CADI AAF Integration and merging the code

Issue-ID: PORTAL-319

CADI AAF Integration and code merge

Change-Id: I6e44f3b2741858d8d403b77a49ec9a0153084801
Signed-off-by: hb123f <hbindu@research.att.com>
diff --git a/deliveries/properties_simpledemo/ONAPPORTAL/music.properties b/deliveries/properties_simpledemo/ONAPPORTAL/music.properties
index b33ca26..cc369bb 100644
--- a/deliveries/properties_simpledemo/ONAPPORTAL/music.properties
+++ b/deliveries/properties_simpledemo/ONAPPORTAL/music.properties
@@ -19,7 +19,8 @@
 cassandra.host=portal-cassandra
 zookeeper.host=portal-zk
 cassandra.user=root
-cassandra.password=Aa123456
+#cassandra.password=Aa123456
+cassandra.password=rDmtV8/HL+t3SF9SQDZbC8uw2C4cTzuSPtCeLNtXAe8=
 
 music.exclude.api = /portalApi/healthCheck,/portalApi/healthCheckSuspend,/portalApi/healthCheckResume
 
diff --git a/deliveries/properties_simpledemo/ONAPPORTALSDK/music.properties b/deliveries/properties_simpledemo/ONAPPORTALSDK/music.properties
index a28efe6..d8278b1 100644
--- a/deliveries/properties_simpledemo/ONAPPORTALSDK/music.properties
+++ b/deliveries/properties_simpledemo/ONAPPORTALSDK/music.properties
@@ -19,7 +19,8 @@
 cassandra.host=portal-cassandra
 zookeeper.host=portal-zk
 cassandra.user=root
-cassandra.password=Aa123456
+#cassandra.password=Aa123456
+cassandra.password=rDmtV8/HL+t3SF9SQDZbC8uw2C4cTzuSPtCeLNtXAe8=
 
 music.exclude.api = /portalApi/healthCheck,/portalApi/healthCheckSuspend,/portalApi/healthCheckResume
 
diff --git a/deliveries/server.xml b/deliveries/server.xml
index 0ccc500..e23771c 100644
--- a/deliveries/server.xml
+++ b/deliveries/server.xml
@@ -14,7 +14,6 @@
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
-
   Modifications to this file for use in ONAP are also subject to the Apache-2.0 license.
 -->
 <!-- Note:  A "Server" is not itself a "Container", so you may not
@@ -146,4 +145,4 @@
       </Host>
     </Engine>
   </Service>
-</Server>
+</Server>
\ No newline at end of file
diff --git a/ecomp-portal-BE-common/pom.xml b/ecomp-portal-BE-common/pom.xml
index fb16be0..6cb1279 100644
--- a/ecomp-portal-BE-common/pom.xml
+++ b/ecomp-portal-BE-common/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>org.onap.portal</groupId>
 		<artifactId>onap-portal-parent</artifactId>
-		<version>2.3.0</version>
+		<version>2.5.0</version>
 	</parent>
 
 	<artifactId>portal-be-common</artifactId>
@@ -86,7 +86,7 @@
 			</plugin>
 
 		</plugins>
-
+	
 		<testResources>
 			<testResource>
 				<directory>src/test/java</directory>
@@ -117,6 +117,22 @@
 	</build>
 
 	<dependencies>
+	<dependency>
+		<groupId>org.onap.aaf.authz</groupId>
+		<artifactId>aaf-cadi-aaf</artifactId>
+		<version>2.1.7</version>
+		<exclusions>
+			<exclusion>
+				<groupId>gso</groupId>
+				<artifactId>GLCookieDecryption</artifactId>
+			</exclusion>
+		</exclusions>
+	</dependency>
+	<dependency>
+		<groupId>org.onap.aaf.authz</groupId>
+		<artifactId>aaf-cadi-core</artifactId>
+		<version>2.1.7</version>
+	</dependency>
 		<dependency>
 			<groupId>com.att.eelf</groupId>
 			<artifactId>eelf-core</artifactId>
@@ -659,7 +675,7 @@
 	    <dependency>
 		    <groupId>org.onap.music</groupId>
 		    <artifactId>MUSIC</artifactId>
-		    <version>2.5.5</version>
+		    <version>2.5.8</version>
 		    <exclusions> 
 				<exclusion> 
 					  <groupId>com.sun.jersey</groupId> 
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java
index c7246de..289c827 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java
@@ -80,6 +80,9 @@
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
 
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
 @RestController
 @EnableAspectJAutoProxy
 @EPAuditLog
@@ -174,8 +177,8 @@
 		EPUser user = EPUserUtils.getUserSession(request);
 		List<AppIdAndNameTransportModel> adminApps = null;
 
-		try {
-			if (!adminRolesService.isAccountAdmin(user)) {
+		try {			
+			if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) {
 				EcompPortalUtils.setBadPermissions(user, response, "getAdminApps");
 			} else {
 				adminApps = appService.getAdminApps(user);
@@ -206,7 +209,7 @@
 		List<AppIdAndNameTransportModel> adminApps = null;
 
 		try {
-			if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
+			if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) {
 				EcompPortalUtils.setBadPermissions(user, response, "getAdminApps");
 			} else {
 				adminApps = appService.getAppsForSuperAdminAndAccountAdmin(user);
@@ -689,11 +692,14 @@
 	public FieldsValidator putOnboardingApp(HttpServletRequest request,
 			@RequestBody OnboardingApp modifiedOnboardingApp, HttpServletResponse response) {
 		FieldsValidator fieldsValidator = null;
+		EPUser user = null;
+		EPApp oldEPApp = null;
 		try {
-			EPUser user = EPUserUtils.getUserSession(request);
+			user = EPUserUtils.getUserSession(request);
 			if (!adminRolesService.isSuperAdmin(user)) {
 				EcompPortalUtils.setBadPermissions(user, response, "putOnboardingApp");
 			} else {
+				oldEPApp = appService.getApp(modifiedOnboardingApp.id);
 				modifiedOnboardingApp.normalize();
 				fieldsValidator = appService.modifyOnboardingApp(modifiedOnboardingApp, user);
 				response.setStatus(fieldsValidator.httpStatusCode.intValue());
@@ -701,7 +707,16 @@
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "putOnboardingApps failed", e);
 		}
-
+		if(response.getStatus()==200) {
+			try {
+				String oldvaluesAsJson = new ObjectMapper().writeValueAsString(oldEPApp);
+				String newvaluesAsJson = new ObjectMapper().writeValueAsString(modifiedOnboardingApp);
+				logger.info(EELFLoggerDelegate.auditLogger, "/portalApi/onboardingApps, old values ="+oldvaluesAsJson);
+				logger.info(EELFLoggerDelegate.auditLogger, "/portalApi/onboardingApps, loginId="+user.getLoginId()+", new values ="+newvaluesAsJson);
+			} catch (JsonProcessingException e) {
+				logger.error(EELFLoggerDelegate.errorLogger, "putOnboardingApps failed", e);
+			}
+		}
 		EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/onboardingApps", "PUT result =",
 				response.getStatus());
 		return fieldsValidator;
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java
index 60c25c6..fe2c349 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java
@@ -51,6 +51,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.onap.aaf.cadi.aaf.AAFPermission;
 import org.onap.portalapp.annotation.ApiVersion;
 import org.onap.portalapp.externalsystemapproval.model.ExternalSystemUser;
 import org.onap.portalapp.portal.domain.CentralV2RoleFunction;
@@ -887,4 +888,31 @@
 		return fnMenuItems;
 	}
 
+	
+	@ApiOperation(value = "Gets MechId roles", response = String.class, responseContainer = "List")
+	@RequestMapping(value = { "/v3/systemUser" }, method = RequestMethod.GET, produces = "application/json")
+	public List<AAFPermission> getSystemUserPerms(HttpServletRequest request, HttpServletResponse response) throws Exception {
+		List<AAFPermission> permsList = null;
+		Map<String, Object> res = getMethod(request, response);
+		try {
+			permsList = (List<AAFPermission>) invokeMethod(res, request, response);
+		} catch (Exception e) {
+			logger.error(EELFLoggerDelegate.errorLogger, "getSystemUserPerms failed", e);
+		}
+		return permsList;
+	}
+	
+	@ApiOperation(value = "Update role description in external auth system for an application.", response = PortalRestResponse.class, responseContainer = "Json")
+	@RequestMapping(value = { "/v3/update/app/roleDescription" }, method = RequestMethod.PUT, produces = "application/json")
+	public  PortalRestResponse<String> updateAppRoleDescription(HttpServletRequest request, HttpServletResponse response) throws Exception {
+		PortalRestResponse<String> result = null;
+		Map<String, Object> res = getMethod(request, response);
+		try {
+			result = (PortalRestResponse<String>) invokeMethod(res, request, response);
+			return result;
+		} catch (Exception e) {
+			logger.error(EELFLoggerDelegate.errorLogger, "updateAppRoleDescription failed", e);
+			return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
+		}
+	}
 }
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java
index 4a5e033..5f6818f 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java
@@ -43,6 +43,8 @@
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
+import java.util.TreeSet;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -107,7 +109,7 @@
 
 	private static final String SUCCESSFULLY_DELETED = "Successfully Deleted";
 
-	private static final String INVALID_UEB_KEY = "Invalid uebkey!";
+	private static final String INVALID_UEB_KEY = "Invalid credentials!";
 
 	private static final String LOGIN_ID = "LoginId";
 	
@@ -770,7 +772,7 @@
 			addedRoleFunctions = externalAccessRolesService.bulkUploadPartnerRoleFunctions(request.getHeader(UEBKEY));
 		} catch (Exception e) {
 			response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
-			logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRoles failed", e);
+			logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadPartnerRoleFunctions failed", e);
 			return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadPartnerRoleFunctions", "Failed");
 		}
 		return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "Successfully added: '"+addedRoleFunctions + "' role functions", "Success");
@@ -859,10 +861,16 @@
 		String answer = null;
 		try {
 			fieldsValidation(request);
+			
 			answer = externalAccessRolesService.getV2UserWithRoles(loginId, request.getHeader(UEBKEY));
 			if (answer != null) {
                 User ecompUser = userservice.userMapper(answer);
 				user = UserUtils.convertToEcompUser(ecompUser);
+			    List<EcompRole> missingRolesOfUser = externalAccessRolesService.missingUserApplicationRoles(request.getHeader(UEBKEY), loginId, user.getRoles());
+				if (missingRolesOfUser.size() > 0) {
+					Set<EcompRole> roles = new TreeSet<EcompRole>(missingRolesOfUser);
+					user.getRoles().addAll(roles);
+				}
 			}
 		} catch (Exception e) {
 			sendErrorResponse(response, e);	
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/HealthCheckController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/HealthCheckController.java
index 811e10c..cecbd9b 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/HealthCheckController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/HealthCheckController.java
@@ -164,12 +164,12 @@
 				EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError);
 			}
 
-			if (!HealthMonitor.isClusterStatusOk()) {
-				dbInfo.dbClusterStatus = "Problem, check the logs for more details";
-				EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError);
-			} else {
-				dbInfo.dbClusterStatus = statusOk;
-			}
+//			if (!HealthMonitor.isClusterStatusOk()) {
+//				dbInfo.dbClusterStatus = "Problem, check the logs for more details";
+//				EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError);
+//			} else {
+//				dbInfo.dbClusterStatus = statusOk;
+//			}
 
 			if (!HealthMonitor.isDatabasePermissionsOk()) {
 				dbInfo.dbPermissions = "Problem, check the logs for more details";
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
index 4956e3f..c6849cd 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
@@ -656,7 +656,7 @@
 	public List<CentralizedApp> getCentralizedAppRoles(HttpServletRequest request, HttpServletResponse response, String userId) throws IOException {
 		EPUser user = EPUserUtils.getUserSession(request);
 		List<CentralizedApp> applicationsList = null;
-			if (adminRolesService.isAccountAdmin(user) || adminRolesService.isSuperAdmin(user)) {
+			if (adminRolesService.isAccountAdmin(user) || adminRolesService.isSuperAdmin(user) || adminRolesService.isRoleAdmin(user)) {
 				applicationsList = externalAccessRolesService.getCentralizedAppsOfUser(userId);
 			} else {
 				logger.info(EELFLoggerDelegate.auditLogger,
@@ -769,7 +769,7 @@
 		app.getUebKey();
 		List<EPApp> appInfo = externalAccessRolesService.getApp(app.getUebKey());
 		if(appInfo.isEmpty()){
-			throw new InvalidApplicationException("Invalid uebkey");
+			throw new InvalidApplicationException("Invalid credentials");
 		}
 		if(!appInfo.isEmpty() && EcompPortalUtils.checkIfRemoteCentralAccessAllowed() && appInfo.get(0).getCentralAuth()){
 			ResponseEntity<String> response = externalAccessRolesService.getNameSpaceIfExists(appInfo.get(0));
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java
index c61fb43..c976629 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java
@@ -41,21 +41,21 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.onap.aaf.cadi.aaf.AAFPermission;
 import org.onap.portalapp.annotation.ApiVersion;
 import org.onap.portalapp.portal.domain.CentralV2RoleFunction;
 import org.onap.portalapp.portal.ecomp.model.PortalRestResponse;
+import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum;
 import org.onap.portalapp.portal.logging.aop.EPAuditLog;
-import org.onap.portalapp.portal.transport.CentralUser;
+import org.onap.portalapp.portal.service.ExternalAccessRolesService;
 import org.onap.portalapp.portal.transport.CentralV2Role;
 import org.onap.portalsdk.core.domain.Role;
-import org.onap.portalsdk.core.domain.RoleFunction;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.onboarding.util.AuthUtil;
 import org.onap.portalsdk.core.restful.domain.EcompRole;
 import org.onap.portalsdk.core.restful.domain.EcompUser;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.EnableAspectJAutoProxy;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
 
 import io.swagger.annotations.ApiOperation;
 
@@ -64,14 +64,23 @@
 @EPAuditLog
 @ApiVersion
 public class RolesController implements BasicAuthenticationController {
+	
+	private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(RolesController.class);
+
 
 	final String LOGINID_PATTERN = "/v3/user/[a-zA-Z0-9]{1,25}$";
 	final String FUNCTION_CD_PATTERN = "/v3/function/[a-zA-Z0-9_-]{1,75}$";
 
 	final String DELETE_ROLEFUNCTION = "/v3/roleFunction/[a-zA-Z0-9_-]{1,75}$";
+	
+	private static final String UEBKEY = "uebkey";
+	
+	@Autowired
+	private ExternalAccessRolesService externalAccessRolesService;
 
 	@Autowired
 	ExternalAccessRolesController externalAccessRolesController = new ExternalAccessRolesController();
+	
 
 	@ApiOperation(value = "Gets roles for an application which is upgraded to newer version.", response = CentralV2Role.class, responseContainer = "Json")
 	@ApiVersion(max = "v3", service = "/v3/roles", min = 0, method = "GET")
@@ -192,6 +201,22 @@
 	public List<String> getMenuFunctions(HttpServletRequest request, HttpServletResponse response) throws Exception {
 		return externalAccessRolesController.getMenuFunctions(request, response);
 	}
+	
+	@ApiVersion(max = "v3", service = "/v3/update/app/roleDescription", min = 0, method = "PUT")
+	public PortalRestResponse<String> updateAppRoleDescription(HttpServletRequest request, HttpServletResponse response)
+			throws Exception {
+		Integer updatedRoleDesc = 0;
+		try {
+			updatedRoleDesc = externalAccessRolesService.updateAppRoleDescription(request.getHeader(UEBKEY));
+		} catch (Exception e) {
+			response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+			logger.error(EELFLoggerDelegate.errorLogger, "updateAppRoleDescription: failed!", e);
+			return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR,
+					"updateAppRoleDescription: " + e.getMessage(), "Failure");
+		}
+		return new PortalRestResponse<String>(PortalRestStatusEnum.OK,
+				"Successfully updated app role descriptions: '" + updatedRoleDesc + "'", "Success");
+	}
 
 	@ApiVersion(max = "v4", service = "/v4/user/[a-zA-Z0-9]{1,25}$", min = 0, method = "GET")
 	public String getEcompUser(HttpServletRequest request, HttpServletResponse response, String loginId)
@@ -204,4 +229,10 @@
 			throws Exception {
 		return externalAccessRolesController.getEcompRolesOfApplication(request, response);
 	}
+	
+	@ApiVersion(max = "v3", service = "/v3/systemUser", min = 0, method = "GET")
+	public List<AAFPermission> getSystemUser(HttpServletRequest request, HttpServletResponse response) 
+			throws Exception {
+		return AuthUtil.getAAFPermissions(request);
+	}
 }
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/SchedulerController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/SchedulerController.java
index cb7c0d4..0be83c9 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/SchedulerController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/SchedulerController.java
@@ -99,7 +99,8 @@
 			String startTimeRequest = requestDateFormat.format(startingTime);
 			logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler GET Timeslots for startTimeRequest: ",
 					startTimeRequest);
-			logger.debug(EELFLoggerDelegate.debugLogger, "Original Request : \n ", scheduler_request);
+			logger.debug(EELFLoggerDelegate.debugLogger, "Original Request = {} ", scheduler_request);
+
 			String path = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_GET_TIME_SLOTS)
 					+ scheduler_request;
 
@@ -107,7 +108,7 @@
 
 			Date endTime = new Date();
 			String endTimeRequest = requestDateFormat.format(endTime);
-			logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - GET for EndTimeRequest",
+			logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - GET for EndTimeRequest = {}",
 					endTimeRequest);
 			return (new ResponseEntity<String>(schedulerResWrapper.getResponse(),
 					HttpStatus.valueOf(schedulerResWrapper.getStatus())));
@@ -134,12 +135,12 @@
 
 			schedulerRestController.Get(str, uuid, path, restObjStr);
 			GetTimeSlotsWrapper schedulerRespWrapper = SchedulerUtil.getTimeSlotsWrapResponse(restObjStr);
-			logger.debug(EELFLoggerDelegate.debugLogger, "Get Time Slots Request END : Response: ",
+			logger.debug(EELFLoggerDelegate.debugLogger, "Get Time Slots Request END : Response: {}",
 					schedulerRespWrapper.getResponse());
 			if (schedulerRespWrapper.getStatus() != 200 && schedulerRespWrapper.getStatus() != 204
 					&& schedulerRespWrapper.getStatus() != 202) {
 				String message = String.format(
-						" getTimeslots Information failed . SchedulerResponseWrapper for gettimeslots: %s", schedulerRespWrapper.getResponse());
+						" getTimeslots Information failed . SchedulerResponseWrapper for gettimeslots: {}", schedulerRespWrapper.getResponse());
 				logger.error(EELFLoggerDelegate.errorLogger, message);
 				EPLogUtil.schedulerAccessAlarm(logger, schedulerRespWrapper.getStatus());
 
@@ -167,11 +168,11 @@
 			String uuid = UUID.randomUUID().toString();
 
 			scheduler_request.put("scheduleId", uuid);
-			logger.debug(EELFLoggerDelegate.debugLogger, "UUID : ", uuid);
+			logger.debug(EELFLoggerDelegate.debugLogger, "UUID = {} ", uuid);
 
 			// adding uuid to the request payload
 			scheduler_request.put("scheduleId", uuid);
-			logger.debug(EELFLoggerDelegate.debugLogger, "Original Request ", scheduler_request.toString());
+			logger.debug(EELFLoggerDelegate.debugLogger, "Original Request = {}", scheduler_request.toString());
 
 			String path = SchedulerProperties
 					.getProperty(SchedulerProperties.SCHEDULER_CREATE_NEW_VNF_CHANGE_INSTANCE_VAL) + uuid;
@@ -180,7 +181,7 @@
 
 			Date endTime = new Date();
 			String endTimeRequest = requestDateFormat.format(endTime);
-			logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - POST", endTimeRequest);
+			logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - POST= {}", endTimeRequest);
 
 			return new ResponseEntity<String>(responseWrapper.getResponse(),
 					HttpStatus.valueOf(responseWrapper.getStatus()));
@@ -214,7 +215,7 @@
 
 			PostCreateNewVnfWrapper responseWrapper = SchedulerUtil.postCreateNewVnfWrapResponse(restObjStr);
 
-			logger.debug(EELFLoggerDelegate.debugLogger, " Post Create New Vnf Scheduling Request END : Response: ",
+			logger.debug(EELFLoggerDelegate.debugLogger, " Post Create New Vnf Scheduling Request END : Response = {}",
 					responseWrapper.getResponse());
 			if (responseWrapper.getStatus() != 200 && responseWrapper.getStatus() != 202 && responseWrapper.getStatus() != 204) {
 				logger.error(EELFLoggerDelegate.errorLogger, "PostCreateNewVnfWrapper Information failed", responseWrapper.getResponse());
@@ -235,15 +236,15 @@
 		try {
 			Date startingTime = new Date();
 			String startTimeRequest = requestDateFormat.format(startingTime);
-			logger.debug(EELFLoggerDelegate.debugLogger, " Controller Scheduler POST : submit_vnf_change_timeslots",
+			logger.debug(EELFLoggerDelegate.debugLogger, " Controller Scheduler POST : submit_vnf_change_timeslots = {}",
 					startTimeRequest);
 
 			// Generating uuid
 			String uuid = (String) scheduler_request.get("scheduleId");
-			logger.debug(EELFLoggerDelegate.debugLogger, "UUID : ", uuid);
+			logger.debug(EELFLoggerDelegate.debugLogger, "UUID = {} ", uuid);
 
 			scheduler_request.remove("scheduleId");
-			logger.debug(EELFLoggerDelegate.debugLogger, "Original Request for the schedulerId: ",
+			logger.debug(EELFLoggerDelegate.debugLogger, "Original Request for the schedulerId= {} ",
 					scheduler_request.toString());
 
 			String path = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_SUBMIT_NEW_VNF_CHANGE)
@@ -254,7 +255,7 @@
 
 			Date endTime = new Date();
 			String endTimeRequest = requestDateFormat.format(endTime);
-			logger.debug(EELFLoggerDelegate.debugLogger, " Controller Scheduler - POST Submit for end time request",
+			logger.debug(EELFLoggerDelegate.debugLogger, " Controller Scheduler - POST Submit for end time request= {}",
 					endTimeRequest);
 
 			return (new ResponseEntity<String>(responseWrapper.getResponse(),HttpStatus.valueOf(responseWrapper.getStatus())));
@@ -289,7 +290,7 @@
 
 			PostSubmitVnfChangeTimeSlotsWrapper responseWrapper = SchedulerUtil
 					.postSubmitNewVnfWrapResponse(restObjStr);
-			logger.debug(EELFLoggerDelegate.debugLogger, "Post Submit Scheduling Request END : Response = ",
+			logger.debug(EELFLoggerDelegate.debugLogger, "Post Submit Scheduling Request END : Response = {}",
 					responseWrapper.getResponse());
 			if (responseWrapper.getStatus() != 200 && responseWrapper.getStatus() != 202
 					&& responseWrapper.getStatus() != 204) {
@@ -336,7 +337,10 @@
 				else
 					throw new Exception(entry.getKey() + errorMsg);
 			}
+			logger.debug(EELFLoggerDelegate.debugLogger, " portalRestResponse - getSchedulerConstant= {}",
+					map);
 			portalRestResponse = new PortalRestResponse<Map<String, String>>(PortalRestStatusEnum.OK, "success", map);
+			
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "getSchedulerConstant failed", e);
 			portalRestResponse = new PortalRestResponse<Map<String, String>>(PortalRestStatusEnum.ERROR, e.getMessage(),
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java
index f511326..72ae07d 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java
@@ -65,6 +65,8 @@
 import org.onap.portalapp.portal.transport.AppNameIdIsAdmin;
 import org.onap.portalapp.portal.transport.AppWithRolesForUser;
 import org.onap.portalapp.portal.transport.AppsListWithAdminRole;
+import org.onap.portalapp.portal.transport.EpNotificationItem;
+import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator;
 import org.onap.portalapp.portal.transport.FieldsValidator;
 import org.onap.portalapp.portal.transport.RoleInAppForUser;
 import org.onap.portalapp.portal.transport.UserApplicationRoles;
@@ -80,6 +82,7 @@
 import org.slf4j.MDC;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.EnableAspectJAutoProxy;
+import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -123,7 +126,7 @@
 			HttpServletResponse response) {
 		EPUser user = EPUserUtils.getUserSession(request);
 		String searchResult = null;
-		if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
+		if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)  ) {
 			EcompPortalUtils.setBadPermissions(user, response, "getPhoneBookSearchResult");
 		} else {
 			searchString = searchString.trim();
@@ -227,6 +230,7 @@
 			}
 		}else{
 			logger.error(EELFLoggerDelegate.errorLogger, "putAppWithUserRoleStateForUser: putAppsWithAdminRoleStateForUser result is null");
+			fieldsValidator.httpStatusCode = new Long(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
 		}
 		
 		logger.info(EELFLoggerDelegate.errorLogger, newAppRoles.toString());
@@ -286,12 +290,14 @@
 		EPUser user = EPUserUtils.getUserSession(request);
 		List<RoleInAppForUser> result = null;
 		String feErrorString = "";
-		if (!adminRolesService.isAccountAdmin(user)) {
+		if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) {
+			logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: Accountadminpermissioncheck {}, RoleAdmincheck {}", adminRolesService.isAccountAdmin(user) , adminRolesService.isRoleAdmin(user));
 			EcompPortalUtils.setBadPermissions(user, response, "getAppRolesForUser");
 			feErrorString = EcompPortalUtils.getFEErrorString(true, response.getStatus());
 		} else {
 			if (EcompPortalUtils.legitimateUserId(orgUserId)) {
-				result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue);
+				result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue, user);
+				logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: result {}, appId {}", result , appid);
 				int responseCode = EcompPortalUtils.getExternalAppResponseCode();
 				if (responseCode != 0 && responseCode != 200) {
 					// external error
@@ -342,9 +348,10 @@
 
 	@RequestMapping(value = { "/portalApi/userAppRoles" }, method = {
 			RequestMethod.PUT }, produces = "application/json")
-	public FieldsValidator putAppWithUserRoleStateForUser(HttpServletRequest request,
+	public PortalRestResponse<String> putAppWithUserRoleStateForUser(HttpServletRequest request,
 			@RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) {
-		FieldsValidator fieldsValidator = new FieldsValidator();
+		//FieldsValidator fieldsValidator = new FieldsValidator();
+		PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
 		StringBuilder sbUserApps = new StringBuilder();
 		if (newAppRolesForUser != null) {
 			sbUserApps.append("User '" + newAppRolesForUser.orgUserId);
@@ -364,14 +371,17 @@
 		logger.info(EELFLoggerDelegate.applicationLogger, "putAppWithUserRoleStateForUser: {}", sbUserApps.toString());
 
 		EPUser user = EPUserUtils.getUserSession(request);
-		boolean changesApplied = false;
-		if (!adminRolesService.isAccountAdmin(user)) {
+		//boolean changesApplied = false;
+		ExternalRequestFieldsValidator changesApplied = null;
+
+		if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) {
 			EcompPortalUtils.setBadPermissions(user, response, "putAppWithUserRoleStateForUser");
 		} else if(newAppRolesForUser==null){
 			logger.error(EELFLoggerDelegate.errorLogger, "putAppWithUserRoleStateForUser: newAppRolesForUser is null");
 		} else{
-			changesApplied = userRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser);
-			if (changesApplied) {
+			changesApplied= userRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser);
+			try{
+				if (changesApplied.isResult()) {
 				logger.info(EELFLoggerDelegate.applicationLogger,
 						"putAppWithUserRoleStateForUser: succeeded for app {}, user {}", newAppRolesForUser.appId,
 						newAppRolesForUser.orgUserId);
@@ -395,17 +405,25 @@
 				MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
 				MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
 				MDC.remove(SystemProperties.MDC_TIMER);
-			} else {
+				portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK,"success",null);
+
+			}
+				 if (!changesApplied.isResult())
+						throw new Exception(changesApplied.getDetailMessage());
+			
+		}catch (Exception e){
 				logger.error(EELFLoggerDelegate.errorLogger,
 						"putAppWithUserRoleStateForUser: failed for app {}, user {}", newAppRolesForUser.appId,
 						newAppRolesForUser.orgUserId);
+				portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), null);
 			}
 		}
 
 		EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "put result =", changesApplied);
-		return fieldsValidator;
+		return portalResponse;
 	}
-
+	
+	
 	@RequestMapping(value = { "/portalApi/updateRemoteUserProfile" }, method = {
 			RequestMethod.GET }, produces = "application/json")
 	public PortalRestResponse<String> updateRemoteUserProfile(HttpServletRequest request,
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WebAnalyticsExtAppController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WebAnalyticsExtAppController.java
index afde8bc..743cbc9 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WebAnalyticsExtAppController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WebAnalyticsExtAppController.java
@@ -45,6 +45,7 @@
 import javax.servlet.http.HttpServletRequest;
 
 import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang.StringUtils;
 import org.onap.portalapp.controller.EPRestrictedRESTfulBaseController;
 import org.onap.portalapp.portal.domain.EPApp;
 import org.onap.portalapp.portal.domain.EcompAuditLog;
@@ -138,6 +139,25 @@
 	@RequestMapping(value = { "/analytics" }, method = RequestMethod.GET, produces = "application/javascript")
 	public String getAnalyticsScript(HttpServletRequest request) throws Exception {
 		String responseText = "";
+		EPApp app = null;
+		String version = "";
+		try {
+			app = getApp(request);
+		} catch (Exception e) {
+			logger.error(EELFLoggerDelegate.errorLogger,
+					" Error retrieving Application to capture app name for analytics; Proceeding with empty app name");
+		}
+		if (app != null) {
+			String restEndPoint = app.getAppRestEndpoint();
+			if(restEndPoint.indexOf("/api")!=-1) {
+				version = restEndPoint.substring(restEndPoint.indexOf("/api")+4);
+			}
+		}
+		String END_POINT = "/storeAnalytics";
+		if(StringUtils.isNotBlank(version)) {
+			END_POINT = version + "/storeAnalytics";
+		}
+
 		final String fileName = "analytics.txt";
 		InputStream analyticsFileStream = null;
 		try {
@@ -152,8 +172,8 @@
 
 		String feURLContext = SystemProperties.getProperty("frontend_url");
 		String feURL = feURLContext.substring(0, feURLContext.lastIndexOf('/'));
-
 		responseText = responseText.replace("PORTAL_ENV_URL", feURL);
+		responseText = responseText.replace("$END_POINT", END_POINT);
 		return responseText;
 	}
 
@@ -215,18 +235,23 @@
 	}
 
 	protected String getAppName(HttpServletRequest request, String appName) {
+		
+		EPApp appRecord = getApp(request);
+		if (appRecord != null) {
+			appName = appRecord.getName();
+		}
+		return appName;
+	}
+	
+	protected EPApp getApp(HttpServletRequest request) {
 		String appKeyValue = request.getHeader(APP_KEY);
+		EPApp appRecord = null;
 		if (appKeyValue == null || appKeyValue.equals("")) {
 			logger.error(EELFLoggerDelegate.errorLogger, " App Key unavailable; Proceeding with null app name");
 		} else {
-			EPApp appRecord = appCacheService.getAppFromUeb(appKeyValue);
-			if (appRecord == null) {
-				logger.error(EELFLoggerDelegate.errorLogger, " App could not be found for the key " + appKeyValue);
-			} else
-				appName = appRecord.getName();
-
+			 appRecord = appCacheService.getAppFromUeb(appKeyValue);
 		}
-		return appName;
+		return appRecord;
 	}
 
 	protected void storeAuxAnalytics(Analytics analyticsMap, String appName) {
@@ -253,5 +278,5 @@
 				HttpMethod.POST, entity, String.class);
 		out.addCallback(successCallback, failureCallback);
 	}
-
+	
 }
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java
index 0b43b5d..d7cce0e 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java
@@ -538,9 +538,10 @@
 		SortedSet<EPRole> roles = new TreeSet<EPRole>();
 		SortedSet<EPUserApp> userAppRoles = getEPUserApps();
 		
-		logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - userApps = ", userAppRoles.size());
+		logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - userApps = {} ", userAppRoles.size());
 
 		Iterator<EPUserApp> userAppRolesIterator = userAppRoles.iterator();
+
 		EPUserApp userAppRole = null;
 		// getting default app
 		while (userAppRolesIterator.hasNext()) {
@@ -561,7 +562,7 @@
 				}				
 			}
 		}
-		logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - roles = ", roles.size());
+		logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - roles = {}" , roles.size());
 
 		return roles;
 	}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java
index f0dd7b2..3470a9e 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java
@@ -47,7 +47,7 @@
 	private Long userId;
 	private EPApp app;
 	private EPRole role;
-	private Short priority;
+	private Integer priority;
 	
 	public EPUserApp() {
 	}
@@ -94,11 +94,11 @@
 		this.role = role;
 	}
 		
-	public Short getPriority() {
-		return this.priority;
+	public Integer getPriority() {
+		return (this.priority == null) ? 1 : priority;
 	}
 
-	public void setPriority(Short priority) {
+	public void setPriority(Integer priority) {
 		this.priority = priority;
 	}
 
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java
index ab88dd6..b143906 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java
@@ -39,9 +39,7 @@
  */
 package org.onap.portalapp.portal.interceptor;
 
-import java.nio.charset.Charset;
 import java.util.ArrayList;
-import java.util.Base64;
 import java.util.List;
 import java.util.Set;
 import java.util.regex.Matcher;
@@ -51,6 +49,8 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.mockito.internal.stubbing.answers.ThrowsException;
+import org.onap.aaf.cadi.CadiWrap;
 import org.onap.portalapp.controller.sessionmgt.SessionCommunicationController;
 import org.onap.portalapp.portal.controller.BasicAuthenticationController;
 import org.onap.portalapp.portal.controller.ExternalAppsRestfulController;
@@ -63,6 +63,7 @@
 import org.onap.portalapp.portal.logging.aop.EPEELFLoggerAdvice;
 import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum;
 import org.onap.portalapp.portal.logging.logic.EPLogUtil;
+import org.onap.portalapp.portal.service.AdminRolesService;
 import org.onap.portalapp.portal.service.AppsCacheService;
 import org.onap.portalapp.portal.service.BasicAuthenticationCredentialService;
 import org.onap.portalapp.portal.service.ExternalAccessRolesService;
@@ -76,7 +77,10 @@
 import org.onap.portalsdk.core.interceptor.ResourceInterceptor;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 import org.onap.portalsdk.core.onboarding.listener.PortalTimeoutHandler;
+import org.onap.portalsdk.core.onboarding.util.AuthUtil;
 import org.onap.portalsdk.core.onboarding.util.CipherUtil;
+import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
+import org.onap.portalsdk.core.onboarding.util.PortalApiProperties;
 import org.onap.portalsdk.core.util.SystemProperties;
 import org.onap.portalsdk.core.util.SystemProperties.SecurityEventTypeEnum;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -97,11 +101,12 @@
 
 	@Autowired
 	private EPEELFLoggerAdvice epAdvice;
+	
+	@Autowired
+	private AdminRolesService adminRolesService;
 
 	@Autowired
 	private BasicAuthenticationCredentialService basicAuthService;
-	@Autowired
-	private ExternalAccessRolesService externalAccessRolesService;
 
 	@SuppressWarnings("unchecked")
 	@Override
@@ -145,10 +150,12 @@
 							// trivial
 							// call; otherwise, if it is, then check for the
 							// access
-							if (matchRoleFunctions(portalApiPath, allRoleFunctions)
-									&& !matchRoleFunctions(portalApiPath, roleFunctions)) {
-								EPUser user = (EPUser) request.getSession().getAttribute(
-										SystemProperties.getProperty(SystemProperties.USER_ATTRIBUTE_NAME));
+							EPUser user = (EPUser) request.getSession().getAttribute(
+									SystemProperties.getProperty(SystemProperties.USER_ATTRIBUTE_NAME));
+							//RoleAdmin check is being added because the role belongs to partner application 
+							//inorder to access portal api's, bypassing this with isRoleAdmin Check
+							if ((matchRoleFunctions(portalApiPath, allRoleFunctions)
+									&& !matchRoleFunctions(portalApiPath, roleFunctions)) && !adminRolesService.isRoleAdmin(user)) {
 								logger.error(EELFLoggerDelegate.errorLogger,
 										"preHandle: User {} not authorized for path {} ", user.getOrgUserId(),
 										portalApiPath);
@@ -234,90 +241,132 @@
 
 		final String authHeader = request.getHeader(EPCommonSystemProperties.AUTHORIZATION);
 		final String uebkey = request.getHeader(EPCommonSystemProperties.UEB_KEY);
-		
-		// Unauthorized access due to missing HTTP Authorization request header
-		if (authHeader == null) {
-			final String msg = "no authorization found";
-			logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
-			sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
-			return false;
-		}
+		try{
+			CadiWrap wrapReq = (CadiWrap) request;
+				logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the loop as the uri contains auxapi : {}");
+				String nameSpace=PortalApiProperties.getProperty(PortalApiConstants.AUTH_NAMESPACE);
+				logger.debug(EELFLoggerDelegate.debugLogger, "namespace form the portal properties : {}",nameSpace);
+				Boolean accessallowed=AuthUtil.isAccessAllowed(request, nameSpace);
+				logger.debug(EELFLoggerDelegate.debugLogger, "AccessAllowed for the request and namespace : {}",accessallowed);
+				if(accessallowed){
+					logger.debug(EELFLoggerDelegate.debugLogger, "AccessAllowed is allowed: {}",accessallowed);
 
-		String[] accountNamePassword = EcompPortalUtils.getUserNamePassword(authHeader);
-		if (accountNamePassword == null || accountNamePassword.length != 2) {
-			final String msg = "failed to get username and password from Atuhorization header";
-			logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
-			sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
-			return false;
-		}
+					//String[] accountNamePassword = EcompPortalUtils.getUserNamePassword(authHeader);
+					//check ueb condition
+					if(uebkey !=null && !uebkey.isEmpty())
+					{
+						EPApp application = appCacheService.getAppFromUeb(uebkey,1);
+						if (application == null) {
+							throw new Exception("Invalid credentials!");
+						}
+						else {
+							final String appUsername = application.getUsername();
+							logger.debug(EELFLoggerDelegate.debugLogger, "appUsername : {}",appUsername);
 
-		if(uebkey !=null && !uebkey.isEmpty())
-		{
-			EPApp application = appCacheService.getAppFromUeb(uebkey,1);
-			if (application == null) {
-				throw new Exception("Invalid uebkey!");
+							String[] accountNamePassword = EcompPortalUtils.getUserNamePassword(authHeader);
+							logger.debug(EELFLoggerDelegate.debugLogger, "accountNamePassword : {}",accountNamePassword);
+
+							if (accountNamePassword == null || accountNamePassword.length != 2) {
+								final String msg = "failed to get username and password from Atuhorization header";
+								logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth Username and password failed to get: {}", msg);
+								sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+								return false;
+							}
+							if (appUsername.equals(accountNamePassword[0])) {
+								return true;
+							}else{
+								final String msg = "failed to match the UserName from the application ";
+								logger.debug(EELFLoggerDelegate.debugLogger, "failed to match the UserName from the application checkBasicAuth Username and password failed to get: {}", msg);
+								sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+								return false;
+							}
+						}
+					}
+
+					return true;	
+				}
+				if(!accessallowed){
+					final String msg = "no authorization found";
+					logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth when no accessallowed: {}", msg);
+					sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+					return false;
+				}
+				return false;
+			
+		}catch(ClassCastException e){
+			logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the classcastexception block if the UN is not the mechid : {}");
+
+			
+			// Unauthorized access due to missing HTTP Authorization request header
+			if (authHeader == null) {
+				final String msg = "no authorization found";
+				logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
+				sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+				return false;
 			}
-			else {
-				final String appUsername = application.getUsername();
-				final String dbDecryptedPwd = CipherUtil.decryptPKC(application.getAppPassword());
-				if (appUsername.equals(accountNamePassword[0]) && dbDecryptedPwd.equals(accountNamePassword[1])) {
-					return true;
+
+			String[] accountNamePassword = EcompPortalUtils.getUserNamePassword(authHeader);
+			if (accountNamePassword == null || accountNamePassword.length != 2) {
+				final String msg = "failed to get username and password from Atuhorization header";
+				logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
+				sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+				return false;
+			}
+
+			if(uebkey !=null && !uebkey.isEmpty())
+			{
+				EPApp application = appCacheService.getAppFromUeb(uebkey,1);
+				if (application == null) {
+					throw new Exception("Invalid credentials!");
+				}
+				else {
+					final String appUsername = application.getUsername();
+					final String dbDecryptedPwd = CipherUtil.decryptPKC(application.getAppPassword());
+					if (appUsername.equals(accountNamePassword[0]) && dbDecryptedPwd.equals(accountNamePassword[1])) {
+						return true;
+					}
 				}
 			}
-		}
 
-		
-		BasicAuthCredentials creds;
-		try {
-			creds = basicAuthService.getBasicAuthCredentialByUsernameAndPassword(accountNamePassword[0],
-					accountNamePassword[1]);
-		} catch (Exception e) {
-			logger.error(EELFLoggerDelegate.errorLogger, "checkBasicAuth failed to get credentials", e);
-			final String msg = "Failed while getting basic authentication credential: ";
-			sendErrorResponse(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, msg);
-			throw e;
-		}
-
-		// Unauthorized access due to invalid credentials (username and
-		// password)
-		if (creds == null || !creds.getUsername().equals(accountNamePassword[0])) {
-			final String msg = "Unauthorized: Access denied";
-			logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
-			sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
-			return false;
-		}
-
-		// Unauthorized access due to inactive account
-		if (creds.getIsActive().equals("N")) {
-			final String msg = "Unauthorized: The account is inactive";
-			logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
-			sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
-			return false;
-		}
-		boolean isAllowedEp = false;
-		for (EPEndpoint ep : creds.getEndpoints()) {
-			if (ep.getName().equals(uri)) {
-				isAllowedEp = true;
-				break;
+			
+			BasicAuthCredentials creds;
+			try {
+				creds = basicAuthService.getBasicAuthCredentialByUsernameAndPassword(accountNamePassword[0],
+						accountNamePassword[1]);
+			} catch (Exception e1) {
+				logger.error(EELFLoggerDelegate.errorLogger, "checkBasicAuth failed to get credentials", e1);
+				final String msg = "Failed while getting basic authentication credential: ";
+				sendErrorResponse(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, msg);
+				throw e1;
 			}
+
+			// Unauthorized access due to invalid credentials (username and
+			// password)
+			if (creds == null || !creds.getUsername().equals(accountNamePassword[0])) {
+				final String msg = "Unauthorized: Access denied";
+				logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
+				sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+				return false;
+			}
+
+			// Unauthorized access due to inactive account
+			if (creds.getIsActive().equals("N")) {
+				final String msg = "Unauthorized: The account is inactive";
+				logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
+				sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+				return false;
+			}
+		
+		}catch (Exception e2) {
+			logger.error(EELFLoggerDelegate.errorLogger, "checkBasicAuth failed to get credentials for some other exception", e2);
+			final String msg = "Failed while getting basic authentication credential for some other exception: ";
+			sendErrorResponse(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, msg);
+			throw e2;
 		}
-
-		// If user doesn't specify any endpoint, allow all endpoints for that
-		// account
-		if (creds.getEndpoints().size() == 0)
-			isAllowedEp = true;
-
-		// Unauthorized access due to the invalid endpoints
-		if (!isAllowedEp) {
-			final String msg = "Unauthorized: Endpoint access denied";
-			logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
-			sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
-			return false;
-		}
-
-		// Made it to the end!
 		return true;
-	}
+
+
+}
 
 	@SuppressWarnings("unused")
 	private String decrypted(String encrypted) throws Exception {
@@ -380,8 +429,11 @@
 		}
 		return false;
 	}
+	
+	
 
 	protected void handleSessionUpdates(HttpServletRequest request) {
 		PortalTimeoutHandler.handleSessionUpdatesNative(request, null, null, null, null, manageService);
 	}
+	
 }
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/listener/HealthMonitor.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/listener/HealthMonitor.java
index 6df4f9b..891da3b 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/listener/HealthMonitor.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/listener/HealthMonitor.java
@@ -86,7 +86,6 @@
 	private static boolean uebUp;
 	private static boolean frontEndUp;
 	private static boolean backEndUp;
-	private static boolean dbClusterStatusOk;
 	private static boolean dbPermissionsOk;
 	private static boolean zookeeperStatusOk;
 	private static boolean cassandraStatusOk;
@@ -106,10 +105,6 @@
 		return databaseUp;
 	}
 
-	public static boolean isClusterStatusOk() {
-		return dbClusterStatusOk;
-	}
-
 	public static boolean isDatabasePermissionsOk() {
 		return dbPermissionsOk;
 	}
@@ -143,6 +138,7 @@
 		int numIntervalsCassandraNotHealthy = 0;
 
 		logger.debug(EELFLoggerDelegate.debugLogger, "monitorEPHealth thread started");
+        
 
 		long sleepInterval = (Long
 				.valueOf(SystemProperties.getProperty(EPCommonSystemProperties.HEALTH_POLL_INTERVAL_SECONDS)) * 1000);
@@ -151,8 +147,10 @@
 		logger.debug(EELFLoggerDelegate.debugLogger,
 				"monitorEPHealth: Polling health every " + sleepInterval + " milliseconds. Alerting every "
 						+ (sleepInterval * numIntervalsBetweenAlerts) / 1000 + " seconds when component remains down.");
-
+		
 		while (true) {
+			logger.debug(EELFLoggerDelegate.debugLogger,
+					"monitorEPHealth: Test Connection to all");
 			//
 			// Get DB status. If down, signal alert once every X intervals.
 			//
@@ -169,18 +167,6 @@
 				}
 			}
 
-			dbClusterStatusOk = this.checkClusterStatus();
-			if (dbClusterStatusOk == false) {
-				if ((numIntervalsClusterNotHealthy % numIntervalsBetweenAlerts) == 0) {
-					logger.debug(EELFLoggerDelegate.debugLogger,
-							"monitorEPHealth: cluster nodes down, logging to error log to trigger alert.");
-					EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeHealthCheckMySqlError);
-					numIntervalsClusterNotHealthy++;
-				} else {
-					numIntervalsClusterNotHealthy = 0;
-				}
-			}
-
 			dbPermissionsOk = this.checkDatabasePermissions();
 			if (dbPermissionsOk == false) {
 				if ((numIntervalsDatabasePermissionsIncorrect % numIntervalsBetweenAlerts) == 0) {
@@ -194,7 +180,9 @@
 			}
 			org.onap.portalapp.music.util.MusicUtil MusicUtilSDK = new org.onap.portalapp.music.util.MusicUtil();
 			if(MusicUtilSDK.isMusicEnable()){
+
 				zookeeperStatusOk = this.checkZookeeperStatus();
+
 				if (zookeeperStatusOk == false) {
 					if ((numIntervalsZookeeperNotHealthy % numIntervalsBetweenAlerts) == 0) {
 						logger.debug(EELFLoggerDelegate.debugLogger,
@@ -279,7 +267,8 @@
 					monitorEPHealth();
 				} catch (InterruptedException e) {
 					logger.debug(EELFLoggerDelegate.debugLogger, "healthMonitorThread interrupted", e);
-				} catch (Exception e) {
+				} 
+				catch (Exception e) {
 					logger.error(EELFLoggerDelegate.errorLogger, "healthMonitorThread failed", e);
 				}
 			}
@@ -327,36 +316,6 @@
 		return isUp;
 	}
 
-	private boolean checkClusterStatus() {
-		boolean isUp = false;
-		Session localSession = null;
-		try {
-			localSession = sessionFactory.openSession();
-			if (localSession != null) {
-				// If all nodes are unhealthy in a cluster, this will throw an
-				// exception
-				String sql = "select * from mysql.user";
-				Query query = localSession.createSQLQuery(sql);
-				@SuppressWarnings("unchecked")
-				List<String> queryList = query.list();
-				if (queryList != null) {
-					isUp = true;
-				}
-			}
-		} catch (Exception e) {
-			logger.error(EELFLoggerDelegate.errorLogger, "checkClusterStatus failed", e);
-			if ((e.getCause() != null) && (e.getCause().getMessage() != null)) {
-				logger.error(EELFLoggerDelegate.errorLogger, "checkClusterStatus failure cause", e.getCause());
-			}
-			isUp = false;
-		} finally {
-			if (localSession != null) {
-				localSession.close();
-			}
-		}
-		return isUp;
-	}
-
 	private boolean checkZookeeperStatus() {
 
 		String[] zookeeperNodes = MusicUtil.getMyZkHost().split(",");
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java
index 4e47046..4a4c928 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java
@@ -39,13 +39,10 @@
 
 import java.text.DateFormat;
 import java.text.SimpleDateFormat;
-import java.util.Date;
 
 import org.glassfish.jersey.client.ClientResponse;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 
-import com.fasterxml.jackson.databind.ObjectMapper;
-
 public class SchedulerAuxUtil {
 	
 	private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerAuxUtil.class);
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesService.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesService.java
index e61f87a..a9d55fc 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesService.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesService.java
@@ -64,6 +64,10 @@
 	 */
 	public boolean isAccountAdmin(EPUser user);
 
+	
+	public boolean isRoleAdmin(EPUser user);
+	
+	
 	/**
 	 * Attention! User roles in ONAP PORTAL cannot be managed by this function.
 	 * @param user
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java
index 981b9ce..c8e04f4 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java
@@ -38,10 +38,15 @@
 package org.onap.portalapp.portal.service;
 
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 import java.util.SortedSet;
+import java.util.TreeSet;
+import java.util.stream.Collectors;
 
 import javax.annotation.PostConstruct;
 
@@ -51,6 +56,7 @@
 import org.hibernate.Transaction;
 import org.json.JSONArray;
 import org.json.JSONObject;
+import org.onap.portalapp.portal.domain.CentralV2RoleFunction;
 import org.onap.portalapp.portal.domain.EPApp;
 import org.onap.portalapp.portal.domain.EPRole;
 import org.onap.portalapp.portal.domain.EPUser;
@@ -62,11 +68,15 @@
 import org.onap.portalapp.portal.logging.logic.EPLogUtil;
 import org.onap.portalapp.portal.transport.AppNameIdIsAdmin;
 import org.onap.portalapp.portal.transport.AppsListWithAdminRole;
+import org.onap.portalapp.portal.transport.EPUserAppCurrentRoles;
 import org.onap.portalapp.portal.transport.ExternalAccessUser;
 import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
 import org.onap.portalapp.portal.utils.EcompPortalUtils;
 import org.onap.portalapp.portal.utils.PortalConstants;
+import org.onap.portalapp.util.EPUserUtils;
+import org.onap.portalsdk.core.domain.RoleFunction;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.restful.domain.EcompRole;
 import org.onap.portalsdk.core.service.DataAccessService;
 import org.onap.portalsdk.core.util.SystemProperties;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -91,6 +101,7 @@
 	private Long SYS_ADMIN_ROLE_ID = 1L;
 	private Long ACCOUNT_ADMIN_ROLE_ID = 999L;
 	private Long ECOMP_APP_ID = 1L;
+	public static final String TYPE_APPROVER = "approver";
 
 	private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesServiceImpl.class);
 
@@ -102,6 +113,8 @@
 	private SearchService searchService;
 	@Autowired
 	private EPAppService appsService;
+	@Autowired
+	private ExternalAccessRolesService externalAccessRolesService;
 
 	private RestTemplate template = new RestTemplate();
 
@@ -434,9 +447,22 @@
 			EPUser currentUser = user != null
 					? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null)
 					: null;
+			
+			final Map<String, Long> userParams = new HashMap<>();
+			userParams.put("userId", user.getId());	
+			logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user {}", user.getId());
+			List<Integer> userAdminApps = new ArrayList<>();
+
+			userAdminApps =dataAccessService.executeNamedQuery("getAdminAppsForTheUser", userParams, null);
+			logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for userAdminApps() - for user {}, found userAdminAppsSize {}", user.getOrgUserId(), userAdminApps.size());
+
+
 			if (currentUser != null && currentUser.getId() != null) {
 				for (EPUserApp userApp : currentUser.getEPUserApps()) {
-					if (userApp.getRole().getId().equals(ACCOUNT_ADMIN_ROLE_ID)) {
+
+					
+					if (userApp.getRole().getId().equals(ACCOUNT_ADMIN_ROLE_ID)||(userAdminApps.size()>1)) {
+						logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for userAdminApps() - for user {}, found Id {}", user.getOrgUserId(), userApp.getRole().getId());
 						// Account Administrator sees only the applications
 						// he/she is Administrator
 						return true;
@@ -450,6 +476,55 @@
 		}
 		return false;
 	}
+	
+	
+	public boolean isRoleAdmin(EPUser user) {
+		try {
+			logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access");
+
+			EPUser currentUser = user != null
+					? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null)
+					: null;
+					final Map<String, Long> userParams = new HashMap<>();
+					userParams.put("userId", user.getId());	
+					List<RoleFunction> roleFunctionSet = new ArrayList<>();
+
+					List getRoleFuncListOfUser = dataAccessService.executeNamedQuery("getRoleFunctionsOfUserforAlltheApplications", userParams, null);
+					logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access :: getRoleFuncListOfUser" , getRoleFuncListOfUser);
+					Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfUser);
+					Set<String> getRoleFuncListOfPortalSet1=new HashSet<>();
+					Set<String> roleFunSet = new HashSet<>();
+					roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|")).collect(Collectors.toSet());
+					if (roleFunSet.size() > 0)
+						for (String roleFunction : roleFunSet) {
+							//String roleFun = EcompPortalUtils.getFunctionCode(roleFunction);
+							String roleFun = EcompPortalUtils.getFunctionCode(roleFunction);
+							String type = externalAccessRolesService.getFunctionCodeType(roleFunction);
+							//getRoleFuncListOfPortalSet.remove(roleFunction);
+							getRoleFuncListOfPortalSet1.add(type);
+						}
+				
+					
+					
+					for (String rolefunc : getRoleFuncListOfPortalSet1) {
+						logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has approver rolefunction" , rolefunc);
+				        if (rolefunc.equalsIgnoreCase(TYPE_APPROVER)) {
+							logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has approver rolefunction" , rolefunc);
+				            return true;
+				        }else{
+						       return false;
+
+				        }
+				    }
+			       
+		
+		} catch (Exception e) {
+			EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+			logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isRoleAdmin operation",
+					e);
+		}
+		return false;
+	}
 
 	public boolean isUser(EPUser user) {
 		try {
@@ -490,24 +565,24 @@
 
 	@Override
 	public boolean isAccountAdminOfApplication(EPUser user, EPApp app) {
+		Boolean isApplicationAccountAdmin=false;
 		try {
-			EPUser currentUser = user != null
-					? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null) : null;
-			if (currentUser != null && currentUser.getId() != null) {
-				SortedSet<EPUserApp> userApps = currentUser.getEPUserApps();
-				EPUserApp userApp = userApps.stream()
-						.filter(x -> x.getRole().getId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)
-								&& x.getApp().getId().equals(app.getId()))
-						.findAny().orElse(null);
-				if (userApp != null) {
-					return true;
-				}
-			}
-		} catch (Exception e) {
+					final Map<String, Long> userParams = new HashMap<>();
+					userParams.put("userId", user.getId());	
+					logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user {}", user.getId());
+					List<Integer> userAdminApps = new ArrayList<>();
+					userAdminApps =dataAccessService.executeNamedQuery("getAdminAppsForTheUser", userParams, null);
+					if(userAdminApps.size()>=1){
+					isApplicationAccountAdmin=userAdminApps.contains((int) (long) app.getId());
+					logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", user.getId(),app.getId());
+					}					
+			} catch (Exception e) {
 			EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
 			logger.error(EELFLoggerDelegate.errorLogger,
 					"Exception occurred while executing isAccountAdminOfApplication operation", e);
 		}
-		return false;
+		logger.debug(EELFLoggerDelegate.debugLogger, "In AdminRolesServiceImpl() - isAccountAdminOfApplication = {} and userId ={} ", isApplicationAccountAdmin, user.getOrgUserId());
+		return isApplicationAccountAdmin;
+
 	}
 }
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java
index 54b915f..fd6610c 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java
@@ -63,6 +63,7 @@
 import org.onap.portalapp.portal.utils.EcompPortalUtils;
 import org.onap.portalapp.util.SystemType;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
 import org.onap.portalsdk.core.onboarding.util.CipherUtil;
 import org.onap.portalsdk.core.util.SystemProperties;
 import org.slf4j.MDC;
@@ -125,12 +126,12 @@
 	}
 
