mr_clients")
+                .request()
+                .post(requestedEntity, Response.class);
+
+        assertEquals(400, response.getStatus());
+        ApiError responseError = response.readEntity(ApiError.class);
+        assertNotNull(responseError);
+        assertEquals("clientRole or clientIdentity", responseError.getFields());
+    }
+
+    @Test
+    public void addMr_Client_shouldReturnErrorWhenNoActionsProvided() {
+        Entity<MR_Client> requestedEntity = entity(
+                new MR_Client("dcaeLocation", "fqtn", "clientRole", null), APPLICATION_JSON);
+
+        Response response = testContainer.target("mr_clients")
+                .request()
+                .post(requestedEntity, Response.class);
+
+        assertEquals(400, response.getStatus());
+        ApiError responseError = response.readEntity(ApiError.class);
+        assertNotNull(responseError);
+        assertEquals("action", responseError.getFields());
+    }
+
+    @Test
+    public void addMr_Client_shouldReturnErrorWhereThereIsNoMrClusterAvailable() {
+        Entity<MR_Client> requestedEntity = entity(
+                new MR_Client("dcaeLocationName", "fqtn", "clientRole", new String[]{"GET"}), APPLICATION_JSON);
+
+        Response response = testContainer.target("mr_clients")
+                .request()
+                .post(requestedEntity, Response.class);
+
+        assertEquals(400, response.getStatus());
+        ApiError responseError = response.readEntity(ApiError.class);
+        assertNotNull(responseError);
+        assertEquals("dcaeLocationName", responseError.getFields());
+    }
+
+    @Test
+    public void addMr_Client_shouldReturnErrorWhereThereIsNoTopicForFqtnAvailable() {
+        Entity<MR_Client> requestedEntity = entity(
+                new MR_Client("dcaeLocation", "fqtn", "clientRole", new String[]{"GET"}), APPLICATION_JSON);
+
+        createMrCluster(new MR_Cluster("dcaeLocation", "fqdn", "protocol", "port"));
+
+        Response response = testContainer.target("mr_clients")
+                .request()
+                .post(requestedEntity, Response.class);
+
+        assertEquals(404, response.getStatus());
+        ApiError responseError = response.readEntity(ApiError.class);
+        assertNotNull(responseError);
+        assertEquals("fqtn", responseError.getFields());
+    }
+
+    @Test
+    public void addMr_Client_shouldAddMrClient() {
+        Entity<MR_Client> requestedEntity = entity(
+                new MR_Client("dcaeLocation2", "testTopic", "clientRole", new String[]{"GET"}), APPLICATION_JSON);
+
+        createMrCluster(new MR_Cluster("dcaeLocation2", "fqdn", "protocol", "port"));
+        createTopic("testTopic");
+
+        Response response = testContainer.target("mr_clients")
+                .request()
+                .post(requestedEntity, Response.class);
+
+        assertEquals(200, response.getStatus());
+        assertTrue(response.hasEntity());
+        assertMRClientExistInDB(response.readEntity(MR_Client.class));
+    }
+
+    @Test
+    public void deleteMr_Client_shouldDeleteMrClient() {
+        Entity<MR_Client> requestedEntity = entity(
+                new MR_Client("dcaeLocation3", "testTopic", "clientRole", new String[]{"GET"}), APPLICATION_JSON);
+        createMrCluster(new MR_Cluster("dcaeLocation3", "fqdn", "protocol", "port"));
+        createTopic("testTopic");
+
+        Response response = testContainer.target("mr_clients")
+                .request()
+                .post(requestedEntity, Response.class);
+        assertEquals(200, response.getStatus());
+
+        MR_Client mrClientEntity = response.readEntity(MR_Client.class);
+        Response deleteResponse = testContainer.target("mr_clients")
+                .path(mrClientEntity.getMrClientId())
+                .request()
+                .delete();
+
+        assertEquals(204, deleteResponse.getStatus());
+        assertMrClientNotExistInDB(mrClientEntity.getMrClientId());
+    }
+
+    @Test
+    public void deleteMr_Clients_shouldReturnMethodNotAllowedCodeWhenClientIdIsMissing() {
+        Response deleteResponse = testContainer.target("mr_clients")
+                .request()
+                .delete();
+
+        assertEquals(405, deleteResponse.getStatus());
+    }
+
+    @Test
+    public void getMr_Client_shouldReturnErrorWhenThereIsNoClient() {
+        Response response = testContainer.target("mr_clients")
+                .path("not_existing_id")
+                .request()
+                .get();
+
+        assertEquals(404, response.getStatus());
+        ApiError responseError = response.readEntity(ApiError.class);
+        assertNotNull(responseError);
+        assertEquals("mrClientId", responseError.getFields());
+    }
+
+    @Test
+    public void updateMr_Client_shouldReturnErrorWhenNoFqtnProvided() {
+        MR_Client mrClient = new MR_Client("dcaeLocation", null, "clientRole", new String[]{"GET"});
+        Entity<MR_Client> requestedEntity = entity(mrClient, APPLICATION_JSON);
+
+        Response response = testContainer.target("mr_clients")
+                .path(mrClient.getMrClientId())
+                .request()
+                .put(requestedEntity, Response.class);
+
+        assertEquals(400, response.getStatus());
+        ApiError responseError = response.readEntity(ApiError.class);
+        assertNotNull(responseError);
+        assertEquals("fqtn", responseError.getFields());
+    }
+
+    @Test
+    public void updateMr_Client_shouldUpdate() {
+        Entity<MR_Client> requestedEntity = entity(
+                new MR_Client("dcaeLocation4", "testTopic", "clientRole", new String[]{"GET"}), APPLICATION_JSON);
+
+        createMrCluster(new MR_Cluster("dcaeLocation4", "fqdn", "protocol", "port"));
+        createTopic("testTopic");
+
+        Response response = testContainer.target("mr_clients")
+                .request()
+                .post(requestedEntity, Response.class);
+        MR_Client createdMrClient = response.readEntity(MR_Client.class);
+        createdMrClient.setDcaeLocationName("updatedDcaeLocation");
+
+
+        Response updateResponse = testContainer.target("mr_clients")
+                .path(createdMrClient.getMrClientId())
+                .request()
+                .put(requestedEntity, Response.class);
+
+        assertEquals(200, updateResponse.getStatus());
+        assertTrue(updateResponse.hasEntity());
+        assertMRClientExistInDB(updateResponse.readEntity(MR_Client.class));
+
+    }
+
+    @Test
+    public void getMr_Clients_test() {
+        Response response = testContainer.target("mr_clients").request().get(Response.class);
+        System.out.println("GET dr_subs response=" + response.getStatus());
+
+        assertEquals(200, response.getStatus());
+        assertTrue(response.hasEntity());
+    }
+
+
+    private void createMrCluster(MR_Cluster cluster) {
+        Response response = testContainer.target("mr_clusters")
+                .request()
+                .post(entity(cluster, APPLICATION_JSON), Response.class);
+        assertEquals(201, response.getStatus());
+    }
+
+    private void createTopic(String tname) {
+        Topic topic = new Topic();
+        topic.setFqtn(tname);
+        topic.setFqtn(tname);
+        DatabaseClass.getTopics().put(topic.getFqtn(), topic);
+    }
+
+    private void assertMRClientExistInDB(MR_Client created) {
+        Response response = testContainer.target("mr_clients")
+                .path(created.getMrClientId())
+                .request()
+                .get();
+        assertEquals(200, response.getStatus());
+        assertTrue(response.hasEntity());
+        MR_Client receivedMrClient = response.readEntity(MR_Client.class);
+        assertEquals(created.getFqtn(), receivedMrClient.getFqtn());
+        assertEquals(created.getDcaeLocationName(), receivedMrClient.getDcaeLocationName());
+    }
+
+    private void assertMrClientNotExistInDB(String clientId) {
+        assertEquals(404, testContainer.target("mr_clients")
+                .path(clientId)
+                .request()
+                .get()
+                .getStatus());
+    }
+}
\ No newline at end of file
diff --git a/src/test/java/org/onap/dmaap/dbcapi/service/AafPermissionServiceTest.java b/src/test/java/org/onap/dmaap/dbcapi/service/AafPermissionServiceTest.java
index bad66b8..716736e 100644
--- a/src/test/java/org/onap/dmaap/dbcapi/service/AafPermissionServiceTest.java
+++ b/src/test/java/org/onap/dmaap/dbcapi/service/AafPermissionServiceTest.java
@@ -130,32 +130,6 @@
         assertOkStatus(apiError);
     }
 