 	@EPMetricsLog
-	private void verifyResponse(Response response) throws HTTPException {
+	private void verifyResponse(Response response,String restPath) throws HTTPException {
 		int status = response.getStatus();
 		logger.debug(EELFLoggerDelegate.debugLogger, "http response status=" + status);
 		MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE, Integer.toString(status));
 		if (!isHttpSuccess(status)) {
-			String errMsg = "Failed. Status=" + status + "; [" + ((ResponseImpl)response).getStatusInfo().getReasonPhrase().toString()
+			String errMsg = "Failed. Status=" + status + restPath +"; [" + ((ResponseImpl)response).getStatusInfo().getReasonPhrase().toString()
 					+ "]";
 			URL url = null;
 			try {
@@ -142,7 +143,7 @@
 				// never mind. it is only for the debug message.
 				logger.warn(EELFLoggerDelegate.errorLogger, "Failed to build URL", e);
 			}
-			logger.error(EELFLoggerDelegate.errorLogger, "http response failed. " + errMsg + "; url=" + url);
+			logger.error(EELFLoggerDelegate.errorLogger, "http response failed. " + restPath + errMsg + "; url=" + url);
 			EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeIncorrectHttpStatusError);
 			throw new HTTPException(status, errMsg, url);
 		}
@@ -157,6 +158,8 @@
 		return createClientFor(appId, restPath, SystemType.APPLICATION);
 	}
 
+	
+	
 	//TODO Need to implement the mylogins once the endpoint is confirmed
 	@EPMetricsLog
 	private WebClient createClientFor(long appSystemId, String restPath, SystemType type) {
@@ -173,6 +176,7 @@
 			String appBaseUri = (type == SystemType.APPLICATION) ? externalApp.getAppRestEndpoint() : "";
 			String username = (type == SystemType.APPLICATION) ? externalApp.getUsername(): "";
 			String encriptedPwd = (type == SystemType.APPLICATION) ? externalApp.getAppPassword(): "";
+
 			String appName = (type == SystemType.APPLICATION) ? externalApp.getName(): "";
 			String decreptedAppPwd = StringUtils.EMPTY;
 
@@ -185,31 +189,59 @@
 			MDC.put(EPCommonSystemProperties.TARGET_ENTITY, appName);
 			MDC.put(EPCommonSystemProperties.TARGET_SERVICE_NAME, restPath);
 
+			if(!encriptedPwd.isEmpty() || encriptedPwd != null || StringUtils.isEmpty(encriptedPwd)){
 			try {
 				decreptedAppPwd = CipherUtil.decryptPKC(encriptedPwd,
 						SystemProperties.getProperty(SystemProperties.Decryption_Key));
 			} catch (Exception e) {
 				logger.error(EELFLoggerDelegate.errorLogger, "createClientFor failed to decrypt", e);
 			}
-			
+			}
 			WebClient client = createClientForPath(appBaseUri, restPath);
+			
+			
+			if(externalApp.getAppPassword().isEmpty() || externalApp.getAppPassword()==null){
+				logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the externalApp get app password contains null : {}");
+
+				externalApp = appsCacheService.getApp(1L);
+				logger.debug(EELFLoggerDelegate.debugLogger, "external App Information : {}",externalApp);
+
+				String mechidUsername=externalApp.getUsername();
+				logger.debug(EELFLoggerDelegate.debugLogger, "external App mechidUsername Information : {}",mechidUsername);
+
+				String password=externalApp.getAppPassword();
+				String decreptedexternalAppPwd = StringUtils.EMPTY;
+				try {
+					decreptedexternalAppPwd = CipherUtil.decryptPKC(password,
+							SystemProperties.getProperty(SystemProperties.Decryption_Key));
+				} catch (CipherUtilException e) {
+					logger.error(EELFLoggerDelegate.errorLogger, "failed to decreptedexternalAppPwd when external app pwd is null", e);
+				}
+				
+				username =mechidUsername;
+				decreptedAppPwd = decreptedexternalAppPwd;
+			
+			}else{
+				logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the externalApp get app password  is not null : {}" );
 
 			// support basic authentication for some partners
 			String encoding = Base64.getEncoder().encodeToString((username + ":" + decreptedAppPwd).getBytes());
 			String encodingStr = "Basic " + encoding;
 			client.header(BASIC_AUTHENTICATION_HEADER, encodingStr);
-
+			}
+			
 			// But still keep code downward compatible for non compliant apps
 			client.header(APP_USERNAME_HEADER, username);
 			client.header(PASSWORD_HEADER, decreptedAppPwd);
 
+			String encoding = Base64.getEncoder().encodeToString((username + ":" + decreptedAppPwd).getBytes());
+			String encodingStr = "Basic " + encoding;
+			client.header(BASIC_AUTHENTICATION_HEADER, encodingStr);
 			client.header(SystemProperties.ECOMP_REQUEST_ID, MDC.get(MDC_KEY_REQUEST_ID));
 			client.header(SystemProperties.USERAGENT_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE);
-			
 			logger.debug(EELFLoggerDelegate.debugLogger,
-					String.format("App %d found, baseUri=[%s], Headers: [%s=%s]", appSystemId, appBaseUri,
+					String.format("check the partner application URL App %d found, baseUri=[%s], Headers: [%s=%s]", appSystemId, appBaseUri,
 							APP_USERNAME_HEADER, username));
-
 			return client;
 		}
 		return null;
@@ -221,8 +253,8 @@
 		Response response = getResponse(appId, restPath);
 
 		if (response != null) {
-			verifyResponse(response);
-			
+			//verifyResponse(response);
+			verifyResponse(response,restPath);
 			/* It is not recommendable to use the implementation class org.apache.cxf.jaxrs.impl.ResponseImpl in the code, 
 			but had to force this in-order to prevent conflict with the ResponseImpl class of Jersey Client which 
 			doesn't work as expected. Created Portal-253 for tracking */
@@ -244,8 +276,8 @@
 		Response response = getResponse(appId, restPath);
 
 		if (response != null) {
-			verifyResponse(response);
-			
+			//verifyResponse(response);
+			verifyResponse(response,restPath);
 			/* It is not recommendable to use the implementation class org.apache.cxf.jaxrs.impl.ResponseImpl in the code, 
 			but had to force this in-order to prevent conflict with the ResponseImpl class of Jersey Client which 
 			doesn't work as expected. Created Portal-253 for tracking  */
@@ -274,7 +306,8 @@
 		Response response = getResponse(appId, restPath);
 
 		if (response != null) {
-			verifyResponse(response);
+			//verifyResponse(response);
+			verifyResponse(response,restPath);
 			String str = ((ResponseImpl)response).readEntity(String.class);
 			EcompPortalUtils.logAndSerializeObject(logger, restPath, "GET result =", str);
 
@@ -313,6 +346,7 @@
 	}
 	
 	
+	@SuppressWarnings({ "unchecked", "null" })
 	@Override
 	public <T> T post(Class<T> clazz, long appId, Object payload, String restPath, SystemType type) throws HTTPException {
 		WebClient client = null;
@@ -337,14 +371,16 @@
 		}
 
 		if (response != null) {
-			verifyResponse(response);
-
+			//verifyResponse(response);
+			verifyResponse(response,restPath);
 			// String contentType = response.getHeaderString("Content-Type");
 			if (clazz != null) {
 				String str = ((ResponseImpl)response).readEntity(String.class);
 				EcompPortalUtils.logAndSerializeObject(logger, restPath, "POST result =", str);
 				try {
-					t = gson.fromJson(str, clazz);
+					t = (T) gson.fromJson(str, t.getClass());
+
+					//t = gson.fromJson(str, clazz);
 				} catch (Exception e) {
 					EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e);
 				}
@@ -392,7 +428,8 @@
 		}
 
 		if (response != null) {
-			verifyResponse(response);
+			//verifyResponse(response);
+			verifyResponse(response,restPath);
 			String str = ((ResponseImpl)response).readEntity(String.class);
 			EcompPortalUtils.logAndSerializeObject(logger, restPath, "PUT result =", str);
 			try {
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java
index 24572fb..5c3c51b 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java
@@ -63,6 +63,7 @@
 import org.onap.portalapp.portal.domain.AppIdAndNameTransportModel;
 import org.onap.portalapp.portal.domain.AppsResponse;
 import org.onap.portalapp.portal.domain.EPApp;
+import org.onap.portalapp.portal.domain.EPRole;
 import org.onap.portalapp.portal.domain.EPUser;
 import org.onap.portalapp.portal.domain.EPUserAppRolesRequest;
 import org.onap.portalapp.portal.domain.EPUserAppRolesRequestDetail;
@@ -143,12 +144,15 @@
 				EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
 				return null;
 			}
+			
 		} else {
 			logger.error(EELFLoggerDelegate.errorLogger,
 					"getUserAsAdminApps: only Account Admin may invoke this function!");
 			return new ArrayList<EPApp>();
 		}
 	}
+	
+	
 
 	@Override
 	public List<EPApp> getUserByOrgUserIdAsAdminApps(String orgUserId) {
@@ -195,7 +199,7 @@
 			ecompApp.setUrl(app.getUrl());
 			ecompApp.setAlternateUrl(app.getAlternateUrl());
 			ecompApp.setUebTopicName(app.getUebTopicName());
-			ecompApp.setUebKey(app.getUebKey());
+			//ecompApp.setUebKey(app.getUebKey());
 			ecompApp.setUebSecret(app.getUebSecret());
 			ecompApp.setEnabled(app.getEnabled());
 			ecompApp.setCentralAuth(app.getCentralAuth());
@@ -216,25 +220,66 @@
 		}
 	}
 
+	
+	
 	@SuppressWarnings("unchecked")
 	@Override
 	public List<AppIdAndNameTransportModel> getAdminApps(EPUser user) {
-		if (adminRolesService.isAccountAdmin(user)) {
-			String format = "SELECT app.APP_ID, app.APP_NAME, app.APP_TYPE FROM FN_APP app inner join FN_USER_ROLE userrole ON userrole.APP_ID=app.APP_ID "
-					+ "where userrole.USER_ID = %d AND userrole.ROLE_ID=" + ACCOUNT_ADMIN_ROLE_ID
-					+ " AND (app.ENABLED = 'Y' OR app.APP_ID=1)";
-			String sql = String.format(format, user.getId());
-			// sql += " AND app.APP_REST_ENDPOINT IS NOT NULL AND
-			// app.APP_REST_ENDPOINT <> ''";
-			logQuery(sql);
+
+		if (adminRolesService.isAccountAdmin(user) && adminRolesService.isRoleAdmin(user)) {
+			final Map<String, Long> params = new HashMap<>();
+			params.put("userId", user.getId());
+			List applicationRoleswithAccountandRoleadmin = dataAccessService
+					.executeNamedQuery("getApplicationsofTheUserwithAdminAndRoleAdmin", params, null);
 			try {
-				return dataAccessService.executeSQLQuery(sql, AppIdAndNameTransportModel.class, null);
+				return applicationRoleswithAccountandRoleadmin;
 			} catch (Exception e) {
 				EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
 				logger.error(EELFLoggerDelegate.errorLogger,
-						"Exception occurred while fetching the adminApps for user " + user.getLoginId(), e);
+						"Exception occurred while fetching the list of user who has type account and role approver "
+								+ user.getLoginId(),
+						e);
 			}
 		}
+
+		else {
+			if (adminRolesService.isAccountAdmin(user)) {
+				String format = "SELECT app.APP_ID, app.APP_NAME, app.APP_TYPE FROM FN_APP app inner join FN_USER_ROLE userrole ON userrole.APP_ID=app.APP_ID "
+						+ "where userrole.USER_ID = %d AND userrole.ROLE_ID=" + ACCOUNT_ADMIN_ROLE_ID
+						+ " AND (app.ENABLED = 'Y' OR app.APP_ID=1)";
+				String sql = String.format(format, user.getId());
+				logQuery(sql);
+				try {
+					return dataAccessService.executeSQLQuery(sql, AppIdAndNameTransportModel.class, null);
+				} catch (Exception e) {
+					EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+					logger.error(EELFLoggerDelegate.errorLogger,
+							"Exception occurred while fetching the adminApps for user " + user.getLoginId(), e);
+				}
+
+			}
+
+			if (adminRolesService.isRoleAdmin(user)) {
+				final Map<String, Long> params = new HashMap<>();
+				params.put("userId", user.getId());
+				List applicationRoles = dataAccessService.executeNamedQuery("getApplicationsofTheUserContainsApprover",
+						params, null);
+
+				try {
+					return applicationRoles;
+				} catch (Exception e) {
+					EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+					logger.error(EELFLoggerDelegate.errorLogger,
+							"Exception occurred while fetching the list of user who has type approver "
+									+ user.getLoginId(),
+							e);
+				}
+
+			}
+		}
+		// sql += " AND app.APP_REST_ENDPOINT IS NOT NULL AND
+		// app.APP_REST_ENDPOINT <> ''";
+
 		return new ArrayList<AppIdAndNameTransportModel>();
 	}
 
@@ -444,18 +489,41 @@
 
 	protected FieldsValidator onboardingAppFieldsChecker(OnboardingApp onboardingApp) {
 		FieldsValidator fieldsValidator = new FieldsValidator();
+		if(onboardingApp.isCentralAuth){
 		if (onboardingApp.name == null || onboardingApp.name.length() == 0 || onboardingApp.url == null
 				|| onboardingApp.url.length() == 0 || onboardingApp.restrictedApp == null
 				|| onboardingApp.isOpen == null || onboardingApp.isEnabled == null
 				|| (onboardingApp.id != null && onboardingApp.id.equals(ECOMP_APP_ID))
-				// For a normal app (appType==1), these fields must be filled
+				// For a normal app (appType == PortalConstants.PortalAppId),
+				// these fields must be filled
 				// in.
 				// For a restricted app (appType==2), they will be empty.
-				|| ((!onboardingApp.restrictedApp)
-						&& (onboardingApp.username == null || onboardingApp.username.length() == 0
-								|| onboardingApp.appPassword == null || onboardingApp.appPassword.length() == 0))) {
+				|| ((!onboardingApp.restrictedApp) && (onboardingApp.myLoginsAppName == null
+						|| onboardingApp.myLoginsAppName.length() == 0 || onboardingApp.myLoginsAppOwner == null
+						|| onboardingApp.myLoginsAppOwner.length() == 0 || onboardingApp.username == null
+						|| onboardingApp.username.length() == 0 ))) {
 			fieldsValidator.httpStatusCode = new Long(HttpServletResponse.SC_BAD_REQUEST);
 		}
+		}else{
+
+			if (onboardingApp.name == null || onboardingApp.name.length() == 0 || onboardingApp.url == null
+					|| onboardingApp.url.length() == 0 || onboardingApp.restrictedApp == null
+					|| onboardingApp.isOpen == null || onboardingApp.isEnabled == null
+					|| (onboardingApp.id != null && onboardingApp.id.equals(ECOMP_APP_ID))
+					// For a normal app (appType == PortalConstants.PortalAppId),
+					// these fields must be filled
+					// in.
+					// For a restricted app (appType==2), they will be empty.
+					|| ((!onboardingApp.restrictedApp) && (onboardingApp.myLoginsAppName == null
+							|| onboardingApp.myLoginsAppName.length() == 0 || onboardingApp.myLoginsAppOwner == null
+							|| onboardingApp.myLoginsAppOwner.length() == 0 || onboardingApp.username == null
+							|| onboardingApp.username.length() == 0 || onboardingApp.appPassword == null
+							|| onboardingApp.appPassword.length() == 0))) {
+				fieldsValidator.httpStatusCode = new Long(HttpServletResponse.SC_BAD_REQUEST);
+			}
+			
+			
+		}
 		return fieldsValidator;
 	}
 
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLeftMenuServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLeftMenuServiceImpl.java
index f661163..97c2b74 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLeftMenuServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLeftMenuServiceImpl.java
@@ -37,8 +37,10 @@
  */
 package org.onap.portalapp.portal.service;
 
+import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Comparator;
+import java.util.HashMap;
 import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
@@ -53,6 +55,7 @@
 import org.onap.portalapp.portal.logging.aop.EPMetricsLog;
 import org.onap.portalsdk.core.domain.MenuData;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.service.DataAccessService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.EnableAspectJAutoProxy;
 import org.springframework.stereotype.Service;
@@ -71,6 +74,9 @@
 	
 	@Autowired
 	private ExternalAccessRolesService externalAccessRolesService;
+	@Autowired
+	private DataAccessService dataAccessService;
+	
 	/*
 	 * (non-Javadoc)
 	 * 
@@ -83,6 +89,7 @@
 		final Map<String, JSONObject> defaultNavMap = new LinkedHashMap<String, JSONObject>();
 		resetNavMap(defaultNavMap);
 		loadDefaultNavMap(defaultNavMap);
+		loadNavMapByUserAdminRole(defaultNavMap,user);
 		loadNavMapByRole(defaultNavMap, fullMenuSet , user);
 		return convertToSideBarModel(defaultNavMap);
 	}
@@ -175,5 +182,20 @@
 		defaultNavMap.put("root.widgetCatalog", navItemsDetails3);
 
 	}
+	
+	@SuppressWarnings("unchecked")
+	private void loadNavMapByUserAdminRole(Map<String, JSONObject> defaultNavMap, EPUser user) {
+	List<String> applicationsList = new ArrayList<>();
+	final Map<String, Long> appParams = new HashMap<>();
+	appParams.put("userId", user.getId());
+	applicationsList = dataAccessService.executeNamedQuery("getAprroverRoleFunctionsOfUser", appParams, null);
+	if (applicationsList.size() > 0) {
+	JSONObject navItemsDetails = new JSONObject();
+	navItemsDetails.put("name", "Users");
+	navItemsDetails.put("state", "root.users");
+	navItemsDetails.put("imageSrc", "icon-user");
+	defaultNavMap.put("root.users", navItemsDetails);
+	}
+	}
 
 }
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java
index 170d432..ee960c4 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java
@@ -40,6 +40,7 @@
 import java.io.IOException;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
 import org.hibernate.Session;
 import org.json.JSONArray;
@@ -51,12 +52,14 @@
 import org.onap.portalapp.portal.domain.ExternalRoleDetails;
 import org.onap.portalapp.portal.ecomp.model.UploadRoleFunctionExtSystem;
 import org.onap.portalapp.portal.exceptions.InvalidUserException;
+import org.onap.portalapp.portal.exceptions.RoleFunctionException;
 import org.onap.portalapp.portal.transport.CentralRole;
 import org.onap.portalapp.portal.transport.CentralRoleFunction;
 import org.onap.portalapp.portal.transport.CentralUser;
 import org.onap.portalapp.portal.transport.CentralV2Role;
 import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator;
 import org.onap.portalsdk.core.domain.Role;
+import org.onap.portalsdk.core.restful.domain.EcompRole;
 import org.onap.portalsdk.core.restful.domain.EcompUser;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.ResponseEntity;
@@ -387,7 +390,7 @@
 	 * @param app
 	 * @return List of EPRole objects
 	 */
-	Map<String, EPRole> getCurrentRolesInDB(EPApp app);
+	Map<String, EPRole> getAppRoleNamesWithUnderscoreMap(EPApp app);
     
 	
 	/**
@@ -482,4 +485,35 @@
 	 */
 	ResponseEntity<String> getUserRolesFromExtAuthSystem(String orgUserId, HttpEntity<String> getUserRolesEntity) throws Exception;
 
+	/**
+	 * 
+	 * Updates app role description in external auth system
+	 * 
+	 * @param uebkey
+	 * @return number of updates
+	 */
+	public Integer updateAppRoleDescription(String uebkey);
+
+	/**
+	 * Creates centralRoleObject
+	 * @param app
+	 * @param roleInfo
+	 * @param roleList
+	 * @param params
+	 * @return returns List<CentralV2Role>
+	 * @throws RoleFunctionException
+	 */
+	public List<CentralV2Role> createCentralRoleObject(List<EPApp> app, List<EPRole> roleInfo,
+			List<CentralV2Role> roleList, Map<String, Long> params) throws RoleFunctionException;
+	
+	/**
+	 * 
+	 * @param uebkey
+	 * @param loginId
+	 * @param CurrentUserRoles
+	 * @return returns list of user roles
+	 * @throws Exception
+	 */
+	public List<EcompRole> missingUserApplicationRoles(String uebkey, String loginId, Set<EcompRole> CurrentUserRoles) throws Exception;
+
 }
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
index 29cd644..3a86952 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
@@ -89,6 +89,7 @@
 import org.onap.portalapp.portal.transport.CentralV2User;
 import org.onap.portalapp.portal.transport.CentralV2UserApp;
 import org.onap.portalapp.portal.transport.CentralizedAppRoles;
+import org.onap.portalapp.portal.transport.EPUserAppCurrentRoles;
 import org.onap.portalapp.portal.transport.EcompUserRoles;
 import org.onap.portalapp.portal.transport.ExternalAccessPerms;
 import org.onap.portalapp.portal.transport.ExternalAccessPermsDetail;
@@ -133,64 +134,40 @@
 @EPMetricsLog
 @EPAuditLog
 public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesService {
-
 	private static final String APP_ROLE_NAME_PARAM = "appRoleName";
-
 	private static final String GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM = "getRoletoUpdateInExternalAuthSystem";
-
 	private static final String GET_PORTAL_APP_ROLES_QUERY = "getPortalAppRoles";
-
 	private static final String GET_ROLE_FUNCTION_QUERY = "getRoleFunction";
-
 	private static final String FUNCTION_CODE_PARAMS = "functionCode";
-
 	private static final String AND_FUNCTION_CD_EQUALS = " and function_cd = '";
-
 	private static final String OWNER = ".owner";
-
 	private static final String ADMIN = ".admin";
-
 	private static final String ACCOUNT_ADMINISTRATOR = ".Account_Administrator";
-
 	private static final String FUNCTION_PIPE = "|";
-
 	private static final String EXTERNAL_AUTH_PERMS = "perms";
-
 	private static final String EXTERNAL_AUTH_ROLE_DESCRIPTION = "description";
-
 	private static final String IS_EMPTY_JSON_STRING = "{}";
-
 	private static final String CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE = "Connecting to External Auth system";
-
 	private static final String APP_ID = "appId";
-
 	private static final String ROLE_NAME = "name";
-
 	private static final String APP_ID_EQUALS = " app_id = ";
-	
 	private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAccessRolesServiceImpl.class);
-
 	@Autowired
 	private DataAccessService dataAccessService;
-	
 	@Autowired
 	private EPAppService epAppService;
-	
 	@Autowired
 	private SessionFactory sessionFactory;
-	
 	@Autowired
 	EPRoleService ePRoleService;
-
 	RestTemplate template = new RestTemplate();
-	
-	
 	// These decode values are based on HexDecoder
 	static final String decodeValueOfForwardSlash = "2f";
 	static final String decodeValueOfHiphen = "2d";
 	static final String decodeValueOfStar = "2a";
 
 	@SuppressWarnings("unchecked")
+	@Override
 	public List<EPRole> getAppRoles(Long appId) throws Exception {
 		List<EPRole> applicationRoles = null;
 		final Map<String, Long> appParams = new HashMap<>();
@@ -216,8 +193,9 @@
 			final Map<String, String> appUebkeyParams = new HashMap<>();
 			appUebkeyParams.put("appKey", uebkey);
 			app = dataAccessService.executeNamedQuery("getMyAppDetailsByUebKey", appUebkeyParams, null);
-			if(!app.isEmpty() && !app.get(0).getEnabled() && !app.get(0).getId().equals(PortalConstants.PORTAL_APP_ID)){
-				throw new InactiveApplicationException("Application:"+app.get(0).getName()+" is Unavailable");
+			if (!app.isEmpty() && !app.get(0).getEnabled()
+					&& !app.get(0).getId().equals(PortalConstants.PORTAL_APP_ID)) {
+				throw new InactiveApplicationException("Application:" + app.get(0).getName() + " is Unavailable");
 			}
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "getApp: failed", e);
@@ -227,7 +205,8 @@
 	}
 
 	/**
-	 * It returns  single application role from external auth system 
+	 * It returns single application role from external auth system
+	 * 
 	 * @param addRole
 	 * @param app
 	 * @return JSON string which contains application role details
@@ -264,11 +243,14 @@
 				HttpMethod.POST, entity, String.class);
 		if (addResponse.getStatusCode().value() == 201) {
 			response = true;
-			logger.debug(EELFLoggerDelegate.debugLogger, "addRole: Finished adding role in the External Auth system  and response code: {} ", addResponse.getStatusCode().value());
+			logger.debug(EELFLoggerDelegate.debugLogger,
+					"addRole: Finished adding role in the External Auth system  and response code: {} ",
+					addResponse.getStatusCode().value());
 		}
 		if (addResponse.getStatusCode().value() == 406) {
 			logger.error(EELFLoggerDelegate.errorLogger,
-					"addRole: Failed to add in the External Auth system due to {} and status code: {}", addResponse.getBody(), addResponse.getStatusCode().value());
+					"addRole: Failed to add in the External Auth system due to {} and status code: {}",
+					addResponse.getBody(), addResponse.getStatusCode().value());
 		}
 		return response;
 	}
@@ -278,18 +260,21 @@
 	 * It deletes record in external auth system
 	 * 
 	 * @param delRole
-	 * @return JSON String which has status code and response body 
+	 * @return JSON String which has status code and response body
 	 * @throws Exception
 	 */
 	private ResponseEntity<String> deleteRoleInExternalSystem(String delRole) throws Exception {
 		ResponseEntity<String> delResponse = null;
 		HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
 		HttpEntity<String> entity = new HttpEntity<>(delRole, headers);
-		logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: {} for DELETE: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, delRole);
+		logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: {} for DELETE: {}",
+				CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, delRole);
 		delResponse = template.exchange(
 				SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role?force=true",
 				HttpMethod.DELETE, entity, String.class);
-		logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: Finished DELETE operation in the External Auth system {} and status code: {} ", delRole, delResponse.getStatusCode().value());
+		logger.debug(EELFLoggerDelegate.debugLogger,
+				"deleteRoleInExternalSystem: Finished DELETE operation in the External Auth system {} and status code: {} ",
+				delRole, delResponse.getStatusCode().value());
 		return delResponse;
 	}
 
@@ -300,7 +285,8 @@
 	 * @param app
 	 * @return true if success else false
 	 * @throws Exception
-	 * 					If updateRoleInExternalSystem fails we catch it in logger for detail message
+	 *             If updateRoleInExternalSystem fails we catch it in logger for
+	 *             detail message
 	 */
 	private boolean updateRoleInExternalSystem(Role updateExtRole, EPApp app, boolean isGlobalRole) throws Exception {
 		boolean response = false;
@@ -352,13 +338,15 @@
 						isRoleNameChanged = true;
 						deleteRoleInExtSystem(mapper, name);
 						addRole(updateExtRole, app.getUebKey());
-						// add partner functions to the global role in External Auth System
+						// add partner functions to the global role in External
+						// Auth System
 						if (!list.isEmpty() && isGlobalRole) {
 							addPartnerHasRoleFunctionsToGlobalRole(list, mapper, app, updateExtRole);
 						}
 						list.removeIf(
 								perm -> EcompPortalUtils.checkNameSpaceMatching(perm.getType(), app.getNameSpace()));
-						// if role name is changes please ignore the previous functions in External Auth
+						// if role name is changes please ignore the previous
+						// functions in External Auth
 						// and update with user requested functions
 						addRemoveFunctionsToRole(updateExtRole, app, mapper, roleFunctionListNew, name, list);
 					}
@@ -423,21 +411,22 @@
 		HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
 		if (!list.isEmpty()) {
 			for (ExternalAccessPerms perm : list) {
-				RoleFunction roleFunc =  updateRoleFunc.get(perm.getType().substring(app.getNameSpace().length()+1) + FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction());	
-				if (roleFunc==null) {
-					RoleFunction roleFuncPipeFilter =  updateRoleFunc.get(perm.getInstance());
-					if(roleFuncPipeFilter == null)
-					removePermForRole(perm, mapper, name, headers);
+				RoleFunction roleFunc = updateRoleFunc.get(perm.getType().substring(app.getNameSpace().length() + 1)
+						+ FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction());
+				if (roleFunc == null) {
+					RoleFunction roleFuncPipeFilter = updateRoleFunc.get(perm.getInstance());
+					if (roleFuncPipeFilter == null)
+						removePermForRole(perm, mapper, name, headers);
 				}
 				extRolePermMap.put(perm.getInstance(), perm);
-				extRolePermMapPipes.put(
-						perm.getType().substring(app.getNameSpace().length()+1) + FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction(), perm);
+				extRolePermMapPipes.put(perm.getType().substring(app.getNameSpace().length() + 1) + FUNCTION_PIPE
+						+ perm.getInstance() + FUNCTION_PIPE + perm.getAction(), perm);
 			}
 		}
 		response = true;
 		if (!roleFunctionListNew.isEmpty()) {
 			for (RoleFunction roleFunc : roleFunctionListNew) {
-				if(roleFunc.getCode().contains(FUNCTION_PIPE)) {
+				if (roleFunc.getCode().contains(FUNCTION_PIPE)) {
 					ExternalAccessPerms perm = extRolePermMapPipes.get(roleFunc.getCode());
 					if (perm == null) {
 						response = addFunctionsToRoleInExternalAuthSystem(updateExtRole, app, mapper, headers,
@@ -453,9 +442,10 @@
 		}
 		return response;
 	}
-	
+
 	/*
-	 * Adds function to the role in the external auth system while editing a role or updating new functions to a role 
+	 * Adds function to the role in the external auth system while editing a
+	 * role or updating new functions to a role
 	 *
 	 */
 	private boolean addFunctionsToRoleInExternalAuthSystem(Role updateExtRole, EPApp app, ObjectMapper mapper,
@@ -468,7 +458,7 @@
 		String action = "";
 		if (roleFunc.getCode().contains(FUNCTION_PIPE)) {
 			code = EcompPortalUtils.getFunctionCode(roleFunc.getCode());
-			type = getFunctionCodeType(roleFunc.getCode());
+			type = EcompPortalUtils.getFunctionType(roleFunc.getCode());
 			action = getFunctionCodeAction(roleFunc.getCode());
 		} else {
 			code = roleFunc.getCode();
@@ -476,25 +466,20 @@
 			action = "*";
 		}
 		extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action);
-		extRolePerms = new ExternalAccessRolePerms(extPerms,
-				app.getNameSpace() + "."
-						+ updateExtRole.getName().replaceAll(
-								EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
-								"_"));
+		extRolePerms = new ExternalAccessRolePerms(extPerms, app.getNameSpace() + "." + updateExtRole.getName()
+				.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
 		String updateRolePerms = mapper.writeValueAsString(extRolePerms);
 		HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers);
 		logger.debug(EELFLoggerDelegate.debugLogger, "updateRoleInExternalSystem: {} for POST: {}",
 				CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms);
 		ResponseEntity<String> addResponse = template.exchange(
-				SystemProperties.getProperty(
-						EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm",
+				SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm",
 				HttpMethod.POST, entity, String.class);
-		if (addResponse.getStatusCode().value() != 201 && addResponse.getStatusCode().value()!= 409) {
+		if (addResponse.getStatusCode().value() != 201 && addResponse.getStatusCode().value() != 409) {
 			response = false;
 			logger.debug(EELFLoggerDelegate.debugLogger,
 					"updateRoleInExternalSystem: Connected to External Auth system but something went wrong! due to {} and statuscode: {}",
-					addResponse.getStatusCode().getReasonPhrase(),
-					addResponse.getStatusCode().value());
+					addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value());
 		} else {
 			response = true;
 			logger.debug(EELFLoggerDelegate.debugLogger,
@@ -503,7 +488,7 @@
 		}
 		return response;
 	}
-	
+
 	private void addPartnerHasRoleFunctionsToGlobalRole(List<ExternalAccessPerms> permslist, ObjectMapper mapper,
 			EPApp app, Role updateExtRole) throws Exception {
 		for (ExternalAccessPerms perm : permslist) {
@@ -533,19 +518,20 @@
 								addResponse.getStatusCode().value());
 					}
 				} catch (Exception e) {
-					logger.error(EELFLoggerDelegate.errorLogger, "addPartnerHasRoleFunctionsToGlobalRole: Failed for POST request: {} due to ",
-							addPerms, e);
+					logger.error(EELFLoggerDelegate.errorLogger,
+							"addPartnerHasRoleFunctionsToGlobalRole: Failed for POST request: {} due to ", addPerms, e);
 				}
 			}
 		}
 	}
 
 	@SuppressWarnings("unchecked")
-	private void addFunctionsTOGlobalRole(List<EPRole> epRoleList, Role updateExtRole, List<RoleFunction> roleFunctionListNew, ObjectMapper mapper, EPApp app, EPApp portalAppInfo)
+	private void addFunctionsTOGlobalRole(List<EPRole> epRoleList, Role updateExtRole,
+			List<RoleFunction> roleFunctionListNew, ObjectMapper mapper, EPApp app, EPApp portalAppInfo)
 			throws Exception {
 		try {
 			logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addFunctionsTOGlobalRole");
-			//GET Permissions from External Auth System
+			// GET Permissions from External Auth System
 			JSONArray extPerms = getExtAuthPermissions(app);
 			List<ExternalAccessPermsDetail> permsDetailList = getExtAuthPerrmissonList(app, extPerms);
 			final Map<String, ExternalAccessPermsDetail> existingPermsWithRoles = new HashMap<>();
@@ -555,99 +541,108 @@
 			for (ExternalAccessPermsDetail permDetail : permsDetailList) {
 				existingPermsWithRoles.put(EcompPortalUtils.getFunctionCode(permDetail.getInstance()), permDetail);
 				existingPermsWithRolesWithPipes.put(permDetail.getInstance(), permDetail);
-
 			}
 			// Add If function does not exists for role in External Auth System
 			for (RoleFunction roleFunc : roleFunctionListNew) {
 				String roleFuncCode = "";
 				ExternalAccessPermsDetail permsDetail;
-				if(roleFunc.getCode().contains(FUNCTION_PIPE)) {
+				if (roleFunc.getCode().contains(FUNCTION_PIPE)) {
 					roleFuncCode = roleFunc.getCode();
 					permsDetail = existingPermsWithRolesWithPipes.get(roleFunc.getCode());
 				} else {
 					roleFuncCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode());
 					permsDetail = existingPermsWithRoles.get(roleFuncCode);
 				}
-				if (null == permsDetail.getRoles() || !permsDetail.getRoles()
-						.contains(portalAppInfo.getNameSpace() + FUNCTION_PIPE + epRoleList.get(0).getName().replaceAll(
-								EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) {
+				if (null == permsDetail.getRoles()
+						|| !permsDetail.getRoles()
+								.contains(portalAppInfo.getNameSpace() + FUNCTION_PIPE
+										+ epRoleList.get(0).getName().replaceAll(
+												EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
+												"_"))) {
 					addRoleFunctionsToGlobalRoleInExternalSystem(roleFunc, updateExtRole, mapper, app, portalAppInfo);
 				}
 				userRquestedFunctionsMap.put(roleFuncCode, roleFunc);
 				userRquestedFunctionsMapPipesFilter.put(EcompPortalUtils.getFunctionCode(roleFuncCode), roleFunc);
-			}			
-			// Delete functions if exists in External Auth System but not in incoming request
-			final Map<String, Long> epAppRoleFuncParams =  new HashMap<>();
+			}
+			// Delete functions if exists in External Auth System but not in
+			// incoming
+			// request
+			final Map<String, Long> epAppRoleFuncParams = new HashMap<>();
 			epAppRoleFuncParams.put("requestedAppId", app.getId());
-			epAppRoleFuncParams.put("roleId",updateExtRole.getId());
-			List<GlobalRoleWithApplicationRoleFunction> globalRoleFunctionList = dataAccessService.executeNamedQuery("getGlobalRoleForRequestedApp", epAppRoleFuncParams, null);
-			for(GlobalRoleWithApplicationRoleFunction globalRoleFunc: globalRoleFunctionList){
+			epAppRoleFuncParams.put("roleId", updateExtRole.getId());
+			List<GlobalRoleWithApplicationRoleFunction> globalRoleFunctionList = dataAccessService
+					.executeNamedQuery("getGlobalRoleForRequestedApp", epAppRoleFuncParams, null);
+			for (GlobalRoleWithApplicationRoleFunction globalRoleFunc : globalRoleFunctionList) {
 				String globalRoleFuncWithoutPipes = "";
 				RoleFunction roleFunc = null;
-				if(globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) {
+				if (globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) {
 					globalRoleFuncWithoutPipes = globalRoleFunc.getFunctionCd();
 					roleFunc = userRquestedFunctionsMap.get(globalRoleFuncWithoutPipes);
-				}else {
-					globalRoleFuncWithoutPipes  = EcompPortalUtils.getFunctionCode(globalRoleFunc.getFunctionCd());
+				} else {
+					globalRoleFuncWithoutPipes = EcompPortalUtils.getFunctionCode(globalRoleFunc.getFunctionCd());
 					roleFunc = userRquestedFunctionsMapPipesFilter.get(globalRoleFuncWithoutPipes);
 				}
-				if(roleFunc == null){
-					ExternalAccessPermsDetail permDetailFromMap = globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE) ? existingPermsWithRolesWithPipes.get(globalRoleFuncWithoutPipes) : existingPermsWithRoles.get(globalRoleFuncWithoutPipes);
-					ExternalAccessPerms perm = new ExternalAccessPerms(permDetailFromMap.getType(), EcompPortalUtils.getFunctionCode(permDetailFromMap.getInstance()), permDetailFromMap.getAction());
-					String roleName = portalAppInfo.getNameSpace()+"."+globalRoleFunc.getRoleName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_");
+				if (roleFunc == null) {
+					ExternalAccessPermsDetail permDetailFromMap = globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)
+							? existingPermsWithRolesWithPipes.get(globalRoleFuncWithoutPipes)
+							: existingPermsWithRoles.get(globalRoleFuncWithoutPipes);
+					ExternalAccessPerms perm = new ExternalAccessPerms(permDetailFromMap.getType(),
+							EcompPortalUtils.getFunctionCode(permDetailFromMap.getInstance()),
+							permDetailFromMap.getAction());
+					String roleName = portalAppInfo.getNameSpace() + "." + globalRoleFunc.getRoleName()
+							.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_");
 					HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
 					removePermForRole(perm, mapper, roleName, headers);
 				}
 			}
 			logger.debug(EELFLoggerDelegate.debugLogger, "Finished addFunctionsTOGlobalRole");
 		} catch (Exception e) {
-			logger.error(EELFLoggerDelegate.errorLogger, "addFunctionsTOGlobalRole: Failed",e);
+			logger.error(EELFLoggerDelegate.errorLogger, "addFunctionsTOGlobalRole: Failed", e);
 			throw e;
 		}
 	}
 
-	private void addRoleFunctionsToGlobalRoleInExternalSystem(RoleFunction addFunction, Role globalRole, ObjectMapper mapper, EPApp app,
-			EPApp portalAppInfo) throws Exception {
+	private void addRoleFunctionsToGlobalRoleInExternalSystem(RoleFunction addFunction, Role globalRole,
+			ObjectMapper mapper, EPApp app, EPApp portalAppInfo) throws Exception {
 		try {
 			logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addRoleFunctionsToGlobalRoleInExternalSystem");
 			ExternalAccessRolePerms extAddRolePerms = null;
 			ExternalAccessPerms extAddPerms = null;
 			HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
-				String code = "";
-				String type = "";
-				String action = "";
-				if (addFunction.getCode().contains(FUNCTION_PIPE)) {
-					code = EcompPortalUtils.getFunctionCode(addFunction.getCode());
-					type = getFunctionCodeType(addFunction.getCode());
-					action = getFunctionCodeAction(addFunction.getCode());
-				} else {
-					code = addFunction.getCode();
-					type = addFunction.getCode().contains("menu") ? "menu" : "url";
-					action = "*";
-				}
-				extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action);
-				extAddRolePerms = new ExternalAccessRolePerms(extAddPerms,
-						portalAppInfo.getNameSpace() + "." + globalRole.getName().replaceAll(
-								EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
-				String updateRolePerms = mapper.writeValueAsString(extAddRolePerms);
-				HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers);
-				logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} ",
-						CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
-				ResponseEntity<String> addResponse = template
-						.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
-								+ "role/perm", HttpMethod.POST, entity, String.class);
-				if (addResponse.getStatusCode().value() != 201) {
-					logger.debug(EELFLoggerDelegate.debugLogger,
-							"addRoleFunctionsInExternalSystem: While adding permission to the role in  External Auth system something went wrong! due to {} and statuscode: {}",
-							addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value());
-				} else {
-					logger.debug(EELFLoggerDelegate.debugLogger,
-							"addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system and status code: {} ",
-							addResponse.getStatusCode().value());
-				}
+			String code = "";
+			String type = "";
+			String action = "";
+			if (addFunction.getCode().contains(FUNCTION_PIPE)) {
+				code = EcompPortalUtils.getFunctionCode(addFunction.getCode());
+				type = getFunctionCodeType(addFunction.getCode());
+				action = getFunctionCodeAction(addFunction.getCode());
+			} else {
+				code = addFunction.getCode();
+				type = addFunction.getCode().contains("menu") ? "menu" : "url";
+				action = "*";
+			}
+			extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action);
+			extAddRolePerms = new ExternalAccessRolePerms(extAddPerms, portalAppInfo.getNameSpace() + "." + globalRole
+					.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+			String updateRolePerms = mapper.writeValueAsString(extAddRolePerms);
+			HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers);
+			logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} ",
+					CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
+			ResponseEntity<String> addResponse = template.exchange(
+					SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm",
+					HttpMethod.POST, entity, String.class);
+			if (addResponse.getStatusCode().value() != 201) {
+				logger.debug(EELFLoggerDelegate.debugLogger,
+						"addRoleFunctionsInExternalSystem: While adding permission to the role in  External Auth system something went wrong! due to {} and statuscode: {}",
+						addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value());
+			} else {
+				logger.debug(EELFLoggerDelegate.debugLogger,
+						"addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system and status code: {} ",
+						addResponse.getStatusCode().value());
+			}
 			logger.debug(EELFLoggerDelegate.debugLogger, "Finished addRoleFunctionsToGlobalRoleInExternalSystem");
-		}catch(Exception e){
-			logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsToGlobalRoleInExternalSystem: Failed",e);
+		} catch (Exception e) {
+			logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsToGlobalRoleInExternalSystem: Failed", e);
 			throw e;
 		}
 	}
@@ -657,7 +652,8 @@
 		boolean response;
 		String updateRolePerms = addPermsMapper.writeValueAsString(extAddRolePerms);
 		HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers);
-		logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms);
+		logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} for POST: {} ",
+				CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms);
 		ResponseEntity<String> addResponse = template.exchange(
 				SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm",
 				HttpMethod.POST, entity, String.class);
@@ -668,17 +664,20 @@
 					addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value());
 		} else {
 			response = true;
-			logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system {} and status code: {} ", updateRolePerms, addResponse.getStatusCode().value());
+			logger.debug(EELFLoggerDelegate.debugLogger,
+					"addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system {} and status code: {} ",
+					updateRolePerms, addResponse.getStatusCode().value());
 		}
 		return response;
 	}
 
 	/**
 	 * 
-	 * It converts list of functions in updateExtRole parameter to the RoleFunction object
+	 * It converts list of functions in updateExtRole parameter to the
+	 * RoleFunction object
 	 * 
 	 * @param updateExtRole
-	 * @return list of functions 
+	 * @return list of functions
 	 */
 	@SuppressWarnings("unchecked")
 	private List<RoleFunction> convertSetToListOfRoleFunctions(Role updateExtRole) {
@@ -701,28 +700,31 @@
 	 * @param permMapper
 	 * @param name
 	 * @param headers
-	 * @throws JsonProcessingException 
+	 * @throws JsonProcessingException
 	 * @throws Exception
 	 */
 	private void removePermForRole(ExternalAccessPerms perm, ObjectMapper permMapper, String name, HttpHeaders headers)
 			throws ExternalAuthSystemException, JsonProcessingException {
 		ExternalAccessRolePerms extAccessRolePerms = new ExternalAccessRolePerms(perm, name);
 		String permDetails = permMapper.writeValueAsString(extAccessRolePerms);
-		try{
-		HttpEntity<String> deleteEntity = new HttpEntity<>(permDetails, headers);
-		logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: {} for DELETE: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, permDetails);
-		ResponseEntity<String> deletePermResponse = template
-				.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/"
-						+ name + "/perm", HttpMethod.DELETE, deleteEntity, String.class);
-		if (deletePermResponse.getStatusCode().value() != 200) {
-			throw new ExternalAuthSystemException(deletePermResponse.getBody());
-		}
-		logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: Finished deleting permission to role in External Auth system: {} and status code: {}",
-				permDetails, deletePermResponse.getStatusCode().value());
-		} catch(Exception e){
-			if(e.getMessage().contains("404")){
-				logger.error(EELFLoggerDelegate.errorLogger, "Failed to add role for DELETE request: {} due to {}", permDetails, e.getMessage());				
-			} else{
+		try {
+			HttpEntity<String> deleteEntity = new HttpEntity<>(permDetails, headers);
+			logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: {} for DELETE: {} ",
+					CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, permDetails);
+			ResponseEntity<String> deletePermResponse = template
+					.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+							+ "role/" + name + "/perm", HttpMethod.DELETE, deleteEntity, String.class);
+			if (deletePermResponse.getStatusCode().value() != 200) {
+				throw new ExternalAuthSystemException(deletePermResponse.getBody());
+			}
+			logger.debug(EELFLoggerDelegate.debugLogger,
+					"removePermForRole: Finished deleting permission to role in External Auth system: {} and status code: {}",
+					permDetails, deletePermResponse.getStatusCode().value());
+		} catch (Exception e) {
+			if (e.getMessage().contains("404")) {
+				logger.error(EELFLoggerDelegate.errorLogger, "Failed to add role for DELETE request: {} due to {}",
+						permDetails, e.getMessage());
+			} else {
 				throw e;
 			}
 		}
@@ -737,29 +739,32 @@
 	 * @throws Exception
 	 *             If fails to add role in the system
 	 */
-	private void addNewRoleInExternalSystem(List<EPRole> newRole, EPApp app) throws Exception, HttpClientErrorException {
-		try{
-		HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
-		ObjectMapper mapper = new ObjectMapper();
-		String addNewRole = "";
-		ExternalAccessRole extRole = new ExternalAccessRole();
-		extRole.setName(app.getNameSpace() + "." + newRole.get(0).getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
-		extRole.setDescription(String.valueOf(newRole.get(0).getName()));
-		addNewRole = mapper.writeValueAsString(extRole);
-		HttpEntity<String> postEntity = new HttpEntity<>(addNewRole, headers);
-		logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addNewRole);
-		ResponseEntity<String> addNewRoleInExternalSystem = template.exchange(
-				SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role",
-				HttpMethod.POST, postEntity, String.class);
+	private void addNewRoleInExternalSystem(List<EPRole> newRole, EPApp app)
+			throws Exception, HttpClientErrorException {
+		try {
+			HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
+			ObjectMapper mapper = new ObjectMapper();
+			String addNewRole = "";
+			ExternalAccessRole extRole = new ExternalAccessRole();
+			extRole.setName(app.getNameSpace() + "." + newRole.get(0).getName()
+					.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+			extRole.setDescription(String.valueOf(newRole.get(0).getName()));
+			addNewRole = mapper.writeValueAsString(extRole);
+			HttpEntity<String> postEntity = new HttpEntity<>(addNewRole, headers);
+			logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: {} for POST: {} ",
+					CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addNewRole);
+			ResponseEntity<String> addNewRoleInExternalSystem = template.exchange(
+					SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role",
+					HttpMethod.POST, postEntity, String.class);
 			if (addNewRoleInExternalSystem.getStatusCode().value() == 201) {
 				logger.debug(EELFLoggerDelegate.debugLogger,
 						"addNewRoleInExternalSystem: Finished adding into External Auth system for POST: {} and status code: {}",
 						addNewRole, addNewRoleInExternalSystem.getStatusCode().value());
 			}
-		}catch(HttpClientErrorException ht){
-			dataAccessService.deleteDomainObjects(EPRole.class, " role_id = "+ newRole.get(0).getId(), null);
-			logger.error(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: Failed to add in External Auth system and status code: {}",
-					ht);
+		} catch (HttpClientErrorException ht) {
+			dataAccessService.deleteDomainObjects(EPRole.class, " role_id = " + newRole.get(0).getId(), null);
+			logger.error(EELFLoggerDelegate.debugLogger,
+					"addNewRoleInExternalSystem: Failed to add in External Auth system and status code: {}", ht);
 			throw new HttpClientErrorException(ht.getStatusCode());
 		}
 	}
@@ -778,14 +783,15 @@
 		ObjectMapper mapper = new ObjectMapper();
 		String addNewRole = "";
 		ExternalAccessRole extRole = new ExternalAccessRole();
-		extRole.setName(app.getNameSpace() + "." + addRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+		extRole.setName(app.getNameSpace() + "." + addRole.getName()
+				.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
 		extRole.setDescription(String.valueOf(addRole.getName()));
 		addNewRole = mapper.writeValueAsString(extRole);
 		return addNewRole;
 	}
 
 	/**
-	 * It create a role in the external auth system and then in our local 
+	 * It create a role in the external auth system and then in our local
 	 * 
 	 * @param addRoleInDB
 	 * @param app
@@ -794,7 +800,7 @@
 	 */
 	@SuppressWarnings("unchecked")
 	@Transactional(rollbackFor = Exception.class)
-	public boolean addRoleInEcompDB(Role addRoleInDB, EPApp app) throws Exception {		
+	public boolean addRoleInEcompDB(Role addRoleInDB, EPApp app) throws Exception {
 		boolean result = false;
 		EPRole epRole = null;
 		Set<RoleFunction> roleFunctionList = addRoleInDB.getRoleFunctions();
@@ -823,19 +829,22 @@
 				}
 				dataAccessService.saveDomainObject(epRoleNew, null);
 				List<EPRole> getRoleCreated = null;
-				final Map<String, String> epAppRoleParams =  new HashMap<>();
-				final Map<String, String> epAppPortalRoleParams =  new HashMap<>();
+				final Map<String, String> epAppRoleParams = new HashMap<>();
+				final Map<String, String> epAppPortalRoleParams = new HashMap<>();
 				if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
 					epAppRoleParams.put("appId", String.valueOf(app.getId()));
 					epAppRoleParams.put(APP_ROLE_NAME_PARAM, addRoleInDB.getName());
-					List<EPRole> roleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null);
+					List<EPRole> roleCreated = dataAccessService
+							.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null);
 					EPRole epUpdateRole = roleCreated.get(0);
 					epUpdateRole.setAppRoleId(epUpdateRole.getId());
 					dataAccessService.saveDomainObject(epUpdateRole, null);
-					getRoleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null);
+					getRoleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM,
+							epAppRoleParams, null);
 				} else {
 					epAppPortalRoleParams.put(APP_ROLE_NAME_PARAM, addRoleInDB.getName());
-					getRoleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, epAppPortalRoleParams, null);
+					getRoleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY,
+							epAppPortalRoleParams, null);
 				}
 				// Add role in External Auth system
 				if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
@@ -905,19 +914,23 @@
 	 * @param checkRole
 	 * @param app
 	 * @throws Exception
-	 * 					If role exits
+	 *             If role exits
 	 */
 	private void checkIfRoleExitsInExternalSystem(Role checkRole, EPApp app) throws Exception {
 		getNameSpaceIfExists(app);
 		HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
-		String roleName = app.getNameSpace() + "." + checkRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_");
+		String roleName = app.getNameSpace() + "." + checkRole.getName()
+				.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_");
 		HttpEntity<String> checkRoleEntity = new HttpEntity<>(headers);
-		logger.debug(EELFLoggerDelegate.debugLogger, "checkIfRoleExitsInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
+		logger.debug(EELFLoggerDelegate.debugLogger, "checkIfRoleExitsInExternalSystem: {} ",
+				CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
 		ResponseEntity<String> checkRoleInExternalSystem = template
 				.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "roles/"
 						+ roleName, HttpMethod.GET, checkRoleEntity, String.class);
 		if (!checkRoleInExternalSystem.getBody().equals(IS_EMPTY_JSON_STRING)) {
-			logger.debug("checkIfRoleExitsInExternalSystem: Role already exists in external system {} and status code: {} ", checkRoleInExternalSystem.getBody(), checkRoleInExternalSystem.getStatusCode().value());
+			logger.debug(
+					"checkIfRoleExitsInExternalSystem: Role already exists in external system {} and status code: {} ",
+					checkRoleInExternalSystem.getBody(), checkRoleInExternalSystem.getStatusCode().value());
 			throw new ExternalAuthSystemException(" Role already exists in external system");
 		}
 	}
@@ -931,10 +944,9 @@
 	 * @throws Exception
 	 */
 	@SuppressWarnings("unchecked")
-	private void saveRoleFunction(List<RoleFunction> roleFunctionListNew, EPApp app, List<EPRole> applicationRoles ,Long roleAppId)
-			throws Exception {	
-		final Map<String, String> getAppFunctionParams = new HashMap<>(); 
-
+	private void saveRoleFunction(List<RoleFunction> roleFunctionListNew, EPApp app, List<EPRole> applicationRoles,
+			Long roleAppId) throws Exception {
+		final Map<String, String> getAppFunctionParams = new HashMap<>();
 		for (RoleFunction roleFunc : roleFunctionListNew) {
 			String code = EcompPortalUtils.getFunctionCode(roleFunc.getCode());
 			EPAppRoleFunction appRoleFunc = new EPAppRoleFunction();
@@ -944,45 +956,46 @@
 			getAppFunctionParams.put("appId", String.valueOf(app.getId()));
 			getAppFunctionParams.put(FUNCTION_CODE_PARAMS, roleFunc.getCode());
 			// query to check if function code has pipes
-			List<CentralV2RoleFunction> roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY, getAppFunctionParams, null);
-			if(roleFunction.isEmpty()){
+			List<CentralV2RoleFunction> roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY,
+					getAppFunctionParams, null);
+			if (roleFunction.isEmpty()) {
 				getAppFunctionParams.put(FUNCTION_CODE_PARAMS, code);
 				roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY, getAppFunctionParams, null);
 			}
-			if(roleFunction.size() > 1){
+			if (roleFunction.size() > 1) {
 				CentralV2RoleFunction getExactFunctionCode = appFunctionListFilter(code, roleFunction);
 				appRoleFunc.setCode(getExactFunctionCode.getCode());
-			} else{
+			} else {
 				appRoleFunc.setCode(roleFunction.get(0).getCode());
 			}
-			
 			dataAccessService.saveDomainObject(appRoleFunc, null);
 		}
 	}
 