-    @Test
-    @Parameters({"200", "404"})
-    public void shouldRevokeActionPermissionForClientRole(int aafServiceReturnedCode) {
-        DmaapGrant grant = new DmaapGrant(new DmaapPerm(TOPIC_PERM, ":topic." + FQTN, PUB_ACTION), ROLE);
-        given(mrClient.getClientRole()).willReturn(ROLE);
-        given(aafService.delGrant(grant)).willReturn(aafServiceReturnedCode);
-
-        ApiError apiError = aafPermissionService.revokeClientPerms(mrClient);
-
-        then(aafService).should().delGrant(grant);
-        then(mrClient).should().setStatus(VALID);
-        assertOkStatus(apiError);
-    }
-
-    @Test
-    public void shouldReturnErrorStatusWhenPermissionWasNotRevokedFromRole() {
-        DmaapGrant grant = new DmaapGrant(new DmaapPerm(TOPIC_PERM, ":topic." + FQTN, PUB_ACTION), ROLE);
-        given(mrClient.getClientRole()).willReturn(ROLE);
-        given(aafService.delGrant(grant)).willReturn(INTERNAL_SERVER_ERROR);
-
-        ApiError apiError = aafPermissionService.revokeClientPerms(mrClient);
-
-        then(mrClient).should().setStatus(INVALID);
-        assertErrorStatus(apiError, INTERNAL_SERVER_ERROR);
-    }
-
     private void assertErrorStatus(ApiError apiError, int code) {
         assertEquals(code, apiError.getCode());
     }
diff --git a/src/test/java/org/onap/dmaap/dbcapi/service/AafTopicSetupServiceTest.java b/src/test/java/org/onap/dmaap/dbcapi/service/AafTopicSetupServiceTest.java
index a250c90..0ca406a 100644
--- a/src/test/java/org/onap/dmaap/dbcapi/service/AafTopicSetupServiceTest.java
+++ b/src/test/java/org/onap/dmaap/dbcapi/service/AafTopicSetupServiceTest.java
@@ -35,11 +35,13 @@
 import org.onap.dmaap.dbcapi.model.ApiError;
 import org.onap.dmaap.dbcapi.model.Dmaap;
 import org.onap.dmaap.dbcapi.model.Topic;
+import org.onap.dmaap.dbcapi.util.DmaapConfig;
 