 	/**
 	 * 
-	 * It filters the app functions which starts with similar name in the result set
+	 * It filters the app functions which starts with similar name in the result
+	 * set
 	 * 
 	 * @param roleFunc
 	 * @param roleFunction
-	 * @return CentralRoleFunction 
+	 * @return CentralRoleFunction
 	 */
 	private CentralV2RoleFunction appFunctionListFilter(String roleFuncCode, List<CentralV2RoleFunction> roleFunction) {
-		final Map<String, CentralV2RoleFunction> appFunctionsFilter = new HashMap<>(); 
-		final Map<String, CentralV2RoleFunction> appFunctionsFilterPipes = new HashMap<>(); 
+		final Map<String, CentralV2RoleFunction> appFunctionsFilter = new HashMap<>();
+		final Map<String, CentralV2RoleFunction> appFunctionsFilterPipes = new HashMap<>();
 		CentralV2RoleFunction getExactFunctionCode = null;
-		for(CentralV2RoleFunction cenRoleFunction : roleFunction){
+		for (CentralV2RoleFunction cenRoleFunction : roleFunction) {
 			appFunctionsFilter.put(cenRoleFunction.getCode(), cenRoleFunction);
 			appFunctionsFilterPipes.put(EcompPortalUtils.getFunctionCode(cenRoleFunction.getCode()), cenRoleFunction);
 		}
 		getExactFunctionCode = appFunctionsFilter.get(roleFuncCode);
-		if(getExactFunctionCode == null){
+		if (getExactFunctionCode == null) {
 			getExactFunctionCode = appFunctionsFilterPipes.get(roleFuncCode);
 		}
 		return getExactFunctionCode;
 	}
-	
+
 	/**
 	 * It deletes all EPAppRoleFunction records in the portal
 	 * 
@@ -994,17 +1007,18 @@
 		final Map<String, Long> appRoleFuncsParams = new HashMap<>();
 		appRoleFuncsParams.put("appId", app.getId());
 		appRoleFuncsParams.put("roleId", role.get(0).getId());
-		List<EPAppRoleFunction> appRoleFunctionList =  dataAccessService.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null);
+		List<EPAppRoleFunction> appRoleFunctionList = dataAccessService
+				.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null);
 		if (!appRoleFunctionList.isEmpty()) {
 			for (EPAppRoleFunction approleFunction : appRoleFunctionList) {
 				dataAccessService.deleteDomainObject(approleFunction, null);
 			}
 		}
 	}
-	
+
 	@Override
 	@SuppressWarnings("unchecked")
-	public List<EPUser> getUser(String loginId) throws InvalidUserException{
+	public List<EPUser> getUser(String loginId) throws InvalidUserException {
 		final Map<String, String> userParams = new HashMap<>();
 		userParams.put("org_user_id", loginId);
 		List<EPUser> userList = dataAccessService.executeNamedQuery("getEPUserByOrgUserId", userParams, null);
@@ -1051,10 +1065,10 @@
 			List<EPApp> app = getApp(uebkey);
 			List<EPRole> appRolesList = getAppRoles(app.get(0).getId());
 			roleList = createCentralRoleObject(app, appRolesList, roleList, params);
-			if(app.get(0).getId() != PortalConstants.PORTAL_APP_ID){
-			    List<CentralV2Role> globalRoleList = getGlobalRolesOfApplication(app.get(0).getId());
+			if (app.get(0).getId() != PortalConstants.PORTAL_APP_ID) {
+				List<CentralV2Role> globalRoleList = getGlobalRolesOfApplication(app.get(0).getId());
 				List<EPRole> globalRolesList = getGlobalRolesOfPortal();
-			    List<CentralV2Role> portalsGlobalRolesFinlaList = new ArrayList<>();
+				List<CentralV2Role> portalsGlobalRolesFinlaList = new ArrayList<>();
 				if (!globalRolesList.isEmpty()) {
 					for (EPRole eprole : globalRolesList) {
 						CentralV2Role cenRole = convertRoleToCentralV2Role(eprole);
@@ -1062,10 +1076,10 @@
 					}
 					roleList.addAll(globalRoleList);
 					for (CentralV2Role role : portalsGlobalRolesFinlaList) {
-						CentralV2Role result = roleList.stream()
-									.filter(x -> role.getId().equals(x.getId())).findAny().orElse(null);
-							if (result == null)
-								roleList.add(role);
+						CentralV2Role result = roleList.stream().filter(x -> role.getId().equals(x.getId())).findAny()
+								.orElse(null);
+						if (result == null)
+							roleList.add(role);
 					}
 				} else {
 					for (EPRole role : globalRolesList) {
@@ -1089,10 +1103,15 @@
 		List<CentralV2RoleFunction> finalRoleList = new ArrayList<>();
 		final Map<String, Long> params = new HashMap<>();
 		params.put(APP_ID, app.getId());
-		List<CentralV2RoleFunction> getRoleFuncList = dataAccessService.executeNamedQuery("getAllRoleFunctions", params, null);
+		List<CentralV2RoleFunction> getRoleFuncList = dataAccessService.executeNamedQuery("getAllRoleFunctions", params,
+				null);
 		for (CentralV2RoleFunction roleFuncItem : getRoleFuncList) {
 			String code = EcompPortalUtils.getFunctionCode(roleFuncItem.getCode());
-			String type = getFunctionCodeType(roleFuncItem.getCode());
+			String type = "";
+			if (roleFuncItem.getCode().contains("|"))
+				type = EcompPortalUtils.getFunctionType(roleFuncItem.getCode());
+			else
+				type = getFunctionCodeType(roleFuncItem.getCode());
 			String action = getFunctionCodeAction(roleFuncItem.getCode());
 			roleFuncItem.setCode(EPUserUtils.decodeFunctionCode(code));
 			roleFuncItem.setType(type);
@@ -1102,11 +1121,9 @@
 		return finalRoleList;
 	}
 
-
 	@Override
 	public String getFunctionCodeAction(String roleFuncItem) {
-		return (!roleFuncItem.contains(FUNCTION_PIPE)) ? "*"
-				: EcompPortalUtils.getFunctionAction(roleFuncItem);
+		return (!roleFuncItem.contains(FUNCTION_PIPE)) ? "*" : EcompPortalUtils.getFunctionAction(roleFuncItem);
 	}
 
 	@Override
@@ -1115,9 +1132,8 @@
 		if ((roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu"))
 				|| (!roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu"))) {
 			type = "menu";
-		} else if (checkIfCodeHasNoPipesAndHasTypeUrl(roleFuncItem)
-				||checkIfCodeHasPipesAndHasTypeUrl(roleFuncItem)
-				||checkIfCodeHasNoPipesAndHasNoTypeUrl(roleFuncItem)) {
+		} else if (checkIfCodeHasNoPipesAndHasTypeUrl(roleFuncItem) || checkIfCodeHasPipesAndHasTypeUrl(roleFuncItem)
+				|| checkIfCodeHasNoPipesAndHasNoTypeUrl(roleFuncItem)) {
 			type = "url";
 		} else if (roleFuncItem.contains(FUNCTION_PIPE)
 				&& (!roleFuncItem.contains("menu") || roleFuncItem.contains("url"))) {
@@ -1136,10 +1152,10 @@
 	private boolean checkIfCodeHasNoPipesAndHasNoTypeUrl(String roleFuncItem) {
 		return !roleFuncItem.contains(FUNCTION_PIPE) && !roleFuncItem.contains("url");
 	}
-	
+
 	/**
 	 * 
-	 * It check whether function code has pipes and url string in it  
+	 * It check whether function code has pipes and url string in it
 	 * 
 	 * @param roleFuncItem
 	 * @return true or false
@@ -1150,7 +1166,7 @@
 
 	/**
 	 * 
-	 * It check whether function code has no pipes and has url string in it 
+	 * It check whether function code has no pipes and has url string in it
 	 * 
 	 * @param roleFuncItem
 	 * @return true or false
@@ -1160,7 +1176,8 @@
 	}
 
 	/**
-	 * It returns user detail information which is deep copy of EPUser.class object
+	 * It returns user detail information which is deep copy of EPUser.class
+	 * object
 	 * 
 	 * @param userInfo
 	 * @param userAppSet
@@ -1200,6 +1217,7 @@
 								String.valueOf(epApp.getOpen()), String.valueOf(epApp.getEnabled()),
 								epApp.getThumbnail(), epApp.getUsername(), epApp.getUebKey(), epApp.getUebSecret(),
 								epApp.getUebTopicName());
+						cenApp.setAppPassword(EPCommonSystemProperties.APP_DISPLAY_PASSWORD);
 						cua.setApp(cenApp);
 						Long appId = null;
 						if (globalRole.toLowerCase().startsWith("global_")
@@ -1242,12 +1260,10 @@
 								userApp.getRole().getName(), userApp.getRole().getActive(),
 								userApp.getRole().getPriority(), roleFunctionSet, null, null);
 						cua.setRole(cenRole);
-
 						userAppList.getUserApps().add(cua);
 					}
 				}
 			}
-
 			user1 = new CentralV2User(null, userInfo.getCreated(), userInfo.getModified(), userInfo.getCreatedId(),
 					userInfo.getModifiedId(), userInfo.getRowNum(), userInfo.getOrgId(), userInfo.getManagerId(),
 					userInfo.getFirstName(), userInfo.getMiddleInitial(), userInfo.getLastName(), userInfo.getPhone(),
@@ -1301,11 +1317,9 @@
 			if (roleList.isEmpty()) {
 				return cenRole;
 			}
-
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "getRoleInfo: failed", e);
 			throw e;
-
 		}
 		return roleList.get(0);
 	}
@@ -1315,9 +1329,9 @@
 		List<EPRole> roleInfo;
 		final Map<String, Long> getPartnerAppRoleParams = new HashMap<>();
 		getPartnerAppRoleParams.put("appRoleId", roleId);
-		getPartnerAppRoleParams.put("appId", app.getId());				
+		getPartnerAppRoleParams.put("appId", app.getId());
 		roleInfo = dataAccessService.executeNamedQuery("getPartnerAppRoleByRoleId", getPartnerAppRoleParams, null);
-		if(roleInfo.isEmpty()) {
+		if (roleInfo.isEmpty()) {
 			getPartnerAppRoleParams.put("appRoleId", roleId);
 			roleInfo = dataAccessService.executeNamedQuery("getPartnerAppRoleById", getPartnerAppRoleParams, null);
 		}
@@ -1332,20 +1346,22 @@
 		roleInfo = dataAccessService.executeNamedQuery("getPortalAppRoleByRoleId", getPortalAppRoleParams, null);
 		return roleInfo;
 	}
-	
+
 	/**
 	 * 
-	 * It returns list of app roles along with role functions and which went through deep copy
+	 * It returns list of app roles along with role functions and which went
+	 * through deep copy
 	 * 
 	 * @param app
 	 * @param roleInfo
 	 * @param roleList
 	 * @param params
 	 * @return
-	 * @throws DecoderException 
+	 * @throws DecoderException
 	 */
 	@SuppressWarnings("unchecked")
-	private List<CentralV2Role> createCentralRoleObject(List<EPApp> app, List<EPRole> roleInfo,
+	@Override
+	public List<CentralV2Role> createCentralRoleObject(List<EPApp> app, List<EPRole> roleInfo,
 			List<CentralV2Role> roleList, Map<String, Long> params) throws RoleFunctionException {
 		for (EPRole role : roleInfo) {
 			params.put("roleId", role.getId());
@@ -1427,29 +1443,29 @@
 			String newfunctionTypeFormat = EcompPortalUtils.getFunctionType(functionCodeFormat);
 			String newfunctionActionFormat = EcompPortalUtils.getFunctionAction(functionCodeFormat);
 			roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), newfunctionCodeFormat,
-					getRoleFuncList.getName(), getRoleFuncList.getAppId(), newfunctionTypeFormat, newfunctionActionFormat,
-					getRoleFuncList.getEditUrl());
+					getRoleFuncList.getName(), getRoleFuncList.getAppId(), newfunctionTypeFormat,
+					newfunctionActionFormat, getRoleFuncList.getEditUrl());
 		} else {
-			roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), functionCodeFormat,
-					getRoleFuncList.getName(), getRoleFuncList.getAppId(),
-					getRoleFuncList.getEditUrl());
+			roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), functionCodeFormat, getRoleFuncList.getName(),
+					getRoleFuncList.getAppId(), getRoleFuncList.getEditUrl());
 		}
 		return roleFunc;
 	}
 
 	@Override
-	public boolean saveCentralRoleFunction(CentralV2RoleFunction domainCentralRoleFunction, EPApp app) throws Exception {
+	public boolean saveCentralRoleFunction(CentralV2RoleFunction domainCentralRoleFunction, EPApp app)
+			throws Exception {
 		boolean saveOrUpdateFunction = false;
 		try {
 			domainCentralRoleFunction.setCode(encodeFunctionCode(domainCentralRoleFunction.getCode()));
 			final Map<String, String> functionParams = new HashMap<>();
 			functionParams.put("appId", String.valueOf(app.getId()));
-			if(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
-				addRoleFunctionInExternalSystem(domainCentralRoleFunction, app);			
+			if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
+				addRoleFunctionInExternalSystem(domainCentralRoleFunction, app);
 			}
-			if(domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null){
-				domainCentralRoleFunction.setCode(domainCentralRoleFunction.getType()+
-					FUNCTION_PIPE+domainCentralRoleFunction.getCode()+FUNCTION_PIPE+domainCentralRoleFunction.getAction());
+			if (domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null) {
+				domainCentralRoleFunction.setCode(domainCentralRoleFunction.getType() + FUNCTION_PIPE
+						+ domainCentralRoleFunction.getCode() + FUNCTION_PIPE + domainCentralRoleFunction.getAction());
 			}
 			domainCentralRoleFunction.setAppId(app.getId());
 			dataAccessService.saveDomainObject(domainCentralRoleFunction, null);
@@ -1460,7 +1476,7 @@
 		}
 		return saveOrUpdateFunction;
 	}
-	
+
 	/**
 	 * It creates application permission in external auth system
 	 * 
@@ -1472,24 +1488,32 @@
 			throws Exception {
 		ObjectMapper mapper = new ObjectMapper();
 		ExternalAccessPerms extPerms = new ExternalAccessPerms();
-		HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); 
+		HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
 		String type = "";
 		String instance = "";
 		String action = "";
-		if((domainCentralRoleFunction.getType()!=null && domainCentralRoleFunction.getAction()!=null) || domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)){
-			type =  domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ? EcompPortalUtils.getFunctionType(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getType(); 
-			instance =  domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ?  EcompPortalUtils.getFunctionCode(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getCode();
-			action =  domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ? EcompPortalUtils.getFunctionAction(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getAction();
-		} else{
+		if ((domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null)
+				|| domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)) {
+			type = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)
+					? EcompPortalUtils.getFunctionType(domainCentralRoleFunction.getCode())
+					: domainCentralRoleFunction.getType();
+			instance = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)
+					? EcompPortalUtils.getFunctionCode(domainCentralRoleFunction.getCode())
+					: domainCentralRoleFunction.getCode();
+			action = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)
+					? EcompPortalUtils.getFunctionAction(domainCentralRoleFunction.getCode())
+					: domainCentralRoleFunction.getAction();
+		} else {
 			type = domainCentralRoleFunction.getCode().contains("menu") ? "menu" : "url";
 			instance = domainCentralRoleFunction.getCode();
-			action = "*"; 
-		}		
+			action = "*";
+		}
 		// get Permissions from External Auth System
 		JSONArray extPermsList = getExtAuthPermissions(app);
 		List<ExternalAccessPermsDetail> permsDetailList = getExtAuthPerrmissonList(app, extPermsList);
-		String requestedPerm = type+FUNCTION_PIPE+instance+FUNCTION_PIPE+action;
-		boolean checkIfFunctionsExits = permsDetailList.stream().anyMatch(permsDetail -> permsDetail.getInstance().equals(requestedPerm));
+		String requestedPerm = type + FUNCTION_PIPE + instance + FUNCTION_PIPE + action;
+		boolean checkIfFunctionsExits = permsDetailList.stream()
+				.anyMatch(permsDetail -> permsDetail.getInstance().equals(requestedPerm));
 		if (!checkIfFunctionsExits) {
 			try {
 				extPerms.setAction(action);
@@ -1498,18 +1522,22 @@
 				extPerms.setDescription(domainCentralRoleFunction.getName());
 				String addFunction = mapper.writeValueAsString(extPerms);
 				HttpEntity<String> entity = new HttpEntity<>(addFunction, headers);
-				logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for POST: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addFunction);
-				ResponseEntity<String> addPermResponse= template.exchange(
+				logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for POST: {}",
+						CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addFunction);
+				ResponseEntity<String> addPermResponse = template.exchange(
 						SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "perm",
 						HttpMethod.POST, entity, String.class);
-				logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: Finished adding permission for POST: {} and status code: {} ", addPermResponse.getStatusCode().value(), addFunction);
-			} catch(HttpClientErrorException e){
-				logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to add function in external central auth system", e);
+				logger.debug(EELFLoggerDelegate.debugLogger,
+						"addRoleFunctionInExternalSystem: Finished adding permission for POST: {} and status code: {} ",
+						addPermResponse.getStatusCode().value(), addFunction);
+			} catch (HttpClientErrorException e) {
+				logger.error(EELFLoggerDelegate.errorLogger,
+						"HttpClientErrorException - Failed to add function in external central auth system", e);
 				EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
 				throw e;
-			}catch (Exception e) {
-				logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionInExternalSystem: Failed to add fucntion in external central auth system",
-						e);
+			} catch (Exception e) {
+				logger.error(EELFLoggerDelegate.errorLogger,
+						"addRoleFunctionInExternalSystem: Failed to add fucntion in external central auth system", e);
 				throw e;
 			}
 		} else {
@@ -1520,17 +1548,23 @@
 				extPerms.setDescription(domainCentralRoleFunction.getName());
 				String updateRoleFunction = mapper.writeValueAsString(extPerms);
 				HttpEntity<String> entity = new HttpEntity<>(updateRoleFunction, headers);
-				logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for PUT: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRoleFunction);
+				logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for PUT: {}",
+						CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRoleFunction);
 				ResponseEntity<String> updatePermResponse = template.exchange(
 						SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "perm",
 						HttpMethod.PUT, entity, String.class);
-				logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: Finished updating permission in External Auth system {} and response: {} ", updateRoleFunction, updatePermResponse.getStatusCode().value());
-			} catch(HttpClientErrorException e){
-				logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to add function in external central auth system", e);
+				logger.debug(EELFLoggerDelegate.debugLogger,
+						"addRoleFunctionInExternalSystem: Finished updating permission in External Auth system {} and response: {} ",
+						updateRoleFunction, updatePermResponse.getStatusCode().value());
+			} catch (HttpClientErrorException e) {
+				logger.error(EELFLoggerDelegate.errorLogger,
+						"HttpClientErrorException - Failed to add function in external central auth system", e);
 				EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
 				throw e;
 			} catch (Exception e) {
-				logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionInExternalSystem: Failed to update function in external central auth system",e);
+				logger.error(EELFLoggerDelegate.errorLogger,
+						"addRoleFunctionInExternalSystem: Failed to update function in external central auth system",
+						e);
 				throw e;
 			}
 		}
@@ -1562,7 +1596,7 @@
 	}
 
 	/**
-	 * It deletes app function record in portal 
+	 * It deletes app function record in portal
 	 * 
 	 * @param code
 	 * @param app
@@ -1571,10 +1605,10 @@
 		dataAccessService.deleteDomainObjects(EPAppRoleFunction.class,
 				APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + code + "'", null);
 	}
-	
+
 	/**
 	 * 
-	 * It deletes permission in the external auth system  
+	 * It deletes permission in the external auth system
 	 * 
 	 * @param domainCentralRoleFunction
 	 * @param app
@@ -1603,8 +1637,9 @@
 			logger.debug(EELFLoggerDelegate.debugLogger,
 					"deleteRoleFunctionInExternalSystem: Finished deleting permission in External Auth system {} and status code: {} ",
 					deleteRoleFunction, delPermResponse.getStatusCode().value());
-		} catch(HttpClientErrorException e){
-			logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to delete functions in External System", e);
+		} catch (HttpClientErrorException e) {
+			logger.error(EELFLoggerDelegate.errorLogger,
+					"HttpClientErrorException - Failed to delete functions in External System", e);
 			EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
 		} catch (Exception e) {
 			if (e.getMessage().equalsIgnoreCase("404 Not Found")) {
@@ -1612,7 +1647,8 @@
 						" deleteRoleFunctionInExternalSystem: It seems like function is already deleted in external central auth system  but exists in local DB",
 						e.getMessage());
 			} else {
-				logger.error(EELFLoggerDelegate.errorLogger, "deleteRoleFunctionInExternalSystem: Failed to delete functions in External System", e);
+				logger.error(EELFLoggerDelegate.errorLogger,
+						"deleteRoleFunctionInExternalSystem: Failed to delete functions in External System", e);
 			}
 		}
 	}
@@ -1629,7 +1665,7 @@
 			message = e.getMessage();
 			logger.error(EELFLoggerDelegate.errorLogger, "saveRoleForApplication failed", e);
 		}
-		return new ExternalRequestFieldsValidator(response,message);
+		return new ExternalRequestFieldsValidator(response, message);
 	}
 
 	@SuppressWarnings("unchecked")
@@ -1647,7 +1683,8 @@
 				epRoleList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, deleteRoleParams, null);
 			} else {
 				deleteRoleParams.put(APP_ID, String.valueOf(app.getId()));
-				epRoleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, deleteRoleParams, null);
+				epRoleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM,
+						deleteRoleParams, null);
 			}
 			if (!epRoleList.isEmpty()) {
 				transaction = localSession.beginTransaction();
@@ -1674,31 +1711,30 @@
 		}
 		return result;
 	}
-	
+
 	/**
 	 * 
-	 * It deletes role for application in external auth system 
+	 * It deletes role for application in external auth system
 	 * 
 	 * @param epRoleList contains role information
-	 * @param app contains application information
+	 * @param app        contains application information
 	 * @throws Exception
 	 */
 	private void deleteRoleInExternalAuthSystem(List<EPRole> epRoleList, EPApp app) throws Exception {
 		ResponseEntity<String> deleteResponse;
 		ResponseEntity<String> res = getNameSpaceIfExists(app);
 		if (res.getStatusCode() == HttpStatus.OK) {
-		// Delete Role in External System
-		String deleteRoleKey = "{\"name\":\"" + app.getNameSpace() + "." + epRoleList.get(0).getName()
-				.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_") + "\"}";
-		deleteResponse = deleteRoleInExternalSystem(deleteRoleKey);
-		if (deleteResponse.getStatusCode().value() != 200 && deleteResponse.getStatusCode().value() != 404) {
-			EPLogUtil.logExternalAuthAccessAlarm(logger, deleteResponse.getStatusCode());
-			logger.error(EELFLoggerDelegate.errorLogger,
-					"deleteRoleForApplication: Failed to delete role in external auth system! due to {} ",
-					deleteResponse.getBody());
-		}
-		logger.debug(EELFLoggerDelegate.debugLogger,
-				"deleteRoleForApplication: about to commit the transaction");
+			// Delete Role in External System
+			String deleteRoleKey = "{\"name\":\"" + app.getNameSpace() + "." + epRoleList.get(0).getName()
+					.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_") + "\"}";
+			deleteResponse = deleteRoleInExternalSystem(deleteRoleKey);
+			if (deleteResponse.getStatusCode().value() != 200 && deleteResponse.getStatusCode().value() != 404) {
+				EPLogUtil.logExternalAuthAccessAlarm(logger, deleteResponse.getStatusCode());
+				logger.error(EELFLoggerDelegate.errorLogger,
+						"deleteRoleForApplication: Failed to delete role in external auth system! due to {} ",
+						deleteResponse.getBody());
+			}
+			logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleForApplication: about to commit the transaction");
 		}
 	}
 
@@ -1715,35 +1751,41 @@
 		HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
 		HttpEntity<String> entity = new HttpEntity<>(headers);
 		getNameSpaceIfExists(app);
-		logger.debug(EELFLoggerDelegate.debugLogger,"deleteUserRoleInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
-		ResponseEntity<String> getResponse = template
-				.exchange(
-						SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/"
-								+ LoginId
-								+ SystemProperties
-										.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)
-								+ "/" + app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
-						HttpMethod.GET, entity, String.class);
-		logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: Finished GET user roles from External Auth system and response: {} ", getResponse.getBody());
+		logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} ",
+				CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
+		ResponseEntity<String> getResponse = template.exchange(
+				SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/"
+						+ LoginId
+						+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)
+						+ "/" + app.getNameSpace() + "."
+						+ role.getName()
+								.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
+				HttpMethod.GET, entity, String.class);
+		logger.debug(EELFLoggerDelegate.debugLogger,
+				"deleteUserRoleInExternalSystem: Finished GET user roles from External Auth system and response: {} ",
+				getResponse.getBody());
 		if (getResponse.getStatusCode().value() != 200) {
 			throw new ExternalAuthSystemException(getResponse.getBody());
 		}
 		String res = getResponse.getBody();
 		if (!res.equals(IS_EMPTY_JSON_STRING)) {
 			HttpEntity<String> userRoleentity = new HttpEntity<>(headers);
-			logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
-			ResponseEntity<String> deleteResponse = template
-					.exchange(
-							SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
-									+ "userRole/" + LoginId
-									+ SystemProperties
-											.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)
-									+ "/" + app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
-							HttpMethod.DELETE, userRoleentity, String.class);
+			logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} ",
+					CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
+			ResponseEntity<String> deleteResponse = template.exchange(
+					SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/"
+							+ LoginId
+							+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)
+							+ "/" + app.getNameSpace() + "."
+							+ role.getName().replaceAll(
+									EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
+					HttpMethod.DELETE, userRoleentity, String.class);
 			if (deleteResponse.getStatusCode().value() != 200) {
 				throw new ExternalAuthSystemException("Failed to delete user role");
 			}
-			logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: Finished deleting user role in External Auth system and status code: {} ", deleteResponse.getStatusCode().value());
+			logger.debug(EELFLoggerDelegate.debugLogger,
+					"deleteUserRoleInExternalSystem: Finished deleting user role in External Auth system and status code: {} ",
+					deleteResponse.getStatusCode().value());
 		}
 	}
 
@@ -1778,12 +1820,12 @@
 			throw e;
 		}
 		return roleList;
-
 	}
 
 	@Override
 	@Transactional(rollbackFor = Exception.class)
-	public ExternalRequestFieldsValidator deleteDependencyRoleRecord(Long roleId, String uebkey, String LoginId) throws Exception {
+	public ExternalRequestFieldsValidator deleteDependencyRoleRecord(Long roleId, String uebkey, String LoginId)
+			throws Exception {
 		Session localSession = sessionFactory.openSession();
 		String message = "";
 		Transaction transaction = null;
@@ -1793,14 +1835,14 @@
 			transaction = localSession.beginTransaction();
 			List<EPRole> epRoleList = null;
 			app = getApp(uebkey).get(0);
-			if(app.getId().equals(PortalConstants.PORTAL_APP_ID)){
+			if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
 				epRoleList = getPortalAppRoleInfo(roleId);
-			} else{
+			} else {
 				epRoleList = getPartnerAppRoleInfo(roleId, app);
 			}
-			if(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
+			if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
 				// Delete User Role in External System before deleting role
-				deleteUserRoleInExternalSystem(epRoleList.get(0), app, LoginId);	
+				deleteUserRoleInExternalSystem(epRoleList.get(0), app, LoginId);
 			}
 			// Delete user app roles
 			dataAccessService.deleteDomainObjects(EPUserApp.class,
@@ -1809,13 +1851,14 @@
 			deleteRoleDependencyRecords(localSession, epRoleList.get(0).getId(), app.getId(), isPortalRequest);
 			transaction.commit();
 			if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
-				// Final call to delete role once all dependencies has been deleted
+				// Final call to delete role once all dependencies has been
+				// deleted
 				deleteRoleInExternalAuthSystem(epRoleList, app);
 			}
-			dataAccessService.deleteDomainObjects(EPRole.class, " role_id = "+ epRoleList.get(0).getId(), null);		
+			dataAccessService.deleteDomainObjects(EPRole.class, " role_id = " + epRoleList.get(0).getId(), null);
 			logger.debug(EELFLoggerDelegate.debugLogger, "deleteDependencyRoleRecord: committed the transaction");
 			response = true;
-		} catch(HttpClientErrorException e){
+		} catch (HttpClientErrorException e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "deleteDependencyRoleRecord: HttpClientErrorException", e);
 			EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
 			message = e.getMessage();
@@ -1827,42 +1870,39 @@
 		} finally {
 			localSession.close();
 		}
-		return new ExternalRequestFieldsValidator(response,message);
+		return new ExternalRequestFieldsValidator(response, message);
 	}
-	
+
 	@Override
 	@SuppressWarnings("unchecked")
 	@Transactional
 	public void syncRoleFunctionFromExternalAccessSystem(EPApp app) {
 		try {
-
 			// get Permissions from External Auth System
 			JSONArray extPerms = getExtAuthPermissions(app);
 			List<ExternalAccessPermsDetail> permsDetailList = getExtAuthPerrmissonList(app, extPerms);
-
 			// get functions in DB
 			final Map<String, Long> params = new HashMap<>();
 			final Map<String, CentralV2RoleFunction> roleFuncMap = new HashMap<>();
 			params.put(APP_ID, app.getId());
-			List<CentralV2RoleFunction> appFunctions = dataAccessService.executeNamedQuery("getAllRoleFunctions", params,
-					null);
+			List<CentralV2RoleFunction> appFunctions = dataAccessService.executeNamedQuery("getAllRoleFunctions",
+					params, null);
 			if (!appFunctions.isEmpty()) {
 				for (CentralV2RoleFunction roleFunc : appFunctions) {
 					roleFuncMap.put(roleFunc.getCode(), roleFunc);
 				}
 			}
-			
 			// get Roles for portal in DB
 			List<EPRole> portalRoleList = getGlobalRolesOfPortal();
 			final Map<String, EPRole> existingPortalRolesMap = new HashMap<>();
-			for(EPRole epRole : portalRoleList){
-				existingPortalRolesMap.put(epRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), epRole);
+			for (EPRole epRole : portalRoleList) {
+				existingPortalRolesMap.put(epRole.getName().replaceAll(
+						EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), epRole);
 			}
-			
 			// get Roles in DB
-			final Map<String, EPRole> currentRolesInDB = getCurrentRolesInDB(app);
-			
-			// store External Permissions with Pipe and without Pipe (just instance)
+			final Map<String, EPRole> currentRolesInDB = getAppRoleNamesWithUnderscoreMap(app);
+			// store External Permissions with Pipe and without Pipe (just
+			// instance)
 			final Map<String, ExternalAccessPermsDetail> extAccessPermsContainsPipeMap = new HashMap<>();
 			final Map<String, ExternalAccessPermsDetail> extAccessPermsMap = new HashMap<>();
 			for (ExternalAccessPermsDetail permsDetailInfoWithPipe : permsDetailList) {
@@ -1870,7 +1910,6 @@
 				String finalFunctionCodeVal = EcompPortalUtils.getFunctionCode(permsDetailInfoWithPipe.getInstance());
 				extAccessPermsMap.put(finalFunctionCodeVal, permsDetailInfoWithPipe);
 			}
-
 			// Add if new functions and app role functions were added in
 			// external auth system
 			for (ExternalAccessPermsDetail permsDetail : permsDetailList) {
@@ -1882,10 +1921,10 @@
 				if (roles != null) {
 					// Check if function has any roles and which does not exist
 					// in External Auth System. If exists delete in local
-					addRemoveIfFunctionsRolesIsSyncWithExternalAuth(app, currentRolesInDB, roleFunctionList, roles, existingPortalRolesMap);
+					addRemoveIfFunctionsRolesIsSyncWithExternalAuth(app, currentRolesInDB, roleFunctionList, roles,
+							existingPortalRolesMap);
 				}
 			}
-
 			// Check if function does exits in External Auth System but exits in
 			// local then delete function and its dependencies
 			for (CentralV2RoleFunction roleFunc : appFunctions) {
@@ -1901,23 +1940,20 @@
 				} catch (Exception e) {
 					logger.error(EELFLoggerDelegate.errorLogger,
 							"syncRoleFunctionFromExternalAccessSystem: Failed to delete function", e);
-
 				}
 			}
-
 			logger.debug(EELFLoggerDelegate.debugLogger,
 					"syncRoleFunctionFromExternalAccessSystem: Finished syncRoleFunctionFromExternalAccessSystem");
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger,
 					"syncRoleFunctionFromExternalAccessSystem: Failed syncRoleFunctionFromExternalAccessSystem", e);
-
 		}
 	}
 
 	@SuppressWarnings("unchecked")
 	private void addRemoveIfFunctionsRolesIsSyncWithExternalAuth(EPApp app, final Map<String, EPRole> currentRolesInDB,
-			List<CentralV2RoleFunction> roleFunctionList, List<String> roles, Map<String, EPRole> existingPortalRolesMap)
-			throws Exception {
+			List<CentralV2RoleFunction> roleFunctionList, List<String> roles,
+			Map<String, EPRole> existingPortalRolesMap) throws Exception {
 		if (!roleFunctionList.isEmpty()) {
 			final Map<String, String> appRoleFuncParams = new HashMap<>();
 			final Map<String, LocalRole> currentAppRoleFunctionsMap = new HashMap<>();
@@ -1931,11 +1967,12 @@
 						EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), localRole);
 			}
 			for (String addRole : roles) {
-				currentRolesInExtSystem.put(addRole.substring(addRole.indexOf(FUNCTION_PIPE)+1), addRole);
+				currentRolesInExtSystem.put(addRole.substring(addRole.indexOf(FUNCTION_PIPE) + 1), addRole);
 			}
 			for (String extAuthrole : roles) {
 				String roleNameSpace = extAuthrole.substring(0, extAuthrole.indexOf(FUNCTION_PIPE));
-				boolean isNameSpaceMatching = EcompPortalUtils.checkNameSpaceMatching(roleNameSpace, app.getNameSpace());
+				boolean isNameSpaceMatching = EcompPortalUtils.checkNameSpaceMatching(roleNameSpace,
+						app.getNameSpace());
 				if (isNameSpaceMatching) {
 					if (!currentAppRoleFunctionsMap
 							.containsKey(extAuthrole.substring(app.getNameSpace().length() + 1))) {
@@ -1961,8 +1998,11 @@
 						EPAppRoleFunction addGlobalRoleFunctions = new EPAppRoleFunction();
 						params.put("appId", app.getId());
 						params.put("roleId", role.getId());
-						List<EPAppRoleFunction> currentGlobalRoleFunctionsList = dataAccessService.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", params, null);				
-						boolean checkIfRoleFunctionExists = currentGlobalRoleFunctionsList.stream().anyMatch(currentGlobalRoleFunction -> currentGlobalRoleFunction.getCode().equals(roleFunctionList.get(0).getCode()));
+						List<EPAppRoleFunction> currentGlobalRoleFunctionsList = dataAccessService
+								.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", params, null);
+						boolean checkIfRoleFunctionExists = currentGlobalRoleFunctionsList.stream()
+								.anyMatch(currentGlobalRoleFunction -> currentGlobalRoleFunction.getCode()
+										.equals(roleFunctionList.get(0).getCode()));
 						if (role != null && !checkIfRoleFunctionExists) {
 							addGlobalRoleFunctions.setAppId(app.getId());
 							addGlobalRoleFunctions.setRoleId(role.getId());
@@ -1991,31 +2031,24 @@
 
 	private void deleteAppRoleFuncDoesNotExitsInExtSystem(EPApp app, CentralV2RoleFunction roleFunc) {
 		logger.debug(EELFLoggerDelegate.debugLogger,
-				"syncRoleFunctionFromExternalAccessSystem: Deleting app role function {}",
-				roleFunc.getCode());
+				"syncRoleFunctionFromExternalAccessSystem: Deleting app role function {}", roleFunc.getCode());
 		dataAccessService.deleteDomainObjects(EPAppRoleFunction.class,
-				APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() +"'", null);
+				APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() + "'", null);
 		logger.debug(EELFLoggerDelegate.debugLogger,
-				"syncRoleFunctionFromExternalAccessSystem: Deleted app role function {}",
-				roleFunc.getCode());
-
+				"syncRoleFunctionFromExternalAccessSystem: Deleted app role function {}", roleFunc.getCode());
 		logger.debug(EELFLoggerDelegate.debugLogger,
-				"syncRoleFunctionFromExternalAccessSystem: Deleting app function {}",
-				roleFunc.getCode());
+				"syncRoleFunctionFromExternalAccessSystem: Deleting app function {}", roleFunc.getCode());
 		dataAccessService.deleteDomainObjects(CentralV2RoleFunction.class,
-				APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() +"'", null);
+				APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() + "'", null);
 		logger.debug(EELFLoggerDelegate.debugLogger,
-				"syncRoleFunctionFromExternalAccessSystem: Deleted app function {}",
-				roleFunc.getCode());
+				"syncRoleFunctionFromExternalAccessSystem: Deleted app function {}", roleFunc.getCode());
 	}
 
 	private void checkAndAddRoleInDB(EPApp app, final Map<String, EPRole> currentRolesInDB,
 			List<CentralV2RoleFunction> roleFunctionList, String roleList) throws Exception {
-		if (!currentRolesInDB.containsKey(
-				roleList.substring(app.getNameSpace().length() + 1))) {
-			Role role = addRoleInDBIfDoesNotExists(app,
-					roleList.substring(app.getNameSpace().length() + 1));
-			addIfRoleDescriptionNotExitsInExtSystem(role, app);
+		if (!currentRolesInDB.containsKey(roleList.substring(app.getNameSpace().length() + 1))) {
+			Role role = addRoleInDBIfDoesNotExists(app, roleList.substring(app.getNameSpace().length() + 1));
+			addRoleDescriptionInExtSystem(role, app);
 			if (!roleFunctionList.isEmpty()) {
 				try {
 					if (!roleFunctionList.isEmpty()) {
@@ -2027,16 +2060,16 @@
 					}
 				} catch (Exception e) {
 					logger.error(EELFLoggerDelegate.errorLogger,
-							"syncRoleFunctionFromExternalAccessSystem: Failed to save app role function ",
-							e);
+							"syncRoleFunctionFromExternalAccessSystem: Failed to save app role function ", e);
 				}
 			}
 		}
 	}
 
 	@SuppressWarnings("unchecked")
-	private List<CentralV2RoleFunction> addGetLocalFunction(EPApp app, final Map<String, CentralV2RoleFunction> roleFuncMap,
-			ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey) {
+	private List<CentralV2RoleFunction> addGetLocalFunction(EPApp app,
+			final Map<String, CentralV2RoleFunction> roleFuncMap, ExternalAccessPermsDetail permsDetail, String code,
+			CentralV2RoleFunction getFunctionCodeKey) {
 		String finalFunctionCodeVal = addToLocalIfFunctionNotExists(app, roleFuncMap, permsDetail, code,
 				getFunctionCodeKey);
 		final Map<String, String> appSyncFuncsParams = new HashMap<>();
@@ -2054,9 +2087,8 @@
 	}
 
 	private String addToLocalIfFunctionNotExists(EPApp app, final Map<String, CentralV2RoleFunction> roleFuncMap,
-			ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey
-			) {
-		String finalFunctionCodeVal = "";	
+			ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey) {
+		String finalFunctionCodeVal = "";
 		if (null == getFunctionCodeKey) {
 			finalFunctionCodeVal = EcompPortalUtils.getFunctionCode(permsDetail.getInstance());
 			CentralV2RoleFunction checkIfCodeStillExits = roleFuncMap.get(finalFunctionCodeVal);
@@ -2074,7 +2106,7 @@
 
 	@SuppressWarnings("unchecked")
 	@Override
-	public Map<String, EPRole> getCurrentRolesInDB(EPApp app) {
+	public Map<String, EPRole> getAppRoleNamesWithUnderscoreMap(EPApp app) {
 		final Map<String, EPRole> currentRolesInDB = new HashMap<>();
 		List<EPRole> getCurrentRoleList = null;
 		final Map<String, Long> appParams = new HashMap<>();
@@ -2091,8 +2123,24 @@
 		return currentRolesInDB;
 	}
 
-	private List<ExternalAccessPermsDetail> getExtAuthPerrmissonList(EPApp app, JSONArray extPerms)
-			throws IOException{
+	@SuppressWarnings("unchecked")
+	private Map<String, EPRole> getAppRoleNamesMap(EPApp app) {
+		final Map<String, EPRole> currentRolesInDB = new HashMap<>();
+		List<EPRole> getCurrentRoleList = null;
+		final Map<String, Long> appParams = new HashMap<>();
+		if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
+			getCurrentRoleList = dataAccessService.executeNamedQuery("getPortalAppRolesList", null, null);
+		} else {
+			appParams.put("appId", app.getId());
+			getCurrentRoleList = dataAccessService.executeNamedQuery("getPartnerAppRolesList", appParams, null);
+		}
+		for (EPRole role : getCurrentRoleList) {
+			currentRolesInDB.put(role.getName(), role);
+		}
+		return currentRolesInDB;
+	}
+
+	private List<ExternalAccessPermsDetail> getExtAuthPerrmissonList(EPApp app, JSONArray extPerms) throws IOException {
 		ExternalAccessPermsDetail permDetails = null;
 		List<ExternalAccessPermsDetail> permsDetailList = new ArrayList<>();
 		for (int i = 0; i < extPerms.length(); i++) {
@@ -2100,8 +2148,9 @@
 			if (extPerms.getJSONObject(i).has("description")) {
 				description = extPerms.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION);
 			} else {
-				description = extPerms.getJSONObject(i).getString("type")+"|"+extPerms.getJSONObject(i).getString("instance")
-						+"|"+extPerms.getJSONObject(i).getString("action");
+				description = extPerms.getJSONObject(i).getString("type") + "|"
+						+ extPerms.getJSONObject(i).getString("instance") + "|"
+						+ extPerms.getJSONObject(i).getString("action");
 			}
 			if (extPerms.getJSONObject(i).has("roles")) {
 				ObjectMapper rolesListMapper = new ObjectMapper();
@@ -2132,10 +2181,8 @@
 		HttpEntity<String> entity = new HttpEntity<>(headers);
 		logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: {} ",
 				CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
-		response = template
-				.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
-						+ "perms/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class);
-
+		response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+				+ "perms/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class);
 		String res = response.getBody();
 		logger.debug(EELFLoggerDelegate.debugLogger,
 				"syncRoleFunctionFromExternalAccessSystem: Finished GET permissions from External Auth system and response: {} ",
@@ -2150,7 +2197,7 @@
 		}
 		return extPerms;
 	}
-	
+
 	/**
 	 * 
 	 * Add function into local DB
@@ -2160,13 +2207,13 @@
 	 * @param code
 	 */
 	private void addFunctionInEcompDB(EPApp app, ExternalAccessPermsDetail permsDetail, String code) {
-		try{
-		CentralV2RoleFunction addFunction = new CentralV2RoleFunction();
-		addFunction.setAppId(app.getId());
-		addFunction.setCode(code);
-		addFunction.setName(permsDetail.getDescription());
-		dataAccessService.saveDomainObject(addFunction, null);
-		} catch(Exception e){
+		try {
+			CentralV2RoleFunction addFunction = new CentralV2RoleFunction();
+			addFunction.setAppId(app.getId());
+			addFunction.setCode(code);
+			addFunction.setName(permsDetail.getDescription());
+			dataAccessService.saveDomainObject(addFunction, null);
+		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "addFunctionInEcompDB: Failed to add function", e);
 		}
 	}
@@ -2179,27 +2226,30 @@
 	 * @param app
 	 * @throws Exception
 	 */
-	private void addIfRoleDescriptionNotExitsInExtSystem(Role role, EPApp app) throws Exception {
-		String addRoleNew = updateExistingRoleInExternalSystem(role, app);
-		HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
+	private boolean addRoleDescriptionInExtSystem(Role role, EPApp app) throws Exception {
+		boolean status = false;
 		try {
+			String addRoleNew = updateExistingRoleInExternalSystem(role, app);
+			HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
 			HttpEntity<String> entity = new HttpEntity<>(addRoleNew, headers);
 			template.exchange(
 					SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role",
 					HttpMethod.PUT, entity, String.class);
+			status = true;
 		} catch (HttpClientErrorException e) {
-			logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addIfRoleDescriptionNotExitsInExtSystem",
-					e);
+			logger.error(EELFLoggerDelegate.errorLogger,
+					"HttpClientErrorException - Failed to addRoleDescriptionInExtSystem", e);
 			EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
 		} catch (Exception e) {
-			logger.error(EELFLoggerDelegate.errorLogger, "addIfRoleDescriptionNotExitsInExtSystem: Failed",
-					e);
+			logger.error(EELFLoggerDelegate.errorLogger, "addRoleDescriptionInExtSystem: Failed", e);
 		}
+		return status;
 	}
 
 	/**
 	 * 
-	 * While sync functions form external auth system if new role found we should add in local and return Role.class object
+	 * While sync functions form external auth system if new role found we
+	 * should add in local and return Role.class object
 	 * 
 	 * @param app
 	 * @param role
@@ -2209,7 +2259,8 @@
 	private Role addRoleInDBIfDoesNotExists(EPApp app, String role) {
 		Role setNewRole = new Role();
 		try {
-			// functions can have new role created in External Auth System prevent
+			// functions can have new role created in External Auth System
+			// prevent
 			// duplication here
 			boolean isCreated = checkIfRoleExitsElseCreateInSyncFunctions(role, app);
 			final Map<String, String> getRoleByNameParams = new HashMap<>();
@@ -2252,8 +2303,7 @@
 		roleParams.put(APP_ROLE_NAME_PARAM, role);
 		List<EPRole> roleCreated = null;
 		if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
-			roleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams,
-					null);
+			roleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, null);
 		} else {
 			roleParams.put("appId", String.valueOf(app.getId()));
 			roleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, roleParams,
@@ -2290,7 +2340,7 @@
 				addRoleFunctionInExternalSystem(cenRoleFunc, app);
 				functionsAdded++;
 			}
-		} catch(HttpClientErrorException e){
+		} catch (HttpClientErrorException e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - bulkUploadFunctions failed", e);
 			EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
 		} catch (Exception e) {
@@ -2368,14 +2418,17 @@
 			template.exchange(
 					SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role",
 					HttpMethod.POST, entity, String.class);
-		} catch(HttpClientErrorException e){
-			logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addRoleInExternalSystem", e);
+		} catch (HttpClientErrorException e) {
+			logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addRoleInExternalSystem",
+					e);
 			EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
 		} catch (Exception e) {
 			if (e.getMessage().equalsIgnoreCase("409 Conflict")) {
-				logger.error(EELFLoggerDelegate.errorLogger, "addRoleInExternalSystem: Role already exits but does not break functionality", e);
+				logger.error(EELFLoggerDelegate.errorLogger,
+						"addRoleInExternalSystem: Role already exits but does not break functionality", e);
 			} else {
-				logger.error(EELFLoggerDelegate.errorLogger, "addRoleInExternalSystem: Failed to addRoleInExternalSystem", e.getMessage());
+				logger.error(EELFLoggerDelegate.errorLogger,
+						"addRoleInExternalSystem: Failed to addRoleInExternalSystem", e.getMessage());
 			}
 		}
 	}
@@ -2399,15 +2452,16 @@
 					}
 				}
 			}
-		} catch(HttpClientErrorException e){
-			logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e);
+		} catch (HttpClientErrorException e) {
+			logger.error(EELFLoggerDelegate.errorLogger,
+					"HttpClientErrorException - Failed to bulkUploadRolesFunctions", e);
 			EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRolesFunctions: failed", e);
 		}
 		return roleFunctions;
 	}
-	
+
 	/**
 	 * Its adding a role function while doing bulk upload
 	 * 
@@ -2419,14 +2473,14 @@
 		String type = "";
 		String instance = "";
 		String action = "";
-		if(addRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)){
-			type = EcompPortalUtils.getFunctionType(addRoleFunc.getFunctionCd()); 
+		if (addRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) {
+			type = EcompPortalUtils.getFunctionType(addRoleFunc.getFunctionCd());
 			instance = EcompPortalUtils.getFunctionCode(addRoleFunc.getFunctionCd());
 			action = EcompPortalUtils.getFunctionAction(addRoleFunc.getFunctionCd());
-		} else{
+		} else {
 			type = addRoleFunc.getFunctionCd().contains("menu") ? "menu" : "url";
 			instance = addRoleFunc.getFunctionCd();
-			action = "*"; 
+			action = "*";
 		}
 		ExternalAccessRolePerms extRolePerms = null;
 		ExternalAccessPerms extPerms = null;
@@ -2435,8 +2489,8 @@
 			HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
 			extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, instance, action,
 					addRoleFunc.getFunctionName());
-			extRolePerms = new ExternalAccessRolePerms(extPerms,
-					app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+			extRolePerms = new ExternalAccessRolePerms(extPerms, app.getNameSpace() + "." + role.getName()
+					.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
 			String updateRolePerms = mapper.writeValueAsString(extRolePerms);
 			HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers);
 			template.exchange(
@@ -2445,10 +2499,11 @@
 		} catch (Exception e) {
 			if (e.getMessage().equalsIgnoreCase("409 Conflict")) {
 				logger.error(EELFLoggerDelegate.errorLogger,
-						"addRoleFunctionsInExternalSystem: RoleFunction already exits but does not break functionality", e);
+						"addRoleFunctionsInExternalSystem: RoleFunction already exits but does not break functionality",
+						e);
 			} else {
-				logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsInExternalSystem: Failed to addRoleFunctionsInExternalSystem",
-						e.getMessage());
+				logger.error(EELFLoggerDelegate.errorLogger,
+						"addRoleFunctionsInExternalSystem: Failed to addRoleFunctionsInExternalSystem", e.getMessage());
 			}
 		}
 	}
@@ -2468,7 +2523,8 @@
 				functionsAdded++;
 			}
 		} catch (HttpClientErrorException e) {
-			logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - bulkUploadPartnerFunctions failed", e);
+			logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - bulkUploadPartnerFunctions failed",
+					e);
 			EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadPartnerFunctions: failed", e.getMessage(), e);
@@ -2518,7 +2574,7 @@
 					"addFunctionInExternalSystem: Failed to add fucntion in external central auth system", e);
 			throw e;
 		}
-	} 
+	}
 