 import java.util.List;
 
 import static com.google.common.collect.Lists.newArrayList;
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
 import static org.mockito.BDDMockito.given;
 
@@ -49,6 +51,7 @@
     private static final int INTERNAL_SERVER_ERROR = 500;
     private static final int NOT_FOUND = 404;
     private static final int CREATED = 201;
+    private static final int OK = 200;
     private static final String TOPIC_NS_ROOT = "org.onap.dmaap.mr";
     private static final String TOPIC_PERM = "org.onap.dmaap.mr.topic";
     private static final String TOPIC_FQTN = "org.onap.dmaap.mr.sample_topic";
@@ -56,6 +59,8 @@
     private AafServiceStub aafService = new AafServiceStub();
     @Mock
     private DmaapService dmaapService;
+    @Mock
+    private DmaapConfig dmaapConfig;
     private AafTopicSetupService aafTopicSetupService;
 
     @Before
@@ -65,7 +70,9 @@
         dmaap.setTopicNsRoot(TOPIC_NS_ROOT);
         given(dmaapService.getDmaap()).willReturn(dmaap);
         given(dmaapService.getTopicPerm()).willReturn(TOPIC_PERM);
-        aafTopicSetupService = new AafTopicSetupService(aafService, dmaapService, true);
+        given(dmaapConfig.getProperty("aaf.CreateTopicRoles", "true")).willReturn("true");
+        given(dmaapConfig.getProperty("MR.ClientDeleteLevel", "0")).willReturn("2");
+        aafTopicSetupService = new AafTopicSetupService(aafService, dmaapService, dmaapConfig);
     }
 
     @Test
@@ -157,14 +164,14 @@
 
     @Test
     public void shouldCreateOnlyPermissionsWhenCreateTopicRolesIsFalse() {
-        aafTopicSetupService = new AafTopicSetupService(aafService, dmaapService, false);
+        given(dmaapConfig.getProperty("aaf.CreateTopicRoles", "true")).willReturn("false");
 
         aafTopicSetupService.aafTopicSetup(givenTopic(TOPIC_FQTN));
 
         aafService.shouldAddPerm(new DmaapPerm(TOPIC_PERM, ":topic." + TOPIC_FQTN, "pub"));
         aafService.shouldAddPerm(new DmaapPerm(TOPIC_PERM, ":topic." + TOPIC_FQTN, "sub"));
         aafService.shouldAddPerm(new DmaapPerm(TOPIC_PERM, ":topic." + TOPIC_FQTN, "view"));
-        aafService.shouldHaveNoRolesAndGrants();
+        aafService.shouldHaveNoNamespaceRolesAndGrantsAdded();
     }
 