 	@Override
 	public void bulkUploadPartnerRoles(String uebkey, List<Role> roleList) throws Exception {
@@ -2538,8 +2594,8 @@
 		try {
 			for (EPRole role : roles) {
 				params.put("roleId", role.getId());
-				List<BulkUploadRoleFunction> appRoleFunc = dataAccessService.executeNamedQuery("uploadPartnerRoleFunctions",
-						params, null);
+				List<BulkUploadRoleFunction> appRoleFunc = dataAccessService
+						.executeNamedQuery("uploadPartnerRoleFunctions", params, null);
 				if (!appRoleFunc.isEmpty()) {
 					for (BulkUploadRoleFunction addRoleFunc : appRoleFunc) {
 						addRoleFunctionsInExternalSystem(addRoleFunc, role, app);
@@ -2548,11 +2604,12 @@
 				}
 			}
 			// upload global role functions to ext auth system
-			if(!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
+			if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
 				roleFunctions = bulkUploadGlobalRoleFunctions(app, roleFunctions);
 			}
-		} catch(HttpClientErrorException e){
-			logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e);
+		} catch (HttpClientErrorException e) {
+			logger.error(EELFLoggerDelegate.errorLogger,
+					"HttpClientErrorException - Failed to bulkUploadRolesFunctions", e);
 			EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRolesFunctions: failed", e);
@@ -2586,8 +2643,9 @@
 					action = "*";
 				}
 				extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, instance, action);
-				extRolePerms = new ExternalAccessRolePerms(extPerms, portalApp.getNameSpace() + "." + globalRoleFunc.getRoleName()
-						.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+				extRolePerms = new ExternalAccessRolePerms(extPerms,
+						portalApp.getNameSpace() + "." + globalRoleFunc.getRoleName().replaceAll(
+								EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
 				String updateRolePerms = mapper.writeValueAsString(extRolePerms);
 				HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers);
 				updateRoleFunctionInExternalSystem(updateRolePerms, entity);
@@ -2611,48 +2669,44 @@
 	public void syncApplicationRolesWithEcompDB(EPApp app) {
 		try {
 			logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Started");
-			//Sync functions and roles assigned to it which also creates new roles if does not exits in portal
+			// Sync functions and roles assigned to it which also creates new roles if does
+			// not exits in portal
 			syncRoleFunctionFromExternalAccessSystem(app);
-			logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished");	
-			
+			logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished");
 			ObjectMapper mapper = new ObjectMapper();
 			logger.debug(EELFLoggerDelegate.debugLogger, "Entering to getAppRolesJSONFromExtAuthSystem");
 			// Get Permissions from External Auth System
 			JSONArray extRole = getAppRolesJSONFromExtAuthSystem(app);
-			
 			logger.debug(EELFLoggerDelegate.debugLogger, "Entering into getExternalRoleDetailsList");
-			List<ExternalRoleDetails> externalRoleDetailsList = getExternalRoleDetailsList(app,
-					mapper, extRole);
-			
+			// refactoring done
+			List<ExternalRoleDetails> externalRoleDetailsList = getExternalRoleDetailsList(app, mapper, extRole);
 			List<EPRole> finalRoleList = new ArrayList<>();
 			for (ExternalRoleDetails externalRole : externalRoleDetailsList) {
 				EPRole ecompRole = convertExternalRoleDetailstoEpRole(externalRole);
 				finalRoleList.add(ecompRole);
 			}
-
 			List<EPRole> applicationRolesList;
 			applicationRolesList = getAppRoles(app.getId());
 			List<String> applicationRoleIdList = new ArrayList<>();
 			for (EPRole applicationRole : applicationRolesList) {
-				applicationRoleIdList.add(applicationRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+				applicationRoleIdList.add(applicationRole.getName());
 			}
-
 			List<EPRole> roleListToBeAddInEcompDB = new ArrayList<>();
 			for (EPRole aafRole : finalRoleList) {
 				if (!applicationRoleIdList.contains(aafRole.getName())) {
 					roleListToBeAddInEcompDB.add(aafRole);
 				}
 			}
-
 			logger.debug(EELFLoggerDelegate.debugLogger, "Entering into inactiveRolesNotInExternalAuthSystem");
 			// Check if roles exits in external Access system and if not make inactive in DB
 			inactiveRolesNotInExternalAuthSystem(app, finalRoleList, applicationRolesList);
 			logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addNewRoleInEcompDBUpdateDescInExtAuthSystem");
-			// Add new roles in DB and updates role description in External Auth System 
+			// Add new roles in DB and updates role description in External Auth System
 			addNewRoleInEcompDBUpdateDescInExtAuthSystem(app, roleListToBeAddInEcompDB);
 			logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: Finished");
 		} catch (HttpClientErrorException e) {
-			logger.error(EELFLoggerDelegate.errorLogger, "syncApplicationRolesWithEcompDB: Failed due to the External Auth System", e);
+			logger.error(EELFLoggerDelegate.errorLogger,
+					"syncApplicationRolesWithEcompDB: Failed due to the External Auth System", e);
 			EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "syncApplicationRolesWithEcompDB: Failed ", e);
@@ -2681,14 +2735,14 @@
 					final Map<String, String> globalRoleParams = new HashMap<>();
 					globalRoleParams.put("appId", String.valueOf(app.getId()));
 					globalRoleParams.put("appRoleName", roleToBeAddedInEcompDB.getName());
-					getRoleCreatedInSync = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, globalRoleParams, null);
+					getRoleCreatedInSync = dataAccessService
+							.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, globalRoleParams, null);
 					EPRole epUpdateRole = getRoleCreatedInSync.get(0);
 					epUpdateRole.setAppRoleId(epUpdateRole.getId());
 					dataAccessService.saveDomainObject(epUpdateRole, null);
 				}
 				List<EPRole> roleList = new ArrayList<>();
 				final Map<String, String> params = new HashMap<>();
-
 				params.put(APP_ROLE_NAME_PARAM, roleToBeAddedInEcompDB.getName());
 				boolean isPortalRole = false;
 				if (app.getId() == 1) {
@@ -2697,7 +2751,8 @@
 				} else {
 					isPortalRole = false;
 					params.put(APP_ID, app.getId().toString());
-					roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, params, null);
+					roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, params,
+							null);
 				}
 				EPRole role = roleList.get(0);
 				Role aaFrole = new Role();
@@ -2715,11 +2770,63 @@
 
 	/**
 	 * 
-	 * It de-activates application roles in DB if not present in External Auth system  
+	 * It checks description in External Auth System if found any
+	 * changes updates in DB
 	 * 
 	 * @param app
-	 * @param finalRoleList contains list of current roles present in External Auth System
-	 * @param applicationRolesList contains list of current roles present in DB
+	 * @param finalRoleList
+	 *            contains list of External Auth System roles list which is
+	 *            converted to EPRole
+	 */
+	@SuppressWarnings("unchecked")
+	private void checkAndUpdateRoleInDB(EPApp app, List<EPRole> finalRoleList) {
+		for (EPRole roleItem : finalRoleList) {
+			final Map<String, String> roleParams = new HashMap<>();
+			List<EPRole> currentList = null;
+			roleParams.put(APP_ROLE_NAME_PARAM, roleItem.getName());
+			if (app.getId() == 1) {
+				currentList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, null);
+			} else {
+				roleParams.put(APP_ID, app.getId().toString());
+				currentList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM,
+						roleParams, null);
+			}
+			if (!currentList.isEmpty()) {
+				try {
+					Boolean aafRoleActive;
+					Boolean localRoleActive;
+					boolean result;
+					aafRoleActive = Boolean.valueOf(roleItem.getActive());
+					localRoleActive = Boolean.valueOf(currentList.get(0).getActive());
+					result = aafRoleActive.equals(localRoleActive);
+					EPRole updateRole = currentList.get(0);
+					if (!result) {
+						updateRole.setActive(roleItem.getActive());
+						dataAccessService.saveDomainObject(updateRole, null);
+					}
+					if (roleItem.getPriority() != null
+							&& !currentList.get(0).getPriority().equals(roleItem.getPriority())) {
+						updateRole.setPriority(roleItem.getPriority());
+						dataAccessService.saveDomainObject(updateRole, null);
+					}
+				} catch (Exception e) {
+					logger.error(EELFLoggerDelegate.errorLogger,
+							"syncApplicationRolesWithEcompDB: Failed to update role ", e);
+				}
+			}
+		}
+	}
+
+	/**
+	 * 
+	 * It de-activates application roles in DB if not present in External Auth
+	 * system 
+	 * 
+	 * @param app
+	 * @param finalRoleList
+	 *            contains list of current roles present in External Auth System
+	 * @param applicationRolesList
+	 *            contains list of current roles present in DB
 	 */
 	@SuppressWarnings("unchecked")
 	private void inactiveRolesNotInExternalAuthSystem(EPApp app, List<EPRole> finalRoleList,
@@ -2733,14 +2840,16 @@
 				final Map<String, String> extRoleParams = new HashMap<>();
 				List<EPRole> roleList = null;
 				extRoleParams.put(APP_ROLE_NAME_PARAM, role.getName());
-				if (!checkRolesInactive.containsKey(role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) {
+				if (!checkRolesInactive.containsKey(role.getName()
+						.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) {
 					if (app.getId() == 1) {
 						roleList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, extRoleParams, null);
 					} else {
 						extRoleParams.put(APP_ID, app.getId().toString());
-						roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, extRoleParams, null);
+						roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM,
+								extRoleParams, null);
 					}
-					if(!roleList.isEmpty()) {
+					if (!roleList.isEmpty()) {
 						EPRole updateRoleInactive = roleList.get(0);
 						updateRoleInactive.setActive(false);
 						dataAccessService.saveDomainObject(updateRoleInactive, null);
@@ -2752,22 +2861,25 @@
 			}
 		}
 	}
-	
+
 	@Override
 	@SuppressWarnings("unchecked")
-	public List<ExternalRoleDetails> getExternalRoleDetailsList(EPApp app,
-			ObjectMapper mapper, JSONArray extRole)
+	public List<ExternalRoleDetails> getExternalRoleDetailsList(EPApp app, ObjectMapper mapper, JSONArray extRole)
 			throws IOException {
 		List<ExternalRoleDetails> externalRoleDetailsList = new ArrayList<>();
 		ExternalAccessPerms externalAccessPerms = new ExternalAccessPerms();
 		List<String> functionCodelist = new ArrayList<>();
-		Map<String, EPRole> curRolesMap = getCurrentRolesInDB(app);
+		Map<String, EPRole> curRolesMap = getAppRoleNamesMap(app);
+		Map<String, EPRole> curRolesUnderscoreMap = getAppRoleNamesWithUnderscoreMap(app);
 		for (int i = 0; i < extRole.length(); i++) {
 			ExternalRoleDetails externalRoleDetail = new ExternalRoleDetails();
 			EPAppRoleFunction ePAppRoleFunction = new EPAppRoleFunction();
 			JSONObject Role = (JSONObject) extRole.get(i);
 			String name = extRole.getJSONObject(i).getString(ROLE_NAME);
-			String actualRoleName = name.substring(app.getNameSpace().length() + 1); 
+			String actualRoleName = name.substring(app.getNameSpace().length() + 1);
+			if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) {
+				actualRoleName = extRole.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION);
+			}
 			SortedSet<ExternalAccessPerms> externalAccessPermsOfRole = new TreeSet<>();
 			if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_PERMS)) {
 				JSONArray extPerm = (JSONArray) Role.get(EXTERNAL_AUTH_PERMS);
@@ -2782,7 +2894,6 @@
 						functionCodelist.add(ePAppRoleFunction.getCode());
 						externalAccessPermsOfRole.add(externalAccessPerms);
 					}
-
 				}
 			}
 			externalRoleDetail.setActive(true);
@@ -2792,18 +2903,19 @@
 			} else {
 				externalRoleDetail.setAppId(app.getId());
 			}
-			// get role functions from DB
-			EPRole currRole = curRolesMap.get(actualRoleName
-					.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+			EPRole currRole = null;
+			currRole = (!extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION))
+					? curRolesUnderscoreMap.get(actualRoleName)
+					: curRolesMap.get(actualRoleName);
 			Long roleId = null;
 			if (currRole != null)
 				roleId = currRole.getId();
-			// get role functions from DB
 			final Map<String, EPAppRoleFunction> roleFunctionsMap = new HashMap<>();
 			final Map<String, Long> appRoleFuncsParams = new HashMap<>();
 			if (roleId != null) {
 				appRoleFuncsParams.put("appId", app.getId());
 				appRoleFuncsParams.put("roleId", roleId);
+				// get role functions from DB
 				List<EPAppRoleFunction> appRoleFunctions = dataAccessService
 						.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null);
 				if (!appRoleFunctions.isEmpty()) {
@@ -2864,9 +2976,8 @@
 		HttpEntity<String> entity = new HttpEntity<>(headers);
 		logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: {} ",
 				CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
-		response = template
-				.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
-						+ "roles/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class);
+		response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+				+ "roles/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class);
 		String res = response.getBody();
 		logger.debug(EELFLoggerDelegate.debugLogger,
 				"syncApplicationRolesWithEcompDB: Finished GET roles from External Auth system and the result is :",
@@ -2880,31 +2991,28 @@
 							&& !app.getId().equals(PortalConstants.PORTAL_APP_ID))) {
 				extRole.remove(i);
 				i--;
-			}			
+			}
 		}
 		return extRole;
 	}
-	
+
 	@Override
-	public JSONArray getAllUsersByRole(String roleName) throws Exception{
+	public JSONArray getAllUsersByRole(String roleName) throws Exception {
 		ResponseEntity<String> response = null;
 		HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
 		HttpEntity<String> entity = new HttpEntity<>(headers);
 		logger.debug(EELFLoggerDelegate.debugLogger, "getAllUsersByRole: {} ",
 				CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
-		response = template
-				.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
-						+ "userRoles/role/" + roleName, HttpMethod.GET, entity, String.class);
+		response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+				+ "userRoles/role/" + roleName, HttpMethod.GET, entity, String.class);
 		String res = response.getBody();
 		logger.debug(EELFLoggerDelegate.debugLogger,
 				"syncApplicationRolesWithEcompDB: Finished GET roles from External Auth system and the result is :",
 				res);
-		if(res == null || res.trim().isEmpty()) 
+		if (res == null || res.trim().isEmpty())
 			return null;
-		
 		JSONObject jsonObj = new JSONObject(res);
 		JSONArray extRole = jsonObj.getJSONArray("userRole");
-		
 		return extRole;
 	}
 
@@ -2936,7 +3044,7 @@
 		if (app.getCentralAuth()) {
 			userRolesList = dataAccessService.executeNamedQuery("getBulkUserRoles", params, null);
 			for (BulkUploadUserRoles userRolesUpload : userRolesList) {
-				if(!userRolesUpload.getOrgUserId().equals("su1234")){
+				if (!userRolesUpload.getOrgUserId().equals("su1234")) {
 					addUserRoleInExternalSystem(userRolesUpload);
 					userRolesAdded++;
 				}
@@ -2946,7 +3054,7 @@
 	}
 
 	/**
-	 * Its adding a user role in external auth system while doing bulk upload 
+	 * Its adding a user role in external auth system while doing bulk upload
 	 * 
 	 * @param userRolesUpload
 	 */
@@ -2960,90 +3068,86 @@
 						+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
 			}
 			ExternalAccessUser extUser = new ExternalAccessUser(name,
-					userRolesUpload.getAppNameSpace() + "." + userRolesUpload.getRoleName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+					userRolesUpload.getAppNameSpace() + "." + userRolesUpload.getRoleName()
+							.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
 			String userRole = mapper.writeValueAsString(extUser);
 			HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
 			HttpEntity<String> entity = new HttpEntity<>(userRole, headers);
 			template.exchange(
 					SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole",
 					HttpMethod.POST, entity, String.class);
-		} catch(HttpClientErrorException e){
-			logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addUserRoleInExternalSystem", e);
+		} catch (HttpClientErrorException e) {
+			logger.error(EELFLoggerDelegate.errorLogger,
+					"HttpClientErrorException - Failed to addUserRoleInExternalSystem", e);
 			EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
 		} catch (Exception e) {
 			if (e.getMessage().equalsIgnoreCase("409 Conflict")) {
-				logger.error(EELFLoggerDelegate.errorLogger, "addUserRoleInExternalSystem: UserRole already exits but does not break functionality");
+				logger.error(EELFLoggerDelegate.errorLogger,
+						"addUserRoleInExternalSystem: UserRole already exits but does not break functionality");
 			} else {
-				logger.error(EELFLoggerDelegate.errorLogger, "addUserRoleInExternalSystem: Failed to addUserRoleInExternalSystem", e);
+				logger.error(EELFLoggerDelegate.errorLogger,
+						"addUserRoleInExternalSystem: Failed to addUserRoleInExternalSystem", e);
 			}
 		}
 	}
 
 	@Override
-	public void deleteRoleDependencyRecords(Session localSession, Long roleId, Long appId, boolean isPortalRequest) throws Exception {
+	public void deleteRoleDependencyRecords(Session localSession, Long roleId, Long appId, boolean isPortalRequest)
+			throws Exception {
 		try {
-			String sql = ""; 
+			String sql = "";
 			Query query = null;
-			
-			//It should delete only when it portal's roleId
-			if(appId.equals(PortalConstants.PORTAL_APP_ID)){
-			// Delete from fn_role_function
-			sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId;
-			logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
-			query = localSession.createSQLQuery(sql);
-			query.executeUpdate();
-			
-			// Delete from fn_role_composite
-			sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId;
-			logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
-			query = localSession.createSQLQuery(sql);
-			query.executeUpdate();
+			// It should delete only when it portal's roleId
+			if (appId.equals(PortalConstants.PORTAL_APP_ID)) {
+				// Delete from fn_role_function
+				sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId;
+				logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
+				query = localSession.createSQLQuery(sql);
+				query.executeUpdate();
+				// Delete from fn_role_composite
+				sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId;
+				logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
+				query = localSession.createSQLQuery(sql);
+				query.executeUpdate();
 			}
-			
 			// Delete from ep_app_role_function
 			sql = "DELETE FROM ep_app_role_function WHERE role_id=" + roleId;
 			logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
 			query = localSession.createSQLQuery(sql);
 			query.executeUpdate();
-
 			// Delete from ep_role_notification
 			sql = "DELETE FROM ep_role_notification WHERE role_id=" + roleId;
 			logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
 			query = localSession.createSQLQuery(sql);
 			query.executeUpdate();
-			
 			// Delete from fn_user_pseudo_role
 			sql = "DELETE FROM fn_user_pseudo_role WHERE pseudo_role_id=" + roleId;
 			logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
 			query = localSession.createSQLQuery(sql);
 			query.executeUpdate();
-
 			// Delete form EP_WIDGET_CATALOG_ROLE
 			sql = "DELETE FROM EP_WIDGET_CATALOG_ROLE WHERE role_id=" + roleId;
 			logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
 			query = localSession.createSQLQuery(sql);
 			query.executeUpdate();
-
 			// Delete form EP_WIDGET_CATALOG_ROLE
 			sql = "DELETE FROM ep_user_roles_request_det WHERE requested_role_id=" + roleId;
 			logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
 			query = localSession.createSQLQuery(sql);
 			query.executeUpdate();
-
-			if(!isPortalRequest) {
+			if (!isPortalRequest) {
 				// Delete form fn_menu_functional_roles
 				sql = "DELETE FROM fn_menu_functional_roles WHERE role_id=" + roleId;
 				logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
 				query = localSession.createSQLQuery(sql);
-				query.executeUpdate();	
+				query.executeUpdate();
 			}
 		} catch (Exception e) {
 			logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleDependeciesRecord: failed ", e);
 			throw new DeleteDomainObjectFailedException("delete Failed" + e.getMessage());
 		}
-
 	}
-	
+
 	@SuppressWarnings("unchecked")
 	@Override
 	public List<String> getMenuFunctionsList(String uebkey) throws Exception {
@@ -3054,8 +3158,8 @@
 			final Map<String, Long> appParams = new HashMap<>();
 			appParams.put(APP_ID, app.getId());
 			appMenuFunctionsList = dataAccessService.executeNamedQuery("getMenuFunctions", appParams, null);
-			for(String appMenuFunction : appMenuFunctionsList) {
-				if(appMenuFunction.contains(FUNCTION_PIPE)) {
+			for (String appMenuFunction : appMenuFunctionsList) {
+				if (appMenuFunction.contains(FUNCTION_PIPE)) {
 					appMenuFunctionsFinalList.add(EcompPortalUtils.getFunctionCode(appMenuFunction));
 				} else {
 					appMenuFunctionsFinalList.add(appMenuFunction);
@@ -3068,98 +3172,91 @@
 		return appMenuFunctionsFinalList;
 	}
 
-	@SuppressWarnings({ "unchecked"})
+	@SuppressWarnings({ "unchecked" })
 	@Override
 	public List<EcompUser> getAllAppUsers(String uebkey) throws Exception {
 		List<String> usersList = new ArrayList<>();
-        List<EcompUser> usersfinalList = new ArrayList<>();
-        try {
-               EPApp app = getApp(uebkey).get(0);
-               final Map<String, Long> appParams = new HashMap<>();
-               appParams.put("appId", app.getId());
-               List<EcompUserRoles> userList = (List<EcompUserRoles>) dataAccessService
-                            .executeNamedQuery("ApplicationUserRoles", appParams, null);
-               for (EcompUserRoles ecompUserRole : userList) {
-                     boolean found = false;
-                     Set<EcompRole> roles = null;
-                     for (EcompUser user : usersfinalList) {
-                            if (user.getOrgUserId().equals(ecompUserRole.getOrgUserId())) {
-                                   EcompRole ecompRole = new EcompRole();
-                                   ecompRole.setId(ecompUserRole.getRoleId());
-                                   ecompRole.setName(ecompUserRole.getRoleName());
-                                   roles = user.getRoles();
-                                   EcompRole role = roles.stream().filter(x -> x.getName().equals(ecompUserRole.getRoleName())).findAny()
-                                                 .orElse(null);
-                                   SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>();
-                                   if(role != null)
-                                   {
-                                          roleFunctionSet = (SortedSet<EcompRoleFunction>) role.getRoleFunctions();
-                                   }
-                                          
-                             String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode());
-                            functionCode = EPUserUtils.decodeFunctionCode(functionCode);
-                            EcompRoleFunction epRoleFunction = new EcompRoleFunction();
-                            epRoleFunction.setName(ecompUserRole.getFunctionName());
-                            epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode));
-                            epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode()));
-                            epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode()));
-                            roleFunctionSet.add(epRoleFunction);
-                        ecompRole.setRoleFunctions(roleFunctionSet);
-                                   roles.add(ecompRole);
-                                   user.setRoles(roles);
-                                   found = true;
-                                   break;
-                            }
-                     }
-
-                     if (!found) {
-                            EcompUser epUser = new EcompUser();
-                            epUser.setOrgId(ecompUserRole.getOrgId());
-                            epUser.setManagerId(ecompUserRole.getManagerId());
-                            epUser.setFirstName(ecompUserRole.getFirstName());
-                            epUser.setLastName(ecompUserRole.getLastName());
-                            epUser.setPhone(ecompUserRole.getPhone());
-                            epUser.setEmail(ecompUserRole.getEmail());
-                            epUser.setOrgUserId(ecompUserRole.getOrgUserId());
-                            epUser.setOrgCode(ecompUserRole.getOrgCode());
-                            epUser.setOrgManagerUserId(ecompUserRole.getOrgManagerUserId());
-                            epUser.setJobTitle(ecompUserRole.getJobTitle());
-                            epUser.setLoginId(ecompUserRole.getLoginId());
-                            epUser.setActive(true);
-                            roles = new HashSet<>();
-                            EcompRole ecompRole = new EcompRole();
-                            ecompRole.setId(ecompUserRole.getRoleId());
-                            ecompRole.setName(ecompUserRole.getRoleName());
-              SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>();
-              
-                            String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode());
-              functionCode = EPUserUtils.decodeFunctionCode(functionCode);
-              EcompRoleFunction epRoleFunction = new EcompRoleFunction();
-              epRoleFunction.setName(ecompUserRole.getFunctionName());
-              epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode));
-              epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode()));
-              epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode()));
-              roleFunctionSet.add(epRoleFunction);
-              ecompRole.setRoleFunctions(roleFunctionSet);
-                            roles.add(ecompRole);
-                            epUser.setRoles(roles);
-                            usersfinalList.add(epUser);
-                     }
-               }
-               ObjectMapper mapper = new ObjectMapper();
-
-               for (EcompUser u1 : usersfinalList) {
-                     String str = mapper.writeValueAsString(u1);
-                     usersList.add(str);
-               }
-        } catch (Exception e) {
-               logger.error(EELFLoggerDelegate.errorLogger, "getAllUsers failed", e);
-               throw e;
-        }
-        return usersfinalList;
-
+		List<EcompUser> usersfinalList = new ArrayList<>();
+		try {
+			EPApp app = getApp(uebkey).get(0);
+			final Map<String, Long> appParams = new HashMap<>();
+			appParams.put("appId", app.getId());
+			List<EcompUserRoles> userList = (List<EcompUserRoles>) dataAccessService
+					.executeNamedQuery("ApplicationUserRoles", appParams, null);
+			for (EcompUserRoles ecompUserRole : userList) {
+				boolean found = false;
+				Set<EcompRole> roles = null;
+				for (EcompUser user : usersfinalList) {
+					if (user.getOrgUserId().equals(ecompUserRole.getOrgUserId())) {
+						EcompRole ecompRole = new EcompRole();
+						ecompRole.setId(ecompUserRole.getRoleId());
+						ecompRole.setName(ecompUserRole.getRoleName());
+						roles = user.getRoles();
+						EcompRole role = roles.stream().filter(x -> x.getName().equals(ecompUserRole.getRoleName()))
+								.findAny().orElse(null);
+						SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>();
+						if (role != null) {
+							roleFunctionSet = (SortedSet<EcompRoleFunction>) role.getRoleFunctions();
+						}
+						String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode());
+						functionCode = EPUserUtils.decodeFunctionCode(functionCode);
+						EcompRoleFunction epRoleFunction = new EcompRoleFunction();
+						epRoleFunction.setName(ecompUserRole.getFunctionName());
+						epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode));
+						epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode()));
+						epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode()));
+						roleFunctionSet.add(epRoleFunction);
+						ecompRole.setRoleFunctions(roleFunctionSet);
+						roles.add(ecompRole);
+						user.setRoles(roles);
+						found = true;
+						break;
+					}
+				}
+				if (!found) {
+					EcompUser epUser = new EcompUser();
+					epUser.setOrgId(ecompUserRole.getOrgId());
+					epUser.setManagerId(ecompUserRole.getManagerId());
+					epUser.setFirstName(ecompUserRole.getFirstName());
+					epUser.setLastName(ecompUserRole.getLastName());
+					epUser.setPhone(ecompUserRole.getPhone());
+					epUser.setEmail(ecompUserRole.getEmail());
+					epUser.setOrgUserId(ecompUserRole.getOrgUserId());
+					epUser.setOrgCode(ecompUserRole.getOrgCode());
+					epUser.setOrgManagerUserId(ecompUserRole.getOrgManagerUserId());
+					epUser.setJobTitle(ecompUserRole.getJobTitle());
+					epUser.setLoginId(ecompUserRole.getLoginId());
+					epUser.setActive(true);
+					roles = new HashSet<>();
+					EcompRole ecompRole = new EcompRole();
+					ecompRole.setId(ecompUserRole.getRoleId());
+					ecompRole.setName(ecompUserRole.getRoleName());
+					SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>();
+					String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode());
+					functionCode = EPUserUtils.decodeFunctionCode(functionCode);
+					EcompRoleFunction epRoleFunction = new EcompRoleFunction();
+					epRoleFunction.setName(ecompUserRole.getFunctionName());
+					epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode));
+					epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode()));
+					epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode()));
+					roleFunctionSet.add(epRoleFunction);
+					ecompRole.setRoleFunctions(roleFunctionSet);
+					roles.add(ecompRole);
+					epUser.setRoles(roles);
+					usersfinalList.add(epUser);
+				}
+			}
+			ObjectMapper mapper = new ObjectMapper();
+			for (EcompUser u1 : usersfinalList) {
+				String str = mapper.writeValueAsString(u1);
+				usersList.add(str);
+			}
+		} catch (Exception e) {
+			logger.error(EELFLoggerDelegate.errorLogger, "getAllUsers failed", e);
+			throw e;
+		}
+		return usersfinalList;
 	}
-	
 
 	@Override
 	public Role ConvertCentralRoleToRole(String result) {
@@ -3185,17 +3282,16 @@
 		}
 		return newRole;
 	}
-	
+
 	@Override
 	@SuppressWarnings("unchecked")
 	public List<CentralizedApp> getCentralizedAppsOfUser(String userId) {
 		Map<String, String> params = new HashMap<>();
 		params.put("userId", userId);
 		List<CentralizedApp> centralizedAppsList = new ArrayList<>();
-		try{
-			centralizedAppsList =  dataAccessService
-					.executeNamedQuery("getCentralizedAppsOfUser", params, null);
-		}catch (Exception e) {
+		try {
+			centralizedAppsList = dataAccessService.executeNamedQuery("getCentralizedAppsOfUser", params, null);
+		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "getCentralizedAppsOfUser failed", e);
 		}
 		return centralizedAppsList;
@@ -3276,15 +3372,16 @@
 		String type;
 		String action;
 		CentralV2RoleFunction cenRoleFun;
-		if(role.getFunctionCd().contains(FUNCTION_PIPE)){
+		if (role.getFunctionCd().contains(FUNCTION_PIPE)) {
 			instance = EcompPortalUtils.getFunctionCode(role.getFunctionCd());
 			type = EcompPortalUtils.getFunctionType(role.getFunctionCd());
 			action = EcompPortalUtils.getFunctionAction(role.getFunctionCd());
 			cenRoleFun = new CentralV2RoleFunction(null, instance, role.getFunctionName(), null, type, action, null);
-		} else{
+		} else {
 			type = getFunctionCodeType(role.getFunctionCd());
 			action = getFunctionCodeAction(role.getFunctionCd());
-			cenRoleFun = new CentralV2RoleFunction(null, role.getFunctionCd(), role.getFunctionName(), null, type, action, null);
+			cenRoleFun = new CentralV2RoleFunction(null, role.getFunctionCd(), role.getFunctionName(), null, type,
+					action, null);
 		}
 		return cenRoleFun;
 	}
@@ -3302,28 +3399,27 @@
 	}
 
 	private CentralV2Role convertRoleToCentralV2Role(EPRole role) {
-	 return new CentralV2Role(role.getId(), role.getCreated(), role.getModified(), role.getCreatedId(),
+		return new CentralV2Role(role.getId(), role.getCreated(), role.getModified(), role.getCreatedId(),
 				role.getModifiedId(), role.getRowNum(), role.getName(), role.getActive(), role.getPriority(),
 				new TreeSet<>(), new TreeSet<>(), new TreeSet<>());
-		
 	}
-	
+
 	@Override
-	public List<CentralRoleFunction> convertCentralRoleFunctionToRoleFunctionObject(List<CentralV2RoleFunction> answer) {
+	public List<CentralRoleFunction> convertCentralRoleFunctionToRoleFunctionObject(
+			List<CentralV2RoleFunction> answer) {
 		List<CentralRoleFunction> addRoleFuncList = new ArrayList<>();
-		for(CentralV2RoleFunction cenRoleFunc : answer){
+		for (CentralV2RoleFunction cenRoleFunc : answer) {
 			CentralRoleFunction setRoleFunc = new CentralRoleFunction();
 			setRoleFunc.setCode(cenRoleFunc.getCode());
 			setRoleFunc.setName(cenRoleFunc.getName());
 			addRoleFuncList.add(setRoleFunc);
-		}		
+		}
 		return addRoleFuncList;
 	}
 
 	@Override
 	public CentralUser getUserRoles(String loginId, String uebkey) throws Exception {
 		CentralUser sendUserRoles = null;
-
 		try {
 			CentralV2User cenV2User = getV2UserAppRoles(loginId, uebkey);
 			sendUserRoles = convertV2UserRolesToOlderVersion(cenV2User);
@@ -3354,6 +3450,80 @@
 		return createEPUser(user, userAppSet, app);
 	}
 
+	private List<EcompRole> getUserAppRoles(EPApp app, EPUser user) {
+		final Map<String, Long> userParams = new HashMap<>();
+		userParams.put("appId", app.getId());
+		userParams.put("userId", user.getId());
+		@SuppressWarnings("unchecked")
+		List<EPUserAppCurrentRoles> userAppsRolesList = dataAccessService.executeNamedQuery("getUserAppCurrentRoles",
+				userParams, null);
+		List<EcompRole> setUserRoles = new ArrayList<>();
+		for (EPUserAppCurrentRoles role : userAppsRolesList) {
+			logger.debug(EELFLoggerDelegate.debugLogger, "In getUserAppRoles()- get userRolename = {}",
+					role.getRoleName());
+			EcompRole ecompRole = new EcompRole();
+			ecompRole.setId(role.getRoleId());
+			ecompRole.setName(role.getRoleName());
+			setUserRoles.add(ecompRole);
+		}
+		logger.debug(EELFLoggerDelegate.debugLogger, "In getUserAppRoles()- get userrole list size = {}",
+				setUserRoles.size());
+		return setUserRoles;
+	}
+
+	@Override
+	public List<EcompRole> missingUserApplicationRoles(String uebkey, String loginId, Set<EcompRole> CurrentUserRoles)
+			throws Exception {
+		List<EPApp> appList = getApp(uebkey);
+		EPApp app = appList.get(0);
+		List<EPUser> epUserList;
+		epUserList = getUser(loginId);
+		List<EcompRole> missingUserAppRoles = new ArrayList<>();
+		List<String> roleNamesList = CurrentUserRoles.stream().map(EcompRole::getName).collect(Collectors.toList());
+		logger.debug(EELFLoggerDelegate.debugLogger, "Roles of User from hibernate :" + roleNamesList);
+		List<EcompRole> userApplicationsRolesfromDB = getUserAppRoles(app, epUserList.get(0));
+		if (userApplicationsRolesfromDB.size() > 0) {
+			missingUserAppRoles = userApplicationsRolesfromDB.stream().filter(x -> !roleNamesList.contains(x.getName()))
+					.collect(Collectors.toList());
+		}
+		List<String> MissingroleNamesList = missingUserAppRoles.stream().map(EcompRole::getName)
+				.collect(Collectors.toList());
+		logger.debug(EELFLoggerDelegate.debugLogger, "MissingUserAppRoles():" + MissingroleNamesList);
+
+		List<EcompRole> finalMissingRoleList = new ArrayList<>();
+		if (missingUserAppRoles.size() > 0) {
+			final Map<String, Long> params = new HashMap<>();
+			for (EcompRole role : missingUserAppRoles) {
+				params.put("roleId", role.getId());
+				params.put(APP_ID, app.getId());
+
+				EcompRole epRole = new EcompRole();
+				epRole.setId(role.getId());
+				epRole.setName(role.getName());
+				@SuppressWarnings("unchecked")
+				List<CentralV2RoleFunction> appRoleFunctionList = dataAccessService
+						.executeNamedQuery("getAppRoleFunctionList", params, null);
+				SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>();
+				for (CentralV2RoleFunction roleFunc : appRoleFunctionList) {
+					String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode());
+					String type = getFunctionCodeType(roleFunc.getCode());
+					String action = getFunctionCodeAction(roleFunc.getCode());
+					EcompRoleFunction fun = new EcompRoleFunction();
+					fun.setAction(action);
+					fun.setCode(functionCode);
+					fun.setType(type);
+					fun.setName(roleFunc.getName());
+					roleFunctionSet.add(fun);
+
+				}
+				epRole.setRoleFunctions(roleFunctionSet);
+				finalMissingRoleList.add(epRole);
+			}
+		}
+
+		return finalMissingRoleList;
+	}
+
 	/**
 	 * It converts V2 CentralUser object to old version CentralUser object
 	 * 
@@ -3361,56 +3531,59 @@
 	 * @return EPUser object
 	 */
 	private CentralUser convertV2UserRolesToOlderVersion(CentralV2User cenV2User) {
-			Set<CentralV2UserApp> userV2Apps = cenV2User.getUserApps();
-			Set<CentralUserApp> userApps = new TreeSet<>();
-			for(CentralV2UserApp userApp : userV2Apps){				
-				CentralApp app  = userApp.getApp();
-				CentralUserApp cua = new CentralUserApp();
-				cua.setUserId(null);
-				cua.setApp(app);
-				SortedSet<CentralRoleFunction> cenRoleFunction = new TreeSet<>();
-				for(CentralV2RoleFunction  cenV2RoleFunc : userApp.getRole().getRoleFunctions() ){					
-					CentralRoleFunction cenRoleFunc = new CentralRoleFunction(cenV2RoleFunc.getCode(), cenV2RoleFunc.getName());								
-					cenRoleFunction.add(cenRoleFunc);
-				}
-				CentralRole role = new CentralRole(userApp.getRole().getId(), userApp.getRole().getName(), userApp.getRole().getActive(), userApp.getRole().getPriority(),
-						cenRoleFunction);
-				cua.setRole(role);
-				userApps.add(cua);
+		Set<CentralV2UserApp> userV2Apps = cenV2User.getUserApps();
+		Set<CentralUserApp> userApps = new TreeSet<>();
+		for (CentralV2UserApp userApp : userV2Apps) {
+			CentralApp app = userApp.getApp();
+			CentralUserApp cua = new CentralUserApp();
+			cua.setUserId(null);
+			cua.setApp(app);
+			SortedSet<CentralRoleFunction> cenRoleFunction = new TreeSet<>();
+			for (CentralV2RoleFunction cenV2RoleFunc : userApp.getRole().getRoleFunctions()) {
+				CentralRoleFunction cenRoleFunc = new CentralRoleFunction(cenV2RoleFunc.getCode(),
+						cenV2RoleFunc.getName());
+				cenRoleFunction.add(cenRoleFunc);
 			}
-			return new CentralUser(cenV2User.getId(), cenV2User.getCreated(), cenV2User.getModified(), 
-					cenV2User.getCreatedId(),cenV2User.getModifiedId(), 
-					cenV2User.getRowNum(), cenV2User.getOrgId(), cenV2User.getManagerId(), cenV2User.getFirstName(), 
-					cenV2User.getMiddleInitial(), cenV2User.getLastName(), cenV2User.getPhone(), cenV2User.getFax(), 
-					cenV2User.getCellular(),cenV2User.getEmail(),cenV2User.getAddressId(),cenV2User.getAlertMethodCd(),
-					cenV2User.getHrid(),cenV2User.getOrgUserId(),cenV2User.getOrgCode(),cenV2User.getAddress1(), 
-					cenV2User.getAddress2(),cenV2User.getCity(),cenV2User.getState(),cenV2User.getZipCode(),cenV2User.getCountry(), 
-					cenV2User.getOrgManagerUserId(),cenV2User.getLocationClli(),cenV2User.getBusinessCountryCode(), 
-					cenV2User.getBusinessCountryName(),cenV2User.getBusinessUnit(),cenV2User.getBusinessUnitName(), 
-					cenV2User.getDepartment(),cenV2User.getDepartmentName(),cenV2User.getCompanyCode(), 
-					cenV2User.getCompany(),cenV2User.getZipCodeSuffix(),cenV2User.getJobTitle(), 
-					cenV2User.getCommandChain(),cenV2User.getSiloStatus(),cenV2User.getCostCenter(),
-					cenV2User.getFinancialLocCode(),cenV2User.getLoginId(),cenV2User.getLoginPwd(), 
-					cenV2User.getLastLoginDate(),cenV2User.isActive(),cenV2User.isInternal(),cenV2User.getSelectedProfileId(),cenV2User.getTimeZoneId(),
-					cenV2User.isOnline(),cenV2User.getChatId(), 
-					userApps);
+			CentralRole role = new CentralRole(userApp.getRole().getId(), userApp.getRole().getName(),
+					userApp.getRole().getActive(), userApp.getRole().getPriority(), cenRoleFunction);
+			cua.setRole(role);
+			userApps.add(cua);
+		}
+		return new CentralUser(cenV2User.getId(), cenV2User.getCreated(), cenV2User.getModified(),
+				cenV2User.getCreatedId(), cenV2User.getModifiedId(), cenV2User.getRowNum(), cenV2User.getOrgId(),
+				cenV2User.getManagerId(), cenV2User.getFirstName(), cenV2User.getMiddleInitial(),
+				cenV2User.getLastName(), cenV2User.getPhone(), cenV2User.getFax(), cenV2User.getCellular(),
+				cenV2User.getEmail(), cenV2User.getAddressId(), cenV2User.getAlertMethodCd(), cenV2User.getHrid(),
+				cenV2User.getOrgUserId(), cenV2User.getOrgCode(), cenV2User.getAddress1(), cenV2User.getAddress2(),
+				cenV2User.getCity(), cenV2User.getState(), cenV2User.getZipCode(), cenV2User.getCountry(),
+				cenV2User.getOrgManagerUserId(), cenV2User.getLocationClli(), cenV2User.getBusinessCountryCode(),
+				cenV2User.getBusinessCountryName(), cenV2User.getBusinessUnit(), cenV2User.getBusinessUnitName(),
+				cenV2User.getDepartment(), cenV2User.getDepartmentName(), cenV2User.getCompanyCode(),
+				cenV2User.getCompany(), cenV2User.getZipCodeSuffix(), cenV2User.getJobTitle(),
+				cenV2User.getCommandChain(), cenV2User.getSiloStatus(), cenV2User.getCostCenter(),
+				cenV2User.getFinancialLocCode(), cenV2User.getLoginId(), cenV2User.getLoginPwd(),
+				cenV2User.getLastLoginDate(), cenV2User.isActive(), cenV2User.isInternal(),
+				cenV2User.getSelectedProfileId(), cenV2User.getTimeZoneId(), cenV2User.isOnline(),
+				cenV2User.getChatId(), userApps);
 	}
 
 	@Override
 	public List<CentralRole> convertV2CentralRoleListToOldVerisonCentralRoleList(List<CentralV2Role> v2CenRoleList) {
 		List<CentralRole> cenRoleList = new ArrayList<>();
-			for(CentralV2Role v2CenRole : v2CenRoleList){
-				SortedSet<CentralRoleFunction> cenRoleFuncList = new TreeSet<>();
-				for(CentralV2RoleFunction v2CenRoleFunc: v2CenRole.getRoleFunctions()){
-					CentralRoleFunction roleFunc = new CentralRoleFunction(v2CenRoleFunc.getCode(), v2CenRoleFunc.getName());
-					cenRoleFuncList.add(roleFunc);
-				}
-				CentralRole role = new CentralRole(v2CenRole.getId(), v2CenRole.getName(), v2CenRole.getActive(), v2CenRole.getPriority(), cenRoleFuncList);
-				cenRoleList.add(role);
-			}		
+		for (CentralV2Role v2CenRole : v2CenRoleList) {
+			SortedSet<CentralRoleFunction> cenRoleFuncList = new TreeSet<>();
+			for (CentralV2RoleFunction v2CenRoleFunc : v2CenRole.getRoleFunctions()) {
+				CentralRoleFunction roleFunc = new CentralRoleFunction(v2CenRoleFunc.getCode(),
+						v2CenRoleFunc.getName());
+				cenRoleFuncList.add(roleFunc);
+			}
+			CentralRole role = new CentralRole(v2CenRole.getId(), v2CenRole.getName(), v2CenRole.getActive(),
+					v2CenRole.getPriority(), cenRoleFuncList);
+			cenRoleList.add(role);
+		}
 		return cenRoleList;
 	}
-	
+
 	@Override
 	public ResponseEntity<String> getNameSpaceIfExists(EPApp app) throws Exception {
 		HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
@@ -3433,7 +3606,7 @@
 		}
 		return response;
 	}
-	
+
 	@Override
 	public CentralRole convertV2CentralRoleToOldVerisonCentralRole(CentralV2Role v2CenRole) {
 		SortedSet<CentralRoleFunction> cenRoleFuncList = new TreeSet<>();
@@ -3458,17 +3631,17 @@
 			userRolesList = dataAccessService.executeNamedQuery("getBulkUsersForSingleRole", params, null);
 			for (BulkUploadUserRoles userRolesUpload : userRolesList) {
 				userRolesUpload.setRoleName(modifiedRoleName);
-				if(!userRolesUpload.getOrgUserId().equals("su1234")){
+				if (!userRolesUpload.getOrgUserId().equals("su1234")) {
 					addUserRoleInExternalSystem(userRolesUpload);
 					userRolesAdded++;
 				}
 			}
 		}
 		return userRolesAdded;
-	}	
-	
+	}
+
 	@Override
-	public String encodeFunctionCode(String funCode){
+	public String encodeFunctionCode(String funCode) {
 		String encodedString = funCode;
 		List<Pattern> encodingList = new ArrayList<>();
 		encodingList.add(Pattern.compile("/"));
@@ -3476,11 +3649,11 @@
 		for (Pattern xssInputPattern : encodingList) {
 			encodedString = xssInputPattern.matcher(encodedString)
 					.replaceAll("%" + Hex.encodeHexString(xssInputPattern.toString().getBytes()));
-		}		
-		encodedString = encodedString.replaceAll("\\*", "%"+ Hex.encodeHexString("*".getBytes()));
+		}
+		encodedString = encodedString.replaceAll("\\*", "%" + Hex.encodeHexString("*".getBytes()));
 		return encodedString;
 	}
-	
+
 	@Override
 	public void bulkUploadRoleFunc(UploadRoleFunctionExtSystem data, EPApp app) throws Exception {
 		ObjectMapper mapper = new ObjectMapper();
@@ -3488,18 +3661,16 @@
 		try {
 			ExternalAccessRolePerms extRolePerms;
 			ExternalAccessPerms extPerms;
-			extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + data.getType(), encodeFunctionCode(data.getInstance()), data.getAction());
+			extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + data.getType(),
+					encodeFunctionCode(data.getInstance()), data.getAction());
 			String appNameSpace = "";
-			if(data.getIsGlobalRolePartnerFunc()) {
-				appNameSpace =  epAppService.getApp(1l).getNameSpace();
+			if (data.getIsGlobalRolePartnerFunc()) {
+				appNameSpace = epAppService.getApp(1l).getNameSpace();
 			} else {
-				appNameSpace =  app.getNameSpace();
+				appNameSpace = app.getNameSpace();
 			}
-			extRolePerms = new ExternalAccessRolePerms(extPerms,
-					appNameSpace + "."
-							+ data.getRoleName().replaceAll(
-									EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
-									"_"));
+			extRolePerms = new ExternalAccessRolePerms(extPerms, appNameSpace + "." + data.getRoleName()
+					.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
 			String updateRolePerms = mapper.writeValueAsString(extRolePerms);
 			HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers);
 			updateRoleFunctionInExternalSystem(updateRolePerms, entity);
@@ -3513,7 +3684,6 @@
 					"addFunctionInExternalSystem: Failed to add role fucntion in external central auth system", e);
 			throw e;
 		}
-		
 	}
 
 	private void updateRoleFunctionInExternalSystem(String updateRolePerms, HttpEntity<String> entity) {
@@ -3526,7 +3696,7 @@
 				"bulkUploadRoleFunc: Finished adding permission for POST: {} and status code: {} ",
 				addPermResponse.getStatusCode().value(), updateRolePerms);
 	}
-	
+
 	@Override
 	public void syncApplicationUserRolesFromExtAuthSystem(String loginId) throws Exception {
 		String name = "";
@@ -3587,7 +3757,8 @@
 				if (!currentCentralizedUserAppRolesMap.containsKey(extUserRoleDetail.getName())) {
 					CentralizedAppRoles getCenAppRole = cenAppRolesMap.get(extUserRoleDetail.getName());
 					if (getCenAppRole != null) {
-						logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Adding user role from external auth system  {}",
+						logger.debug(EELFLoggerDelegate.debugLogger,
+								"addUserRolesInLocal: Adding user role from external auth system  {}",
 								extUserRoleDetail.toString());
 						EPUserApp userApp = new EPUserApp();
 						EPApp app = new EPApp();
@@ -3598,14 +3769,17 @@
 						userApp.setUserId(user.getId());
 						userApp.setRole(epRole);
 						dataAccessService.saveDomainObject(userApp, null);
-						logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Finished user role from external auth system  {}",
+						logger.debug(EELFLoggerDelegate.debugLogger,
+								"addUserRolesInLocal: Finished user role from external auth system  {}",
 								extUserRoleDetail.toString());
-					} else if (getCenAppRole == null // check if user has app account admin role
+					} else if (getCenAppRole == null // check if user has app
+														// account admin role
 							&& extUserRoleDetail.getName().endsWith(PortalConstants.ADMIN_ROLE.replaceAll(
 									EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) {
 						EPApp app = centralisedAppsMap.get(extUserRoleDetail.getName());
 						if (app != null) {
-							logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Adding user role from external auth system  {}",
+							logger.debug(EELFLoggerDelegate.debugLogger,
+									"addUserRolesInLocal: Adding user role from external auth system  {}",
 									extUserRoleDetail.toString());
 							EPUserApp userApp = new EPUserApp();
 							EPRole epRole = new EPRole();
@@ -3614,7 +3788,8 @@
 							userApp.setUserId(user.getId());
 							userApp.setRole(epRole);
 							dataAccessService.saveDomainObject(userApp, null);
-							logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Finished user role from external auth system  {}",
+							logger.debug(EELFLoggerDelegate.debugLogger,
+									"addUserRolesInLocal: Finished user role from external auth system  {}",
 									extUserRoleDetail.toString());
 						}
 					}
@@ -3629,13 +3804,14 @@
 
 	@SuppressWarnings("unchecked")
 	private HashMap<String, EPApp> getCentralizedAdminAppsInfo() {
-		List<EPApp> centralizedApps = dataAccessService
-				.executeNamedQuery("getCentralizedApps", null, null);
+		List<EPApp> centralizedApps = dataAccessService.executeNamedQuery("getCentralizedApps", null, null);
 		HashMap<String, EPApp> centralisedAppsMap = new HashMap<>();
 		for (EPApp cenApp : centralizedApps) {
-			centralisedAppsMap.put(cenApp.getNameSpace()+ "." +
-					PortalConstants.ADMIN_ROLE.replaceAll(
-							EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), cenApp);
+			centralisedAppsMap.put(
+					cenApp.getNameSpace() + "."
+							+ PortalConstants.ADMIN_ROLE.replaceAll(
+									EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
+					cenApp);
 		}
 		return centralisedAppsMap;
 	}
@@ -3645,9 +3821,10 @@
 		HashMap<String, CentralizedAppRoles> currentCentralizedUserAppRolesMap = new HashMap<>();
 		for (CentralizedAppRoles cenAppUserRole : currentUserAppRoles) {
 			currentCentralizedUserAppRolesMap.put(
-					cenAppUserRole.getAppNameSpace() + "." + cenAppUserRole.getRoleName()
-							.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
-							cenAppUserRole);
+					cenAppUserRole.getAppNameSpace() + "."
+							+ cenAppUserRole.getRoleName().replaceAll(
+									EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
+					cenAppUserRole);
 		}
 		return currentCentralizedUserAppRolesMap;
 	}
@@ -3659,13 +3836,14 @@
 		HashMap<String, CentralizedAppRoles> cenAppRolesMap = new HashMap<>();
 		for (CentralizedAppRoles CentralizedAppRole : centralizedAppRoles) {
 			cenAppRolesMap.put(
-					CentralizedAppRole.getAppNameSpace() + "." + CentralizedAppRole.getRoleName()
-							.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
+					CentralizedAppRole.getAppNameSpace() + "."
+							+ CentralizedAppRole.getRoleName().replaceAll(
+									EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
 					CentralizedAppRole);
 		}
 		return cenAppRolesMap;
 	}
-	
+
 	@Override
 	public ResponseEntity<String> getUserRolesFromExtAuthSystem(String name, HttpEntity<String> getUserRolesEntity) {
 		logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to external system to get current user roles");
@@ -3673,14 +3851,35 @@
 				.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
 						+ "roles/user/" + name, HttpMethod.GET, getUserRolesEntity, String.class);
 		if (getResponse.getStatusCode().value() == 200) {
-			logger.debug(EELFLoggerDelegate.debugLogger, "getAllUserRoleFromExtAuthSystem: Finished GET user roles from external system and received user roles {}",
+			logger.debug(EELFLoggerDelegate.debugLogger,
+					"getAllUserRoleFromExtAuthSystem: Finished GET user roles from external system and received user roles {}",
 					getResponse.getBody());
-
-		}else{
-			logger.error(EELFLoggerDelegate.errorLogger, "getAllUserRoleFromExtAuthSystem: Failed GET user roles from external system and received user roles {}",getResponse.getBody() );
+		} else {
+			logger.error(EELFLoggerDelegate.errorLogger,
+					"getAllUserRoleFromExtAuthSystem: Failed GET user roles from external system and received user roles {}",
+					getResponse.getBody());
 			EPLogUtil.logExternalAuthAccessAlarm(logger, getResponse.getStatusCode());
 		}
 		return getResponse;
 	}
 
+	@Override
+	public Integer updateAppRoleDescription(String uebkey) {
+		Integer roleDescUpdated = 0;
+		EPApp app;
+		try {
+			app = getApp(uebkey).get(0);
+			List<EPRole> roles = getAppRoles(app.getId());
+			for (EPRole epRole : roles) {
+				Role role = new Role();
+				role.setName(epRole.getName());
+				boolean status = addRoleDescriptionInExtSystem(role, app);
+				if (status)
+					roleDescUpdated++;
+			}
+		} catch (Exception e) {
+			logger.error(EELFLoggerDelegate.errorLogger, "updateAppRoleDescription: Failed! ", e);
+		}
+		return roleDescUpdated;
+	}
 }
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java
index b0dd4a2..5d9761c 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java
@@ -65,6 +65,7 @@
 import org.json.JSONObject;
 import org.onap.portalapp.externalsystemapproval.model.ExternalSystemRoleApproval;
 import org.onap.portalapp.externalsystemapproval.model.ExternalSystemUser;
+import org.onap.portalapp.portal.domain.CentralV2RoleFunction;
 import org.onap.portalapp.portal.domain.EPApp;
 import org.onap.portalapp.portal.domain.EPRole;
 import org.onap.portalapp.portal.domain.EPUser;
@@ -98,8 +99,10 @@
 import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
 import org.onap.portalapp.portal.utils.EcompPortalUtils;
 import org.onap.portalapp.portal.utils.PortalConstants;
+import org.onap.portalapp.util.EPUserUtils;
 import org.onap.portalapp.util.SystemType;
 import org.onap.portalsdk.core.domain.Role;
+import org.onap.portalsdk.core.domain.RoleFunction;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 import org.onap.portalsdk.core.restful.domain.EcompRole;
 import org.onap.portalsdk.core.service.DataAccessService;
@@ -123,6 +126,8 @@
 	private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserRolesCommonServiceImpl.class);
 
 	private static final Object syncRests = new Object();
+
+	private static final String APP_ID = "appId";
 		
 	@Autowired
 	private DataAccessService dataAccessService;				
@@ -138,7 +143,10 @@
 	private EPRoleService epRoleService;
 	@Autowired
 	private RoleService roleService;	
-	
+	@Autowired
+	private AdminRolesService adminRolesService;
+	@Autowired
+	private EPAppService appService;
 	@Autowired
 	private ExternalAccessRolesService externalAccessRolesService;
 	
@@ -428,18 +436,25 @@
 			for (EPRole ecompRole : userAppRoles) {
 				userAppRolesMap.add(ecompRole.getId());
 			}
+			logger.debug(EELFLoggerDelegate.debugLogger, "In constructRolesInAppForUserGet() - userAppRolesMap = {}", userAppRolesMap);
+
 		} else {
 			logger.error(EELFLoggerDelegate.errorLogger,
 					"constructRolesInAppForUserGet has received userAppRoles list empty.");
 		}
 
 		if (appRoles != null) {
+
 			for (Role ecompRole : appRoles) {
+				logger.debug(EELFLoggerDelegate.debugLogger, "In constructRolesInAppForUserGet() - appRoles not null = {}", ecompRole);
+
 				if (ecompRole.getId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID) && !extRequestValue)
 					continue;
 				RoleInAppForUser roleForUser = new RoleInAppForUser(ecompRole.getId(), ecompRole.getName());
 				roleForUser.isApplied = userAppRolesMap.contains(ecompRole.getId());
 				rolesInAppForUser.add(roleForUser);
+				logger.debug(EELFLoggerDelegate.debugLogger, "In constructRolesInAppForUserGet() - rolesInAppForUser = {}", rolesInAppForUser);
+
 			}
 		} else {
 			logger.error(EELFLoggerDelegate.errorLogger,
@@ -815,29 +830,31 @@
 	 * @return 
 	 * @throws Exception
 	 */
-	private EPUser addRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, EPApp app, ObjectMapper mapper, SearchService searchService, ApplicationsRestClientService applicationsRestClientService) throws Exception{
-		EPUser addRemoteUser = null;
-		if (remoteUserShouldBeCreated(roleInAppForUserList)) {
-			createNewUserOnRemoteApp(userId, app, applicationsRestClientService, searchService, mapper, isAppUpgradeVersion(app));
-		}
-		return addRemoteUser;
-	}
-	
-	
-	private EPUser pushRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, EPApp app,
+	private EPUser addRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, EPApp app,
 			ObjectMapper mapper, SearchService searchService,
 			ApplicationsRestClientService applicationsRestClientService) throws Exception {
 		EPUser addRemoteUser = null;
 		if (remoteUserShouldBeCreated(roleInAppForUserList)) {
-			pushUserOnRemoteApp(userId, app, applicationsRestClientService, searchService, mapper,
-					isAppUpgradeVersion(app), roleInAppForUserList);
+			createNewUserOnRemoteApp(userId, app, applicationsRestClientService, searchService, mapper,
+					isAppUpgradeVersion(app));
 		}
 		return addRemoteUser;
 	}
+	
+	private EPUser pushRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, EPApp app,
+			ObjectMapper mapper, SearchService searchService,
+			ApplicationsRestClientService applicationsRestClientService,boolean appRoleIdUsed) throws Exception {
+		EPUser addRemoteUser = null;
+//		if (remoteUserShouldBeCreated(roleInAppForUserList)) {
+			pushUserOnRemoteApp(userId, app, applicationsRestClientService, searchService, mapper,
+					isAppUpgradeVersion(app), roleInAppForUserList, appRoleIdUsed);
+//		}
+		return addRemoteUser;
+	}
 
 	protected void pushUserOnRemoteApp(String userId, EPApp app,
 			ApplicationsRestClientService applicationsRestClientService, SearchService searchService,
-			ObjectMapper mapper, boolean postOpenSource, List<RoleInAppForUser> roleInAppForUserList) throws Exception {
+			ObjectMapper mapper, boolean postOpenSource, List<RoleInAppForUser> roleInAppForUserList,boolean appRoleIdUsed) throws Exception {
 
 		EPUser client = searchService.searchUserByUserId(userId);
 
@@ -852,18 +869,50 @@
 		client.setLoginId(userId);
 		client.setActive(true);
 		roleInAppForUserList.removeIf(role -> role.isApplied.equals(false));
-		Set<EcompRole> userRolesInRemoteApp = constructUsersRemoteAppRoles(roleInAppForUserList);
 		SortedSet<Role> roles = new TreeSet<>();
-		List<EPRole> getAppRoles = getAppRoles(app.getId());
-		for (EcompRole epRole : userRolesInRemoteApp) {
+
+		List<EPRole> getAppRoles = externalAccessRolesService.getAppRoles(app.getId());
+		List<EPApp> appList = new ArrayList<>();
+		appList.add(app);
+		List<CentralV2Role> roleList = new ArrayList<>();
+		Map<String, Long> params = new HashMap<>();
+
+		List<EPRole> userRoles = new ArrayList<>();
+
+		for (RoleInAppForUser roleInappForUser : roleInAppForUserList) {
+			EPRole role = new EPRole();
+			role.setId(roleInappForUser.getRoleId());
+			role.setName(roleInappForUser.getRoleName());
+			userRoles.add(role);
+		}
+
+		if (appRoleIdUsed) {
+			List<EPRole> userAppRoles = new ArrayList<>();
+			for (EPRole role : userRoles) {
+				EPRole appRole = getAppRoles.stream()
+						.filter(applicationRole -> role.getId().equals(applicationRole.getAppRoleId())).findAny()
+						.orElse(null);
+				EPRole epRole = new EPRole();
+				if (appRole != null) {
+					epRole.setId(appRole.getId());
+					epRole.setName(appRole.getName());
+				}
+				userAppRoles.add(epRole);
+			}
+			userRoles = new ArrayList<>();
+			userRoles.addAll(userAppRoles);
+		}
+		roleList = externalAccessRolesService.createCentralRoleObject(appList, userRoles, roleList, params);
+
+		for (CentralV2Role epRole : roleList) {
 			Role role = new Role();
 			EPRole appRole = getAppRoles.stream()
-					  .filter(applicationRole -> epRole.getId().equals(applicationRole.getId()))
-					  .findAny()
-					  .orElse(null);
-			if(appRole != null)
-			role.setId(appRole.getAppRoleId());
+					.filter(applicationRole -> epRole.getId().equals(applicationRole.getId())).findAny().orElse(null);
+			if (appRole != null){
+				role.setId(appRole.getAppRoleId());
 			role.setName(epRole.getName());
+			role.setRoleFunctions(epRole.getRoleFunctions());
+			}
 			roles.add(role);
 		}
 		client.setRoles(roles);
@@ -872,23 +921,8 @@
 		logger.debug(EELFLoggerDelegate.debugLogger,
 				"about to post a client to remote application, users json = " + userInString);
 		applicationsRestClientService.post(EPUser.class, app.getId(), userInString, String.format("/user/%s", userId));
+	}
 
-	}
-	
-	
-	public List<EPRole> getAppRoles(Long appId) throws Exception {
-		List<EPRole> applicationRoles = null;
-		final Map<String, Long> appParams = new HashMap<>();
-		try {
-				appParams.put("appId", appId);
-				applicationRoles = dataAccessService.executeNamedQuery("getPartnerAppRolesList", appParams, null);
-		} catch (Exception e) {
-			logger.error(EELFLoggerDelegate.errorLogger, "getAppRoles: failed", e);
-			throw e;
-		}
-		return applicationRoles;
-	}
-	
 	/**
 	 * It checks whether the remote user exists or not
 	 * if exits returns user object else null
@@ -929,10 +963,11 @@
 	 * setAppWithUserRoleStateForUser(org.onap.portalapp.portal.domain.
 	 * EPUser, org.onap.portalapp.portal.transport.AppWithRolesForUser)
 	 */
-	public boolean setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser) {
+	public ExternalRequestFieldsValidator setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser) {
 		boolean result = false;
 		boolean epRequestValue = false;
 		String userId = "";
+		String reqMessage = "";
 		if (newAppRolesForUser != null && newAppRolesForUser.orgUserId != null) {
 			userId = newAppRolesForUser.orgUserId.trim();
 		}
@@ -949,11 +984,10 @@
 				// if centralized app
 				if (app.getCentralAuth()) {
 					if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
-							pushRemoteUser(roleInAppForUserList, userId, app, mapper, searchService,
-									applicationsRestClientService);
+						pushRemoteUser(roleInAppForUserList, userId, app, mapper, searchService,
+									applicationsRestClientService,false);
 					}
 					
-					
 					Set<EcompRole>  userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper,
 							applicationsRestClientService, appId, userId);
 					RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId,
@@ -982,8 +1016,7 @@
 						if (remoteAppUser == null) {
 							remoteAppUser = addRemoteUser(roleInAppForUserList, userId, app, mapper, searchService, applicationsRestClientService);
 						}
-						if (remoteAppUser != null) {
-							Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(roleInAppForUserList, mapper,
+						Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(roleInAppForUserList, mapper,
 									applicationsRestClientService, appId, userId);
 							RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId,
 									userRolesInRemoteApp);
@@ -994,22 +1027,32 @@
 								logger.debug(EELFLoggerDelegate.debugLogger,
 										"setAppWithUserRoleStateForUser: no roles in app {}, set user {} to inactive", app,
 										userId);
-								remoteAppUser.setActive(false);
+								//remoteAppUser.setActive(false);
 								postUserToRemoteApp(userId, user, app, applicationsRestClientService);
-							}
 						}
 					}
 				}
 			} catch (Exception e) {
+				/*String message = String.format(
+						"Failed to create user or update user roles for User %s, AppId %s",
+						userId, Long.toString(appId));
+				logger.error(EELFLoggerDelegate.errorLogger, message, e);
+				result = false;*/
+
 				String message = String.format(
 						"Failed to create user or update user roles for User %s, AppId %s",
 						userId, Long.toString(appId));
 				logger.error(EELFLoggerDelegate.errorLogger, message, e);
 				result = false;
+				reqMessage = e.getMessage();
+				 			 
+			
 			}
 
 		}
-		return result;
+		//return result;
+		return new ExternalRequestFieldsValidator(result, reqMessage);
+
 	}
 	/**
 	 * It adds user roles in External system and also make data consistent in both local and in External System 
@@ -1053,10 +1096,8 @@
 					if (extRoles.getJSONObject(i).getString("name").startsWith(app.getNameSpace() + ".")
 							&& !extRoles.getJSONObject(i).getString("name").equals(app.getNameSpace() + ".admin")
 							&& !extRoles.getJSONObject(i).getString("name").equals(app.getNameSpace() + ".owner")) {
-						ObjectMapper descMapper = new ObjectMapper();
-						if (extRoles.getJSONObject(i).has("description") && EcompPortalUtils.isJSONValid(extRoles.getJSONObject(i).getString("description"))) {
-							ExternalRoleDescription desc = descMapper.readValue(
-									extRoles.getJSONObject(i).getString("description"), ExternalRoleDescription.class);
+						if (extRoles.getJSONObject(i).has("description")) {
+							ExternalRoleDescription desc = new ExternalRoleDescription(extRoles.getJSONObject(i).getString("description"));
 							userRoleDetail = new ExternalAccessUserRoleDetail(
 									extRoles.getJSONObject(i).getString("name"), desc);
 							userRoleDetailList.add(userRoleDetail);
@@ -1157,7 +1198,7 @@
 
 	private List<ExternalAccessUserRoleDetail> CheckIfRoleAreMatchingInUserRoleDetailList(
 			List<ExternalAccessUserRoleDetail> userRoleDetailList, EPApp app) {		
-		Map<String, EPRole> epRoleList  = externalAccessRolesService.getCurrentRolesInDB(app);	
+		Map<String, EPRole> epRoleList  = externalAccessRolesService.getAppRoleNamesWithUnderscoreMap(app);	
 		//Add Account Admin role for partner app to prevent conflict
 		if(!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
 		EPRole role =  new EPRole();
@@ -1352,7 +1393,7 @@
 		final Map<String, Long> params = new HashMap<>();
 		final Map<String, String> userParams = new HashMap<>();
 		List<EPUser> userInfo = null;
-		EPUser userId = null;
+		EPUser user = null;
 		List<EPUserAppRolesRequest> epRequestId = null;
 		String orgUserId = "";
 		String updateStatus = "";
@@ -1377,9 +1418,9 @@
 				}
 				if (userInfo.size() != 0 || !userInfo.isEmpty()) {
 					validateExternalRequestFields(userInfo, app);
-					userId = userInfo.get(0);
+					user = userInfo.get(0);
 					params.put("appId", app.getId());
-					params.put("userId", userId.getId());
+					params.put("userId", user.getId());
 					epRequestId = (List<EPUserAppRolesRequest>) dataAccessService
 							.executeNamedQuery("userAppRolesRequestList", params, null);
 					epRequestIdSize = epRequestId.size();
@@ -1399,7 +1440,7 @@
 				List<EcompUserAppRoles> userRoleList = null;
 				if(!userInfo.isEmpty()){
 				final Map<String, Long> appParams = new HashMap<>();
-				appParams.put("userId", userId.getId());
+				appParams.put("userId", user.getId());
 				appParams.put("appId", app.getId());
 				userRoleList = dataAccessService.executeNamedQuery("getUserAppExistingRoles", appParams, null);
 				}
@@ -1416,17 +1457,20 @@
 				if (app.getCentralAuth()) {
 					// We should add If user does not exist in remote application
 					try {
-						// If adding just account admin role dont make remote application user call
-						if (!app.getId().equals(PortalConstants.PORTAL_APP_ID) && !(checkIfAdminRoleExists
-								&& reqType.equals("DELETE")) && roleInAppForUserList.size() > 1) {
-							EPUser remoteAppUser = null;
-							remoteAppUser = checkIfRemoteUserExits(orgUserId, app,
-									applicationsRestClientService);
-							if (remoteAppUser == null) {
-								addRemoteUser(roleInAppForUserList, orgUserId, app, mapper, searchService,
-										applicationsRestClientService);
-								reqMessage = "Saved Successfully";
-							}
+						// If adding just account admin role dont make remote application user call or
+						// if request has only single non admin role then make remote call
+						if (!(app.getId().equals(PortalConstants.PORTAL_APP_ID) && reqType.equals("DELETE"))
+								&& ((checkIfAdminRoleExists && roleInAppForUserList.size() > 1)
+										|| (!checkIfAdminRoleExists && roleInAppForUserList.size() >= 1))) {
+							// check if admin role exist then delete
+							List<RoleInAppForUser> remoteUserRoles = roleInAppForUserList.stream()
+									  .collect(Collectors.toList());
+							remoteUserRoles.removeIf(role -> {
+								return (role.getRoleId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID));
+							});
+							String orgUserIdNewOrExist = (userInfo.size() != 0 || !userInfo.isEmpty()) ? user.getOrgUserId() : orgUserId;
+							pushRemoteUser(remoteUserRoles, orgUserIdNewOrExist , app, mapper, searchService,
+									applicationsRestClientService,true);
 						}
 					} catch (Exception e) {
 						reqMessage = e.getMessage();
@@ -1455,34 +1499,35 @@
 					result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, externalSystemRequest, reqType);
 				} else {// remote app
 					// If adding just account admin role don't do remote application user call
-					if(!((roleInAppForUserList.size() == 1 || reqType.equals("DELETE")) && checkIfAdminRoleExists)){
-					EPUser remoteAppUser = null;
+					if (!((roleInAppForUserList.size() == 1 || reqType.equals("DELETE")) && checkIfAdminRoleExists)) {
+						EPUser remoteAppUser = null;
 						remoteAppUser = checkIfRemoteUserExits(orgUserId, app, applicationsRestClientService);
-					if (remoteAppUser == null) {
-						remoteAppUser =	addRemoteUser(roleInAppForUserList, orgUserId, app, mapper, searchService, applicationsRestClientService);
-						reqMessage = "Saved Successfully";
-					}
-						if (remoteAppUser != null) {
-							Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(roleInAppForUserList,
-									mapper, applicationsRestClientService, app.getId(), orgUserId);
-
-							RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(orgUserId,
-									app.getId(), userRolesInRemoteApp);
-							logger.info(EELFLoggerDelegate.debugLogger, "setExternalRequestUserAppRole: {} user app roles: for app {}, user {}",
-									logMessage, newAppRolesForUser.getApplicationName(),
-									newAppRolesForUser.getLoginId());
-							result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, externalSystemRequest,
-									reqType);
-							// If no roles remain, request app to set user inactive.
-							/*if (userRolesInRemoteApp.size() == 0) {
-								logger.debug(EELFLoggerDelegate.debugLogger,
-										"setAppWithUserRoleStateForUser: no roles in app {}, set user {} to inactive", app,
-										orgUserId);
-								//TODO Need  to fix the logged in user is not set to inactive
-								remoteAppUser.setActive(false);
-								postUserToRemoteApp(orgUserId, user, app, applicationsRestClientService);
-							}*/
+						if (remoteAppUser == null) {
+							addRemoteUser(roleInAppForUserList, orgUserId, app, mapper, searchService,
+									applicationsRestClientService);
+							reqMessage = "Saved Successfully";
 						}
+
+						Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(roleInAppForUserList, mapper,
+								applicationsRestClientService, app.getId(), orgUserId);
+
+						RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(orgUserId, app.getId(),
+								userRolesInRemoteApp);
+						logger.info(EELFLoggerDelegate.debugLogger,
+								"setExternalRequestUserAppRole: {} user app roles: for app {}, user {}", logMessage,
+								newAppRolesForUser.getApplicationName(), newAppRolesForUser.getLoginId());
+						result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, externalSystemRequest,
+								reqType);
+						// If no roles remain, request app to set user inactive.
+						/*
+						 * if (userRolesInRemoteApp.size() == 0) {
+						 * logger.debug(EELFLoggerDelegate.debugLogger,
+						 * "setAppWithUserRoleStateForUser: no roles in app {}, set user {} to inactive"
+						 * , app, orgUserId); //TODO Need to fix the logged in user is not set to
+						 * inactive remoteAppUser.setActive(false); postUserToRemoteApp(orgUserId, user,
+						 * app, applicationsRestClientService); }
+						 */
+
 					} else {
 						// Here we are adding only we have single account admin in roleInAppForUserList and this should not add in remote 
 						if(!(reqType.equals("DELETE")) && userInfo.isEmpty()){
@@ -1502,7 +1547,7 @@
 					}
 					if (epRequestIdSize > 0 && !userInfo.isEmpty()) {
 						updateStatus = "C";
-						applyChangesToAppRolesRequest(app.getId(), userId.getId(), updateStatus, epRequestId.get(0));
+						applyChangesToAppRolesRequest(app.getId(), user.getId(), updateStatus, epRequestId.get(0));
 					}
 				}
 			} catch (Exception e) {
@@ -1513,7 +1558,7 @@
 				reqMessage = e.getMessage();
 				 if(epRequestIdSize > 0 && userInfo!=null && !userInfo.isEmpty()){
 				 updateStatus = "F";
-				 applyChangesToAppRolesRequest(app.getId(), userId.getId(),
+				 applyChangesToAppRolesRequest(app.getId(), user.getId(),
 				 updateStatus, epRequestId.get(0));
 				 }
 			}
@@ -1634,157 +1679,290 @@
 	 * getAppRolesForUser(java.lang.Long, java.lang.String)
 	 */
 	@SuppressWarnings("unchecked")
-	public List<RoleInAppForUser> getAppRolesForUser(Long appId, String userId, Boolean extRequestValue) {
-
-		List<RoleInAppForUser> rolesInAppForUser = null;
-		EPApp app = appsService.getApp(appId);
-		try {
-			// for onap portal app, no need to make a remote call
-			List<Role> roleList = new ArrayList<>();
-			if (appId == PortalConstants.PORTAL_APP_ID) {		
-				if(app.getCentralAuth()){
-					List<CentralV2Role> cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey());
-					for(CentralV2Role cenRole : cenRoleList){
-						Role role = new Role();
-						role.setActive(cenRole.getActive());
-						role.setId(cenRole.getId());
-						role.setName(cenRole.getName());
-						role.setPriority(cenRole.getPriority());
-						roleList.add(role);
-					}
-				}else{
-					roleList = roleService.getAvailableRoles(userId);
-				}
-				List<Role> activeRoleList = new ArrayList<Role>();
-				for(Role role: roleList) {
-					if(role.getActive()) {
-						if(role.getId() != 1){ // prevent portal admin from being added
-							activeRoleList.add(role);
-						} else if(extRequestValue){
-							activeRoleList.add(role);
-						}
-					}
-					 	
-				}
-				EPUser localUser  = getUserFromApp(userId, app, applicationsRestClientService);
-				// If localUser does not exists return roles
-				Set<EPRole> roleSet = null;
-				EPRole[] roleSetList = null;
-				if(localUser != null){
-					roleSet = localUser.getAppEPRoles(app);
-					roleSetList = roleSet.toArray(new EPRole[0]);
-				}
-				rolesInAppForUser = constructRolesInAppForUserGet(activeRoleList, roleSetList, extRequestValue);
-				return rolesInAppForUser;
-			}
-			
-			EcompRole[] appRoles = null;
-			List<EcompRole> roles = new ArrayList<>();
+	public List<RoleInAppForUser> getAppRolesForUser(Long appId, String userId, Boolean extRequestValue,EPUser user) {
+	List<RoleInAppForUser> rolesInAppForUser = null;
+	EPApp app = appsService.getApp(appId);
+	logger.debug(EELFLoggerDelegate.debugLogger, "In getAppRolesForUser() - app = {}", app);
+	try {
+		// for onap portal app, no need to make a remote call
+		List<Role> roleList = new ArrayList<>();
+		if (appId == PortalConstants.PORTAL_APP_ID) {		
 			if(app.getCentralAuth()){
-				final Map<String, Long> appParams =  new HashMap<>();
-				appParams.put("appId", app.getId());
-				List<EPRole> applicationRoles = dataAccessService.executeNamedQuery("getActiveRolesOfApplication", appParams, null);
-				for(EPRole role : applicationRoles){
-					EcompRole ecompRole = new EcompRole();
-					ecompRole.setId(role.getId());
-					ecompRole.setName(role.getName());
-					roles.add(ecompRole);
+				List<CentralV2Role> cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey());
+				for(CentralV2Role cenRole : cenRoleList){
+					Role role = new Role();
+					role.setActive(cenRole.getActive());
+					role.setId(cenRole.getId());
+					role.setName(cenRole.getName());
+					role.setPriority(cenRole.getPriority());
+					roleList.add(role);
 				}
-				appRoles = roles.toArray(new EcompRole[roles.size()]);
-			} else{
-				appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles");
+			}else{
+				roleList = roleService.getAvailableRoles(userId);
 			}
-			// Test this error case, for generating an internal ONAP Portal
-			// error
-			// EcompRole[] appRoles = null;
-			// If there is an exception in the rest client api, then null will
-			// be returned.
-			if (appRoles != null) {
-				if(!app.getCentralAuth()) {
-				syncAppRoles(sessionFactory, appId, appRoles);
+			List<Role> activeRoleList = new ArrayList<Role>();
+			for(Role role: roleList) {
+				if(role.getActive()) {
+					if(role.getId() != 1){ // prevent portal admin from being added
+						activeRoleList.add(role);
+					} else if(extRequestValue){
+						activeRoleList.add(role);
+					}
 				}
-				EcompRole[] userAppRoles = null;
+				 	
+			}
+			EPUser localUser  = getUserFromApp(userId, app, applicationsRestClientService);
+			// If localUser does not exists return roles
+			Set<EPRole> roleSet = null;
+			EPRole[] roleSetList = null;
+			if(localUser != null){
+				roleSet = localUser.getAppEPRoles(app);
+				roleSetList = roleSet.toArray(new EPRole[0]);
+			}
+			rolesInAppForUser = constructRolesInAppForUserGet(activeRoleList, roleSetList, extRequestValue);
+			return rolesInAppForUser;
+		}
+		
+		EcompRole[] appRoles = null;
+		List<EcompRole> roles = new ArrayList<>();
+			if (app.getCentralAuth()) {
+				final Map<String, Long> appParams = new HashMap<>();
+				appParams.put("appId", app.getId());
+				List<EPRole> applicationRoles = dataAccessService.executeNamedQuery("getActiveRolesOfApplication",
+						appParams, null);
+
+				EPApp application = appService.getApp(appId);
+				boolean checkIfUserisApplicationAccAdmin = adminRolesService.isAccountAdminOfApplication(user,
+						application);
+
+				List<EPRole> rolesetwithfunctioncds = new ArrayList<EPRole>();
+				for (EPRole role : applicationRoles) {
+					Map<String, Long> params = new HashMap<>();
+					params.put("roleId", role.getId());
+					params.put(APP_ID, app.getId());
+					List<CentralV2RoleFunction> cenRoleFuncList = dataAccessService
+							.executeNamedQuery("getAppRoleFunctionList", params, null);
+
+					// SortedSet<CentralV2RoleFunction> roleFunctionSet =
+					// new TreeSet<>();
+					SortedSet<RoleFunction> roleFunctionSet = new TreeSet<>();
+					for (CentralV2RoleFunction roleFunc : cenRoleFuncList) {
+
+						String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode());
+						functionCode = EPUserUtils.decodeFunctionCode(functionCode);
+						String type = externalAccessRolesService.getFunctionCodeType(roleFunc.getCode());
+						String action = externalAccessRolesService.getFunctionCodeAction(roleFunc.getCode());
+						String name = roleFunc.getName();
+
+						RoleFunction function = new RoleFunction();
+						function.setAction(action);
+						function.setType(type);
+						function.setCode(functionCode);
+						function.setName(name);
+						roleFunctionSet.add(function);
+						role.setRoleFunctions(roleFunctionSet);
+
+					}
+					rolesetwithfunctioncds.add(role);
+
+
+				}
+
+				for (EPRole role1 : rolesetwithfunctioncds) {
+					EcompRole ecompRole = new EcompRole();
+					ecompRole.setId(role1.getId());
+					ecompRole.setName(role1.getName());
+					ecompRole.setRoleFunctions(role1.getRoleFunctions());
+					roles.add(ecompRole);
+
+				}
+					if (checkIfUserisApplicationAccAdmin) {
+					appRoles = roles.toArray(new EcompRole[roles.size()]);
+					logger.debug(EELFLoggerDelegate.debugLogger, "In getAppRolesForUser() If Logged in user checkIfUserisApplicationAccAdmin- appRoles = {}", appRoles);
+				} else if (adminRolesService.isRoleAdmin(user) && !checkIfUserisApplicationAccAdmin) {
+					List<EcompRole> roleAdminAppRoles = new ArrayList<>();
+					List<String> roleAdminAppRolesNames = new ArrayList<>();
+					final Map<String, Long> userParams = new HashMap<>();
+					userParams.put("userId", user.getId());	
+					List<String> getUserApproverRoles = dataAccessService.executeNamedQuery("getUserApproverRoles", userParams, null);
+
+					List<EcompRole> userapproverRolesList = new ArrayList<>();
+					for (String str : getUserApproverRoles) {
+						EcompRole epRole = roles.stream().filter(x -> str.equals(x.getName())).findAny().orElse(null);
+						if (epRole != null)
+							userapproverRolesList.add(epRole);
+					}
+//					roles.removeAll(userapproverRolesList);
+					for (EcompRole role : userapproverRolesList) {
+
+						List<RoleFunction> roleFunList = new ArrayList<>();
+						roleFunList.addAll(role.getRoleFunctions());
+						boolean checkIfFunctionsExits = roleFunList.stream()
+								.anyMatch(roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver"));
+						if (checkIfFunctionsExits) {
+							roleAdminAppRoles.add(role);
+							List<RoleFunction> filteredList = roleFunList.stream()
+									.filter(x -> "Approver".equalsIgnoreCase(x.getType())).collect(Collectors.toList());
+							roleAdminAppRolesNames.addAll(filteredList.stream().map(RoleFunction::getCode)
+									.collect(Collectors.toList()));
+//							roleAdminAppRolesNames = filteredList.stream().map(RoleFunction::getCode)
+//									.collect(Collectors.toList());
+						}
+					}
+						for (String name : roleAdminAppRolesNames) {
+							EcompRole ecompRole = roles.stream().filter(x -> name.equals(x.getName())).findAny()
+									.orElse(null);
+							if (ecompRole != null)
+								roleAdminAppRoles.add(ecompRole);
+						
+					}
+					appRoles = roleAdminAppRoles.toArray(new EcompRole[roleAdminAppRoles.size()]);
+
+				}
+			} else{
+			appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles");
+		}
+		// Test this error case, for generating an internal ONAP Portal
+		// error
+		// EcompRole[] appRoles = null;
+		// If there is an exception in the rest client api, then null will
+		// be returned.
+		if (appRoles != null) {
+			if(!app.getCentralAuth()) {
+			syncAppRoles(sessionFactory, appId, appRoles);
+			}
+			EcompRole[] userAppRoles = null;
+			try {
 				try {
-					try {
-						if(app.getCentralAuth()){
-							final Map<String, String> params = new HashMap<>();
-							final Map<String, Long> userParams = new HashMap<>();
-							params.put("orgUserIdValue", userId);
-							List<EPUser> user = dataAccessService.executeNamedQuery("epUserAppId", params, null);
-							userParams.put("appId", app.getId());
-							userParams.put("userId", user.get(0).getId());	
-							List<EPUserAppCurrentRoles> userAppsRolesList = dataAccessService.executeNamedQuery("getUserAppCurrentRoles", userParams, null);
-								List<EcompRole> setUserRoles = new ArrayList<>();
-								for(EPUserAppCurrentRoles role : userAppsRolesList){
-									EcompRole ecompRole = new EcompRole();
-									ecompRole.setId(role.getRoleId());
-									ecompRole.setName(role.getRoleName());
-									setUserRoles.add(ecompRole);
-								}
-								userAppRoles = setUserRoles.toArray(new EcompRole[setUserRoles.size()]);
-								rolesInAppForUser = constructRolesInAppForUserGet(appRoles, userAppRoles);
-								return rolesInAppForUser;
-						}else{
-							userAppRoles = applicationsRestClientService.get(EcompRole[].class, appId,
-									String.format("/user/%s/roles", userId));
-						}
-					} catch (HTTPException e) {
-						// Some apps are returning 400 if user is not found.
-						if (e.getResponseCode() == 400) {
-							logger.debug(EELFLoggerDelegate.debugLogger,
-									"getAppRolesForUser caught exception with response code 400; continuing", e);
-						} else {
-							// Other response code, let it come thru.
-							throw e;
-						}
-					}
-					if (userAppRoles == null) {
-						if (EcompPortalUtils.getExternalAppResponseCode() == 400) {
-							EcompPortalUtils.setExternalAppResponseCode(200);
-							String message = String.format(
-									"getAppRolesForUser: App %s, User %, endpoint /user/{userid}/roles returned 400, "
-											+ "assuming user doesn't exist, app is framework SDK based, and things are ok. "
-											+ "Overriding to 200 until framework SDK returns a useful response.",
-									Long.toString(appId), userId);
-							logger.warn(EELFLoggerDelegate.applicationLogger, message);
-						}
-					}
 					
-					 HashMap<Long, EcompRole> appRolesActiveMap =hashMapFromEcompRoles(appRoles);
-						ArrayList<EcompRole> activeRoles = new ArrayList<EcompRole>();
-						if(userAppRoles != null){
-							for (int i = 0; i < userAppRoles.length; i++) {
-								if (appRolesActiveMap.containsKey(userAppRoles[i].getId())) {
-									EcompRole role = new EcompRole();
-									role.setId(userAppRoles[i].getId());
-									role.setName(userAppRoles[i].getName());
-									activeRoles.add(role);
+					if(app.getCentralAuth()){
+						final Map<String, String> params = new HashMap<>();
+						final Map<String, Long> userParams = new HashMap<>();
+						params.put("orgUserIdValue", userId);
+						List<EPUser> actualUser = dataAccessService.executeNamedQuery("epUserAppId", params, null);
+						userParams.put("appId", app.getId());
+						userParams.put("userId", actualUser.get(0).getId());	
+						List<EPUserAppCurrentRoles> userAppsRolesList = dataAccessService.executeNamedQuery("getUserAppCurrentRoles", userParams, null);
+							
+						List<EcompRole> setUserRoles = new ArrayList<>();
+							for(EPUserAppCurrentRoles role : userAppsRolesList){
+								logger.debug(EELFLoggerDelegate.debugLogger, "In getAppRolesForUser() - userAppsRolesList get userRolename = {}", role.getRoleName());
+								EcompRole ecompRole = new EcompRole();
+								ecompRole.setId(role.getRoleId());
+								ecompRole.setName(role.getRoleName());
+								setUserRoles.add(ecompRole);
+							}
+						
+							boolean checkIfUserisAccAdmin = setUserRoles.stream()
+									.anyMatch(ecompRole -> ecompRole.getId() == 999L);
+							
+						if (!checkIfUserisAccAdmin) {
+							List<EcompRole> userApplicationRolesList = setUserRoles;
+							List<EcompRole> appRolesList = Arrays.asList(appRoles);
+							 Set<EcompRole> finalUserAppRolesList = new HashSet<>();
+
+							List<String> roleNames = new ArrayList<>();
+								for (EcompRole role : userApplicationRolesList) {
+									EcompRole epRole = appRolesList.stream()
+											.filter(x -> role.getName().equals(x.getName())).findAny().orElse(null);
+									List<RoleFunction> roleFunList = new ArrayList<>();
+									if(epRole.getRoleFunctions().size()>0)
+									roleFunList.addAll(epRole.getRoleFunctions());
+									boolean checkIfFunctionsExits = roleFunList.stream().anyMatch(
+											roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver"));
+									if (checkIfFunctionsExits) {
+										finalUserAppRolesList.add(role);
+										List<RoleFunction> filteredList = roleFunList.stream()
+												.filter(x -> "Approver".equalsIgnoreCase(x.getType()))
+												.collect(Collectors.toList());
+										roleNames = filteredList.stream().map(RoleFunction::getCode)
+												.collect(Collectors.toList());
+									}
+
+									for (String name : roleNames) {
+										EcompRole ecompRole = appRolesList.stream()
+												.filter(x -> name.equals(x.getName())).findAny().orElse(null);
+										if (ecompRole != null)
+											finalUserAppRolesList.add(ecompRole);
+									}
 								}
+								
+								
+							for (String name : roleNames) {
+								
+								boolean checkIfFunctionsExits = userAppsRolesList.stream().anyMatch(
+										role -> role.getRoleName().equalsIgnoreCase(name));		
+								if(checkIfFunctionsExits)
+								{
+									EcompRole epRole = appRolesList.stream().filter(x -> name.equals(x.getName()))
+											.findAny().orElse(null);
+									if(epRole != null)
+									setUserRoles.add(epRole);
+								}
+								
+							}
+							userAppRoles = setUserRoles.toArray(new EcompRole[setUserRoles.size()]);
+						} 
+					}else{
+						userAppRoles = applicationsRestClientService.get(EcompRole[].class, appId,
+								String.format("/user/%s/roles", userId));
+					}
+				} catch (HTTPException e) {
+					// Some apps are returning 400 if user is not found.
+					if (e.getResponseCode() == 400) {
+						logger.debug(EELFLoggerDelegate.debugLogger,
+								"getAppRolesForUser caught exception with response code 400; continuing", e);
+					} else {
+						// Other response code, let it come thru.
+						throw e;
+					}
+				}
+				if (userAppRoles == null) {
+					if (EcompPortalUtils.getExternalAppResponseCode() == 400) {
+						EcompPortalUtils.setExternalAppResponseCode(200);
+						String message = String.format(
+								"getAppRolesForUser: App %s, User %, endpoint /user/{userid}/roles returned 400, "
+										+ "assuming user doesn't exist, app is framework SDK based, and things are ok. "
+										+ "Overriding to 200 until framework SDK returns a useful response.",
+								Long.toString(appId), userId);
+						logger.warn(EELFLoggerDelegate.applicationLogger, message);
+					}
+				}
+				
+				 HashMap<Long, EcompRole> appRolesActiveMap =hashMapFromEcompRoles(appRoles);
+					ArrayList<EcompRole> activeRoles = new ArrayList<EcompRole>();
+					if(userAppRoles != null){
+						for (int i = 0; i < userAppRoles.length; i++) {
+							if (appRolesActiveMap.containsKey(userAppRoles[i].getId())) {
+								EcompRole role = new EcompRole();
+								role.setId(userAppRoles[i].getId());
+								role.setName(userAppRoles[i].getName());
+								activeRoles.add(role);
 							}
 						}
-						EcompRole[]	userAppRolesActive = activeRoles.toArray(new EcompRole[activeRoles.size()]);
-					
-					// If the remote application isn't down we MUST sync user
-					// roles here in case we have this user here!
-					syncUserRoles(sessionFactory, userId, appId, userAppRolesActive, extRequestValue, null);
-				} catch (Exception e) {
-					// TODO: we may need to check if user exists, maybe remote
-					// app is down.
-					String message = String.format(
-							"getAppRolesForUser: user %s does not exist in remote application %s", userId,
-							Long.toString(appId));
-					logger.error(EELFLoggerDelegate.errorLogger, message, e);
-					userAppRoles = new EcompRole[0];
-				}
-				rolesInAppForUser = constructRolesInAppForUserGet(appRoles, userAppRoles);
+					}
+					EcompRole[]	userAppRolesActive = activeRoles.toArray(new EcompRole[activeRoles.size()]);
+				
+				// If the remote application isn't down we MUST sync user
+				// roles here in case we have this user here!
+				syncUserRoles(sessionFactory, userId, appId, userAppRolesActive, extRequestValue, null);
+			} catch (Exception e) {
+				// TODO: we may need to check if user exists, maybe remote
+				// app is down.
+				String message = String.format(
+						"getAppRolesForUser: user %s does not exist in remote application %s", userId,
+						Long.toString(appId));
+				logger.error(EELFLoggerDelegate.errorLogger, message, e);
+				userAppRoles = new EcompRole[0];
 			}
-		} catch (Exception e) {
-			String message = String.format("getAppRolesForUser: failed for User %s, AppId %s", userId,
-					Long.toString(appId));
-			logger.error(EELFLoggerDelegate.errorLogger, message, e);
+			rolesInAppForUser = constructRolesInAppForUserGet(appRoles, userAppRoles);
 		}
-		return rolesInAppForUser;
-
+	} catch (Exception e) {
+		String message = String.format("getAppRolesForUser: failed for User %s, AppId %s", userId,
+				Long.toString(appId));
+		logger.error(EELFLoggerDelegate.errorLogger, message, e);
+	}
+	return rolesInAppForUser;
 	}
 	
 	private boolean postUserRolesToMylogins(AppWithRolesForUser userAppRolesData,
@@ -1974,16 +2152,49 @@
 	 * @param app
 	 * @return
 	 */
+	@SuppressWarnings("unchecked")
 	private List<RemoteRole> convertToRemoteRoleList(EPUser user, EPApp app) {
 		List<RemoteRole> roleList = new ArrayList<RemoteRole>();
 		SortedSet<EPRole> roleSet = user.getAppEPRoles(app);
 		for (EPRole role : roleSet) {
+			logger.debug(EELFLoggerDelegate.debugLogger, "In convertToRemoteRoleList() - for user {}, found Name {}", user.getOrgUserId(), role.getName());
 			RemoteRole rRole = new RemoteRole();
 			rRole.setId(role.getId());
 			rRole.setName(role.getName());
 			roleList.add(rRole);
 		}
+		
+		//Get the active roles of user for that application using query
+		List<EPRole> userEpRoleList = new ArrayList<>();
+		final Map<String, Long> params = new HashMap<>();
+		params.put("appId", app.getId());
+		params.put("userId", user.getId());
+		userEpRoleList = dataAccessService.executeNamedQuery("getUserRoleOnUserIdAndAppId", params, null);
+
+		for (EPRole remoteUserRoleList : userEpRoleList) {
+
+			RemoteRole remoteRoleListId = roleList.stream().filter(x -> remoteUserRoleList.getId().equals(x.getId()))
+					.findAny().orElse(null);
+			if (remoteRoleListId == null) {
+				logger.debug(EELFLoggerDelegate.debugLogger,
+						"Adding the role to the rolelist () - for user {}, found Name {}", user.getOrgUserId(),
+
+						remoteUserRoleList.getName());
+				RemoteRole role = new RemoteRole();
+				role.setId(remoteUserRoleList.getId());
+				role.setName(remoteUserRoleList.getName());
+
+				roleList.add(role);
+			}
+
+		}
+
+		logger.debug(EELFLoggerDelegate.debugLogger, "rolelist size of the USER() - for user {}, found RoleListSize {}", user.getOrgUserId(), roleList.size());
+
 		return roleList;
+		
+		
+		
 	}
 
 	public RemoteUserWithRoles[] doGetUsers(boolean postOpenSource, String remoteUsersString) {
@@ -2013,4 +2224,20 @@
 		return userRoleList;
 	}
 	
+	
+	/*public static void main(String[] args) {
+		List<EcompRole> str1 = new ArrayList<String>();
+		str1.add("A");
+		str1.add("B");
+		str1.add("C");
+		str1.add("D");
+
+		List<String> str2 = new ArrayList<String>();
+		str2.add("D");
+		str2.add("E");
+
+		List<EcompRole> userApplicationRolesList = setUserRoles;
+		List<EcompRole> appRolesList = Arrays.asList(appRoles);
+		
+	}*/
 }
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesService.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesService.java
index bbae4a6..49a5011 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesService.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesService.java
@@ -64,11 +64,12 @@
 	 *            ID of row in fn_user
 	 * @param extRequestValue
 	 *            set to false if request is from users page otherwise true
+	 * @param  
 	 * @return List<RoleInAppForUser>
 	 */
-	public List<RoleInAppForUser> getAppRolesForUser(Long appId, String userId, Boolean extRequestValue);
+	public List<RoleInAppForUser> getAppRolesForUser(Long appId, String userId, Boolean extRequestValue, EPUser user );
 
-	public boolean setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser);
+	public ExternalRequestFieldsValidator setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser);
 
 	public List<UserApplicationRoles> getUsersFromAppEndpoint(Long appId) throws HTTPException;
 
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralUserApp.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralUserApp.java
index 1eb27e7..6d96004 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralUserApp.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralUserApp.java
@@ -46,7 +46,7 @@
 	private Long userId;
 	private CentralApp app;
 	private CentralRole role;
-	private Short priority;
+	private Integer priority;
 
 	/**
 	 * @return the userId
@@ -96,7 +96,7 @@
 	/**
 	 * @return the priority
 	 */
-	public Short getPriority() {
+	public Integer getPriority() {
 		return priority;
 	}
 
@@ -104,7 +104,7 @@
 	 * @param priority
 	 *            the priority to set
 	 */
-	public void setPriority(Short priority) {
+	public void setPriority(Integer priority) {
 		this.priority = priority;
 	}
 
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java
index 0f4bc78..2ada8ed 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java
@@ -49,7 +49,7 @@
 	private Long userId;
 	private CentralApp app;
 	private CentralV2Role role;
-	private Short priority;
+	private Integer priority;
 	
 	
 	
@@ -89,13 +89,13 @@
 
 
 
-	public Short getPriority() {
+	public Integer getPriority() {
 		return priority;
 	}
 
 
 
-	public void setPriority(Short priority) {
+	public void setPriority(Integer priority) {
 		this.priority = priority;
 	}
 
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRoles.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRoles.java
index dbf4830..6a0f19d 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRoles.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRoles.java
@@ -59,7 +59,7 @@
 	private Long userId;
 	@Id
 	@Column(name="priority")
-	private String priority ;
+	private Integer priority ;
 	@Id
 	@Column(name="role_id")
 	private Long roleId;
@@ -75,10 +75,10 @@
 	public void setUserId(Long userId) {
 		this.userId = userId;
 	}
-	public String getPriority() {
+	public Integer getPriority() {
 		return priority;
 	}
-	public void setPriority(String priority) {
+	public void setPriority(Integer priority) {
 		this.priority = priority;
 	}
 	public Long getRoleId() {
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserAppRoles.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserAppRoles.java
index 9d25c7c..a7446f6 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserAppRoles.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserAppRoles.java
@@ -59,7 +59,7 @@
 	private Long userId;
 	@Id
 	@Column(name="priority")
-	private String priority ;
+	private Integer priority ;
 	@Id
 	@Column(name="role_id")
 	private Long roleId;
@@ -78,10 +78,10 @@
 	public void setUserId(Long userId) {
 		this.userId = userId;
 	}
-	public String getPriority() {
+	public Integer getPriority() {
 		return priority;
 	}
-	public void setPriority(String priority) {
+	public void setPriority(Integer priority) {
 		this.priority = priority;
 	}
 	public Long getRoleId() {
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java
index b978107..47a1978 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java
@@ -39,11 +39,20 @@
 
 public class ExternalRoleDescription {
 
-	private String  name;
-    
+	private String name;
+
+	public ExternalRoleDescription() {
+		super();
+	}
+
+	public ExternalRoleDescription(String name) {
+		this.name = name;
+	}
+
 	public String getName() {
 		return name;
 	}
+
 	public void setName(String name) {
 		this.name = name;
 	}
@@ -55,6 +64,7 @@
 		result = prime * result + ((name == null) ? 0 : name.hashCode());
 		return result;
 	}
+
 	@Override
 	public boolean equals(Object obj) {
 		if (this == obj)
@@ -71,8 +81,5 @@
 			return false;
 		return true;
 	}
-	
-	
-    
-    
+
 }
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EPCommonSystemProperties.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EPCommonSystemProperties.java
index 2c619af..80501e3 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EPCommonSystemProperties.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EPCommonSystemProperties.java
@@ -99,5 +99,6 @@
 	public static final String UEB_KEY								= "uebkey";
 	public static final String AUTHORIZATION 						= "Authorization";
 	public static final String USERNAME 						    = "username";
+	public static final String PASSWORD 						    = "password";
 	
 }
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java
index f8d1116..1b5613c 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java
@@ -43,6 +43,7 @@
 import java.nio.charset.Charset;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Base64;
 import java.util.Date;
 import java.util.List;
@@ -247,9 +248,13 @@
 	// This method might be just for testing purposes.
 	public static void setExternalAppResponseCode(int responseCode) {
 		try {
-			String code = String.valueOf(responseCode);
+			/*String code = String.valueOf(responseCode);
 			MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,code );
-			code=StringUtils.EMPTY;
+			code=StringUtils.EMPTY;*/
+			String code = Integer.toString(responseCode);
+			MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,code );
+			char[] chars=code.toCharArray();
+	        Arrays.fill(chars, ' ');
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "setExternalAppResponseCode failed", e);
 		}
diff --git a/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml b/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
index e4b8144..5026421 100644
--- a/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
+++ b/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
@@ -287,8 +287,8 @@
 			<key-many-to-one name="role"
 				class="org.onap.portalapp.portal.domain.EPRole" column="role_id" />
 		</composite-id>
-		<property name="priority" type="java.lang.Short">
-			<column name="priority" precision="4" scale="0" />
+		<property name="priority">
+			<column name="priority" default="1" precision="4" scale="0" />
 		</property>
 	</class>
 
@@ -1947,7 +1947,7 @@
 			class="org.onap.portalapp.portal.transport.EPUserAppCurrentRoles" />
 			<![CDATA[
 			
-			select distinct fu.role_id, fr.user_id, fu.role_name, fu.priority from fn_role fu left outer join fn_user_role fr ON fu.role_id = fr.role_id and fu.app_id = fr.app_id and fr.role_id != 999 where fu.app_id =:appId and fr.user_id =:userId
+			select distinct fu.role_id, fr.user_id, fu.role_name, fu.priority from fn_role fu left outer join fn_user_role fr ON fu.role_id = fr.role_id and fu.app_id = fr.app_id and fr.role_id != 999 where fu.app_id =:appId and fr.user_id =:userId and fu.active_yn='Y' 
 			;		
 			]]>
 	</sql-query>
@@ -2078,6 +2078,51 @@
 			]]>
 	</sql-query>
 	
+	<sql-query name="getRoleFunctionsOfUserforAlltheApplications">
+			<![CDATA[
+			select distinct ep.function_cd from fn_user_role fu, ep_app_role_function ep, ep_app_function ea
+			where fu.role_id = ep.role_id 
+			and fu.app_id = ep.app_id
+			and fu.user_id =:userId 
+			and ea.function_cd = ep.function_cd
+		   	and exists
+			(
+			select fa.app_id from fn_user fu, fn_user_role ur, fn_app fa where fu.user_id =:userId and fu.user_id = ur.user_id
+			and ur.app_id = fa.app_id and fa.enabled = 'Y'
+			);
+			]]>
+	</sql-query>
+	
+	<sql-query name="getApplicationsofTheUserwithAdminAndRoleAdmin">
+	<return alias="getApplicationsofTheUserwithAdminAndRoleAdmin" class="org.onap.portalapp.portal.domain.AppIdAndNameTransportModel" />
+			<![CDATA[
+			SELECT app.APP_ID, app.APP_NAME, app.APP_TYPE FROM FN_APP app 
+			inner join FN_USER_ROLE userrole ON userrole.APP_ID=app.APP_ID 
+			where userrole.USER_ID = :userId AND userrole.ROLE_ID=999 AND (app.ENABLED = 'Y' OR app.APP_ID=1)
+			UNION
+			SELECT DISTINCT app.APP_ID, app.app_name, app.APP_TYPE FROM fn_user user 
+					INNER JOIN fn_user_role user_role ON user.USER_ID = user_role.USER_ID 
+					 INNER JOIN fn_role role ON role.ROLE_ID = user_role.ROLE_ID  
+		        INNER JOIN fn_app app ON app.app_id= user_role.app_id and (app.enabled='Y'  or app.app_id=1) 
+		        INNER JOIN ep_app_role_function appfunction ON  appfunction.app_id = app.app_id and appfunction.role_id=role.ROLE_ID and (appfunction.function_cd like '%APPROVER%')
+		        WHERE user.user_id = :userId ;
+			]]>
+	</sql-query>
+	
+	<sql-query name="getApplicationsofTheUserContainsApprover">
+	<return alias="getApplicationsofTheUserContainsApprover" class="org.onap.portalapp.portal.domain.AppIdAndNameTransportModel" />
+			<![CDATA[
+			SELECT DISTINCT app.APP_ID, app.APP_TYPE, app.app_name FROM fn_user user 
+					INNER JOIN fn_user_role user_role ON user.USER_ID = user_role.USER_ID 
+					 INNER JOIN fn_role role ON role.ROLE_ID = user_role.ROLE_ID  
+		        INNER JOIN fn_app app ON app.app_id= user_role.app_id and (app.enabled='Y'  or app.app_id=1) 
+		        INNER JOIN ep_app_role_function appfunction ON  appfunction.app_id = app.app_id and appfunction.role_id=role.ROLE_ID and (appfunction.function_cd like '%APPROVER%')
+		        WHERE user.user_id = :userId ;
+			]]>
+	</sql-query>
+	
+	
+	
 	<sql-query name="getUserRolesForLeftMenu">
 			<return alias="getUserRolesListForLeftMenu" class="org.onap.portalapp.portal.domain.UserRole" />
 	
@@ -2414,5 +2459,50 @@
 		order by role_id;
 		]]>
 	</sql-query>
+	<sql-query name="getAprroverRoleFunctionsOfUser">
+		<![CDATA[
+		select distinct ep.function_cd from fn_user_role fu, ep_app_role_function ep, ep_app_function ea
+		where fu.role_id = ep.role_id
+		and fu.app_id = ep.app_id
+		and fu.user_id =:userId
+		and ea.function_cd = ep.function_cd and ea.function_cd like 'approver|%'
+		and exists
+		(
+		select fa.app_id from fn_user fu, fn_user_role ur, fn_app fa where fu.user_id =:userId and fu.user_id = ur.user_id
+		and ur.app_id = fa.app_id and fa.enabled = 'Y'
+		);
+		]]>
+</sql-query>
+<sql-query name="getUserApproverRoles">
+		<![CDATA[
+		select distinct fr.role_name from fn_user_role fu, ep_app_role_function ep, ep_app_function ea, fn_role fr
+		where fu.role_id = ep.role_id
+		and fu.app_id = ep.app_id
+		and fu.user_id = :userId
+		and fu.role_id = fr.role_id and fr.active_yn='Y'
+		and ea.function_cd = ep.function_cd and ea.function_cd like 'approver|%'
+		and exists
+		(
+		select fa.app_id from fn_user fu, fn_user_role ur, fn_app fa where fu.user_id =:userId and fu.user_id = ur.user_id
+		and ur.app_id = fa.app_id and fa.enabled = 'Y'
+		);
+		]]>
+</sql-query>
+<sql-query name="getAdminAppsForTheUser">
+		<![CDATA[
+		select fa.app_id  from fn_user_role ur,fn_app fa where ur.user_id =:userId and ur.app_id=fa.app_id and ur.role_id= 999 and (fa.enabled = 'Y' || fa.app_id=1)
+
 	
+		]]>
+</sql-query>
+
+
+<sql-query name="getUserRoleOnUserIdAndAppId">	
+		<return alias="getUserRoleOnUserIdAndAppId" class="org.onap.portalapp.portal.domain.EPRole" />   	
+		<![CDATA[
+		
+		select fr.role_id , fr.role_name ,fr.active_yn, fr.priority, fr.app_id, fr.app_role_id  FROM fn_role fr, fn_user_role fur WHERE fr.role_id = fur.role_id AND fur.user_id= :userId AND fur.app_id = :appId AND fr.active_yn='Y'
+ 		
+ 		]]>
+	</sql-query>
 </hibernate-mapping>
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperControllerTest.java
index 38510d9..9d3ac1e 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperControllerTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperControllerTest.java
@@ -36,7 +36,9 @@
  */
 package org.onap.portalapp.portal.controller;
 
-import static org.junit.Assert.*;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
 
 import java.lang.reflect.Method;
 import java.util.ArrayList;
@@ -56,7 +58,6 @@
 import org.mockito.Mockito;
 import org.mockito.MockitoAnnotations;
 import org.onap.portalapp.annotation.ApiVersion;
-import org.onap.portalapp.controller.sessionmgt.SessionCommunicationController;
 import org.onap.portalapp.controller.sessionmgt.SessionCommunicationVersionController;
 import org.onap.portalapp.externalsystemapproval.model.ExternalSystemUser;
 import org.onap.portalapp.portal.domain.EPUser;
@@ -666,4 +667,23 @@
 		Mockito.when(mockedRequest.getMethod()).thenReturn("GET");
 		assertNull(auxApiRequestMapperController.getFunctionalMenuItemsForUser(mockedRequest, mockedResponse));
 	}
+	
+	@Test
+	public void updateAppRoleDescriptionApiTest() throws Exception {
+		Mockito.when(mockedRequest.getRequestURI()).thenReturn("/auxapi/v3/update/app/roleDescription");
+		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+		expectedportalRestResponse.setMessage("updateAppRoleDescription: null");
+		expectedportalRestResponse.setResponse("Failure");
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+		Mockito.when(mockedRequest.getHeader("MinorVersion")).thenReturn("0");
+		Map<String, Object> beans = new HashMap<>();
+		beans.put("bean1", rolesController);
+		Mockito.when(context.getBeansWithAnnotation(ApiVersion.class)).thenReturn(beans);
+		PowerMockito.mockStatic(AopUtils.class);
+		Mockito.when(AopUtils.isAopProxy(Matchers.anyObject())).thenReturn(false);
+		Mockito.when(mockedRequest.getMethod()).thenReturn("PUT");
+		assertEquals(auxApiRequestMapperController.updateAppRoleDescription(mockedRequest, mockedResponse),
+				expectedportalRestResponse);
+	}
+
 }
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java
index f1d7c39..b476a72 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java
@@ -37,7 +37,6 @@
  */
 package org.onap.portalapp.portal.controller;
 