     @Test
@@ -176,7 +183,7 @@
         aafService.shouldAddPerm(new DmaapPerm(TOPIC_PERM, ":topic." + topicFqtn, "pub"));
         aafService.shouldAddPerm(new DmaapPerm(TOPIC_PERM, ":topic." + topicFqtn, "sub"));
         aafService.shouldAddPerm(new DmaapPerm(TOPIC_PERM, ":topic." + topicFqtn, "view"));
-        aafService.shouldHaveNoRolesAndGrants();
+        aafService.shouldHaveNoNamespaceRolesAndGrantsAdded();
     }
 
     @Test
@@ -226,6 +233,92 @@
         assertErrorStatus(apiError, NOT_FOUND);
     }
 
+    @Test
+    @Parameters({"200", "404"})
+    public void shouldremovePublisherSubscriberViewerPermissions(int aafServiceReturnedCode) {
+        aafService.givenReturnCode(aafServiceReturnedCode);
+
+        aafTopicSetupService.aafTopicCleanup(givenTopic(TOPIC_FQTN));
+
+        aafService.shouldRemovePerm(new DmaapPerm(TOPIC_PERM, ":topic." + TOPIC_FQTN, "pub"));
+        aafService.shouldRemovePerm(new DmaapPerm(TOPIC_PERM, ":topic." + TOPIC_FQTN, "sub"));
+        aafService.shouldRemovePerm(new DmaapPerm(TOPIC_PERM, ":topic." + TOPIC_FQTN, "view"));
+    }
+
+    @Test
+    @Parameters({"200", "404"})
+    public void shouldRemoveNamespace(int aafServiceReturnedCode) {
+        aafService.givenReturnCode(aafServiceReturnedCode);
+        Topic topic = givenTopic(TOPIC_FQTN);
+
+        aafTopicSetupService.aafTopicCleanup(topic);
+
+        AafNamespace namespace = new AafNamespace(TOPIC_FQTN, IDENTITY);
+        aafService.shouldRemoveNamespace(namespace);
+    }
+
+    @Test
+    public void shouldRemoveOnlyPermissionsWhenCreateTopicRolesIsFalse() {
+        given(dmaapConfig.getProperty("aaf.CreateTopicRoles", "true")).willReturn("false");
+
+        aafTopicSetupService.aafTopicCleanup(givenTopic(TOPIC_FQTN));
+
+        aafService.shouldRemovePerm(new DmaapPerm(TOPIC_PERM, ":topic." + TOPIC_FQTN, "pub"));
+        aafService.shouldRemovePerm(new DmaapPerm(TOPIC_PERM, ":topic." + TOPIC_FQTN, "sub"));
+        aafService.shouldRemovePerm(new DmaapPerm(TOPIC_PERM, ":topic." + TOPIC_FQTN, "view"));
+        aafService.shouldNotRemoveNamespace();
+    }
+
+    @Test
+    public void shouldRemoveOnlyPermissionsWhenTopicFqtnDoesntStartWithNsRoot() {
+
+        String topicFqtn = "sample_topic";
+        aafTopicSetupService.aafTopicCleanup(givenTopic(topicFqtn));
+
+        aafService.shouldRemovePerm(new DmaapPerm(TOPIC_PERM, ":topic." + topicFqtn, "pub"));
+        aafService.shouldRemovePerm(new DmaapPerm(TOPIC_PERM, ":topic." + topicFqtn, "sub"));
+        aafService.shouldRemovePerm(new DmaapPerm(TOPIC_PERM, ":topic." + topicFqtn, "view"));
+        aafService.shouldNotRemoveNamespace();
+    }
+
+    @Test
+    public void shouldHandleExceptionWhenPermissionRemovalWasFailed() {
+        aafService.givenRemovePermStatus(INTERNAL_SERVER_ERROR);
+
+        ApiError apiError = aafTopicSetupService.aafTopicCleanup(givenTopic(TOPIC_FQTN));
+
+        assertErrorStatus(apiError, INTERNAL_SERVER_ERROR);
+    }
+
+    @Test
+    public void shouldHandleExceptionWhenNamespaceRemovalWasFailed() {
+        aafService.givenRemoveNamespaceStatus(INTERNAL_SERVER_ERROR);
+
+        ApiError apiError = aafTopicSetupService.aafTopicCleanup(givenTopic(TOPIC_FQTN));
+
+        assertErrorStatus(apiError, INTERNAL_SERVER_ERROR);
+    }
+
+    @Test
+    public void shouldNotPerformCleanupWhenDeleteLevelIsLessThanTwo() {
+        given(dmaapConfig.getProperty("MR.ClientDeleteLevel", "0")).willReturn("0");
+
+        ApiError apiError = aafTopicSetupService.aafTopicCleanup(givenTopic(TOPIC_FQTN));
+
+        aafService.shouldNotPerformCleanup();
+        assertOkStatus(apiError);
+    }
+
+    @Test
+    public void shouldNotPerformCleanupWhenDeleteLevelIsNotNumericValue() {
+        given(dmaapConfig.getProperty("MR.ClientDeleteLevel", "0")).willReturn("not number");
+
+        ApiError apiError = aafTopicSetupService.aafTopicCleanup(givenTopic(TOPIC_FQTN));
+
+        aafService.shouldNotPerformCleanup();
+        assertOkStatus(apiError);
+    }
+
     private Topic givenTopic(String topicFqtn) {
         Topic topic = new Topic();
         topic.setFqtn(topicFqtn);
@@ -243,14 +336,18 @@
 
     private class AafServiceStub implements AafService {
 
-        private AafNamespace namespace;
-        private List<DmaapPerm> perms = newArrayList();
-        private List<AafRole> roles = newArrayList();
-        private List<DmaapGrant> grants = newArrayList();
+        private AafNamespace addedNamespace;
+        private AafNamespace removedNamespace;
+        private List<DmaapPerm> addedPerms = newArrayList();
+        private List<DmaapPerm> removedPerms = newArrayList();
+        private List<AafRole> addedRoles = newArrayList();
+        private List<DmaapGrant> addedGrants = newArrayList();
         private int addNamespaceStatus = CREATED;
         private int addGrantStatus = CREATED;
         private int addRoleStatus = CREATED;
         private int addPermStatus = CREATED;
+        private int removePermStatus = OK;
+        private int removeNamespaceStatus = OK;
 
         @Override
         public String getIdentity() {
@@ -259,13 +356,19 @@
 
         @Override
         public int addPerm(DmaapPerm perm) {
-            this.perms.add(perm);
+            this.addedPerms.add(perm);
             return addPermStatus;
         }
 
         @Override
+        public int delPerm(DmaapPerm perm, boolean force) {
+            removedPerms.add(perm);
+            return removePermStatus;
+        }
+
+        @Override
         public int addGrant(DmaapGrant grant) {
-            grants.add(grant);
+            addedGrants.add(grant);
             return addGrantStatus;
         }
 
@@ -275,33 +378,40 @@
         }
 
         @Override
-        public int delGrant(DmaapGrant grant) {
-            throw new UnsupportedOperationException();
-        }
-
-        @Override
         public int addRole(AafRole role) {
-            this.roles.add(role);
+            this.addedRoles.add(role);
             return addRoleStatus;
         }
 
         @Override
         public int addNamespace(AafNamespace namespace) {
-            this.namespace = namespace;
+            this.addedNamespace = namespace;
             return addNamespaceStatus;
         }
 
+        @Override
+        public int delNamespace(AafNamespace namespace, boolean force) {
+            this.removedNamespace = namespace;
+            return removeNamespaceStatus;
+        }
+
         void givenReturnCode(int status) {
             this.addNamespaceStatus = status;
             this.addGrantStatus = status;
             this.addRoleStatus = status;
             this.addPermStatus = status;
+            this.removePermStatus = status;
+            this.removeNamespaceStatus = status;
         }
 
         void givenAddNamespaceStatus(int addNamespaceStatus) {
             this.addNamespaceStatus = addNamespaceStatus;
         }
 