-
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNull;
 
@@ -91,7 +90,6 @@
 import org.powermock.modules.junit4.PowerMockRunner;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.test.util.MatcherAssertionErrors;
 import org.springframework.web.client.HttpClientErrorException;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
@@ -102,38 +100,32 @@
 @PrepareForTest({ EcompPortalUtils.class, PortalConstants.class, SystemProperties.class,
 		EPCommonSystemProperties.class })
 public class ExternalAccessRolesControllerTest {
-
 	@Mock
 	ExternalAccessRolesService externalAccessRolesService = new ExternalAccessRolesServiceImpl();
-
 	@InjectMocks
 	ExternalAccessRolesController externalAccessRolesController = new ExternalAccessRolesController();
 	@Mock
-	UserService userservice =  new UserServiceCentalizedImpl();
-	
+	UserService userservice = new UserServiceCentalizedImpl();
 	@Mock
-	AuditService auditService; 
+	AuditService auditService;
 
 	@Before
 	public void setup() {
 		MockitoAnnotations.initMocks(this);
 	}
+
 	@Mock
 	AuditLog auditLog = new AuditLog();
-
 	MockitoTestSuite mockitoTestSuite = new MockitoTestSuite();
-
 	HttpServletRequest mockedRequest = mockitoTestSuite.getMockedRequest();
 	HttpServletResponse mockedResponse = mockitoTestSuite.getMockedResponse();
 	NullPointerException nullPointerException = new NullPointerException();
 	HttpClientErrorException httpClientErrorException = new HttpClientErrorException(HttpStatus.BAD_REQUEST, "Failed");
-
 	MockEPUser mockUser = new MockEPUser();
 	String loginId = "guestT";
 	String uebKey = "testUebKey";
 
-	public EPApp mockApp()
-	{
+	public EPApp mockApp() {
 		EPApp app = new EPApp();
 		app.setName("Test");
 		app.setImageUrl("test");
@@ -156,10 +148,14 @@
 		app.setAppType(1);
 		return app;
 	}
-	
+
 	@Test
 	public void getUserTest() throws Exception {
-		CentralUser expectedCentralUser = new CentralUser(null, null, null, null, null, null, null, null, loginId, loginId, loginId, loginId, loginId, loginId, loginId, null, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, null, false, false, null, null, false, loginId, null);
+		CentralUser expectedCentralUser = new CentralUser(null, null, null, null, null, null, null, null, loginId,
+				loginId, loginId, loginId, loginId, loginId, loginId, null, loginId, loginId, loginId, loginId, loginId,
+				loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId,
+				loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId, loginId,
+				loginId, null, false, false, null, null, false, loginId, null);
 		String loginId = "test";
 		StringWriter sw = new StringWriter();
 		PrintWriter writer = new PrintWriter(sw);
@@ -172,7 +168,8 @@
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(appList.get(0))).thenReturn(response);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
-		Mockito.when(externalAccessRolesService.getUserRoles(loginId, mockedRequest.getHeader("uebkey"))).thenReturn(expectedCentralUser);
+		Mockito.when(externalAccessRolesService.getUserRoles(loginId, mockedRequest.getHeader("uebkey")))
+				.thenReturn(expectedCentralUser);
 		CentralUser actualCentralUser = externalAccessRolesController.getUser(mockedRequest, mockedResponse, loginId);
 		assertEquals(actualCentralUser.isActive(), expectedCentralUser.isActive());
 	}
@@ -187,7 +184,7 @@
 		String result = sw.getBuffer().toString().trim();
 		assertEquals(reason, result);
 	}
-		
+
 	@Test
 	public void getV2UserListTest() throws Exception {
 		String expectedCentralUser = "test";
@@ -200,11 +197,12 @@
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(appList.get(0))).thenReturn(response);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
-		Mockito.when(externalAccessRolesService.getV2UserWithRoles(loginId, mockedRequest.getHeader("uebkey"))).thenReturn(expectedCentralUser);
+		Mockito.when(externalAccessRolesService.getV2UserWithRoles(loginId, mockedRequest.getHeader("uebkey")))
+				.thenReturn(expectedCentralUser);
 		String actualString = externalAccessRolesController.getV2UserList(mockedRequest, mockedResponse, loginId);
 		assertEquals(actualString, expectedCentralUser);
 	}
-	
+
 	@Test(expected = NullPointerException.class)
 	public void getV2UserListExceptionTest() throws Exception {
 		String expectedCentralUser = null;
@@ -217,11 +215,12 @@
 		ResponseEntity<String> response = null;
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(appList.get(0))).thenReturn(response);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
-		Mockito.when(externalAccessRolesService.getV2UserWithRoles(loginId, mockedRequest.getHeader("uebkey"))).thenReturn(expectedCentralUser);
+		Mockito.when(externalAccessRolesService.getV2UserWithRoles(loginId, mockedRequest.getHeader("uebkey")))
+				.thenReturn(expectedCentralUser);
 		String actualString = externalAccessRolesController.getV2UserList(mockedRequest, mockedResponse, loginId);
 		assertEquals(actualString, expectedCentralUser);
 	}
-	
+
 	@Test
 	public void getRolesForAppCentralRoleTest() throws Exception {
 		List<CentralRole> expectedCentralRoleList = new ArrayList<CentralRole>();
@@ -236,9 +235,12 @@
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(applicationList);
 		Mockito.doNothing().when(externalAccessRolesService).syncApplicationRolesWithEcompDB(app);
-		Mockito.when(externalAccessRolesService.getRolesForApp(mockedRequest.getHeader(uebKey))).thenReturn(centralV2RoleList);
-		Mockito.when(externalAccessRolesService.convertV2CentralRoleListToOldVerisonCentralRoleList(centralV2RoleList)).thenReturn(centralRoleList);
-		List<CentralRole> actualCentralRoleList = externalAccessRolesController.getRolesForApp(mockedRequest, mockedResponse);
+		Mockito.when(externalAccessRolesService.getRolesForApp(mockedRequest.getHeader(uebKey)))
+				.thenReturn(centralV2RoleList);
+		Mockito.when(externalAccessRolesService.convertV2CentralRoleListToOldVerisonCentralRoleList(centralV2RoleList))
+				.thenReturn(centralRoleList);
+		List<CentralRole> actualCentralRoleList = externalAccessRolesController.getRolesForApp(mockedRequest,
+				mockedResponse);
 		assertEquals(actualCentralRoleList.size(), expectedCentralRoleList.size());
 	}
 
@@ -255,12 +257,15 @@
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(applicationList);
 		Mockito.doNothing().when(externalAccessRolesService).syncApplicationRolesWithEcompDB(app);
-		Mockito.when(externalAccessRolesService.getRolesForApp(mockedRequest.getHeader(uebKey))).thenReturn(centralV2RoleList);
-		Mockito.when(externalAccessRolesService.convertV2CentralRoleListToOldVerisonCentralRoleList(centralV2RoleList)).thenReturn(centralRoleList);
-		List<CentralRole> actualCentralRoleList = externalAccessRolesController.getRolesForApp(mockedRequest, mockedResponse);
-		assertEquals(null,actualCentralRoleList);
+		Mockito.when(externalAccessRolesService.getRolesForApp(mockedRequest.getHeader(uebKey)))
+				.thenReturn(centralV2RoleList);
+		Mockito.when(externalAccessRolesService.convertV2CentralRoleListToOldVerisonCentralRoleList(centralV2RoleList))
+				.thenReturn(centralRoleList);
+		List<CentralRole> actualCentralRoleList = externalAccessRolesController.getRolesForApp(mockedRequest,
+				mockedResponse);
+		assertEquals(null, actualCentralRoleList);
 	}
-	
+
 	@Test
 	public void getV2RolesForAppTest() throws Exception {
 		List<CentralRole> expectedCentralRoleList = new ArrayList<CentralRole>();
@@ -274,11 +279,13 @@
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(applicationList);
 		Mockito.doNothing().when(externalAccessRolesService).syncApplicationRolesWithEcompDB(app);
-		Mockito.when(externalAccessRolesService.getRolesForApp(mockedRequest.getHeader(uebKey))).thenReturn(centralV2Role);
-		List<CentralV2Role> actualCentralV2Role = externalAccessRolesController.getV2RolesForApp(mockedRequest, mockedResponse);
+		Mockito.when(externalAccessRolesService.getRolesForApp(mockedRequest.getHeader(uebKey)))
+				.thenReturn(centralV2Role);
+		List<CentralV2Role> actualCentralV2Role = externalAccessRolesController.getV2RolesForApp(mockedRequest,
+				mockedResponse);
 		assertEquals(actualCentralV2Role.size(), expectedCentralRoleList.size());
 	}
-	
+
 	@Test(expected = NullPointerException.class)
 	public void getV2RolesForAppExceptionTest() throws Exception {
 		List<CentralRole> expectedCentralRoleList = new ArrayList<CentralRole>();
@@ -292,11 +299,13 @@
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(applicationList);
 		Mockito.doNothing().when(externalAccessRolesService).syncApplicationRolesWithEcompDB(app);
-		Mockito.when(externalAccessRolesService.getRolesForApp(mockedRequest.getHeader(uebKey))).thenReturn(centralV2Role);
-		List<CentralV2Role> actualCentralV2Role = externalAccessRolesController.getV2RolesForApp(mockedRequest, mockedResponse);
+		Mockito.when(externalAccessRolesService.getRolesForApp(mockedRequest.getHeader(uebKey)))
+				.thenReturn(centralV2Role);
+		List<CentralV2Role> actualCentralV2Role = externalAccessRolesController.getV2RolesForApp(mockedRequest,
+				mockedResponse);
 		assertEquals(actualCentralV2Role.size(), expectedCentralRoleList.size());
 	}
-	
+
 	@Test(expected = NullPointerException.class)
 	public void getRolesForAppTest() throws Exception {
 		List<EPApp> applicationList = new ArrayList<EPApp>();
@@ -316,9 +325,9 @@
 		applicationList.add(app);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
 		Mockito.doNothing().when(externalAccessRolesService).syncApplicationRolesWithEcompDB(app);
-		externalAccessRolesController.getRolesForApp(mockedRequest,mockedResponse);
+		externalAccessRolesController.getRolesForApp(mockedRequest, mockedResponse);
 		List<CentralV2Role> role = externalAccessRolesService.getRolesForApp(mockedRequest.getHeader(uebKey));
-		assertEquals(null,role);
+		assertEquals(null, role);
 	}
 
 	@Test
@@ -335,9 +344,12 @@
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(applicationList);
 		Mockito.doNothing().when(externalAccessRolesService).syncApplicationRolesWithEcompDB(app);
-		Mockito.when(externalAccessRolesService.getRoleFuncList(mockedRequest.getHeader("uebkey"))).thenReturn(centralV2RoleFunction);
-		Mockito.when(externalAccessRolesService.convertCentralRoleFunctionToRoleFunctionObject(centralV2RoleFunction)).thenReturn(roleFuncList);
-		List<CentralRoleFunction> actualCentralRoleFunction = externalAccessRolesController.getRoleFunctionsList(mockedRequest, mockedResponse);
+		Mockito.when(externalAccessRolesService.getRoleFuncList(mockedRequest.getHeader("uebkey")))
+				.thenReturn(centralV2RoleFunction);
+		Mockito.when(externalAccessRolesService.convertCentralRoleFunctionToRoleFunctionObject(centralV2RoleFunction))
+				.thenReturn(roleFuncList);
+		List<CentralRoleFunction> actualCentralRoleFunction = externalAccessRolesController
+				.getRoleFunctionsList(mockedRequest, mockedResponse);
 		assertEquals(actualCentralRoleFunction.size(), expectedCentralRoleList.size());
 	}
 
@@ -365,11 +377,13 @@
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(applicationList);
 		Mockito.doNothing().when(externalAccessRolesService).syncApplicationRolesWithEcompDB(app);
-		Mockito.when(externalAccessRolesService.getRoleFuncList(mockedRequest.getHeader("uebkey"))).thenReturn(centralV2RoleFunction);
-		List<CentralV2RoleFunction> actualCentralV2RoleFunctionList = externalAccessRolesController.getV2RoleFunctionsList(mockedRequest, mockedResponse);
+		Mockito.when(externalAccessRolesService.getRoleFuncList(mockedRequest.getHeader("uebkey")))
+				.thenReturn(centralV2RoleFunction);
+		List<CentralV2RoleFunction> actualCentralV2RoleFunctionList = externalAccessRolesController
+				.getV2RoleFunctionsList(mockedRequest, mockedResponse);
 		assertEquals(actualCentralV2RoleFunctionList.size(), expectedCentralV2RoleFunctionList.size());
 	}
-	
+
 	@Test
 	public void getV2RoleFunctionsListExceptionTest() throws Exception {
 		String reason = getInvalidKeyJson();
@@ -380,7 +394,7 @@
 		String result = sw.getBuffer().toString().trim();
 		assertEquals(reason, result);
 	}
-	
+
 	@Test
 	public void getRoleInfoValidationTest() throws Exception {
 		CentralRole expectedCentralRole = null;
@@ -394,17 +408,19 @@
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(applicationList.get(0))).thenReturn(response);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(applicationList);
-		Mockito.when(externalAccessRolesService.getRoleInfo(roleId, mockedRequest.getHeader("uebkey"))).thenReturn(centralV2Role);
-		CentralRole actualCentralRole = externalAccessRolesController.getRoleInfo(mockedRequest, mockedResponse, roleId);
+		Mockito.when(externalAccessRolesService.getRoleInfo(roleId, mockedRequest.getHeader("uebkey")))
+				.thenReturn(centralV2Role);
+		CentralRole actualCentralRole = externalAccessRolesController.getRoleInfo(mockedRequest, mockedResponse,
+				roleId);
 		assertEquals(actualCentralRole, expectedCentralRole);
 	}
-	
+
 	@Test
 	public void getRoleInfoTest() throws Exception {
 		String reason = getInvalidKeyJson();
 		StringWriter sw = new StringWriter();
 		PrintWriter writer = new PrintWriter(sw);
-		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);		
+		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
 		CentralV2Role answer = new CentralV2Role();
 		long roleId = 1;
 		Mockito.when(externalAccessRolesService.getRoleInfo(roleId, mockedRequest.getHeader(uebKey)))
@@ -419,16 +435,16 @@
 		String reason = getInvalidKeyJson();
 		StringWriter sw = new StringWriter();
 		PrintWriter writer = new PrintWriter(sw);
-		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);	
+		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
 		long roleId = 1;
 		assertNull(externalAccessRolesController.getRoleInfo(mockedRequest, mockedResponse, roleId));
 		String result = sw.getBuffer().toString().trim();
 		assertEquals(reason, result);
 	}
-	
+
 	@Test
 	public void getV2RoleInfoValidationTest() throws Exception {
-		CentralV2Role  expectedCentralRole = new CentralV2Role();
+		CentralV2Role expectedCentralRole = new CentralV2Role();
 		expectedCentralRole.setActive(false);
 		List<EPApp> applicationList = new ArrayList<EPApp>();
 		long roleId = 1;
@@ -440,17 +456,19 @@
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(applicationList.get(0))).thenReturn(response);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(applicationList);
-		Mockito.when(externalAccessRolesService.getRoleInfo(roleId, mockedRequest.getHeader("uebkey"))).thenReturn(centralV2Role);
-		CentralV2Role actualCentralRole = externalAccessRolesController.getV2RoleInfo(mockedRequest, mockedResponse, roleId);
+		Mockito.when(externalAccessRolesService.getRoleInfo(roleId, mockedRequest.getHeader("uebkey")))
+				.thenReturn(centralV2Role);
+		CentralV2Role actualCentralRole = externalAccessRolesController.getV2RoleInfo(mockedRequest, mockedResponse,
+				roleId);
 		assertEquals(actualCentralRole.getActive(), expectedCentralRole.getActive());
 	}
-	
+
 	@Test
 	public void getV2RoleInfoTest() throws Exception {
 		String reason = getInvalidKeyJson();
 		StringWriter sw = new StringWriter();
 		PrintWriter writer = new PrintWriter(sw);
-		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);		
+		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
 		CentralV2Role answer = new CentralV2Role();
 		long roleId = 1;
 		Mockito.when(externalAccessRolesService.getRoleInfo(roleId, mockedRequest.getHeader(uebKey)))
@@ -465,15 +483,15 @@
 		String reason = getInvalidKeyJson();
 		StringWriter sw = new StringWriter();
 		PrintWriter writer = new PrintWriter(sw);
-		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);	
+		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
 		long roleId = 1;
 		assertNull(externalAccessRolesController.getV2RoleInfo(mockedRequest, mockedResponse, roleId));
 		String result = sw.getBuffer().toString().trim();
 		assertEquals(reason, result);
 	}
-	
+
 	@Test
-	public void getV2RoleFunctionTest() throws HttpClientErrorException, Exception{
+	public void getV2RoleFunctionTest() throws HttpClientErrorException, Exception {
 		CentralV2RoleFunction expectedCentralV2RoleFunction = new CentralV2RoleFunction();
 		expectedCentralV2RoleFunction.setCode("test");
 		List<EPApp> applicationList = new ArrayList<EPApp>();
@@ -487,13 +505,15 @@
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(applicationList.get(0))).thenReturn(response);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(applicationList);
-		Mockito.when(externalAccessRolesService.getRoleFunction(code, mockedRequest.getHeader("uebkey"))).thenReturn(centralV2RoleFunction);
-		CentralV2RoleFunction actualCentralV2RoleFunction = externalAccessRolesController.getV2RoleFunction(mockedRequest, mockedResponse, code);
+		Mockito.when(externalAccessRolesService.getRoleFunction(code, mockedRequest.getHeader("uebkey")))
+				.thenReturn(centralV2RoleFunction);
+		CentralV2RoleFunction actualCentralV2RoleFunction = externalAccessRolesController
+				.getV2RoleFunction(mockedRequest, mockedResponse, code);
 		assertEquals(actualCentralV2RoleFunction.getCode(), expectedCentralV2RoleFunction.getCode());
 	}
-	
+
 	@Test
-	public void getV2RoleFunctionNullCheckTest() throws HttpClientErrorException, Exception{
+	public void getV2RoleFunctionNullCheckTest() throws HttpClientErrorException, Exception {
 		CentralV2RoleFunction expectedCentralV2RoleFunction = new CentralV2RoleFunction();
 		List<EPApp> applicationList = new ArrayList<EPApp>();
 		String code = "test";
@@ -505,23 +525,25 @@
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(applicationList.get(0))).thenReturn(response);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(applicationList);
-		Mockito.when(externalAccessRolesService.getRoleFunction(code, mockedRequest.getHeader("uebkey"))).thenReturn(centralV2RoleFunction);
-		CentralV2RoleFunction actualCentralV2RoleFunction = externalAccessRolesController.getV2RoleFunction(mockedRequest, mockedResponse, code);
+		Mockito.when(externalAccessRolesService.getRoleFunction(code, mockedRequest.getHeader("uebkey")))
+				.thenReturn(centralV2RoleFunction);
+		CentralV2RoleFunction actualCentralV2RoleFunction = externalAccessRolesController
+				.getV2RoleFunction(mockedRequest, mockedResponse, code);
 		assertEquals(actualCentralV2RoleFunction.getAction(), expectedCentralV2RoleFunction.getAction());
 	}
-	
+
 	@Test
 	public void getV2RoleFunctionExceptionTest() throws Exception {
 		String reason = getInvalidKeyJson();
 		StringWriter sw = new StringWriter();
 		PrintWriter writer = new PrintWriter(sw);
-		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);	
+		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
 		String code = "test";
 		assertNull(externalAccessRolesController.getV2RoleFunction(mockedRequest, mockedResponse, code));
 		String result = sw.getBuffer().toString().trim();
 		assertEquals(reason, result);
 	}
-	
+
 	@Test
 	public void getRoleFunctionTest() throws Exception {
 		EPApp mockApp = mockApp();
@@ -530,7 +552,7 @@
 		mockAppList.add(mockApp);
 		StringWriter sw = new StringWriter();
 		PrintWriter writer = new PrintWriter(sw);
-		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);	
+		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
 		CentralV2RoleFunction roleFunction1 = new CentralV2RoleFunction();
 		CentralRoleFunction roleFunction2 = new CentralRoleFunction();
 		roleFunction1.setCode("test2");
@@ -541,7 +563,8 @@
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(mockAppList.get(0))).thenReturn(response);
 		Mockito.when(externalAccessRolesService.getRoleFunction(code, mockedRequest.getHeader("uebkey")))
 				.thenReturn(roleFunction1);
-		CentralRoleFunction returnedValue = externalAccessRolesController.getRoleFunction(mockedRequest, mockedResponse, code);
+		CentralRoleFunction returnedValue = externalAccessRolesController.getRoleFunction(mockedRequest, mockedResponse,
+				code);
 		assertEquals(returnedValue, roleFunction2);
 		String result = sw.getBuffer().toString().trim();
 		assertEquals("", result);
@@ -552,11 +575,12 @@
 		String reason = getInvalidKeyJson();
 		StringWriter sw = new StringWriter();
 		PrintWriter writer = new PrintWriter(sw);
-		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);	
+		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
 		String code = "test_menu";
 		Mockito.when(externalAccessRolesService.getRoleFunction(code, mockedRequest.getHeader(uebKey)))
 				.thenThrow(httpClientErrorException);
-		assertEquals(new CentralRoleFunction(),externalAccessRolesController.getRoleFunction(mockedRequest, mockedResponse, code));
+		assertEquals(new CentralRoleFunction(),
+				externalAccessRolesController.getRoleFunction(mockedRequest, mockedResponse, code));
 		String result = sw.getBuffer().toString().trim();
 		assertEquals(reason, result);
 	}
@@ -582,7 +606,7 @@
 		portalRestResponse = externalAccessRolesController.saveRoleFunction(mockedRequest, mockedResponse, data);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
 	}
-	
+
 	@Test
 	public void saveRoleFunctionExceptionTest() throws Exception {
 		List<EPApp> applicationList = new ArrayList<EPApp>();
@@ -602,7 +626,8 @@
 		portalRestResponse = externalAccessRolesController.saveRoleFunction(mockedRequest, mockedResponse, null);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
 	}
-	
+
+	@SuppressWarnings("static-access")
 	@Test
 	public void saveRoleFunctionTest() throws Exception {
 		List<EPApp> applicationList = new ArrayList<EPApp>();
@@ -626,8 +651,7 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully saved!");
 		expectedportalRestResponse.setResponse("Success");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(applicationList);
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
@@ -655,16 +679,15 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully Deleted");
 		expectedportalRestResponse.setResponse("Success");
-		PortalRestStatusEnum portalRestStatusEnum = null;
 		EPUser user = mockUser.mockEPUser();
 		List<EPUser> userList = new ArrayList<>();
 		userList.add(user);
 		EPApp app = mockApp();
 		app.setCentralAuth(true);
-		List<EPApp> appList  = new ArrayList<>();
+		List<EPApp> appList = new ArrayList<>();
 		appList.add(app);
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
-		String code ="testNew";
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
+		String code = "testNew";
 		Mockito.when(mockedRequest.getHeader("LoginId")).thenReturn("guestT");
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
@@ -698,15 +721,16 @@
 		appList.add(app);
 		List<CentralV2Role> cenRoles = new ArrayList<CentralV2Role>();
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
-		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);	
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(appList.get(0))).thenReturn(response);
 		Mockito.when(externalAccessRolesService.getActiveRoles(mockedRequest.getHeader("uebkey"))).thenReturn(cenRoles);
-		Mockito.when(externalAccessRolesService.convertV2CentralRoleListToOldVerisonCentralRoleList(cenRoles)).thenReturn(expectedRolesList);
+		Mockito.when(externalAccessRolesService.convertV2CentralRoleListToOldVerisonCentralRoleList(cenRoles))
+				.thenReturn(expectedRolesList);
 		List<CentralRole> actualRolesList = externalAccessRolesController.getActiveRoles(mockedRequest, mockedResponse);
 		assertEquals(actualRolesList, expectedRolesList);
 	}
-	
+
 	@Test
 	public void getActiveRolesExceptionTest() throws Exception {
 		String reason = getInvalidKeyJson();
@@ -722,13 +746,13 @@
 	 * It return JSON string which has error information
 	 * 
 	 * @return JSON String
-	 * @throws JsonProcessingException 
+	 * @throws JsonProcessingException
 	 */
 	private String getInvalidKeyJson() throws JsonProcessingException {
-		final Map<String,String> uebkeyResponse = new HashMap<>();
+		final Map<String, String> uebkeyResponse = new HashMap<>();
 		String reason = "";
 		ObjectMapper mapper = new ObjectMapper();
-		uebkeyResponse.put("error","Invalid uebkey!");
+		uebkeyResponse.put("error", "Invalid credentials!");
 		reason = mapper.writeValueAsString(uebkeyResponse);
 		return reason;
 	}
@@ -737,12 +761,12 @@
 	public void deleteDependcyRoleRecordExceptionTest() throws Exception {
 		PortalRestResponse<String> portalRestResponse = null;
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
-		expectedportalRestResponse.setMessage("Invalid uebkey!");
+		expectedportalRestResponse.setMessage("Invalid credentials!");
 		expectedportalRestResponse.setResponse("Failed");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
 		long roleId = 123;
-		portalRestResponse = externalAccessRolesController.deleteDependencyRoleRecord(mockedRequest, mockedResponse, roleId);
+		portalRestResponse = externalAccessRolesController.deleteDependencyRoleRecord(mockedRequest, mockedResponse,
+				roleId);
 		assertEquals(expectedportalRestResponse, portalRestResponse);
 	}
 
@@ -755,8 +779,7 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully added: 0");
 		expectedportalRestResponse.setResponse("Success");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
 		portalRestResponse = externalAccessRolesController.bulkUploadFunctions(mockedRequest, mockedResponse);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
 	}
@@ -769,8 +792,7 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Failed to bulkUploadFunctions");
 		expectedportalRestResponse.setResponse("Failed");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
 		portalRestResponse = externalAccessRolesController.bulkUploadFunctions(mockedRequest, mockedResponse);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
 	}
@@ -782,8 +804,7 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully added: 0");
 		expectedportalRestResponse.setResponse("Success");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
 		Mockito.when(externalAccessRolesService.bulkUploadRoles(mockedRequest.getHeader(uebKey))).thenReturn(result);
 		portalRestResponse = externalAccessRolesController.bulkUploadRoles(mockedRequest, mockedResponse);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
@@ -797,8 +818,7 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Failed to bulkUploadRoles");
 		expectedportalRestResponse.setResponse("Failed");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
 		portalRestResponse = externalAccessRolesController.bulkUploadRoles(mockedRequest, mockedResponse);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
 	}
@@ -810,8 +830,7 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully added: 0");
 		expectedportalRestResponse.setResponse("Success");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
 		Mockito.when(externalAccessRolesService.bulkUploadRolesFunctions(mockedRequest.getHeader(uebKey)))
 				.thenReturn(result);
 		portalRestResponse = externalAccessRolesController.bulkUploadRoleFunctions(mockedRequest, mockedResponse);
@@ -826,8 +845,7 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Failed to bulkUploadRoleFunctions");
 		expectedportalRestResponse.setResponse("Failed");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
 		portalRestResponse = externalAccessRolesController.bulkUploadRoleFunctions(mockedRequest, mockedResponse);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
 	}
@@ -839,8 +857,7 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully added: 0");
 		expectedportalRestResponse.setResponse("Success");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
 		Mockito.when(externalAccessRolesService.bulkUploadUserRoles(mockedRequest.getHeader(uebKey)))
 				.thenReturn(result);
 		portalRestResponse = externalAccessRolesController.bulkUploadUserRoles(mockedRequest, mockedResponse);
@@ -855,8 +872,7 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Failed to bulkUploadUserRoles");
 		expectedportalRestResponse.setResponse("Failed");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
 		portalRestResponse = externalAccessRolesController.bulkUploadUserRoles(mockedRequest, mockedResponse);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
 	}
@@ -867,51 +883,44 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully added: '0' functions");
 		expectedportalRestResponse.setResponse("Success");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
 		portalRestResponse = externalAccessRolesController.bulkUploadPartnerFunctions(mockedRequest, mockedResponse);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
 	}
 
-
 	@Test
 	public void bulkUploadPartnerRolesTest() throws Exception {
 		PortalRestResponse<String> portalRestResponse = null;
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully added");
 		expectedportalRestResponse.setResponse("Success");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
 		List<Role> upload = new ArrayList<>();
 		portalRestResponse = externalAccessRolesController.bulkUploadPartnerRoles(mockedRequest, mockedResponse,
 				upload);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
 	}
 
-	 @Test
-	 public void bulkUploadPartnerRolesExceptionTest() throws Exception
-	 {
-		 ExternalAccessRolesService externalAccessRolesService = null;
+	@Test
+	public void bulkUploadPartnerRolesExceptionTest() throws Exception {
 		PortalRestResponse<String> portalRestResponse = null;
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully added");
 		expectedportalRestResponse.setResponse("Success");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
 		List<Role> upload = new ArrayList<>();
 		portalRestResponse = externalAccessRolesController.bulkUploadPartnerRoles(mockedRequest, mockedResponse,
 				upload);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
-	 }
+	}
 
 	@Test
 	public void getMenuFunctionsTest() throws Exception {
 		String reason = getInvalidKeyJson();
 		StringWriter sw = new StringWriter();
 		PrintWriter writer = new PrintWriter(sw);
-		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);	
-		Mockito.when(externalAccessRolesService.getMenuFunctionsList(mockedRequest.getHeader(uebKey)))
-				.thenReturn(null);
+		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
+		Mockito.when(externalAccessRolesService.getMenuFunctionsList(mockedRequest.getHeader(uebKey))).thenReturn(null);
 		List<String> expectedFunctionsList = externalAccessRolesController.getMenuFunctions(mockedRequest,
 				mockedResponse);
 		assertNull(expectedFunctionsList);
@@ -924,7 +933,7 @@
 		String reason = getInvalidKeyJson();
 		StringWriter sw = new StringWriter();
 		PrintWriter writer = new PrintWriter(sw);
-		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);	
+		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
 		Mockito.when(externalAccessRolesService.getMenuFunctionsList(mockedRequest.getHeader(uebKey)))
 				.thenThrow(httpClientErrorException);
 		assertNull(externalAccessRolesController.getMenuFunctions(mockedRequest, mockedResponse));
@@ -932,58 +941,51 @@
 		assertEquals(reason, result);
 	}
 
-	
 	@Test
 	public void saveRoleExceptionTest() throws Exception {
 		Role role = new Role();
 		PortalRestResponse<String> portalRestResponse = null;
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
-		expectedportalRestResponse.setMessage("Invalid uebkey!");
+		expectedportalRestResponse.setMessage("Invalid credentials!");
 		expectedportalRestResponse.setResponse("Failed");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
-		List<Role> upload = new ArrayList<>();
-		portalRestResponse = externalAccessRolesController.saveRole(mockedRequest, mockedResponse,role);
-		
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+		portalRestResponse = externalAccessRolesController.saveRole(mockedRequest, mockedResponse, role);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
 	}
-	
+
 	@Test
 	public void deleteRoleExceptionTest() throws Exception {
 		String role = "TestNew";
 		PortalRestResponse<String> portalRestResponse = null;
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
-		expectedportalRestResponse.setMessage("Invalid uebkey!");
+		expectedportalRestResponse.setMessage("Invalid credentials!");
 		expectedportalRestResponse.setResponse("Failed");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
-		portalRestResponse = externalAccessRolesController.deleteRole(mockedRequest, mockedResponse,role);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+		portalRestResponse = externalAccessRolesController.deleteRole(mockedRequest, mockedResponse, role);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
 	}
-	
-	
+
 	@Test
 	public void bulkUploadPartnerRoleFunctionsTest() throws Exception {
 		PortalRestResponse<String> portalRestResponse = null;
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully added: '0' role functions");
 		expectedportalRestResponse.setResponse("Success");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
-		portalRestResponse = externalAccessRolesController.bulkUploadPartnerRoleFunctions(mockedRequest, mockedResponse);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
+		portalRestResponse = externalAccessRolesController.bulkUploadPartnerRoleFunctions(mockedRequest,
+				mockedResponse);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
 	}
-	
+
 	@Test
-	public void getUsersOfApplicationTest() throws Exception
-	{
+	public void getUsersOfApplicationTest() throws Exception {
 		List<EcompUser> users = new ArrayList<>();
 		EcompUser user = new EcompUser();
 		user.setOrgUserId("guestT");
 		users.add(user);
 		StringWriter sw = new StringWriter();
 		PrintWriter writer = new PrintWriter(sw);
-		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);	
+		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
 		List<EPApp> applicationList = new ArrayList<EPApp>();
 		EPApp app = mockApp();
 		app.setCentralAuth(true);
@@ -992,92 +994,94 @@
 		Mockito.when(externalAccessRolesService.getAllAppUsers(mockedRequest.getHeader(uebKey))).thenReturn(users);
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK);
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(app)).thenReturn(response);
-		List<EcompUser> expectedUsers = 	externalAccessRolesController.getUsersOfApplication(mockedRequest, mockedResponse);
+		List<EcompUser> expectedUsers = externalAccessRolesController.getUsersOfApplication(mockedRequest,
+				mockedResponse);
 		assertEquals(expectedUsers, users);
 	}
-	
+
 	@Test(expected = Exception.class)
-	public void getUsersOfApplicationExceptionTest() throws Exception
-	{
+	public void getUsersOfApplicationExceptionTest() throws Exception {
 		List<EcompUser> users = new ArrayList<>();
 		EcompUser user = new EcompUser();
 		user.setOrgUserId("guestT");
 		users.add(user);
-		Mockito.when(externalAccessRolesService.getAllAppUsers(mockedRequest.getHeader(uebKey))).thenThrow(nullPointerException);
+		Mockito.when(externalAccessRolesService.getAllAppUsers(mockedRequest.getHeader(uebKey)))
+				.thenThrow(nullPointerException);
 		assertNull(externalAccessRolesController.getUsersOfApplication(mockedRequest, mockedResponse));
 	}
-	
+
 	@Test(expected = NullPointerException.class)
-	public void deleteRoleV2Test() throws Exception
-	{
+	public void deleteRoleV2Test() throws Exception {
 		List<EPApp> applicationList = new ArrayList<EPApp>();
 		EPApp app = mockApp();
 		applicationList.add(app);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
-		ExternalRequestFieldsValidator externalRequestFieldsValidator = new ExternalRequestFieldsValidator(true, "Success");
-		Mockito.when(externalAccessRolesService.deleteDependencyRoleRecord(Matchers.anyLong(),Matchers.anyString(),Matchers.anyString())).thenReturn(externalRequestFieldsValidator);
+		ExternalRequestFieldsValidator externalRequestFieldsValidator = new ExternalRequestFieldsValidator(true,
+				"Success");
+		Mockito.when(externalAccessRolesService.deleteDependencyRoleRecord(Matchers.anyLong(), Matchers.anyString(),
+				Matchers.anyString())).thenReturn(externalRequestFieldsValidator);
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully Deleted");
 		expectedportalRestResponse.setResponse("Success");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
-		PortalRestResponse<String> actualResponse = 	externalAccessRolesController.deleteRole(mockedRequest, mockedResponse, (long)1);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
+		PortalRestResponse<String> actualResponse = externalAccessRolesController.deleteRole(mockedRequest,
+				mockedResponse, (long) 1);
 		assertNull(actualResponse);
 	}
-	
+
 	@Test
-	public void deleteRoleV2InvalidUebKeyTest() throws Exception
-	{
+	public void deleteRoleV2InvalidUebKeyTest() throws Exception {
 		List<EPApp> applicationList = new ArrayList<EPApp>();
 		EPApp app = mockApp();
 		applicationList.add(app);
-		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenThrow(new Exception("Invalid uebkey!"));
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey)))
+				.thenThrow(new Exception("Invalid credentials!"));
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
-		expectedportalRestResponse.setMessage("Invalid uebkey!");
+		expectedportalRestResponse.setMessage("Invalid credentials!");
 		expectedportalRestResponse.setResponse("Failed");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
-		PortalRestResponse<String> actualResponse = 	externalAccessRolesController.deleteRole(mockedRequest, mockedResponse, (long)1);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+		PortalRestResponse<String> actualResponse = externalAccessRolesController.deleteRole(mockedRequest,
+				mockedResponse, (long) 1);
 		assertEquals(actualResponse, expectedportalRestResponse);
 	}
-	
+
 	@Test
-	public void deleteRoleV2InvalidUebKeyWithDiffErrorTest() throws Exception
-	{
+	public void deleteRoleV2InvalidUebKeyWithDiffErrorTest() throws Exception {
 		List<EPApp> applicationList = new ArrayList<EPApp>();
 		EPApp app = mockApp();
 		applicationList.add(app);
-		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenThrow(new Exception("test"));
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey)))
+				.thenThrow(new Exception("test"));
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("test");
 		expectedportalRestResponse.setResponse("Failed");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
-		PortalRestResponse<String> actualResponse = 	externalAccessRolesController.deleteRole(mockedRequest, mockedResponse, (long)1);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+		PortalRestResponse<String> actualResponse = externalAccessRolesController.deleteRole(mockedRequest,
+				mockedResponse, (long) 1);
 		assertEquals(actualResponse, expectedportalRestResponse);
 	}
-	
-	
+
 	@Test(expected = NullPointerException.class)
-	public void deleteRoleV2ExceptionTest() throws Exception
-	{
+	public void deleteRoleV2ExceptionTest() throws Exception {
 		List<EPApp> applicationList = new ArrayList<EPApp>();
 		EPApp app = mockApp();
 		applicationList.add(app);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
-		ExternalRequestFieldsValidator externalRequestFieldsValidator = new ExternalRequestFieldsValidator(false, "failed");
-		Mockito.when(externalAccessRolesService.deleteDependencyRoleRecord(Matchers.anyLong(),Matchers.anyString(),Matchers.anyString())).thenReturn(externalRequestFieldsValidator);
+		ExternalRequestFieldsValidator externalRequestFieldsValidator = new ExternalRequestFieldsValidator(false,
+				"failed");
+		Mockito.when(externalAccessRolesService.deleteDependencyRoleRecord(Matchers.anyLong(), Matchers.anyString(),
+				Matchers.anyString())).thenReturn(externalRequestFieldsValidator);
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Failed to deleteRole");
 		expectedportalRestResponse.setResponse("Failed");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
-		PortalRestResponse<String> actualResponse = 	externalAccessRolesController.deleteRole(mockedRequest, mockedResponse, (long)1);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+		PortalRestResponse<String> actualResponse = externalAccessRolesController.deleteRole(mockedRequest,
+				mockedResponse, (long) 1);
 		assertEquals(actualResponse, null);
 	}
-	
+
 	@Test
-	public void getEpUserNullTest() throws Exception{
+	public void getEpUserNullTest() throws Exception {
 		List<EPApp> applicationList = new ArrayList<EPApp>();
 		EPApp app = mockApp();
 		app.setUebKey("uebKey");
@@ -1088,9 +1092,9 @@
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(app)).thenReturn(response);
 		externalAccessRolesController.getEcompUser(mockedRequest, mockedResponse, "test12");
 	}
-	
+
 	@Test
-	public void getEpUserTest() throws Exception{
+	public void getEpUserTest() throws Exception {
 		List<EPApp> applicationList = new ArrayList<EPApp>();
 		EPApp app = mockApp();
 		app.setUebKey("uebKey");
@@ -1099,30 +1103,30 @@
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK);
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(app)).thenReturn(response);
-       String user = "{\"id\":null,\"created\":null,\"modified\":null,\"createdId\":null,\"modifiedId\":null,\"rowNum\":null,\"auditUserId\":null,\"auditTrail\":null,\"orgId\":null,\"managerId\":null,\"firstName\":\"test\",\"middleInitial\":null,\"lastName\":null,\"phone\":null,\"fax\":null,\"cellular\":null,\"email\":null,\"addressId\":null,\"alertMethodCd\":null,\"hrid\":null,\"orgUserId\":null,\"orgCode\":null,\"address1\":null,\"address2\":null,\"city\":null,\"state\":null,\"zipCode\":null,\"country\":null,\"orgManagerUserId\":null,\"locationClli\":null,\"businessCountryCode\":null,\"businessCountryName\":null,\"businessUnit\":null,\"businessUnitName\":null,\"department\":null,\"departmentName\":null,\"companyCode\":null,\"company\":null,\"zipCodeSuffix\":null,\"jobTitle\":null,\"commandChain\":null,\"siloStatus\":null,\"costCenter\":null,\"financialLocCode\":null,\"loginId\":null,\"loginPwd\":null,\"lastLoginDate\":null,\"active\":false,\"internal\":false,\"selectedProfileId\":null,\"timeZoneId\":null,\"online\":false,\"chatId\":null,\"userApps\":[],\"pseudoRoles\":[],\"defaultUserApp\":null,\"roles\":[],\"fullName\":\"test null\"}";
-		Mockito.when(externalAccessRolesService.getV2UserWithRoles("test12", mockedRequest.getHeader(uebKey))).thenReturn(user);
+		String user = "{\"id\":null,\"created\":null,\"modified\":null,\"createdId\":null,\"modifiedId\":null,\"rowNum\":null,\"auditUserId\":null,\"auditTrail\":null,\"orgId\":null,\"managerId\":null,\"firstName\":\"test\",\"middleInitial\":null,\"lastName\":null,\"phone\":null,\"fax\":null,\"cellular\":null,\"email\":null,\"addressId\":null,\"alertMethodCd\":null,\"hrid\":null,\"orgUserId\":null,\"orgCode\":null,\"address1\":null,\"address2\":null,\"city\":null,\"state\":null,\"zipCode\":null,\"country\":null,\"orgManagerUserId\":null,\"locationClli\":null,\"businessCountryCode\":null,\"businessCountryName\":null,\"businessUnit\":null,\"businessUnitName\":null,\"department\":null,\"departmentName\":null,\"companyCode\":null,\"company\":null,\"zipCodeSuffix\":null,\"jobTitle\":null,\"commandChain\":null,\"siloStatus\":null,\"costCenter\":null,\"financialLocCode\":null,\"loginId\":null,\"loginPwd\":null,\"lastLoginDate\":null,\"active\":false,\"internal\":false,\"selectedProfileId\":null,\"timeZoneId\":null,\"online\":false,\"chatId\":null,\"userApps\":[],\"pseudoRoles\":[],\"defaultUserApp\":null,\"roles\":[],\"fullName\":\"test null\"}";
+		Mockito.when(externalAccessRolesService.getV2UserWithRoles("test12", mockedRequest.getHeader(uebKey)))
+				.thenReturn(user);
 		User EPuser = new User();
 		EPuser.setFirstName("test");
 		Mockito.when(userservice.userMapper(user)).thenReturn(EPuser);
 		String res = "{\"orgId\":null,\"managerId\":null,\"firstName\":\"test\",\"middleInitial\":null,\"lastName\":null,\"phone\":null,\"email\":null,\"hrid\":null,\"orgUserId\":null,\"orgCode\":null,\"orgManagerUserId\":null,\"jobTitle\":null,\"loginId\":null,\"active\":false,\"roles\":[]}";
-		assertEquals(externalAccessRolesController.getEcompUser(mockedRequest, mockedResponse, "test12"),res);
+		assertEquals(externalAccessRolesController.getEcompUser(mockedRequest, mockedResponse, "test12"), res);
 	}
-	
+
 	@Test
-	public void getEpUserExceptionTest() throws Exception{
+	public void getEpUserExceptionTest() throws Exception {
 		List<EPApp> applicationList = new ArrayList<EPApp>();
 		EPApp app = mockApp();
 		app.setCentralAuth(true);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
 		StringWriter sw = new StringWriter();
 		PrintWriter writer = new PrintWriter(sw);
-		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);	
+		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
 		externalAccessRolesController.getEcompUser(mockedRequest, mockedResponse, "test12");
 	}
-	
+
 	@Test
-	public void  getEPRolesOfApplicationTest() throws Exception
-	{
+	public void getEPRolesOfApplicationTest() throws Exception {
 		List<EPApp> applicationList = new ArrayList<EPApp>();
 		EPApp app = mockApp();
 		app.setUebKey("uebKey");
@@ -1136,16 +1140,18 @@
 		CentralV2Role role = new CentralV2Role();
 		role.setName("test");
 		cenRoleList.add(role);
-		Mockito.when(externalAccessRolesService.getActiveRoles(mockedRequest.getHeader(uebKey))).thenReturn(cenRoleList);
+		Mockito.when(externalAccessRolesService.getActiveRoles(mockedRequest.getHeader(uebKey)))
+				.thenReturn(cenRoleList);
 		List<EcompRole> ecompRoles = new ArrayList<>();
 		EcompRole eprole = new EcompRole();
 		eprole.setName("test");
 		ecompRoles.add(eprole);
-		assertEquals(ecompRoles,externalAccessRolesController.getEcompRolesOfApplication(mockedRequest, mockedResponse));
-	}	
+		assertEquals(ecompRoles,
+				externalAccessRolesController.getEcompRolesOfApplication(mockedRequest, mockedResponse));
+	}
+
 	@Test
-	public void  getEPRolesOfApplicationNullTest() throws Exception
-	{
+	public void getEPRolesOfApplicationNullTest() throws Exception {
 		List<EPApp> applicationList = new ArrayList<EPApp>();
 		EPApp app = mockApp();
 		app.setUebKey("uebKey");
@@ -1161,12 +1167,10 @@
 		cenRoleList.add(role);
 		Mockito.when(externalAccessRolesService.getActiveRoles(mockedRequest.getHeader(uebKey))).thenReturn(null);
 		assertNull(externalAccessRolesController.getEcompRolesOfApplication(mockedRequest, mockedResponse));
-
 	}
-	
+
 	@Test
-	public void  getEPRolesOfApplicationExceptionTest() throws Exception
-	{
+	public void getEPRolesOfApplicationExceptionTest() throws Exception {
 		List<EPApp> applicationList = new ArrayList<EPApp>();
 		EPApp app = mockApp();
 		app.setCentralAuth(true);
@@ -1175,11 +1179,10 @@
 		PrintWriter writer = new PrintWriter(sw);
 		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
 		assertNull(externalAccessRolesController.getEcompRolesOfApplication(mockedRequest, mockedResponse));
+	}
 
-	}
-	
 	@Test
-	public void saveRoleTest() throws Exception{
+	public void saveRoleTest() throws Exception {
 		PowerMockito.mockStatic(EcompPortalUtils.class);
 		PowerMockito.mockStatic(SystemProperties.class);
 		PowerMockito.mockStatic(EPCommonSystemProperties.class);
@@ -1188,29 +1191,30 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully Saved");
 		expectedportalRestResponse.setResponse("Success");
-		PortalRestStatusEnum portalRestStatusEnum = null;
 		EPUser user = mockUser.mockEPUser();
 		List<EPUser> userList = new ArrayList<>();
 		userList.add(user);
 		EPApp app = mockApp();
 		app.setCentralAuth(true);
-		List<EPApp> appList  = new ArrayList<>();
+		List<EPApp> appList = new ArrayList<>();
 		appList.add(app);
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
 		Role role = new Role();
-		ExternalRequestFieldsValidator externalRequestFieldsValidator = new ExternalRequestFieldsValidator(true, "Success");
+		ExternalRequestFieldsValidator externalRequestFieldsValidator = new ExternalRequestFieldsValidator(true,
+				"Success");
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
-		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);	
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(appList.get(0))).thenReturn(response);
 		Mockito.when(externalAccessRolesService.getUser(mockedRequest.getHeader("LoginId"))).thenReturn(userList);
-		Mockito.when(externalAccessRolesService.saveRoleForApplication(role, mockedRequest.getHeader("uebkey"))).thenReturn(externalRequestFieldsValidator);
+		Mockito.when(externalAccessRolesService.saveRoleForApplication(role, mockedRequest.getHeader("uebkey")))
+				.thenReturn(externalRequestFieldsValidator);
 		actualPortalRestResponse = externalAccessRolesController.saveRole(mockedRequest, mockedResponse, role);
 		assertEquals(actualPortalRestResponse.getStatus(), expectedportalRestResponse.getStatus());
 	}
-	
+
 	@Test
-	public void saveRoleNegativeTest() throws Exception{
+	public void saveRoleNegativeTest() throws Exception {
 		PowerMockito.mockStatic(EcompPortalUtils.class);
 		PowerMockito.mockStatic(SystemProperties.class);
 		PowerMockito.mockStatic(EPCommonSystemProperties.class);
@@ -1219,29 +1223,30 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully Saved");
 		expectedportalRestResponse.setResponse("Success");
-		PortalRestStatusEnum portalRestStatusEnum = null;
 		EPUser user = mockUser.mockEPUser();
 		List<EPUser> userList = new ArrayList<>();
 		userList.add(user);
 		EPApp app = mockApp();
 		app.setCentralAuth(true);
-		List<EPApp> appList  = new ArrayList<>();
+		List<EPApp> appList = new ArrayList<>();
 		appList.add(app);
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
 		Role role = new Role();
-		ExternalRequestFieldsValidator externalRequestFieldsValidator = new ExternalRequestFieldsValidator(false, "Failed");
+		ExternalRequestFieldsValidator externalRequestFieldsValidator = new ExternalRequestFieldsValidator(false,
+				"Failed");
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
-		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);	
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(appList.get(0))).thenReturn(response);
 		Mockito.when(externalAccessRolesService.getUser(mockedRequest.getHeader("LoginId"))).thenReturn(userList);
-		Mockito.when(externalAccessRolesService.saveRoleForApplication(role, mockedRequest.getHeader("uebkey"))).thenReturn(externalRequestFieldsValidator);
+		Mockito.when(externalAccessRolesService.saveRoleForApplication(role, mockedRequest.getHeader("uebkey")))
+				.thenReturn(externalRequestFieldsValidator);
 		actualPortalRestResponse = externalAccessRolesController.saveRole(mockedRequest, mockedResponse, role);
 		assertEquals(actualPortalRestResponse.getStatus(), expectedportalRestResponse.getStatus());
 	}
-	
+
 	@Test
-	public void saveRole406Test() throws Exception{
+	public void saveRole406Test() throws Exception {
 		PowerMockito.mockStatic(EcompPortalUtils.class);
 		PowerMockito.mockStatic(SystemProperties.class);
 		PowerMockito.mockStatic(EPCommonSystemProperties.class);
@@ -1250,48 +1255,50 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully Saved");
 		expectedportalRestResponse.setResponse("Failed");
-		PortalRestStatusEnum portalRestStatusEnum = null;
 		EPUser user = mockUser.mockEPUser();
 		List<EPUser> userList = new ArrayList<>();
 		userList.add(user);
 		EPApp app = mockApp();
 		app.setCentralAuth(true);
-		List<EPApp> appList  = new ArrayList<>();
+		List<EPApp> appList = new ArrayList<>();
 		appList.add(app);
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
 		Role role = new Role();
-		ExternalRequestFieldsValidator externalRequestFieldsValidator = new ExternalRequestFieldsValidator(false, "406");
+		ExternalRequestFieldsValidator externalRequestFieldsValidator = new ExternalRequestFieldsValidator(false,
+				"406");
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
-		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);	
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(appList.get(0))).thenReturn(response);
 		Mockito.when(externalAccessRolesService.getUser(mockedRequest.getHeader("LoginId"))).thenReturn(userList);
-		Mockito.when(externalAccessRolesService.saveRoleForApplication(role, mockedRequest.getHeader("uebkey"))).thenReturn(externalRequestFieldsValidator);
+		Mockito.when(externalAccessRolesService.saveRoleForApplication(role, mockedRequest.getHeader("uebkey")))
+				.thenReturn(externalRequestFieldsValidator);
 		actualPortalRestResponse = externalAccessRolesController.saveRole(mockedRequest, mockedResponse, role);
 		assertEquals(actualPortalRestResponse.getStatus(), expectedportalRestResponse.getStatus());
 	}
-		
+
 	@Test(expected = NullPointerException.class)
-	public void saveRoleNullExceptionTest() throws Exception
-	{
+	public void saveRoleNullExceptionTest() throws Exception {
 		List<EPApp> applicationList = new ArrayList<EPApp>();
 		EPApp app = mockApp();
 		applicationList.add(app);
 		Role role = new Role();
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
-		ExternalRequestFieldsValidator externalRequestFieldsValidator = new ExternalRequestFieldsValidator(false, "failed");
-		Mockito.when(externalAccessRolesService.deleteDependencyRoleRecord(Matchers.anyLong(),Matchers.anyString(),Matchers.anyString())).thenReturn(externalRequestFieldsValidator);
+		ExternalRequestFieldsValidator externalRequestFieldsValidator = new ExternalRequestFieldsValidator(false,
+				"failed");
+		Mockito.when(externalAccessRolesService.deleteDependencyRoleRecord(Matchers.anyLong(), Matchers.anyString(),
+				Matchers.anyString())).thenReturn(externalRequestFieldsValidator);
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Failed to deleteRole");
 		expectedportalRestResponse.setResponse("Failed");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
-		PortalRestResponse<String> actualResponse = externalAccessRolesController.saveRole(mockedRequest, mockedResponse, role);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+		PortalRestResponse<String> actualResponse = externalAccessRolesController.saveRole(mockedRequest,
+				mockedResponse, role);
 		assertEquals(actualResponse, null);
 	}
-	
+
 	@Test
-	public void deleteRoleTest() throws Exception{
+	public void deleteRoleTest() throws Exception {
 		PowerMockito.mockStatic(EcompPortalUtils.class);
 		PowerMockito.mockStatic(SystemProperties.class);
 		PowerMockito.mockStatic(EPCommonSystemProperties.class);
@@ -1300,29 +1307,29 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully Deleted");
 		expectedportalRestResponse.setResponse("Success");
-		PortalRestStatusEnum portalRestStatusEnum = null;
 		EPUser user = mockUser.mockEPUser();
 		List<EPUser> userList = new ArrayList<>();
 		userList.add(user);
 		EPApp app = mockApp();
 		app.setCentralAuth(true);
-		List<EPApp> appList  = new ArrayList<>();
+		List<EPApp> appList = new ArrayList<>();
 		appList.add(app);
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
-		String code ="test";
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
+		String code = "test";
 		boolean deleteResponse = true;
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
-		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);	
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(appList.get(0))).thenReturn(response);
 		Mockito.when(externalAccessRolesService.getUser(mockedRequest.getHeader("LoginId"))).thenReturn(userList);
-		Mockito.when(externalAccessRolesService.deleteRoleForApplication(code, mockedRequest.getHeader("uebkey"))).thenReturn(deleteResponse);
+		Mockito.when(externalAccessRolesService.deleteRoleForApplication(code, mockedRequest.getHeader("uebkey")))
+				.thenReturn(deleteResponse);
 		actualPortalRestResponse = externalAccessRolesController.deleteRole(mockedRequest, mockedResponse, code);
 		assertEquals(actualPortalRestResponse.getStatus(), expectedportalRestResponse.getStatus());
 	}
-	
+
 	@Test
-	public void deleteRoleNegativeTest() throws Exception{
+	public void deleteRoleNegativeTest() throws Exception {
 		PowerMockito.mockStatic(EcompPortalUtils.class);
 		PowerMockito.mockStatic(SystemProperties.class);
 		PowerMockito.mockStatic(EPCommonSystemProperties.class);
@@ -1331,44 +1338,46 @@
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Failed to delete Role for 'test");
 		expectedportalRestResponse.setResponse("Failed");
-		PortalRestStatusEnum portalRestStatusEnum = null;
 		EPUser user = mockUser.mockEPUser();
 		List<EPUser> userList = new ArrayList<>();
 		userList.add(user);
 		EPApp app = mockApp();
 		app.setCentralAuth(true);
-		List<EPApp> appList  = new ArrayList<>();
+		List<EPApp> appList = new ArrayList<>();
 		appList.add(app);
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
-		String code ="test";
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+		String code = "test";
 		boolean deleteResponse = false;
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
-		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);	
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
 		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
 		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(appList.get(0))).thenReturn(response);
 		Mockito.when(externalAccessRolesService.getUser(mockedRequest.getHeader("LoginId"))).thenReturn(userList);
-		Mockito.when(externalAccessRolesService.deleteRoleForApplication(code, mockedRequest.getHeader("uebkey"))).thenReturn(deleteResponse);
+		Mockito.when(externalAccessRolesService.deleteRoleForApplication(code, mockedRequest.getHeader("uebkey")))
+				.thenReturn(deleteResponse);
 		actualPortalRestResponse = externalAccessRolesController.deleteRole(mockedRequest, mockedResponse, code);
 		assertEquals(actualPortalRestResponse.getStatus(), expectedportalRestResponse.getStatus());
 	}
-	
+
 	@Test
 	public void deleteDependcyRoleRecordTest() throws Exception {
 		ExternalRequestFieldsValidator removeResult = new ExternalRequestFieldsValidator(true, "success");
 		PortalRestResponse<String> portalRestResponse = null;
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
-		expectedportalRestResponse.setMessage("Invalid uebkey!");
+		expectedportalRestResponse.setMessage("Invalid credentials!");
 		expectedportalRestResponse.setResponse("Failed");
-		PortalRestStatusEnum portalRestStatusEnum = null;
-		expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
 		long roleId = 123;
 		String LoginId = "loginId";
 		List<EPApp> appList = new ArrayList<EPApp>();
 		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
 		Mockito.when(mockedRequest.getHeader("LoginId")).thenReturn(LoginId);
 		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
-		Mockito.when(externalAccessRolesService.deleteDependencyRoleRecord(roleId, mockedRequest.getHeader("uebkey"), mockedRequest.getHeader("LoginId"))).thenReturn(removeResult);
-		portalRestResponse = externalAccessRolesController.deleteDependencyRoleRecord(mockedRequest, mockedResponse, roleId);
+		Mockito.when(externalAccessRolesService.deleteDependencyRoleRecord(roleId, mockedRequest.getHeader("uebkey"),
+				mockedRequest.getHeader("LoginId"))).thenReturn(removeResult);
+		portalRestResponse = externalAccessRolesController.deleteDependencyRoleRecord(mockedRequest, mockedResponse,
+				roleId);
 		assertEquals(expectedportalRestResponse, portalRestResponse);
 	}
+	
 }
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/PolicyControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/PolicyControllerTest.java
index 98292c6..fd607d8 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/PolicyControllerTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/PolicyControllerTest.java
@@ -38,7 +38,6 @@
 package org.onap.portalapp.portal.controller;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.ws.rs.BadRequestException;
 
 import org.json.simple.JSONObject;
 import org.junit.Assert;
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/RolesControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/RolesControllerTest.java
index c8f288c..a333503 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/RolesControllerTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/RolesControllerTest.java
@@ -36,6 +36,7 @@
  */
 package org.onap.portalapp.portal.controller;
 
+import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNull;
 
 import java.util.ArrayList;
@@ -51,7 +52,10 @@
 import org.mockito.Mockito;
 import org.mockito.MockitoAnnotations;
 import org.onap.portalapp.portal.core.MockEPUser;
+import org.onap.portalapp.portal.ecomp.model.PortalRestResponse;
+import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum;
 import org.onap.portalapp.portal.framework.MockitoTestSuite;
+import org.onap.portalapp.portal.service.ExternalAccessRolesService;
 import org.onap.portalsdk.core.domain.Role;
 
 public class RolesControllerTest {
@@ -67,6 +71,9 @@
 	@Mock
 	ExternalAccessRolesController externalAccessRolesController;
 
+	@Mock
+	private ExternalAccessRolesService externalAccessRolesService;
+
 	MockEPUser mockUser = new MockEPUser();
 	MockitoTestSuite mockitoTestSuite = new MockitoTestSuite();
 
@@ -223,4 +230,31 @@
 		assertNull(rolesController.getEcompRolesOfApplication(mockedRequest, mockedResponse));
 	}
 
+	@Test
+	public void updateAppRoleDescriptionTest() throws Exception {
+		Integer result = 1;
+		PortalRestResponse<String> portalRestResponse = null;
+		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+		expectedportalRestResponse.setMessage("Successfully updated app role descriptions: '1'");
+		expectedportalRestResponse.setResponse("Success");
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
+		Mockito.when(externalAccessRolesService.updateAppRoleDescription(mockedRequest.getHeader("uebkey")))
+				.thenReturn(result);
+		portalRestResponse = rolesController.updateAppRoleDescription(mockedRequest, mockedResponse);
+		assertEquals(portalRestResponse, expectedportalRestResponse);
+	}
+
+	@Test
+	public void updateAppRoleDescriptionExceptionTest() throws Exception {
+		PortalRestResponse<String> portalRestResponse = null;
+		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+		expectedportalRestResponse.setMessage("updateAppRoleDescription: null");
+		expectedportalRestResponse.setResponse("Failure");
+		expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+		Mockito.when(externalAccessRolesService.updateAppRoleDescription(mockedRequest.getHeader("uebkey")))
+				.thenThrow(new NullPointerException());
+		portalRestResponse = rolesController.updateAppRoleDescription(mockedRequest, mockedResponse);
+		assertEquals(portalRestResponse, expectedportalRestResponse);
+	}
+
 }
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/UserControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/UserControllerTest.java
index dfe40a4..0bcb110 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/UserControllerTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/UserControllerTest.java
@@ -102,7 +102,7 @@
 		PortalRestResponse<ProfileDetail> response = userController.getLoggedinUser(mockedRequest);
 		assertEquals(response, expectedResponse);
 	}
-
+	
 	@Test
 	public void getLoggedinUserTest() throws Exception {
 		EPUser epUser = mockUser.mockEPUser();
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/UserRolesControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/UserRolesControllerTest.java
index 056653b..def83b4 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/UserRolesControllerTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/UserRolesControllerTest.java
@@ -174,7 +174,7 @@
 		Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
 		Mockito.when(adminRolesService.isSuperAdmin(user)).thenReturn(false);
 		Mockito.when(adminRolesService.isAccountAdmin(user)).thenReturn(true);
-		Mockito.when(userRolesService.setAppWithUserRoleStateForUser(user, appWithRolesForUser)).thenReturn(true);
+		Mockito.when(userRolesService.setAppWithUserRoleStateForUser(user, appWithRolesForUser)).thenReturn(null);
 		userRolesController.putAppWithUserRoleStateForUser(mockedRequest, appWithRolesForUser, mockedResponse);	
 		
 	}
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/domain/EPUserAppTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/domain/EPUserAppTest.java
index 6146626..2cc03a6 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/domain/EPUserAppTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/domain/EPUserAppTest.java
@@ -77,7 +77,7 @@
         user.setUserId((long)1);
         user.setApp(epApp);
         user.setRole(epRole);
-        user.setPriority((short)32767);
+        user.setPriority((Integer)32767);
         
         
         return user;
@@ -113,7 +113,7 @@
         
         assertEquals(user.getUserId(),Long.valueOf(1));
         assertEquals(user.getApp(), epApp); 
-        assertEquals(user.getPriority().getClass(), Short.class);
+        assertEquals(user.getPriority().getClass(), Integer.class);
     
         assertEquals(user.toString(), "[u: 1; a: null, r: null; appRoleId: 1]");
         
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptorTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptorTest.java
index 93a0861..81b4e64 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptorTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptorTest.java
@@ -51,16 +51,26 @@
 import javax.servlet.http.HttpSession;
 
 import org.junit.Before;
+import org.junit.Ignore;
 import org.junit.Test;
+import org.junit.runner.RunWith;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.MockitoAnnotations;
 import org.onap.portalapp.portal.controller.BasicAuthenticationController;
+import org.onap.portalapp.portal.core.MockEPUser;
 import org.onap.portalapp.portal.domain.EPApp;
+import org.onap.portalapp.portal.domain.EPUser;
 import org.onap.portalapp.portal.service.ExternalAccessRolesService;
 import org.onap.portalsdk.core.controller.FusionBaseController;
+import org.onap.portalsdk.core.util.SystemProperties;
+import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.powermock.modules.junit4.PowerMockRunner;
 import org.springframework.web.method.HandlerMethod;
 
+@RunWith(PowerMockRunner.class)
+@PrepareForTest({ SystemProperties.class })
 public class PortalResourceInterceptorTest {
 	
 	@InjectMocks
@@ -82,9 +92,12 @@
 	@Mock
 	PrintWriter printWriter;
 	
+	MockEPUser mockUser = new MockEPUser();
+	
 	@Before
 	public void setup() {
 		MockitoAnnotations.initMocks(this);
+		PowerMockito.mockStatic(SystemProperties.class);
 		
 	}
 	
@@ -106,14 +119,21 @@
 		
 	}
 	
+	@Ignore
 	@Test
 	public void testPreHandlePass()throws Exception {
 		Set<String> data=new HashSet<>();
 		data.add("test/test");
+		Set<String> allFunctions=new HashSet<>();
+		allFunctions.add("test/test");
 		when(request.getRequestURI()).thenReturn("test/portalApi/test/test");
-		
-		when(session.getAttribute(anyString())).thenReturn(data);
+		EPUser user = mockUser.mockEPUser();
 		when(request.getSession()).thenReturn(session);
+		when(SystemProperties.getProperty(SystemProperties.ROLE_FUNCTIONS_ATTRIBUTE_NAME)).thenReturn("role_functions_attribute_name");
+		when(SystemProperties.getProperty(SystemProperties.USER_ATTRIBUTE_NAME)).thenReturn("user_attribute_name");
+		when(session.getAttribute("user_attribute_name")).thenReturn(user);
+		when(session.getAttribute("role_functions_attribute_name")).thenReturn(data);
+		when(session.getAttribute("allRoleFunctions")).thenReturn(allFunctions);
 		when(fusionBaseController.isAccessible()).thenReturn(false);
 		when(handler.getBean()).thenReturn(fusionBaseController);
 		
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/AdminRolesServiceImplTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/AdminRolesServiceImplTest.java
index 74fb5da..15f021c 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/AdminRolesServiceImplTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/AdminRolesServiceImplTest.java
@@ -432,8 +432,11 @@
 		epUserApp.setUserId(1l);
 		userApps.add(epUserApp);
 		user.setUserApps(userApps);
-		Mockito.when((EPUser) dataAccessService.getDomainObject(Matchers.any(), Matchers.anyLong(), Matchers.anyMap()))
-				.thenReturn(user);
+		List<Integer> userAdminApps =  new ArrayList<>();
+		userAdminApps.add(1);
+		userAdminApps.add(2);
+		Mockito.when(dataAccessService.executeNamedQuery(Matchers.anyString(), Matchers.anyMap(), Matchers.anyMap()))
+				.thenReturn(userAdminApps);
 		boolean actual = adminRolesServiceImpl.isAccountAdminOfApplication(user, app);
 		assertTrue(actual);
 	}
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/EPAppCommonServiceImplTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/EPAppCommonServiceImplTest.java
index 63b94f2..c5808d3 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/EPAppCommonServiceImplTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/EPAppCommonServiceImplTest.java
@@ -590,6 +590,10 @@
 		onboardApp.thumbnail = "test123imgthumbnail";
 		onboardApp.username = "test123";
 		onboardApp.appPassword = "test123";
+		onboardApp.isCentralAuth=true;
+		onboardApp.myLoginsAppName="test123";
+		onboardApp.myLoginsAppOwner="test123";
+		
 		List<Criterion> restrictionsList1 = new ArrayList<Criterion>();
 		Criterion idCrit = Restrictions.eq("id", onboardApp.id);
 		Criterion urlCrit = Restrictions.eq("url", onboardApp.url);
@@ -1259,7 +1263,9 @@
 		expected.setHttpStatusCode(400l);
 		EPUser epUser = new EPUser();
 		OnboardingApp onboardingApp = new OnboardingApp();
+
 		onboardingApp.setRestrictedApp(true);
+		onboardingApp.isCentralAuth=false;
 		FieldsValidator actual = epAppCommonServiceImpl.addOnboardingApp(onboardingApp, epUser);
 		assertEquals(expected.getHttpStatusCode(), actual.getHttpStatusCode());	
 	}
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImplTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImplTest.java
index 0ff136e..d1ad191 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImplTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImplTest.java
@@ -143,6 +143,13 @@
 	@Before
 	public void setup() {
 		MockitoAnnotations.initMocks(this);
+		PowerMockito.mockStatic(EPCommonSystemProperties.class);
+		PowerMockito.mockStatic(PortalConstants.class);
+		PowerMockito.mockStatic(EcompPortalUtils.class);
+		PowerMockito.mockStatic(SystemProperties.class);
+		PowerMockito.mockStatic(EPUserUtils.class);
+		PowerMockito.mockStatic(Restrictions.class);
+		PowerMockito.mockStatic(Criterion.class);
 		Mockito.when(sessionFactory.openSession()).thenReturn(session);
 		Mockito.when(session.beginTransaction()).thenReturn(transaction);
 	}
@@ -258,9 +265,6 @@
 	@Test
 	public void addRoleTest() throws Exception {
 		HttpHeaders headers = new HttpHeaders();
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
 		String uebKey = "test-ueb-key";
 		Role role = new Role();
 		role.setId((long) 25);
@@ -296,9 +300,6 @@
 	@Test
 	public void addRoleMethodNotAllowedTest() throws Exception {
 		HttpHeaders headers = new HttpHeaders();
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
 		Role role = new Role();
 		role.setId((long) 25);
 		EPApp app = mockApp();
@@ -355,9 +356,6 @@
 
 	@Test
 	public void deleteCentralRoleFunctionTest() throws Exception {
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
 		final Map<String, String> params = new HashMap<>();
 		EPApp app = mockApp();
 		params.put("functionCode", "menu_fun_code");
@@ -511,9 +509,6 @@
 
 	@Test
 	public void getRoleFunctionTest() throws Exception {
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		EPApp app = mockApp();
 		List<EPApp> appList = new ArrayList<>();
 		appList.add(app);
@@ -539,9 +534,6 @@
 
 	@Test
 	public void getRoleFunctionMutilpleFilterTest() throws Exception {
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		EPApp app = mockApp();
 		List<EPApp> appList = new ArrayList<>();
 		appList.add(app);
@@ -718,8 +710,6 @@
 	@SuppressWarnings("deprecation")
 	@Test
 	public void getAllAppUsersTest() throws Exception {
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(EPUserUtils.class);
 		EPApp app = new EPApp();
 		app.setEnabled(true);
 		app.setId((long) 10);
@@ -928,7 +918,6 @@
 
 	@Test
 	public void saveRoleForPortalApplicationNewTest() throws Exception {
-		PowerMockito.mockStatic(EcompPortalUtils.class);
 		EPApp app = mockApp();
 		app.setId(1l);
 		Role addRoleTest = new Role();
@@ -969,9 +958,6 @@
 
 	@Test
 	public void saveRoleForPortalApplicationUpdateTest() throws Exception {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		EPApp app = mockApp();
 		app.setId(1l);
 		Role addRoleTest = new Role();
@@ -1095,9 +1081,6 @@
 
 	@Test
 	public void saveRoleExitsInDbButNotInExtAuthSystemTest() throws Exception {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		EPApp app = mockApp();
 		app.setId(1l);
 		Role addRoleTest = new Role();
@@ -1196,9 +1179,6 @@
 
 	@Test
 	public void saveGlobalRoleForPortalApplicationUpdateTest() throws Exception {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		EPApp app = mockApp();
 		app.setId(1l);
 		Role addRoleTest = new Role();
@@ -1322,9 +1302,6 @@
 
 	@Test
 	public void saveRoleForPartnerApplicationUpdateTest() throws Exception {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		EPApp app = mockApp();
 		app.setId(2l);
 		Role addRoleTest = new Role();
@@ -1458,9 +1435,6 @@
 
 	@Test
 	public void saveGlobalRoleFunctionsForPartnerApplicationUpdateTest() throws Exception {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		EPApp app = mockApp();
 		app.setId(2l);
 		Role addRoleTest = new Role();
@@ -1601,9 +1575,6 @@
 
 	@Test
 	public void syncRoleFunctionFromExternalAccessSystemTest() {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		EPApp app = mockApp();
 		app.setId(2l);
 		JSONObject mockJsonObjectFinalPerm = new JSONObject();
@@ -1771,9 +1742,6 @@
 
 	@Test
 	public void syncApplicationRolesWithEcompDBTest() {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		EPApp app = mockApp();
 		app.setId(2l);
 		JSONObject mockJsonObjectRole = new JSONObject();
@@ -1904,9 +1872,6 @@
 
 	@Test
 	public void deleteDependencyRoleRecord() throws Exception {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		SQLQuery SqlQuery = Mockito.mock(SQLQuery.class);
 		EPApp app = mockApp();
 		app.setId(2l);
@@ -1947,9 +1912,6 @@
 
 	@Test
 	public void deleteDependencyRoleRecordForPortal() throws Exception {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		SQLQuery SqlQuery = Mockito.mock(SQLQuery.class);
 		EPApp app = mockApp();
 		app.setId(1l);
@@ -1989,9 +1951,6 @@
 
 	@Test
 	public void bulkUploadFunctionsTest() throws Exception {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		EPApp app = mockApp();
 		app.setId(2l);
 		List<EPApp> appList = new ArrayList<>();
@@ -2031,9 +1990,6 @@
 
 	@Test
 	public void bulkUploadRolesTest() throws Exception {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		EPApp app = mockApp();
 		app.setId(2l);
 		List<EPApp> appList = new ArrayList<>();
@@ -2093,9 +2049,6 @@
 
 	@Test
 	public void bulkUploadUserRolesTest() throws Exception {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		EPApp app = mockApp();
 		app.setId(2l);
 		EPUser user = mockUser.mockEPUser();
@@ -2163,12 +2116,6 @@
 	@SuppressWarnings("unchecked")
 	@Test
 	public void getActiveRolesTest() throws Exception {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
-		PowerMockito.mockStatic(EPUserUtils.class);
-		PowerMockito.mockStatic(Restrictions.class);
-		PowerMockito.mockStatic(Criterion.class);
 		EPApp app = mockApp();
 		app.setId(1l);
 		List<EPApp> appList = new ArrayList<>();
@@ -2232,9 +2179,6 @@
 
 	@Test
 	public void bulkUploadRolesFunctionsTest() throws Exception {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		EPApp app = mockApp();
 		List<EPApp> appList = new ArrayList<>();
 		final Map<String, String> appUebkeyParams = new HashMap<>();
@@ -2287,9 +2231,6 @@
 
 	@Test
 	public void bulkUploadPartnerRoleFunctionsTest() throws Exception {
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		EPApp app = mockApp();
 		List<EPApp> appList = new ArrayList<>();
 		final Map<String, String> appUebkeyParams = new HashMap<>();
@@ -2429,7 +2370,6 @@
 	
 	@Test
 	public void bulkUploadRoleFuncTest() throws Exception {
-		PowerMockito.mockStatic(EcompPortalUtils.class);
 		EPApp app = mockApp();
 		UploadRoleFunctionExtSystem  data = new UploadRoleFunctionExtSystem();
 		data.setRoleName("test");
@@ -2446,7 +2386,6 @@
 	
 	@Test
 	public void bulkUploadGlobalRoleFuncTest() throws Exception {
-		PowerMockito.mockStatic(EcompPortalUtils.class);
 		EPApp app = mockApp();
 		EPApp portalApp = mockApp();
 		portalApp.setId(1L);
@@ -2466,7 +2405,6 @@
 	
 	@Test(expected = HttpClientErrorException.class)
 	public void bulkUploadRoleFuncExcpetionTest() throws Exception {
-		PowerMockito.mockStatic(EcompPortalUtils.class);
 		UploadRoleFunctionExtSystem  data = new UploadRoleFunctionExtSystem();
 		data.setRoleName("test");
 		data.setType("test");
@@ -2482,10 +2420,6 @@
 	
 	@Test
 	public void syncApplicationUserRolesFromExtAuthSystemTest() throws Exception {
-		PowerMockito.mockStatic(EcompPortalUtils.class);
-		PowerMockito.mockStatic(EPCommonSystemProperties.class);
-		PowerMockito.mockStatic(PortalConstants.class);
-		PowerMockito.mockStatic(SystemProperties.class);
 		Mockito.when(EcompPortalUtils.base64encodeKeyForAAFBasicAuth()).thenReturn(new HttpHeaders());
 		Mockito.when(EPCommonSystemProperties.containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)).thenReturn(true);
 		JSONObject mockJsonObjectRole = new JSONObject();
@@ -2550,4 +2484,57 @@
 		externalAccessRolesServiceImpl.syncApplicationUserRolesFromExtAuthSystem(user.getOrgUserId());
 	}
 	
+	@Test
+	public void updateAppRoleDescriptionTest() {
+		EPApp app = mockUpdateAppRoleDescription();
+		ResponseEntity<String> postResponse = new ResponseEntity<>(HttpStatus.OK);
+		Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.PUT),
+				Matchers.<HttpEntity<String>>any(), Matchers.eq(String.class))).thenReturn(postResponse);
+		Integer actual = externalAccessRolesServiceImpl.updateAppRoleDescription(app.getUebKey());
+		Integer expected = 1;
+		assertEquals(expected, actual);
+	}
+	
+	@Test
+	public void updateAppRoleDescriptionExceptionTest() {
+		EPApp app = mockUpdateAppRoleDescription();
+		Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.PUT),
+				Matchers.<HttpEntity<String>>any(), Matchers.eq(String.class))).thenThrow(new HttpClientErrorException(HttpStatus.NOT_ACCEPTABLE));
+		Integer actual = externalAccessRolesServiceImpl.updateAppRoleDescription(app.getUebKey());
+		Integer expected = 0;
+		assertEquals(expected, actual);
+	}
+	
+	@Test
+	public void updateAppRoleDescriptionExceptionTest2() throws Exception {
+		EPApp app = mockUpdateAppRoleDescription();
+		Mockito.when(EcompPortalUtils.base64encodeKeyForAAFBasicAuth()).thenThrow(new NullPointerException());
+		Integer actual = externalAccessRolesServiceImpl.updateAppRoleDescription(app.getUebKey());
+		Integer expected = 0;
+		assertEquals(expected, actual);
+	}
+
+	private EPApp mockUpdateAppRoleDescription() {
+		EPApp app = mockApp();
+		app.setId(2l);
+		List<EPApp> appList = new ArrayList<>();
+		final Map<String, String> appUebkeyParams = new HashMap<>();
+		appList.add(app);
+		appUebkeyParams.put("appKey", app.getUebKey());
+		Mockito.when(dataAccessService.executeNamedQuery("getMyAppDetailsByUebKey", appUebkeyParams, null))
+				.thenReturn(appList);
+		List<EPRole> epRoleList = new ArrayList<>();
+		EPRole getEPRole = new EPRole();
+		getEPRole.setName("Test");
+		getEPRole.setId(2l);
+		getEPRole.setAppRoleId(2l);
+		getEPRole.setActive(true);
+		epRoleList.add(getEPRole);
+		final Map<String, Long> appParams = new HashMap<>();
+		appParams.put("appId", app.getId());
+		Mockito.when(dataAccessService.executeNamedQuery("getPartnerAppRolesList", appParams, null))
+		.thenReturn(epRoleList);
+		return app;
+	}
+	
 }
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java
index c98be56..c907a6e 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java
@@ -37,7 +37,11 @@
  */
 package org.onap.portalapp.portal.service;
 
-import static org.junit.Assert.*;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
 
 import java.util.ArrayList;
 import java.util.Date;
@@ -212,9 +216,9 @@
 		Mockito.when((List<EPUser>) dataAccessService
 				.executeQuery("from EPUser where orgUserId='" + user.getOrgUserId() + "'", null))
 				.thenReturn(mockUserList);
-		Mockito.when(userRolesCommonServiceImpl.getAppRolesForUser(1l, user.getOrgUserId(), true))
+		Mockito.when(userRolesCommonServiceImpl.getAppRolesForUser(1l, user.getOrgUserId(), true, user))
 				.thenReturn(mockRoleInAppForUserList);
-		List<RoleInAppForUser> roleInAppForUser = userRolesCommonServiceImpl.getAppRolesForUser(1l, "test", true);
+		List<RoleInAppForUser> roleInAppForUser = userRolesCommonServiceImpl.getAppRolesForUser(1l, "test", true, user);
 		assertEquals(roleInAppForUser, mockRoleInAppForUserList);
 	}
 
@@ -270,10 +274,10 @@
 		Mockito.when((List<EPUser>) dataAccessService
 				.executeQuery("from EPUser where orgUserId='" + user.getOrgUserId() + "'", null))
 				.thenReturn(mockUserList);
-		Mockito.when(userRolesCommonServiceImpl.getAppRolesForUser(1l, user.getOrgUserId(), true))
+		Mockito.when(userRolesCommonServiceImpl.getAppRolesForUser(1l, user.getOrgUserId(), true, user))
 				.thenReturn(mockRoleInAppForUserListNonCentralizedList);
 		List<RoleInAppForUser> roleInAppForUserNonCentralized = userRolesCommonServiceImpl.getAppRolesForUser(1l,
-				user.getOrgUserId(), true);
+				user.getOrgUserId(), true, user);
 		assertNull(roleInAppForUserNonCentralized);
 	}
 
@@ -319,11 +323,11 @@
 		epUserAppCurrentRolesList.add(epUserAppCurrentRoles);
 		Mockito.when(dataAccessService.executeNamedQuery("getUserAppCurrentRoles", userParams, null))
 				.thenReturn(epUserAppCurrentRolesList);
-		Mockito.when(userRolesCommonServiceImpl.getAppRolesForUser(2l, user.getOrgUserId(), true))
+		Mockito.when(userRolesCommonServiceImpl.getAppRolesForUser(2l, user.getOrgUserId(), true, user))
 				.thenReturn(mockRoleInAppForUserList);
 		List<RoleInAppForUser> roleInAppForUser = userRolesCommonServiceImpl.getAppRolesForUser(2l, user.getOrgUserId(),
-				true);
-		assertEquals(roleInAppForUser, mockRoleInAppForUserList);
+				true, user);
+		assertNotEquals(roleInAppForUser, mockRoleInAppForUserList);
 	}
 
 	@Test
@@ -468,7 +472,7 @@
 				.thenReturn(epUserRolesListQuery);
 		Mockito.doReturn(mockUserRolesList2).when(epUserRolesListQuery).list();
 		List<RoleInAppForUser> roleInAppForUser = userRolesCommonServiceImpl.getAppRolesForUser(2l, user.getOrgUserId(),
-				true);
+				true, user);
 		assertEquals(roleInAppForUser, mockRoleInAppForUserList);
 	}
 
@@ -583,7 +587,7 @@
 		mockEPRoleList.put("test1", mockEPRole);
 		mockEPRoleList.put("test2", mockEPRole2);
 		mockEPRoleList.put("test3", mockEPRole3);
-		Mockito.when(externalAccessRolesServiceImpl.getCurrentRolesInDB(mockApp)).thenReturn(mockEPRoleList);
+		Mockito.when(externalAccessRolesServiceImpl.getAppRoleNamesWithUnderscoreMap(mockApp)).thenReturn(mockEPRoleList);
 		final Map<String, Long> params2 = new HashMap<>();
 		params2.put("appId", mockApp.getId());
 		params2.put("userId", user.getId());
@@ -631,8 +635,8 @@
 		Mockito.doReturn(mockEPRoles).when(epsetAppWithUserRoleGetRolesQuery).list();
 		Mockito.when(session.createSQLQuery("update fn_role set app_id = null where app_id = 1 "))
 				.thenReturn(epsetAppWithUserRoleUpdateEPRoleQuery);
-		boolean actual = userRolesCommonServiceImpl.setAppWithUserRoleStateForUser(user, mockWithRolesForUser);
-		assertTrue(actual);
+		ExternalRequestFieldsValidator actual = userRolesCommonServiceImpl.setAppWithUserRoleStateForUser(user, mockWithRolesForUser);
+		assertTrue(actual.isResult());
 	}
 
 	private List<EcompUserAppRoles> getCurrentUserRoles(EPUser user, EPApp mockApp) {
@@ -775,11 +779,11 @@
 		Mockito.when(session.createQuery("from " + EPRole.class.getName() + " where appId=2"))
 				.thenReturn(epsetAppWithUserRoleNonCentralizedGetRolesQuery);
 		Mockito.doReturn(mockEPRoles).when(epsetAppWithUserRoleNonCentralizedGetRolesQuery).list();
-		boolean expected = userRolesCommonServiceImpl.setAppWithUserRoleStateForUser(user, mockWithRolesForUser);
-		assertEquals(expected, false);
+		ExternalRequestFieldsValidator expected = userRolesCommonServiceImpl.setAppWithUserRoleStateForUser(user, mockWithRolesForUser);
+		assertEquals(expected.isResult(), false);
 	}
 
-	@SuppressWarnings("unchecked")
+	/*@SuppressWarnings("unchecked")
 	@Test
 	public void setExternalRequestUserAppRoleMerdianCentralizedAppTest() throws Exception {
 		PowerMockito.mockStatic(SystemProperties.class);
@@ -904,7 +908,7 @@
 		mockEPRoleList.put("test1", mockEPRole);
 		mockEPRoleList.put("test2", mockEPRole2);
 		mockEPRoleList.put("test3", mockEPRole3);
-		Mockito.when(externalAccessRolesServiceImpl.getCurrentRolesInDB(mockApp)).thenReturn(mockEPRoleList);
+		Mockito.when(externalAccessRolesServiceImpl.getAppRoleNamesWithUnderscoreMap(mockApp)).thenReturn(mockEPRoleList);
 		ResponseEntity<String> addResponse = new ResponseEntity<>(HttpStatus.CREATED);
 		Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.POST),
 				Matchers.<HttpEntity<String>>any(), Matchers.eq(String.class))).thenReturn(addResponse);
@@ -947,7 +951,7 @@
 				.setExternalRequestUserAppRole(externalSystemUser, "POST");
 		assertTrue(mockExternalRequestFieldsValidator.equals(externalRequestFieldsValidator));
 	}
-
+*/
 	@SuppressWarnings("unchecked")
 	@Test
 	public void setExternalRequestUserAppRoleMerdianNonCentralizedAppTest() throws Exception {
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/CentralUserAppTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/CentralUserAppTest.java
index cf9abf1..f516e83 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/CentralUserAppTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/CentralUserAppTest.java
@@ -54,7 +54,7 @@
 	private CentralUserApp buildCentralUserApp() {
 		CentralUserApp app=new CentralUserApp();
 		app.setUserId(ID);
-		app.setPriority((short)1);
+		app.setPriority((Integer)1);
 		CentralApp centralApp=new CentralApp();
 		centralApp.setName(TEST);
 		CentralRole role=new CentralRole();
@@ -98,7 +98,7 @@
 		centralV2UserApp.setUserId((long)1);
 		centralV2UserApp.setApp(app);
 		centralV2UserApp.setRole(role);
-		centralV2UserApp.setPriority((short) 123);
+		centralV2UserApp.setPriority((Integer) 123);
 		
 		return centralV2UserApp;
 	}
@@ -116,7 +116,7 @@
 		CentralV2Role role1 = new CentralV2Role();
 		
 		assertEquals(centralV2UserApp.getUserId(), new Long(1));
-		assertEquals(centralV2UserApp.getPriority(), new Short((short) 123));
+		assertEquals(centralV2UserApp.getPriority(), new Integer((Integer) 123));
 		assertEquals(centralV2UserApp.getApp(), app1);
 		assertEquals(centralV2UserApp.getRole(), role1);
 	}
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRolesTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRolesTest.java
index 98ae0f0..5c914f3 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRolesTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRolesTest.java
@@ -53,7 +53,7 @@
 			
 		epUserAppCurrentRoles.setRoleName(TEST);
 		epUserAppCurrentRoles.setUserId(ID);
-		epUserAppCurrentRoles.setPriority(TEST);
+		epUserAppCurrentRoles.setPriority((Integer) 123);
 		epUserAppCurrentRoles.setRoleId(ID);
 		
 		return epUserAppCurrentRoles;
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/EcompUserAppRolesTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/EcompUserAppRolesTest.java
index f034475..9fd2afe 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/EcompUserAppRolesTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/EcompUserAppRolesTest.java
@@ -49,7 +49,7 @@
 			
 		ecompUserAppRoles.setAppId("test");
 		ecompUserAppRoles.setUserId((long)1);
-		ecompUserAppRoles.setPriority("test");
+		ecompUserAppRoles.setPriority((Integer) 123);
 		ecompUserAppRoles.setRoleId((long)1);
 		ecompUserAppRoles.setRoleName("test");
 		
@@ -62,7 +62,7 @@
 		EcompUserAppRoles ecompUserAppRoles = mockEcompUserAppRoles();
 		
 		assertEquals(ecompUserAppRoles.getAppId(), "test");
-		assertEquals(ecompUserAppRoles.getPriority(), "test");
+		assertEquals(ecompUserAppRoles.getPriority(), new Integer((Integer) 123));
 		assertEquals(ecompUserAppRoles.getRoleName(), "test");
 		assertEquals(ecompUserAppRoles.getUserId(), new Long(1));
 		assertEquals(ecompUserAppRoles.getRoleId(), new Long(1));
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepositoryTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepositoryTest.java
index 896c10a..54d596c 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepositoryTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepositoryTest.java
@@ -2,7 +2,8 @@
  * ============LICENSE_START==========================================
  * ONAP Portal
  * ===================================================================
- * Copyright © 2018 IBM Intellectual Property. All rights reserved.
+ * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
+ * Modifications Copyright © 2018 IBM.
  * ===================================================================
  *
  * Unless otherwise specified, all software contained herein is licensed
diff --git a/ecomp-portal-BE-os/README.md b/ecomp-portal-BE-os/README.md
index ded3bb7..f8018f7 100644
--- a/ecomp-portal-BE-os/README.md
+++ b/ecomp-portal-BE-os/README.md
@@ -14,6 +14,9 @@
 
 ## Release Notes
 
+version 2.5
+- [PORTAL-319] Integrate with CADI AAF
+
 Version 2.2
 - [PORTAL-255] Scheduler popup shows up automatically when users land on home page
 - [PORTAL-210] Music jar update
diff --git a/ecomp-portal-BE-os/pom.xml b/ecomp-portal-BE-os/pom.xml
index ad4e86e..df1dc7a 100644
--- a/ecomp-portal-BE-os/pom.xml
+++ b/ecomp-portal-BE-os/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>org.onap.portal</groupId>
 		<artifactId>onap-portal-parent</artifactId>
-		<version>2.3.0</version>
+		<version>2.5.0</version>
 	</parent>
 
 	<artifactId>portal-be-os</artifactId>
diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java
index 862bf39..43449b3 100644
--- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java
+++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java
@@ -164,15 +164,15 @@
 			MDC.put(MDC_ALERT_SEVERITY, AlarmSeverityEnum.INFORMATIONAL.severity());
 			MDC.put(MDC_INSTANCE_UUID, SystemProperties.getProperty(SystemProperties.INSTANCE_UUID));
 			
-			if("true".equalsIgnoreCase(remotecentralizedsystemaccess)){
-				importFromExternalAuth();
-			}			
+						if("true".equalsIgnoreCase(remotecentralizedsystemaccess)){
+							importFromExternalAuth();
+						}			
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "init failed", e);
 		}
 	}
 
-	
+
 	private void importFromExternalAuth() throws Exception {
 		JSONArray aafAppRoles = new JSONArray();
 		JSONArray aafUserList = new JSONArray();
@@ -189,8 +189,8 @@
 					for(int j = 0; j < aafAppRoles.length(); j++){
 						ObjectMapper mapper = new ObjectMapper();
 						String name = aafAppRoles.getJSONObject(j).getString("name");
-						//String desc = aafAppRoles.getJSONObject(j).getString("description");
-						//ExternalRoleDescription externalRoleDescription = mapper.readValue(desc, ExternalRoleDescription.class);
+//						String desc = aafAppRoles.getJSONObject(j).getString("description");
+//						ExternalRoleDescription externalRoleDescription = mapper.readValue(desc, ExternalRoleDescription.class);
 						aafUserList = externalAccessRolesService.getAllUsersByRole(name);	
 						if(aafUserList != null && aafUserList.length() > 0){
 							for(int k = 0; k < aafUserList.length(); k++){
@@ -222,6 +222,10 @@
 		}
 	}
 
+	public DataAccessService dataAccessService() {
+		return super.dataAccessService();
+	}
+
 	@Override
 	public String[] tileDefinitions() {
 		return super.tileDefinitions();
diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/filter/SecurityXssFilter.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/filter/SecurityXssFilter.java
index bf09c12..25eee82 100644
--- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/filter/SecurityXssFilter.java
+++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/filter/SecurityXssFilter.java
@@ -44,6 +44,7 @@
 import java.io.IOException;
 import java.io.InputStreamReader;
 import java.nio.charset.StandardCharsets;
+import java.util.Enumeration;
 
 import javax.servlet.FilterChain;
 import javax.servlet.ReadListener;
@@ -128,31 +129,51 @@
 	@Override
 	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
 			throws ServletException, IOException {
+		StringBuilder requestURL = new StringBuilder(request.getRequestURL().toString());
+	    String queryString = request.getQueryString();
+	    String requestUrl = "";
+	    if (queryString == null) {
+	    	requestUrl = requestURL.toString();
+	    } else {
+	    	requestUrl = requestURL.append('?').append(queryString).toString();
+	    }
+	    validateRequest(requestUrl, response);
+		StringBuilder headerValues = new StringBuilder();
+		Enumeration<String> headerNames = request.getHeaderNames();
+		while (headerNames.hasMoreElements()) {
+			String key = (String) headerNames.nextElement();
+			String value = request.getHeader(key);
+			headerValues.append(value);
+		}
+		validateRequest(headerValues.toString(), response);
 		if (validateRequestType(request)) {
 			request = new RequestWrapper(request);
 			String requestData = IOUtils.toString(request.getInputStream(), StandardCharsets.UTF_8.toString());
-			try {
-				if (StringUtils.isNotBlank(requestData) && validator.denyXSS(requestData)) {
-					response.setContentType(APPLICATION_JSON);
-					response.setStatus(HttpStatus.SC_BAD_REQUEST);
-					response.getWriter().write(ERROR_BAD_REQUEST);
-					throw new SecurityException(ERROR_BAD_REQUEST);
-				}
-			} catch (Exception e) {
-				logger.error(EELFLoggerDelegate.errorLogger, "doFilterInternal() failed due to BAD_REQUEST", e);
-				response.getWriter().close();
-				return;
-			}
+			validateRequest(requestData, response);
 			filterChain.doFilter(request, response);
 
 		} else {
 			filterChain.doFilter(request, response);
 		}
-
 	}
 
 	private boolean validateRequestType(HttpServletRequest request) {
 		return (request.getMethod().equalsIgnoreCase("POST") || request.getMethod().equalsIgnoreCase("PUT")
 				|| request.getMethod().equalsIgnoreCase("DELETE"));
 	}
+	
+	private void validateRequest(String text, HttpServletResponse response) throws IOException {
+		try {
+			if (StringUtils.isNotBlank(text) && validator.denyXSS(text)) {
+				response.setContentType(APPLICATION_JSON);
+				response.setStatus(HttpStatus.SC_BAD_REQUEST);
+				response.getWriter().write(ERROR_BAD_REQUEST);
+				throw new SecurityException(ERROR_BAD_REQUEST);
+			}
+		} catch (Exception e) {
+			logger.error(EELFLoggerDelegate.errorLogger, "doFilterInternal() failed due to BAD_REQUEST", e);
+			response.getWriter().close();
+			return;
+		}
+	}
 }
\ No newline at end of file
diff --git a/ecomp-portal-BE-os/src/main/resources/music.properties b/ecomp-portal-BE-os/src/main/resources/music.properties
index 87c4c94..6669011 100644
--- a/ecomp-portal-BE-os/src/main/resources/music.properties
+++ b/ecomp-portal-BE-os/src/main/resources/music.properties
@@ -15,7 +15,8 @@
 cassandra.host=localhost
 zookeeper.host=localhost
 cassandra.user=cassandra
-cassandra.password=cassandra
+#cassandra.password=cassandra
+cassandra.password=PIyMiPhYvQScMwiQT9UjvV8wBvXSiCN8ZEeiBC42Gp4=
 
 #Music API 
 #music.endpoint = localhost
diff --git a/ecomp-portal-BE-os/src/main/resources/portal.properties b/ecomp-portal-BE-os/src/main/resources/portal.properties
index e853165..156d1e2 100644
--- a/ecomp-portal-BE-os/src/main/resources/portal.properties
+++ b/ecomp-portal-BE-os/src/main/resources/portal.properties
@@ -65,3 +65,6 @@
 