+        void givenRemoveNamespaceStatus(int removeNamespaceStatus) {
+            this.removeNamespaceStatus = removeNamespaceStatus;
+        }
+
         void givenAddGrantStatus(int addGrantStatus) {
             this.addGrantStatus = addGrantStatus;
         }
@@ -314,25 +424,47 @@
             this.addPermStatus = addPermStatus;
         }
 
+        void givenRemovePermStatus(int removePermStatus) {
+            this.removePermStatus = removePermStatus;
+        }
+
         void shouldAddPerm(DmaapPerm perm) {
-            assertTrue(perms.contains(perm));
+            assertTrue(addedPerms.contains(perm));
+        }
+
+        void shouldRemovePerm(DmaapPerm perm) {
+            assertTrue(removedPerms.contains(perm));
         }
 
         void shouldAddNamespace(AafNamespace namespace) {
-            assertEquals(namespace, this.namespace);
+            assertEquals(namespace, this.addedNamespace);
+        }
+
+        void shouldRemoveNamespace(AafNamespace namespace) {
+            assertEquals(namespace, this.removedNamespace);
         }
 
         void shouldAddRole(AafRole role) {
-            assertTrue(roles.contains(role));
+            assertTrue(addedRoles.contains(role));
         }
 
         void shouldAddGrant(DmaapGrant grant) {
-            assertTrue(grants.contains(grant));
+            assertTrue(addedGrants.contains(grant));
         }
 
-        void shouldHaveNoRolesAndGrants() {
-            assertTrue(this.grants.isEmpty());
-            assertTrue(this.roles.isEmpty());
+        void shouldHaveNoNamespaceRolesAndGrantsAdded() {
+            assertNull(this.addedNamespace);
+            assertTrue(this.addedGrants.isEmpty());
+            assertTrue(this.addedRoles.isEmpty());
+        }
+
+        void shouldNotRemoveNamespace() {
+            assertNull(this.removedNamespace);
+        }
+
+        void shouldNotPerformCleanup() {
+            shouldNotRemoveNamespace();
+            assertTrue(removedPerms.isEmpty());
         }
     }
 }
\ No newline at end of file
diff --git a/src/test/java/org/onap/dmaap/dbcapi/service/TopicServiceTest.java b/src/test/java/org/onap/dmaap/dbcapi/service/TopicServiceTest.java
index f73c297..a37ce02 100644
--- a/src/test/java/org/onap/dmaap/dbcapi/service/TopicServiceTest.java
+++ b/src/test/java/org/onap/dmaap/dbcapi/service/TopicServiceTest.java
@@ -42,12 +42,16 @@
 
 import static com.google.common.collect.Iterables.getOnlyElement;
 import static com.google.common.collect.Lists.newArrayList;
+import static javax.ws.rs.core.Response.Status.NOT_FOUND;
+import static javax.ws.rs.core.Response.Status.OK;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertSame;
 import static org.junit.Assert.assertThat;
+import static org.junit.Assert.assertTrue;
 import static org.mockito.BDDMockito.given;
+import static org.mockito.BDDMockito.then;
 import static org.mockito.Matchers.any;
 import static org.mockito.Mockito.verifyZeroInteractions;
 import static org.onap.dmaap.dbcapi.model.ReplicationType.REPLICATION_GLOBAL_TO_FQDN;
@@ -75,6 +79,7 @@
     public void setUp() throws Exception {
         given(dmaapConfig.getProperty("MR.globalHost", "global.host.not.set")).willReturn(GLOBAL_MR_HOST);
         given(aafTopicSetupService.aafTopicSetup(any(Topic.class))).willReturn(new ApiError(200, "OK"));
+        given(aafTopicSetupService.aafTopicCleanup(any(Topic.class))).willReturn(new ApiError(200, "OK"));
         createTopicService();
     }
 
@@ -129,7 +134,7 @@
         Topic topic = topicService.getTopic(TOPIC_FQTN, apiError);
 
         assertThat(topic, hasCorrectFqtn(TOPIC_FQTN));
-        assertEquals(Response.Status.OK.getStatusCode(), apiError.getCode());
+        assertEquals(OK.getStatusCode(), apiError.getCode());
     }
 
     @Test
@@ -151,7 +156,7 @@
         Topic topic = topicService.getTopic("not_existing", apiError);
 
         assertNull(topic);
-        assertEquals(Response.Status.NOT_FOUND.getStatusCode(), apiError.getCode());
+        assertEquals(NOT_FOUND.getStatusCode(), apiError.getCode());
     }
 
     @Test
@@ -162,7 +167,7 @@
         Topic addedTopic = topicService.addTopic(newTopic, apiError, true);
 
         assertSame(newTopic, addedTopic);
-        assertEquals(Response.Status.OK.getStatusCode(), apiError.getCode());
+        assertEquals(OK.getStatusCode(), apiError.getCode());
         assertNotNull(topicService.getTopic(addedTopic.getFqtn(), new ApiError()));
     }
 
@@ -187,7 +192,7 @@
         Topic secondAddedTopic = topicService.addTopic(addedTopic, apiError, true);
 
         assertSame(addedTopic, secondAddedTopic);
-        assertEquals(Response.Status.OK.getStatusCode(), apiError.getCode());
+        assertEquals(OK.getStatusCode(), apiError.getCode());
         assertNotNull(topicService.getTopic(secondAddedTopic.getFqtn(), new ApiError()));
     }
 
@@ -200,7 +205,7 @@
         ApiError apiError = new ApiError();
         Topic addedTopic = topicService.addTopic(newTopic, apiError, true);
 
-        assertEquals(Response.Status.OK.getStatusCode(), apiError.getCode());
+        assertEquals(OK.getStatusCode(), apiError.getCode());
         assertEquals(GLOBAL_MR_HOST, addedTopic.getGlobalMrURL());
     }
 
@@ -218,6 +223,63 @@
         assertNull(addedTopic);
     }
 
+    @Test
+    public void removeTopic_shouldFailIfTopicDoesNotExist() {
+        ApiError apiError = new ApiError();
+
+        Topic removedTopic = topicService.removeTopic("not_existing_fqtn", apiError);
+
+        assertNull(removedTopic);
+        assertEquals(NOT_FOUND.getStatusCode(), apiError.getCode());
+        assertTrue(topicService.getTopics().containsKey(TOPIC_FQTN));
+    }
+
+    @Test
+    public void removeTopic_shouldExecuteAafCleanup() {
+        ApiError apiError = new ApiError();
+
+        Topic removedTopic = topicService.removeTopic(TOPIC_FQTN, apiError);
+
+        then(aafTopicSetupService).should().aafTopicCleanup(removedTopic);
+        assertEquals(OK.getStatusCode(), apiError.getCode());
+    }
+
+    @Test
+    public void removeTopic_shouldRemoveEachMrClientAssignedToTopic() {
+        ApiError apiError = new ApiError();
+        MR_Client mrClient = new MR_Client();
+        mrClient.setMrClientId("mrClientId");
+
+        given(clientService.getAllMrClients(TOPIC_FQTN)).willReturn(newArrayList(mrClient));
+
+        topicService.removeTopic(TOPIC_FQTN, apiError);
+
+        then(clientService).should().removeMr_Client(mrClient.getMrClientId(), false, apiError);
+        assertEquals(OK.getStatusCode(), apiError.getCode());
+    }
+
+    @Test
+    public void removeTopic_shouldRemoveTopicFromCache() {
+        ApiError apiError = new ApiError();
+
+        topicService.removeTopic(TOPIC_FQTN, apiError);
+
+        assertTrue(topicService.getTopics().isEmpty());
+        assertEquals(OK.getStatusCode(), apiError.getCode());
+    }
+
+    @Test
+    public void removeTopic_shouldFailIfAafCleanupWasFailed() {
+        ApiError apiError = new ApiError();
+        given(aafTopicSetupService.aafTopicCleanup(any(Topic.class))).willReturn(new ApiError(404, "sth went wrong"));
+
+        Topic removedTopic = topicService.removeTopic(TOPIC_FQTN, apiError);
+
+        assertNull(removedTopic);
+        assertEquals(404, apiError.getCode());
+        assertTrue(topicService.getTopics().containsKey(TOPIC_FQTN));
+    }
+
     private void createTopicService() {
         Map<String, Topic> mrTopics = new HashMap<>();
         mrTopics.put(TOPIC_FQTN, createTopic(TOPIC_FQTN));
diff --git a/version.properties b/version.properties
index 96f9ee0..dc85f0e 100644
--- a/version.properties
+++ b/version.properties
@@ -27,7 +27,7 @@
 
 major=1
 minor=0
-patch=29
+patch=30
 base_version=${major}.${minor}.${patch}
 
 # Release must be completed with git revision # in Jenkins