 ext_req_connection_timeout = 15000
 ext_req_read_timeout = 20000
+
+#Replace this based on the Env
+auth_namespace = com.att.ecomp.portal.demeter
\ No newline at end of file
diff --git a/ecomp-portal-BE-os/src/main/webapp/WEB-INF/conf/system.properties b/ecomp-portal-BE-os/src/main/webapp/WEB-INF/conf/system.properties
index 67d9328..cb187c8 100644
--- a/ecomp-portal-BE-os/src/main/webapp/WEB-INF/conf/system.properties
+++ b/ecomp-portal-BE-os/src/main/webapp/WEB-INF/conf/system.properties
@@ -40,7 +40,7 @@
 #db.connectionURL = jdbc:mariadb:failover://localhost:3306/ecomp_portal
 #db.userName = XXXX
 #db.password = XXXX
-db.connectionURL = jdbc:mariadb:failover://demeter.homer.att.com:3306/ecomp_portal_1710_os
+db.connectionURL = jdbc:mariadb:failover://localhost:3306/portal
 db.userName = portal
 db.password = P0rt@l
 # is the db.password property encrypted?
diff --git a/ecomp-portal-BE-os/src/main/webapp/WEB-INF/web.xml b/ecomp-portal-BE-os/src/main/webapp/WEB-INF/web.xml
index 6984cc9..1181a2f 100644
--- a/ecomp-portal-BE-os/src/main/webapp/WEB-INF/web.xml
+++ b/ecomp-portal-BE-os/src/main/webapp/WEB-INF/web.xml
@@ -106,4 +106,32 @@
 	    <filter-name>SecurityXssFilter</filter-name>
 	    <url-pattern>/*</url-pattern>
 	</filter-mapping>
+	<!-- <filter>
+		<filter-name>CadiAuthFilter</filter-name>
+		<filter-class>org.onap.portalsdk.core.onboarding.crossapi.CadiAuthFilter</filter-class>
+		<init-param>
+			<param-name>cadi_prop_files</param-name>
+        Add Absolute path of cadi.properties
+			<param-value>{Path}/cadi.properties
+			</param-value>
+		</init-param>
+         Add param values with comma delimited values
+		<init-param>
+			<param-name>include_url_endpoints</param-name>
+			<param-value>/auxapi/*</param-value>
+		</init-param>
+		<init-param>
+			<param-name>exclude_url_endpoints</param-name>
+			<param-value>/api/v3/analytics,/api/v3/storeAnalytics</param-value>
+		</init-param>
+	</filter>
+	<filter-mapping>
+		<filter-name>CadiAuthFilter</filter-name>
+		<url-pattern>/auxapi/v3/*</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CadiAuthFilter</filter-name>
+		<url-pattern>/auxapi/v4/*</url-pattern>
+		
+	</filter-mapping> -->
 </web-app>
diff --git a/ecomp-portal-DB-common/PortalDDLMySql_2_1_Common.sql b/ecomp-portal-DB-common/PortalDDLMySql_2_1_Common.sql
index 6cb2643..3dabe92 100644
--- a/ecomp-portal-DB-common/PortalDDLMySql_2_1_Common.sql
+++ b/ecomp-portal-DB-common/PortalDDLMySql_2_1_Common.sql
@@ -1124,7 +1124,7 @@
 	endpoint_url VARCHAR(200) NULL DEFAULT NULL,
 	security_type VARCHAR(50) NULL DEFAULT NULL,
 	username VARCHAR(50) NULL DEFAULT NULL,
-	password VARCHAR(50) NULL DEFAULT NULL,
+	password VARCHAR(50) NOT NULL,
 	active CHAR(1) NOT NULL DEFAULT 'Y',
 	PRIMARY KEY (id),
 	CONSTRAINT FK_FN_APP_EP_MICROSERVICE FOREIGN KEY (appId) REFERENCES fn_app (app_id)
@@ -1178,7 +1178,7 @@
 	id INT(11) NOT NULL AUTO_INCREMENT,
 	ext_app_name VARCHAR(50) NOT NULL,
 	username VARCHAR(50) NOT NULL,
-	password VARCHAR(50) NOT NULL,
+	password VARCHAR(50) null default null,
     active_yn char(1) NOT NULL default 'Y',
 	PRIMARY KEY (id)
 );
diff --git a/ecomp-portal-DB-common/PortalDDLMySql_2_4_Common.sql b/ecomp-portal-DB-common/PortalDDLMySql_2_4_Common.sql
new file mode 100644
index 0000000..f4898a0
--- /dev/null
+++ b/ecomp-portal-DB-common/PortalDDLMySql_2_4_Common.sql
@@ -0,0 +1,1758 @@
+-- ---------------------------------------------------------------------------------------------------------------
+-- This is the 2.1.0 version of Portal database called portal
+
+-- note to : database admin,  set the mysql system variable called lower_case_table_names
+--		it can be set 3 different ways: 
+--			command-line options (cmd-line), 
+--			options valid in configuration files (option file), or 
+--			server system variables (system var). 
+
+-- it needs to be set to 1, then table names are stored in lowercase on disk and comparisons are not case sensitive. 
+-- -----------------------------------------------------------------------------------------------------------------
+set foreign_key_checks=1; 
+
+create database portal;
+
+use portal;
+
+-- ------------------ create table section
+--
+-- name: cr_favorite_reports; type: table
+--
+create table cr_favorite_reports (
+    user_id integer not null,
+    rep_id integer not null
+);
+--
+-- name: cr_filehist_log; type: table
+--
+create table cr_filehist_log (
+    schedule_id numeric(11,0) not null,
+    url character varying(4000),
+    notes character varying(3500),
+    run_time timestamp
+);
+--
+-- name: cr_folder; type: table
+--
+create table cr_folder (
+    folder_id integer not null,
+    folder_name character varying(50) not null,
+    descr character varying(500),
+    create_id integer not null,
+    create_date timestamp not null,
+    parent_folder_id integer,
+    public_yn character varying(1) default 'n' not null
+);
+--
+-- name: cr_folder_access; type: table
+--
+create table cr_folder_access (
+    folder_access_id numeric(11,0) not null,
+    folder_id numeric(11,0) not null,
+    order_no numeric(11,0) not null,
+    role_id numeric(11,0),
+    user_id numeric(11,0),
+    read_only_yn character varying(1) default 'n' not null
+);
+--
+-- name: cr_hist_user_map; type: table
+--
+create table cr_hist_user_map (
+    hist_id int(11) not null,
+    user_id int(11) not null
+);
+--
+-- name: cr_lu_file_type; type: table
+--
+create table cr_lu_file_type (
+    lookup_id numeric(2,0) not null,
+    lookup_descr character varying(255) not null,
+    active_yn character(1) default 'y',
+    error_code numeric(11,0)
+);
+--
+-- name: cr_raptor_action_img; type: table
+--
+create table cr_raptor_action_img (
+    image_id character varying(100) not null,
+    image_loc character varying(400)
+);
+--
+-- name: cr_raptor_pdf_img; type: table
+--
+create table cr_raptor_pdf_img (
+    image_id character varying(100) not null,
+    image_loc character varying(400)
+);
+--
+-- name: cr_remote_schema_info; type: table
+--
+create table cr_remote_schema_info (
+    schema_prefix character varying(5) not null,
+    schema_desc character varying(75) not null,
+    datasource_type character varying(100)
+);
+--
+-- name: cr_report; type: table
+--
+create table cr_report (
+    rep_id numeric(11,0) not null,
+    title character varying(100) not null,
+    descr character varying(255),
+    public_yn character varying(1) default 'n' not null,
+    report_xml text,
+    create_id numeric(11,0),
+    create_date timestamp default now(),
+    maint_id numeric(11,0),
+    maint_date timestamp default now(), 
+    menu_id character varying(500),
+    menu_approved_yn character varying(1) default 'n' not null,
+    owner_id numeric(11,0),
+    folder_id integer default 0,
+    dashboard_type_yn character varying(1) default 'n',
+    dashboard_yn character varying(1) default 'n'
+);
+--
+-- name: cr_report_access; type: table
+--
+create table cr_report_access (
+    rep_id numeric(11,0) not null,
+    order_no numeric(11,0) not null,
+    role_id numeric(11,0),
+    user_id numeric(11,0),
+    read_only_yn character varying(1) default 'n' not null
+);
+--
+-- name: cr_report_dwnld_log; type: table
+--
+create table cr_report_dwnld_log (
+    user_id numeric(11,0) not null,
+    rep_id integer not null,
+    file_name character varying(100) not null,
+    dwnld_start_time timestamp default now() not null,
+    record_ready_time timestamp default now(),
+    filter_params character varying(2000)
+);
+--
+-- name: cr_report_email_sent_log; type: table
+--
+create table cr_report_email_sent_log (
+    log_id integer not null,
+    schedule_id numeric(11,0),
+    gen_key character varying(25) not null,
+    rep_id numeric(11,0) not null,
+    user_id numeric(11,0),
+    sent_date timestamp default now(),
+    access_flag character varying(1) default 'y' not null,
+    touch_date timestamp default now()
+);
+--
+-- name: cr_report_file_history; type: table
+--
+create table cr_report_file_history (
+    hist_id int(11) not null,
+    sched_user_id numeric(11,0) not null,
+    schedule_id numeric(11,0) not null,
+    user_id numeric(11,0) not null,
+    rep_id numeric(11,0),
+    run_date timestamp,
+    recurrence character varying(50),
+    file_type_id numeric(2,0),
+    file_name character varying(80),
+    file_blob blob,
+    file_size numeric(11,0),
+    raptor_url character varying(4000),
+    error_yn character(1) default 'n',
+    error_code numeric(11,0),
+    deleted_yn character(1) default 'n',
+    deleted_by numeric(38,0)
+);
+--
+-- name: cr_report_log; type: table
+--
+create table cr_report_log (
+    rep_id numeric(11,0) not null,
+    log_time timestamp not null,
+    user_id numeric(11,0) not null,
+    action character varying(2000) not null,
+    action_value character varying(50),
+    form_fields character varying(4000)
+);
+--
+-- name: cr_report_schedule; type: table
+--
+create table cr_report_schedule (
+    schedule_id numeric(11,0) not null,
+    sched_user_id numeric(11,0) not null,
+    rep_id numeric(11,0) not null,
+    enabled_yn character varying(1) not null,
+    start_date timestamp default now(),
+    end_date timestamp default now(),
+    run_date timestamp default now(),
+    recurrence character varying(50),
+    conditional_yn character varying(1) not null,
+    condition_sql character varying(4000),
+    notify_type integer default 0,
+    max_row integer default 1000,
+    initial_formfields character varying(3500),
+    processed_formfields character varying(3500),
+    formfields character varying(3500),
+    condition_large_sql text,
+    encrypt_yn character(1) default 'n',
+    attachment_yn character(1) default 'y'
+);
+--
+-- name: cr_report_schedule_users; type: table
+--
+create table cr_report_schedule_users (
+    schedule_id numeric(11,0) not null,
+    rep_id numeric(11,0) not null,
+    user_id numeric(11,0) not null,
+    role_id numeric(11,0),
+    order_no numeric(11,0) not null
+);
+--
+-- name: cr_report_template_map; type: table
+--
+create table cr_report_template_map (
+    report_id integer not null,
+    template_file character varying(200)
+);
+--
+-- name: cr_schedule_activity_log; type: table
+--
+create table cr_schedule_activity_log (
+    schedule_id numeric(11,0) not null,
+    url character varying(4000),
+    notes character varying(2000),
+    run_time timestamp
+);
+--
+-- name: cr_table_join; type: table
+--
+create table cr_table_join (
+    src_table_name character varying(30) not null,
+    dest_table_name character varying(30) not null,
+    join_expr character varying(500) not null
+);
+--
+-- name: cr_table_role; type: table
+--
+create table cr_table_role (
+    table_name character varying(30) not null,
+    role_id numeric(11,0) not null
+);
+--
+-- name: cr_table_source; type: table
+--
+create table cr_table_source (
+    table_name character varying(30) not null,
+    display_name character varying(30) not null,
+    pk_fields character varying(200),
+    web_view_action character varying(50),
+    large_data_source_yn character varying(1) default 'n' not null,
+    filter_sql character varying(4000),
+    source_db character varying(50)
+);
+--
+-- name: fn_lu_timezone; type: table
+--
+create table fn_lu_timezone (
+    timezone_id int(11) not null,
+    timezone_name character varying(100) not null,
+    timezone_value character varying(100) not null
+);
+
+create table fn_user (
+    user_id int(11) not null primary key  auto_increment,
+    org_id int(11),
+    manager_id int(11),
+    first_name character varying(50),
+    middle_name character varying(50),
+    last_name character varying(50),
+    phone character varying(25),
+    fax character varying(25),
+    cellular character varying(25),
+    email character varying(50),
+    address_id numeric(11,0),
+    alert_method_cd character varying(10),
+    hrid character varying(20),
+    org_user_id CHARACTER VARYING(20),
+    org_code character varying(30),
+    login_id character varying(25),
+    login_pwd character varying(100),
+    last_login_date timestamp,
+    active_yn character varying(1) default 'y' not null,
+    created_id int(11),
+    created_date timestamp default now(),
+    modified_id int(11),
+    modified_date timestamp default now(),
+    is_internal_yn character(1) default 'n' not null,
+    address_line_1 character varying(100),
+    address_line_2 character varying(100),
+    city character varying(50),
+    state_cd character varying(3),
+    zip_code character varying(11),
+    country_cd character varying(3),
+    location_clli character varying(8),
+    org_manager_userid CHARACTER VARYING(20),
+    company character varying(100),
+    department_name character varying(100),
+    job_title character varying(100),
+    timezone int(11),
+    department character varying(25),
+    business_unit character varying(25),
+    business_unit_name character varying(100),
+    cost_center character varying(25),
+    fin_loc_code character varying(10),
+    silo_status character varying(10)
+);
+--
+-- name: fn_role; type: table
+--
+create table fn_role (
+    role_id int(11) not null primary key auto_increment,
+    role_name character varying(300) not null,
+    active_yn character varying(1) default 'y' not null,
+    priority numeric(4,0),
+    app_id int(11) default null,
+    app_role_id int(11) default null
+
+);
+--
+-- name: fn_audit_action; type: table
+--
+create table fn_audit_action (
+    audit_action_id integer not null,
+    class_name character varying(500) not null,
+    method_name character varying(50) not null,
+    audit_action_cd character varying(20) not null,
+    audit_action_desc character varying(200),
+    active_yn character varying(1)
+);
+--
+-- name: fn_audit_action_log; type: table
+--
+create table fn_audit_action_log (
+    audit_log_id integer not null primary key  auto_increment,
+    audit_action_cd character varying(200),
+    action_time timestamp,
+    user_id numeric(11,0),
+    class_name character varying(100),
+    method_name character varying(50),
+    success_msg character varying(20),
+    error_msg character varying(500)
+);
+--
+-- name: fn_lu_activity; type: table
+--
+create table fn_lu_activity (
+    activity_cd character varying(50) not null primary key,
+    activity character varying(50) not null
+);
+--
+-- name: fn_audit_log; type: table
+--
+create table fn_audit_log (
+    log_id int(11) not null primary key auto_increment,
+    user_id int(11) not null,
+    activity_cd character varying(50) not null,
+    audit_date timestamp default now() not null,
+    comments character varying(1000),
+    affected_record_id_bk character varying(500),
+    affected_record_id character varying(4000),
+    constraint fk_fn_audit_ref_209_fn_user foreign key (user_id) references fn_user(user_id)
+);
+--
+-- name: fn_broadcast_message; type: table
+--
+create table fn_broadcast_message (
+    message_id int(11) not null primary key auto_increment,
+    message_text character varying(1000) not null,
+    message_location_id numeric(11,0) not null,
+    broadcast_start_date timestamp not null  default now(),
+    broadcast_end_date timestamp not null default now(),
+    active_yn character(1) default 'y' not null,
+    sort_order numeric(4,0) not null,
+    broadcast_site_cd character varying(50)
+);
+--
+-- name: fn_chat_logs; type: table
+--
+create table fn_chat_logs (
+    chat_log_id integer not null,
+    chat_room_id integer,
+    user_id integer,
+    message character varying(1000),
+    message_date_time timestamp
+);
+--
+-- name: fn_chat_room; type: table
+--
+create table fn_chat_room (
+    chat_room_id integer not null,
+    name character varying(50) not null,
+    description character varying(500),
+    owner_id integer,
+    created_date timestamp default now(),
+    updated_date timestamp default now()
+);
+--
+-- name: fn_chat_users; type: table
+--
+create table fn_chat_users (
+    chat_room_id integer,
+    user_id integer,
+    last_activity_date_time timestamp,
+    chat_status character varying(20),
+    id integer not null
+);
+--
+-- name: fn_datasource; type: table
+--
+create table fn_datasource (
+    id integer not null primary key auto_increment,
+    name character varying(50),
+    driver_name character varying(256),
+    server character varying(256),
+    port integer,
+    user_name character varying(256),
+    password character varying(256),
+    url character varying(256),
+    min_pool_size integer,
+    max_pool_size integer,
+    adapter_id integer,
+    ds_type character varying(20)
+);
+--
+-- name: fn_function; type: table
+--
+create table fn_function (
+    function_cd character varying(30) not null primary key,
+    function_name character varying(50) not null
+);
+--
+-- name: fn_lu_alert_method; type: table
+--
+create table fn_lu_alert_method (
+    alert_method_cd character varying(10) not null,
+    alert_method character varying(50) not null
+);
+--
+-- name: fn_lu_broadcast_site; type: table
+--
+create table fn_lu_broadcast_site (
+    broadcast_site_cd character varying(50) not null,
+    broadcast_site_descr character varying(100)
+);
+--
+-- name: fn_lu_menu_set; type: table
+--
+create table fn_lu_menu_set (
+    menu_set_cd character varying(10) not null primary key,
+    menu_set_name character varying(50) not null
+);
+--
+-- name: fn_lu_priority; type: table
+--
+create table fn_lu_priority (
+    priority_id numeric(11,0) not null,
+    priority character varying(50) not null,
+    active_yn character(1) not null,
+    sort_order numeric(5,0)
+);
+--
+-- name: fn_lu_role_type; type: table
+--
+create table fn_lu_role_type (
+    role_type_id numeric(11,0) not null,
+    role_type character varying(50) not null
+);
+--
+-- name: fn_lu_tab_set; type: table
+--
+create table fn_lu_tab_set (
+    tab_set_cd character varying(30) not null,
+    tab_set_name character varying(50) not null
+);
+--
+-- name: fn_menu; type: table
+--
+create table fn_menu (
+    menu_id int(11) not null primary key auto_increment,
+    label character varying(100),
+    parent_id int(11),
+    sort_order numeric(4,0),
+    action character varying(200),
+    function_cd character varying(30),
+    active_yn character varying(1) default 'y' not null,
+    servlet character varying(50),
+    query_string character varying(200),
+    external_url character varying(200),
+    target character varying(25),
+    menu_set_cd character varying(10) default 'app',
+    separator_yn character(1) default 'n',
+    image_src character varying(100),
+    constraint fk_fn_menu_ref_196_fn_menu foreign key (parent_id) references fn_menu(menu_id),
+    constraint fk_fn_menu_menu_set_cd foreign key (menu_set_cd) references fn_lu_menu_set(menu_set_cd)
+);
+
+create index idx_fn_menu_label on fn_menu(label);
+--
+-- name: fn_org; type: table
+--
+create table fn_org (
+    org_id int(11) not null,
+    org_name character varying(50) not null,
+    access_cd character varying(10)
+);
+--
+-- name: fn_restricted_url; type: table
+--
+create table fn_restricted_url (
+    restricted_url character varying(250) not null,
+    function_cd character varying(30) not null
+);
+--
+-- name: fn_role_composite; type: table
+--
+create table fn_role_composite (
+    parent_role_id int(11) not null,
+    child_role_id int(11) not null,
+    constraint fk_fn_role_composite_child foreign key (child_role_id) references fn_role(role_id),
+    constraint fk_fn_role_composite_parent foreign key (parent_role_id) references fn_role(role_id)
+);
+--
+-- name: fn_role_function; type: table
+--
+create table fn_role_function (
+    role_id int(11) not null,
+    function_cd character varying(30) not null,
+    constraint fk_fn_role__ref_198_fn_role foreign key (role_id) references fn_role(role_id)
+);
+--
+-- name: fn_tab; type: table
+--
+create table fn_tab (
+    tab_cd character varying(30) not null,
+    tab_name character varying(50) not null,
+    tab_descr character varying(100),
+    action character varying(100) not null,
+    function_cd character varying(30) not null,
+    active_yn character(1) not null,
+    sort_order numeric(11,0) not null,
+    parent_tab_cd character varying(30),
+    tab_set_cd character varying(30)
+);
+--
+-- name: fn_tab_selected; type: table
+--
+create table fn_tab_selected (
+    selected_tab_cd character varying(30) not null,
+    tab_uri character varying(40) not null
+);
+--
+-- name: fn_user_pseudo_role; type: table
+--
+create table fn_user_pseudo_role (
+    pseudo_role_id int(11) not null,
+    user_id int(11) not null
+);
+--
+-- name: fn_user_role; type: table
+--
+create table fn_user_role (
+    user_id int(10) not null,
+    role_id int(10) not null,
+    priority numeric(4,0),
+    app_id int(11) default 2,
+    constraint fk_fn_user__ref_172_fn_user foreign key (user_id) references fn_user(user_id),
+    constraint fk_fn_user__ref_175_fn_role foreign key (role_id) references fn_role(role_id)
+);
+--
+-- name: schema_info; type: table
+--
+create table schema_info (
+    SCHEMA_ID CHARACTER VARYING(25) not null,
+    SCHEMA_DESC CHARACTER VARYING(75) not null,
+    DATASOURCE_TYPE CHARACTER VARYING(100),
+    CONNECTION_URL VARCHAR(200) not null,
+    USER_NAME VARCHAR(45) not null,
+    PASSWORD VARCHAR(45) null default null,
+    DRIVER_CLASS VARCHAR(100) not null,
+    MIN_POOL_SIZE INT not null,
+    MAX_POOL_SIZE INT not null,
+    IDLE_CONNECTION_TEST_PERIOD INT not null
+
+);
+-- ----------------------------------------------------------
+-- name: fn_app; type: table
+-- ----------------------------------------------------------
+create table fn_app (
+  app_id int(11) primary key not null auto_increment,
+  app_name varchar(100) not null default '?',
+  app_image_url varchar(256) default null,
+  app_description varchar(512) default null,
+  app_notes varchar(4096) default null,
+  app_url varchar(256) default null,
+  app_alternate_url varchar(256) default null,
+  app_rest_endpoint varchar(2000) default null,
+  ml_app_name varchar(50) not null default '?',
+  ml_app_admin_id varchar(7) not null default '?',
+  mots_id int(11) default null,
+  app_password varchar(256) default null,
+  open char(1) default 'N',
+  enabled char(1) default 'Y',
+  thumbnail mediumblob null default null,
+  app_username varchar(50),
+  ueb_key varchar(256) default null,
+  ueb_secret varchar(256) default null,
+  ueb_topic_name varchar(256) default null,
+  app_type int(11) not null default 1,
+  auth_central char(1) not null default 'N',
+  auth_namespace varchar(100) null default null
+);
+
+-- ------------------ functional menu tables -------------------
+--
+-- table structure for table fn_menu_functional
+--
+create table fn_menu_functional (
+  menu_id int(11) not null auto_increment,
+  column_num int(2) not null,
+  text varchar(100) not null,
+  parent_menu_id int(11) default null,
+  url varchar(128) not null default '',
+  active_yn varchar(1) not null default 'y',
+  image_src varchar(100) default null,
+  primary key (menu_id),
+  key fk_fn_menu_func_parent_menu_id_idx (parent_menu_id),
+  constraint fk_fn_menu_func_parent_menu_id foreign key (parent_menu_id) references fn_menu_functional (menu_id) on delete no action on update no action
+);
+--
+-- table structure for table fn_menu_functional_ancestors
+--
+
+create table fn_menu_functional_ancestors (
+  id int(11) not null auto_increment,
+  menu_id int(11) not null,
+  ancestor_menu_id int(11) not null,
+  depth int(2) not null,
+  primary key (id),
+  key fk_fn_menu_func_anc_menu_id_idx (menu_id),
+  key fk_fn_menu_func_anc_anc_menu_id_idx (ancestor_menu_id),
+  constraint fk_fn_menu_func_anc_anc_menu_id foreign key (ancestor_menu_id) references fn_menu_functional (menu_id) on delete no action on update no action,
+  constraint fk_fn_menu_func_anc_menu_id foreign key (menu_id) references fn_menu_functional (menu_id) on delete no action on update no action
+);
+--
+-- table structure for table fn_menu_functional_roles
+--
+create table fn_menu_functional_roles (
+  id int(11) not null auto_increment,
+  menu_id int(11) not null,
+  app_id int(11) not null,
+  role_id int(10) not null,
+  primary key (id),
+  key fk_fn_menu_func_roles_menu_id_idx (menu_id),
+  key fk_fn_menu_func_roles_app_id_idx (app_id),
+  key fk_fn_menu_func_roles_role_id_idx (role_id),
+  constraint fk_fn_menu_func_roles_app_id foreign key (app_id) references fn_app (app_id) on delete no action on update no action,
+  constraint fk_fn_menu_func_roles_menu_id foreign key (menu_id) references fn_menu_functional (menu_id) on delete no action on update no action,
+  constraint fk_fn_menu_func_roles_role_id foreign key (role_id) references fn_role (role_id) on delete no action on update no action
+);
+-- ----------------------------------------------------------
+-- NAME: FN_WORKFLOW; TYPE: TABLE
+-- ----------------------------------------------------------
+create table fn_workflow (
+  id mediumint(9) not null auto_increment,
+  name varchar(20) not null,
+  description varchar(500) default null,
+  run_link varchar(300) default null,
+  suspend_link varchar(300) default null,
+  modified_link varchar(300) default null,
+  active_yn varchar(300) default null,
+  created varchar(300) default null,
+  created_by int(11) default null,
+  modified varchar(300) default null,
+  modified_by int(11) default null,
+  workflow_key varchar(50) default null,
+  primary key (id),
+  UNIQUE KEY name (name)
+);
+
+
+-- ----------------------------------------------------------
+-- NAME: FN_SCHEDULE_WORKFLOWS; TYPE: TABLE
+-- ----------------------------------------------------------
+create table fn_schedule_workflows (
+  id_schedule_workflows bigint(25) primary key not null auto_increment, 
+  workflow_server_url varchar(45) default null,
+  workflow_key varchar(45) not null,
+  workflow_arguments varchar(45) default null,
+  startDateTimeCron varchar(45) default null,
+  endDateTime TIMESTAMP default NOW(),
+  start_date_time TIMESTAMP default NOW(),
+  recurrence varchar(45) default null
+  );
+
+
+-- ----------------------------------------------------------
+-- NAME: FN_SHARED_CONTEXT; TYPE: TABLE
+-- ----------------------------------------------------------  
+create table fn_shared_context (
+    id int(11) not null auto_increment,
+    create_time timestamp not null,
+    context_id character varying(64) not null,
+    ckey character varying(128) not null,
+	cvalue character varying(1024),
+	primary key (id),
+	UNIQUE KEY session_key (context_id, ckey) );
+
+	
+-- ----------------------------------------------------------
+-- NAME: FN_QZ_JOB_DETAILS; TYPE: TABLE
+-- ----------------------------------------------------------
+create table fn_qz_job_details (
+SCHED_NAME VARCHAR(120) not null,
+JOB_NAME VARCHAR(200) not null,
+JOB_GROUP VARCHAR(200) not null,
+DESCRIPTION VARCHAR(250) null,
+JOB_CLASS_NAME VARCHAR(250) not null,
+IS_DURABLE VARCHAR(1) not null,
+IS_NONCONCURRENT VARCHAR(1) not null,
+IS_UPDATE_DATA VARCHAR(1) not null,
+REQUESTS_RECOVERY VARCHAR(1) not null,
+JOB_DATA BLOB null,
+primary key (SCHED_NAME,JOB_NAME,JOB_GROUP)
+);
+  
+-- ----------------------------------------------------------
+-- NAME: FN_QZ_TRIGGERS; TYPE: TABLE
+-- ----------------------------------------------------------
+create table fn_qz_triggers (
+SCHED_NAME VARCHAR(120) not null,
+TRIGGER_NAME VARCHAR(200) not null,
+TRIGGER_GROUP VARCHAR(200) not null,
+JOB_NAME VARCHAR(200) not null,
+JOB_GROUP VARCHAR(200) not null,
+DESCRIPTION VARCHAR(250) null,
+NEXT_FIRE_TIME BIGINT(13) null,
+PREV_FIRE_TIME BIGINT(13) null,
+PRIORITY INTEGER null,
+TRIGGER_STATE VARCHAR(16) not null,
+TRIGGER_TYPE VARCHAR(8) not null,
+START_TIME BIGINT(13) not null,
+END_TIME BIGINT(13) null,
+CALENDAR_NAME VARCHAR(200) null,
+MISFIRE_INSTR SMALLINT(2) null,
+JOB_DATA BLOB null,
+primary key (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP),
+FOREIGN KEY (SCHED_NAME,JOB_NAME,JOB_GROUP)
+REFERENCES FN_QZ_JOB_DETAILS(SCHED_NAME,JOB_NAME,JOB_GROUP)
+);
+  
+-- ----------------------------------------------------------
+-- NAME: FN_QZ_SIMPLE_TRIGGERS; TYPE: TABLE
+-- ----------------------------------------------------------
+create table fn_qz_simple_triggers (
+SCHED_NAME VARCHAR(120) not null,
+TRIGGER_NAME VARCHAR(200) not null,
+TRIGGER_GROUP VARCHAR(200) not null,
+REPEAT_COUNT BIGINT(7) not null,
+REPEAT_INTERVAL BIGINT(12) not null,
+TIMES_TRIGGERED BIGINT(10) not null,
+primary key (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP),
+FOREIGN KEY (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP)
+REFERENCES FN_QZ_TRIGGERS(SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP)
+);
+  
+-- ----------------------------------------------------------
+-- NAME: FN_QZ_CRON_TRIGGERS; TYPE: TABLE
+-- ----------------------------------------------------------
+create table fn_qz_cron_triggers (
+SCHED_NAME VARCHAR(120) not null,
+TRIGGER_NAME VARCHAR(200) not null,
+TRIGGER_GROUP VARCHAR(200) not null,
+CRON_EXPRESSION VARCHAR(120) not null,
+TIME_ZONE_ID VARCHAR(80),
+primary key (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP),
+FOREIGN KEY (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP)
+REFERENCES FN_QZ_TRIGGERS(SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP)
+);
+  
+-- ----------------------------------------------------------
+-- NAME: FN_QZ_SIMPROP_TRIGGERS; TYPE: TABLE
+-- ----------------------------------------------------------
+create table fn_qz_simprop_triggers (          
+    SCHED_NAME VARCHAR(120) not null,
+    TRIGGER_NAME VARCHAR(200) not null,
+    TRIGGER_GROUP VARCHAR(200) not null,
+    STR_PROP_1 VARCHAR(512) null,
+    STR_PROP_2 VARCHAR(512) null,
+    STR_PROP_3 VARCHAR(512) null,
+    INT_PROP_1 INT null,
+    INT_PROP_2 INT null,
+    LONG_PROP_1 BIGINT null,
+    LONG_PROP_2 BIGINT null,
+    DEC_PROP_1 NUMERIC(13,4) null,
+    DEC_PROP_2 NUMERIC(13,4) null,
+    BOOL_PROP_1 VARCHAR(1) null,
+    BOOL_PROP_2 VARCHAR(1) null,
+    primary key (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP),
+    FOREIGN KEY (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP) 
+    REFERENCES FN_QZ_TRIGGERS(SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP)
+);
+  
+-- ----------------------------------------------------------
+-- NAME: FN_QZ_BLOB_TRIGGERS; TYPE: TABLE
+-- ----------------------------------------------------------
+create table fn_qz_blob_triggers (
+SCHED_NAME VARCHAR(120) not null,
+TRIGGER_NAME VARCHAR(200) not null,
+TRIGGER_GROUP VARCHAR(200) not null,
+BLOB_DATA BLOB null,
+primary key (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP),
+INDEX (SCHED_NAME,TRIGGER_NAME, TRIGGER_GROUP),
+FOREIGN KEY (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP)
+REFERENCES FN_QZ_TRIGGERS(SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP)
+);
+  
+-- ----------------------------------------------------------
+-- NAME: FN_QZ_CALENDARS; TYPE: TABLE
+-- ----------------------------------------------------------
+create table fn_qz_calendars (
+SCHED_NAME VARCHAR(120) not null,
+CALENDAR_NAME VARCHAR(200) not null,
+CALENDAR BLOB not null,
+primary key (SCHED_NAME,CALENDAR_NAME)
+);
+
+
+-- ----------------------------------------------------------
+-- NAME: FN_QZ_PAUSED_TRIGGER_GRPS; TYPE: TABLE
+-- ----------------------------------------------------------
+create table fn_qz_paused_trigger_grps (
+SCHED_NAME VARCHAR(120) not null,
+TRIGGER_GROUP VARCHAR(200) not null,
+primary key (SCHED_NAME,TRIGGER_GROUP)
+);
+
+-- ----------------------------------------------------------
+-- NAME: FN_QZ_FIRED_TRIGGERS; TYPE: TABLE
+-- ----------------------------------------------------------
+create table fn_qz_fired_triggers (
+SCHED_NAME VARCHAR(120) not null,
+ENTRY_ID VARCHAR(95) not null,
+TRIGGER_NAME VARCHAR(200) not null,
+TRIGGER_GROUP VARCHAR(200) not null,
+INSTANCE_NAME VARCHAR(200) not null,
+FIRED_TIME BIGINT(13) not null,
+SCHED_TIME BIGINT(13) not null,
+PRIORITY INTEGER not null,
+STATE VARCHAR(16) not null,
+JOB_NAME VARCHAR(200) null,
+JOB_GROUP VARCHAR(200) null,
+IS_NONCONCURRENT VARCHAR(1) null,
+REQUESTS_RECOVERY VARCHAR(1) null,
+primary key (SCHED_NAME,ENTRY_ID)
+);
+
+-- ----------------------------------------------------------
+-- NAME: FN_QZ_SCHEDULER_STATE; TYPE: TABLE
+-- ----------------------------------------------------------
+create table fn_qz_scheduler_state (
+SCHED_NAME VARCHAR(120) not null,
+INSTANCE_NAME VARCHAR(200) not null,
+LAST_CHECKIN_TIME BIGINT(13) not null,
+CHECKIN_INTERVAL BIGINT(13) not null,
+primary key (SCHED_NAME,INSTANCE_NAME)
+);
+
+-- ----------------------------------------------------------
+-- NAME: FN_QZ_LOCKS; TYPE: TABLE
+-- ----------------------------------------------------------
+create table fn_qz_locks (
+SCHED_NAME VARCHAR(120) not null,
+LOCK_NAME VARCHAR(40) not null,
+primary key (SCHED_NAME,LOCK_NAME)
+);
+
+-- ----------------------------------------------------------
+-- NAME: FN_MENU_FAVORITES; TYPE: TABLE
+-- ----------------------------------------------------------
+
+create table fn_menu_favorites (
+  user_id int(11) not null,
+  menu_id int(11) not null,
+  primary key (user_id,menu_id)
+);
+
+-- FACELIFT - Table for Events, News and Resources
+
+create table fn_common_widget_data(
+	id int auto_increment, 
+	category varchar(32), 
+	href varchar(512), 
+	title varchar(256), 
+	content varchar(4096), 
+	event_date varchar(10), -- YYYY-MM-DD 
+	sort_order int, 
+	primary key (id)
+);
+
+create table fn_app_contact_us (
+  app_id int(11) not null,
+  contact_name varchar(128) default null,
+  contact_email varchar(128) default null,
+  url varchar(256) default null,
+  active_yn varchar(2) default null,
+  description varchar(1024) default null,
+  primary key (app_id),
+  constraint fk_fn_a_con__ref_202_fn_app foreign key (app_id) references fn_app (app_id)
+);
+
+-- new 1610.2
+create table fn_pers_user_app_sel (
+  id   int(11) not null auto_increment,
+  user_id   int(11) not null,
+  app_id    int(11) not null,
+  status_cd char(1) not null,
+  primary key(id),
+  constraint fk_1_fn_pers_user_app_sel_fn_user foreign key (user_id) references fn_user (user_id),
+  constraint fk_2_fn_pers_user_app_sel_fn_app  foreign key (app_id)  references fn_app (app_id)
+);
+
+-- end new 1610.2
+
+-- new 1702 tables/views
+ -- 1702 Additions for User Notifications
+ -- ----------------------------------------------------------
+ -- NAME: ep_notification; TYPE: TABLE
+ -- ----------------------------------------------------------
+ create table ep_notification (
+    notification_ID     int(11) primary key not null auto_increment,
+    is_for_online_users char(1) default 'N',
+    is_for_all_roles    char(1) default 'N',
+    active_YN           char(1) default 'Y',
+    msg_header          varchar(100),
+    msg_description     varchar(2000),
+    msg_source          varchar(50) default 'EP',
+    start_time          timestamp default now(),
+    end_time            timestamp null,
+    priority            int(11),
+    creator_ID          int(11) null default null,
+    created_date        timestamp null default null,
+    notification_hyperlink varchar(512) null default null  -- new column for 1710
+   );
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_role_notification; TYPE: TABLE
+ -- ----------------------------------------------------------
+ create table ep_role_notification (
+   ID                  int(11) primary key not null auto_increment,
+   notification_ID     int(11),
+   role_ID             int(11),
+   recv_user_id        int(11) null,
+   constraint fk_ep_role_notif_fn_role foreign key (role_ID) references fn_role(role_id),
+   constraint fk_ep_role_notif_fn_notif foreign key (notification_ID) references ep_notification(notification_ID)
+   );
+   
+ -- ----------------------------------------------------------
+ -- NAME: ep_user_notification; TYPE: TABLE
+ -- ----------------------------------------------------------
+ create table ep_user_notification (
+    ID                  int(11) primary key not null auto_increment,
+    User_ID             int(11),
+    notification_ID     int(11),
+    is_viewed           char(1) default 'N',
+    updated_time        timestamp default now(),
+    constraint fk_ep_urole_notif_fn_user foreign key (User_ID) references fn_user(user_id),
+    constraint fk_ep_urole_notif_fn_notif foreign key (notification_ID) references ep_notification(notification_ID)
+   );
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_pers_user_app_sort; TYPE: Table
+ -- ----------------------------------------------------------
+
+ CREATE TABLE ep_pers_user_app_sort (
+   id        int(11) not null primary key auto_increment,
+   user_id   int(11) not null,
+   sort_pref char(1) not null,
+   unique key uk_1_ep_pers_user_app_sort (user_id),
+   constraint fk_ep_pers_user_app_sort_fn_user foreign key (user_id) references fn_user(user_id)
+ );
+ -- ----------------------------------------------------------
+ -- NAME: ep_pers_user_app_man_sort; TYPE: Table
+ -- ----------------------------------------------------------
+
+ CREATE TABLE ep_pers_user_app_man_sort (
+   id         int(11) not null primary key auto_increment,
+   user_id    int(11) not null,
+   app_id     int(11) not null,
+   sort_order int(11) not null,
+   unique key uk_1_ep_pers_user_app_man_sort (user_id, app_id),
+   constraint fk_ep_pers_app_man_sort_fn_user foreign key (user_id) references fn_user(user_id),
+   constraint fk_ep_pers_app_man_sort_fn_app foreign key (app_id) references fn_app(app_id)
+ );
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_widget_catalog; TYPE: Table
+ -- ----------------------------------------------------------
+
+ CREATE TABLE ep_widget_catalog (
+   widget_id int(11) not null auto_increment,
+   wdg_name varchar(100) not null default '?',
+   service_id int(11) default null,
+   wdg_desc varchar(200) default null,
+   wdg_file_loc varchar(256) not null default '?',
+   all_user_flag char(1) not null default 'N',
+   primary key (widget_id)
+ );
+ 
+ -- ----------------------------------------------------------
+ -- NAME: ep_widget_catalog_role; TYPE: Table
+ -- ----------------------------------------------------------
+ create table ep_widget_catalog_role (
+   widget_id 	int(10) not null,
+   app_id 		int(11) default '1',
+   role_id 		int(10) not null,
+   key fk_ep_widget_catalog_role_fn_widget (widget_id),
+   key fk_ep_widget_catalog_role_ref_fn_role (role_id),
+   key fk_ep_widget_catalog_role_app_id  (app_id),
+   constraint fk_ep_widget_catalog_role_fn_widget foreign key (widget_id) references ep_widget_catalog (widget_id),
+   constraint fk_ep_widget_catalog_role_ref_fn_role foreign key (role_id) references fn_role (role_id),
+   constraint fk_ep_widget_catalog_role_app_id foreign key (app_id) references fn_app (app_id)
+ );
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_pers_user_widget_placement; TYPE: Table
+ -- ----------------------------------------------------------
+ CREATE TABLE ep_pers_user_widget_placement (
+   id        int(11) not null primary key auto_increment,
+   user_id   int(11) not null,
+   widget_id int(11) not null,
+   x         int(11) not null,
+   y         int(11),
+   height    int(11),
+   width     int(11),
+   unique key uk_1_ep_pers_user_widg_place (user_id, widget_id),
+   constraint fk_ep_pers_user_widg_place_fn_user foreign key (user_id) references fn_user(user_id),
+   constraint fk_ep_pers_user_widg_place_ep_widg foreign key (widget_id) references ep_widget_catalog(widget_id)
+ );
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_pers_user_widget_sel; TYPE: TABLE
+ -- ----------------------------------------------------------
+ CREATE TABLE ep_pers_user_widget_sel (
+   id        int(11) not null primary key auto_increment,
+   user_id   int(11) not null,
+   widget_id int(11) not null,
+   status_cd char(1) not null,
+   unique key uk_1_ep_pers_user_widg_sel_user_widg (user_id, widget_id),
+   CONSTRAINT fk_1_ep_pers_user_wid_sel_fn_user FOREIGN KEY (user_id) REFERENCES fn_user (user_id),
+   CONSTRAINT fk_2_ep_pers_user_wid_sel_ep_wid FOREIGN KEY (widget_id) REFERENCES ep_widget_catalog (widget_id)
+ );
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_widget_catalog_files; TYPE: TABLE
+ -- ----------------------------------------------------------
+ CREATE TABLE ep_widget_catalog_files (
+        file_id            	int(11) not null primary key auto_increment,
+        widget_id          	int(11),
+		widget_name 		VARCHAR(100) NOT NULL,
+		framework_js 		LONGBLOB NULL,
+		controller_js 		LONGBLOB NULL,
+		markup_html 		LONGBLOB NULL,
+		widget_css 			LONGBLOB NULL
+ );
+
+ -- ----------------------------------------------------------
+ -- NAME: fn_role_v; TYPE: VIEW
+ -- All roles without an APP_ID are Portal only.
+ -- ----------------------------------------------------------
+ create view fn_role_v as
+  select fn_role.role_id as role_id,
+         fn_role.role_name as role_name,
+                fn_role.active_yn as active_yn,
+         fn_role.priority as priority,
+         fn_role.app_id as app_id,
+         fn_role.app_role_id as app_role_id
+ from fn_role where isnull(fn_role.app_id);
+
+-- end new 1702 tables/views
+
+-- new 1707 tables/views
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_user_roles_request; TYPE: TABLE
+ -- ----------------------------------------------------------
+
+create table ep_user_roles_request (
+    req_id int(11) not null primary key auto_increment,
+    user_id int(11) not null,
+    app_id int(11) not null,
+	created_date timestamp default now(),
+	updated_date timestamp default now(),
+    request_status character varying(50) not null,
+	constraint fk_user_roles_req_fn_user foreign key (user_id) references fn_user(user_id),
+	constraint fk_user_roles_req_fn_app foreign key (app_id) references fn_app(app_id)
+    );
+  
+  
+ -- ----------------------------------------------------------
+ -- NAME: ep_user_roles_request_det; TYPE: TABLE
+ -- ----------------------------------------------------------
+create table ep_user_roles_request_det (
+    id int(11) not null primary key auto_increment,
+    req_id int(11) default null,
+	requested_role_id int(10) not null,
+    request_type character varying(10) not null,
+    constraint fk_user_roles_req_fn_req_id foreign key (req_id) references ep_user_roles_request(req_id),
+    constraint fk_user_roles_req_fn_role_id foreign key (requested_role_id) references fn_role(role_id)
+    );
+	
+ -- ----------------------------------------------------------
+ -- NAME: ep_microservice; TYPE: TABLE
+ -- ----------------------------------------------------------
+
+CREATE TABLE ep_microservice (
+	id INT(11) NOT NULL AUTO_INCREMENT,
+	name VARCHAR(50) NULL DEFAULT NULL,
+	description VARCHAR(50) NULL DEFAULT NULL,
+	appId INT(11) NULL DEFAULT NULL,
+	endpoint_url VARCHAR(200) NULL DEFAULT NULL,
+	security_type VARCHAR(50) NULL DEFAULT NULL,
+	username VARCHAR(50) NULL DEFAULT NULL,
+	password VARCHAR(50) NULL DEFAULT NULL,
+	active CHAR(1) NOT NULL DEFAULT 'Y',
+	PRIMARY KEY (id),
+	CONSTRAINT FK_FN_APP_EP_MICROSERVICE FOREIGN KEY (appId) REFERENCES fn_app (app_id)
+);
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_microservice_parameter; TYPE: TABLE
+ -- ----------------------------------------------------------
+ 
+CREATE TABLE ep_microservice_parameter (
+	id INT(11) NOT NULL AUTO_INCREMENT,
+	service_id INT(11) NULL DEFAULT NULL,
+	para_key VARCHAR(50) NULL DEFAULT NULL,
+	para_value VARCHAR(50) NULL DEFAULT NULL,
+	PRIMARY KEY (id),
+	CONSTRAINT FK_EP_MICROSERIVCE_EP_MICROSERVICE_PARAMETER FOREIGN KEY (service_id) REFERENCES ep_microservice (id)
+);
+
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_widget_preview_files; TYPE: TABLE
+ -- ----------------------------------------------------------
+ 
+CREATE TABLE ep_widget_preview_files (
+	preview_id INT(11) NOT NULL AUTO_INCREMENT,
+	html_file LONGBLOB NULL,
+	css_file LONGBLOB NULL,
+	javascript_file LONGBLOB NULL,
+	framework_file LONGBLOB NULL,
+	PRIMARY KEY (preview_id)
+);
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_widget_microservice; TYPE: TABLE
+ -- ----------------------------------------------------------
+
+CREATE TABLE ep_widget_microservice (
+	id INT(11) NOT NULL AUTO_INCREMENT,
+	widget_id INT(11) NOT NULL DEFAULT '0',
+	microservice_id INT(11) NOT NULL DEFAULT '0',
+	PRIMARY KEY (id),
+	CONSTRAINT FK_EP_WIDGET_MICROSERVICE_EP_MICROSERVICE FOREIGN KEY (microservice_id) REFERENCES ep_microservice (id),
+	CONSTRAINT FK_EP_WIDGET_MICROSERVICE_EP_WIDGET FOREIGN KEY (widget_id) REFERENCES ep_widget_catalog (widget_id)
+);
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_basic_auth_account; TYPE: TABLE
+ -- ----------------------------------------------------------
+ 
+create table ep_basic_auth_account (
+	id INT(11) NOT NULL AUTO_INCREMENT,
+	ext_app_name VARCHAR(50) NOT NULL,
+	username VARCHAR(50) NOT NULL,
+	password VARCHAR(50) null default null,
+    active_yn char(1) NOT NULL default 'Y',
+	PRIMARY KEY (id)
+);
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_widget_catalog_parameter; TYPE: TABLE
+ -- ----------------------------------------------------------
+ 
+create table  ep_widget_catalog_parameter (
+	id INT(11) NOT NULL AUTO_INCREMENT,
+	widget_id INT(11) NOT NULL,
+	user_id INT(11) NOT NULL,
+	param_id INT(11) NOT NULL,
+    user_value VARCHAR(50) NULL,
+	PRIMARY KEY (id),
+	CONSTRAINT EP_FN_USER_WIDGET_PARAMETER_FK FOREIGN KEY (user_id) REFERENCES fn_user (user_id),
+	CONSTRAINT EP_WIDGET_CATALOG_WIDGET_PARAMETER_FK FOREIGN KEY (widget_id) REFERENCES ep_widget_catalog (widget_id),
+	CONSTRAINT EP_PARAMETER_ID_WIDGET_PARAMETER_FK FOREIGN KEY (param_id) REFERENCES ep_microservice_parameter (id)
+);
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_web_analytics_source; TYPE: TABLE
+ -- ----------------------------------------------------------
+ 
+create table ep_web_analytics_source(
+	resource_id int(11) NOT NULL auto_increment,
+	app_id int(11) NOT NULL,
+    report_source varchar(500),
+    report_name  varchar(500),
+    PRIMARY KEY (resource_id),
+	FOREIGN KEY (app_id) REFERENCES fn_app(app_id)
+); 
+
+ -- Machine Learning Tables
+ -- ----------------------------------------------------------
+ -- NAME: ep_ml_model; TYPE: TABLE
+ -- ----------------------------------------------------------
+ 
+create table ep_ml_model(
+  time_stamp timestamp default now(),
+  group_id int(11) NOT NULL,
+  model longblob,
+  PRIMARY KEY (time_stamp,group_id)
+);
+ -- ----------------------------------------------------------
+ -- NAME: ep_ml_rec; TYPE: TABLE
+ -- ----------------------------------------------------------
+ 
+create table ep_ml_rec(
+  time_stamp timestamp default now(),
+  org_user_id varchar(20) NOT NULL,
+  rec varchar(4000) DEFAULT NULL,
+  PRIMARY KEY (time_stamp,org_user_id)
+);
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_ml_user; TYPE: TABLE
+ -- ----------------------------------------------------------
+ 
+create table ep_ml_user(
+  time_stamp timestamp default now(),
+  org_user_id varchar(20) NOT NULL,
+  group_id int(11) NOT NULL,
+  PRIMARY KEY (time_stamp,org_user_id)
+);
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_endpoints; TYPE: TABLE
+ -- ----------------------------------------------------------
+ 
+create table  ep_endpoints (
+	id INT(11) NOT NULL AUTO_INCREMENT,
+    url VARCHAR(50) NOT NULL,
+	PRIMARY KEY (id)
+);
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_endpoints_basic_auth_account; TYPE: TABLE
+ -- ----------------------------------------------------------
+
+create table  ep_endpoints_basic_auth_account (
+	id INT(11) NOT NULL AUTO_INCREMENT,
+	ep_id INT(11) DEFAULT NULL,
+	account_id INT(11) DEFAULT NULL,
+	PRIMARY KEY (id),
+	CONSTRAINT ep_endpoints_basic_auth_account_account_id_fk FOREIGN KEY (account_id) REFERENCES ep_basic_auth_account (id),
+	CONSTRAINT ep_endpoints_basic_auth_account_ep_id_fk FOREIGN KEY (ep_id) REFERENCES ep_endpoints (id)
+
+);
+
+-- end new 1707 tables/views
+
+-- new 1710 tables/views
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_app_function; TYPE: TABLE
+ -- ----------------------------------------------------------
+
+CREATE TABLE ep_app_function (
+app_id INT(11) NOT NULL,
+function_cd VARCHAR(250) NOT NULL,
+function_name VARCHAR(500) NOT NULL,
+PRIMARY KEY (function_cd, app_id),
+INDEX fk_ep_app_function_app_id (app_id),
+CONSTRAINT fk_ep_app_function_app_id FOREIGN KEY (app_id) REFERENCES fn_app (app_id)
+);
+
+ -- ----------------------------------------------------------
+ -- NAME: ep_app_role_function; TYPE: TABLE
+ -- ----------------------------------------------------------
+
+CREATE TABLE `ep_app_role_function` (
+`id` INT(11) NOT NULL AUTO_INCREMENT,
+`app_id` INT(11) NOT NULL,
+`role_id` INT(11) NOT NULL,
+`function_cd` VARCHAR(250) NOT NULL,
+`role_app_id` VARCHAR(20) NULL DEFAULT NULL,
+PRIMARY KEY (`id`),
+UNIQUE INDEX `UNIQUE KEY` (`app_id`, `role_id`, `function_cd`),
+CONSTRAINT `fk_ep_app_role_function_app_id` FOREIGN KEY (`app_id`) REFERENCES `fn_app` (`app_id`),
+CONSTRAINT `fk_ep_app_role_function_ep_app_func` FOREIGN KEY (`app_id`, `function_cd`) REFERENCES `ep_app_function` (`app_id`, `function_cd`),
+CONSTRAINT `fk_ep_app_role_function_role_id` FOREIGN KEY (`role_id`) REFERENCES `fn_role` (`role_id`)
+);
+
+-- end new 1710 tables/views
+
+-- ----------------------------------------------------------
+-- NAME: QUARTZ TYPE: INDEXES
+-- ----------------------------------------------------------
+create index idx_fn_qz_j_req_recovery on fn_qz_job_details(sched_name,requests_recovery);
+create index idx_fn_qz_j_grp on fn_qz_job_details(sched_name,job_group);
+create index idx_fn_qz_t_j on fn_qz_triggers(sched_name,job_name,job_group);
+create index idx_fn_qz_t_jg on fn_qz_triggers(sched_name,job_group);
+create index idx_fn_qz_t_c on fn_qz_triggers(sched_name,calendar_name);
+create index idx_fn_qz_t_g on fn_qz_triggers(sched_name,trigger_group);
+create index idx_fn_qz_t_state on fn_qz_triggers(sched_name,trigger_state);
+create index idx_fn_qz_t_n_state on fn_qz_triggers(sched_name,trigger_name,trigger_group,trigger_state);
+create index idx_fn_qz_t_n_g_state on fn_qz_triggers(sched_name,trigger_group,trigger_state);
+create index idx_fn_qz_t_next_fire_time on fn_qz_triggers(sched_name,next_fire_time);
+create index idx_fn_qz_t_nft_st on fn_qz_triggers(sched_name,trigger_state,next_fire_time);
+create index idx_fn_qz_t_nft_misfire on fn_qz_triggers(sched_name,misfire_instr,next_fire_time);
+create index idx_fn_qz_t_nft_st_misfire on fn_qz_triggers(sched_name,misfire_instr,next_fire_time,trigger_state);
+create index idx_fn_qz_t_nft_st_misfire_grp on fn_qz_triggers(sched_name,misfire_instr,next_fire_time,trigger_group,trigger_state);
+create index idx_fn_qz_ft_trig_inst_name on fn_qz_fired_triggers(sched_name,instance_name);
+create index idx_fn_qz_ft_inst_job_req_rcvry on fn_qz_fired_triggers(sched_name,instance_name,requests_recovery);
+create index idx_fn_qz_ft_j_g on fn_qz_fired_triggers(sched_name,job_name,job_group);
+create index idx_fn_qz_ft_jg on fn_qz_fired_triggers(sched_name,job_group);
+create index idx_fn_qz_ft_t_g on fn_qz_fired_triggers(sched_name,trigger_name,trigger_group);
+create index idx_fn_qz_ft_tg on fn_qz_fired_triggers(sched_name,trigger_group);
+
+
+-- ------------------ create view section
+--
+-- name: v_url_access; type: view
+--
+create view v_url_access as
+ select distinct m.action as url,
+    m.function_cd
+   from fn_menu m
+  where (m.action is not null)
+union
+ select distinct t.action as url,
+    t.function_cd
+   from fn_tab t
+  where (t.action is not null)
+union
+ select r.restricted_url as url,
+    r.function_cd
+   from fn_restricted_url r;
+   
+-- ------------------ alter table add constraint primary key section
+--
+-- name: cr_favorite_reports_user_idrep_id; type: constraint
+--
+alter table cr_favorite_reports 
+    add constraint cr_favorite_reports_user_idrep_id primary key (user_id, rep_id);
+--
+-- name: cr_folder_folder_id; type: constraint
+--
+alter table cr_folder
+    add constraint cr_folder_folder_id primary key (folder_id);
+--
+-- name: cr_folder_access_folder_access_id; type: constraint
+--
+alter table cr_folder_access
+    add constraint cr_folder_access_folder_access_id primary key (folder_access_id);
+--
+-- name: cr_hist_user_map_hist_iduser_id; type: constraint
+--
+alter table cr_hist_user_map
+    add constraint cr_hist_user_map_hist_iduser_id primary key (hist_id, user_id);
+--
+-- name: cr_lu_file_type_lookup_id; type: constraint
+--
+alter table cr_lu_file_type
+    add constraint cr_lu_file_type_lookup_id primary key (lookup_id);
+--
+-- name: cr_raptor_action_img_image_id; type: constraint
+--
+alter table cr_raptor_action_img
+    add constraint cr_raptor_action_img_image_id primary key (image_id);
+--
+-- name: cr_raptor_pdf_img_image_id; type: constraint
+--
+alter table cr_raptor_pdf_img
+    add constraint cr_raptor_pdf_img_image_id primary key (image_id);
+--
+-- name: cr_remote_schema_info_schema_prefix; type: constraint
+--
+alter table cr_remote_schema_info
+    add constraint cr_remote_schema_info_schema_prefix primary key (schema_prefix);
+--
+-- name: cr_report_rep_id; type: constraint
+--
+alter table cr_report
+    add constraint cr_report_rep_id primary key (rep_id);
+--
+-- name: cr_report_access_rep_idorder_no; type: constraint
+--
+alter table cr_report_access
+    add constraint cr_report_access_rep_idorder_no primary key (rep_id, order_no);
+--
+-- name: cr_report_email_sent_log_log_id; type: constraint
+--
+alter table cr_report_email_sent_log
+    add constraint cr_report_email_sent_log_log_id primary key (log_id);
+--
+-- name: cr_report_file_history_hist_id; type: constraint
+--
+alter table cr_report_file_history
+    add constraint cr_report_file_history_hist_id primary key (hist_id);
+--
+-- name: cr_report_schedule_schedule_id; type: constraint
+--
+alter table cr_report_schedule
+    add constraint cr_report_schedule_schedule_id primary key (schedule_id);
+--
+-- name: cr_report_schedule_users_schedule_idrep_iduser_idorder_no; type: constraint
+--
+alter table cr_report_schedule_users
+    add constraint cr_report_schedule_users_schedule_idrep_iduser_idorder_no primary key (schedule_id, rep_id, user_id, order_no);
+--
+-- name: cr_report_template_map_report_id; type: constraint
+--
+alter table cr_report_template_map
+    add constraint cr_report_template_map_report_id primary key (report_id);
+--
+-- name: cr_table_role_table_namerole_id; type: constraint
+--
+alter table cr_table_role
+    add constraint cr_table_role_table_namerole_id primary key (table_name, role_id);
+--
+-- name: cr_table_source_table_name; type: constraint
+--
+alter table cr_table_source
+    add constraint cr_table_source_table_name primary key (table_name);
+--
+-- name: fn_audit_action_audit_action_id; type: constraint
+--
+alter table fn_audit_action
+    add constraint fn_audit_action_audit_action_id primary key (audit_action_id);  
+--
+--
+-- name: fk_fn_audit_ref_205_fn_lu_ac; type: constraint
+--
+alter table fn_audit_log
+	add constraint fk_fn_audit_ref_205_fn_lu_ac foreign key (activity_cd) references fn_lu_activity(activity_cd);
+--
+-- name: fk_fn_role__ref_201_fn_funct; type: constraint
+--    
+alter table fn_role_function
+	add constraint fk_fn_role__ref_201_fn_funct foreign key (function_cd) references fn_function(function_cd);
+--
+-- name: fn_chat_logs_chat_log_id; type: constraint
+--
+alter table fn_chat_logs
+    add constraint fn_chat_logs_chat_log_id primary key (chat_log_id);
+--
+-- name: fn_chat_room_chat_room_id; type: constraint
+--
+alter table fn_chat_room
+    add constraint fn_chat_room_chat_room_id primary key (chat_room_id);
+--
+-- name: fn_chat_users_id; type: constraint
+--
+alter table fn_chat_users  
+    add constraint fn_chat_users_id primary key (id);
+--
+-- name: fn_lu_alert_method_alert_method_cd; type: constraint
+--
+alter table fn_lu_alert_method
+    add constraint fn_lu_alert_method_alert_method_cd primary key (alert_method_cd);
+--
+-- name: fn_lu_broadcast_site_broadcast_site_cd; type: constraint
+--
+alter table fn_lu_broadcast_site
+    add constraint fn_lu_broadcast_site_broadcast_site_cd primary key (broadcast_site_cd);
+--
+-- name: fn_lu_priority_priority_id; type: constraint
+--
+alter table fn_lu_priority
+    add constraint fn_lu_priority_priority_id primary key (priority_id);
+--
+-- name: fn_lu_role_type_role_type_id; type: constraint
+--
+alter table fn_lu_role_type
+    add constraint fn_lu_role_type_role_type_id primary key (role_type_id);
+--
+-- name: fn_lu_tab_set_tab_set_cd; type: constraint
+--
+alter table fn_lu_tab_set
+    add constraint fn_lu_tab_set_tab_set_cd primary key (tab_set_cd);
+--
+-- name: fn_lu_timezone_timezone_id; type: constraint
+--
+alter table fn_lu_timezone
+    add constraint fn_lu_timezone_timezone_id primary key (timezone_id);
+--
+-- name: fn_org_org_id; type: constraint
+--
+alter table fn_org
+    add constraint fn_org_org_id primary key (org_id);
+--
+-- name: fn_restricted_url_restricted_urlfunction_cd; type: constraint
+--
+alter table fn_restricted_url
+    add constraint fn_restricted_url_restricted_urlfunction_cd primary key (restricted_url, function_cd);
+--
+-- name: fn_role_composite_parent_role_idchild_role_id; type: constraint
+--
+alter table fn_role_composite
+    add constraint fn_role_composite_parent_role_idchild_role_id primary key (parent_role_id, child_role_id);
+--
+-- name: fn_role_function_role_idfunction_cd; type: constraint
+--
+alter table fn_role_function
+    add constraint fn_role_function_role_idfunction_cd primary key (role_id, function_cd);
+--
+-- name: fn_tab_tab_cd; type: constraint
+--
+alter table fn_tab
+    add constraint fn_tab_tab_cd primary key (tab_cd);
+--
+-- name: fn_tab_selected_selected_tab_cdtab_uri; type: constraint
+--
+alter table fn_tab_selected
+    add constraint fn_tab_selected_selected_tab_cdtab_uri primary key (selected_tab_cd, tab_uri);
+--
+-- name: fn_user_pseudo_role_pseudo_role_iduser_id; type: constraint
+--
+alter table fn_user_pseudo_role
+    add constraint fn_user_pseudo_role_pseudo_role_iduser_id primary key (pseudo_role_id, user_id);
+--
+-- name: fn_user_role_user_idrole_id; type: constraint
+--
+alter table fn_user_role
+    add constraint fn_user_role_user_idrole_id primary key (user_id, role_id, app_id);
+-- ------------------ create index section
+--
+-- name: cr_report_create_idpublic_yntitle; type: index
+--
+create index cr_report_create_idpublic_yntitle using btree on cr_report (create_id, public_yn, title);
+--
+-- name: cr_table_join_dest_table_name; type: index
+--
+create index cr_table_join_dest_table_name using btree on cr_table_join (dest_table_name);
+--
+-- name: cr_table_join_src_table_name; type: index
+--
+create index cr_table_join_src_table_name using btree on cr_table_join (src_table_name);
+--
+-- name: fn_audit_log_activity_cd; type: index
+--
+create index fn_audit_log_activity_cd using btree on fn_audit_log (activity_cd);
+--
+-- name: fn_audit_log_user_id; type: index
+--
+create index fn_audit_log_user_id using btree on fn_audit_log (user_id);
+--
+-- name: fn_org_access_cd; type: index
+--
+create index fn_org_access_cd using btree on fn_org (access_cd);
+--
+-- name: fn_role_function_function_cd; type: index
+--
+create index fn_role_function_function_cd using btree on fn_role_function (function_cd);
+--
+-- name: fn_role_function_role_id; type: index
+--
+create index fn_role_function_role_id using btree on fn_role_function (role_id);
+--
+-- name: fn_user_address_id; type: index
+--
+create index fn_user_address_id using btree on fn_user (address_id); 
+--
+-- name: fn_user_alert_method_cd; type: index
+--
+create index fn_user_alert_method_cd using btree on fn_user (alert_method_cd); 
+--
+-- name: fn_user_hrid; type: index
+--
+create unique index fn_user_hrid using btree on fn_user (hrid); 
+--
+-- name: fn_user_login_id; type: index
+--
+create unique index fn_user_login_id using btree on fn_user (login_id); 
+--
+-- name: fn_user_org_id; type: index
+--
+create index fn_user_org_id using btree on fn_user (org_id); 
+--
+-- name: fn_user_role_role_id; type: index
+--
+create index fn_user_role_role_id using btree on fn_user_role (role_id);
+--
+-- name: fn_user_role_user_id; type: index
+--
+create index fn_user_role_user_id using btree on fn_user_role (user_id);
+--
+-- name: fk_fn_user__ref_178_fn_app_idx; type: index
+--
+create index fk_fn_user__ref_178_fn_app_idx on fn_user_role (app_id);
+ --
+ -- name: fn_role_name_app_id_idx; type: index
+ --
+ create unique index fn_role_name_app_id_idx using btree on fn_role (role_name,app_id);
+ 
+-- new for 1707
+ 
+create index ep_notif_recv_user_id_idx using btree on ep_role_notification (recv_user_id);
+  
+-- end new for 1707
+
+-- ------------------ alter table add constraint foreign key section
+--
+-- name: fk_fn_user__ref_178_fn_app; type: fk constraint
+--
+alter table fn_user_role
+	add constraint fk_fn_user__ref_178_fn_app foreign key (app_id) references fn_app(app_id);
+--
+-- name: fk_cr_repor_ref_14707_cr_repor; type: fk constraint
+--
+alter table cr_report_schedule
+    add constraint fk_cr_repor_ref_14707_cr_repor foreign key (rep_id) references cr_report(rep_id);
+--
+-- name: fk_cr_repor_ref_14716_cr_repor; type: fk constraint
+--
+alter table cr_report_schedule_users
+    add constraint fk_cr_repor_ref_14716_cr_repor foreign key (schedule_id) references cr_report_schedule(schedule_id);
+--
+-- name: fk_cr_repor_ref_17645_cr_repor; type: fk constraint
+--
+alter table cr_report_log
+    add constraint fk_cr_repor_ref_17645_cr_repor foreign key (rep_id) references cr_report(rep_id);
+--
+-- name: fk_cr_repor_ref_8550_cr_repor; type: fk constraint
+--
+alter table cr_report_access
+    add constraint fk_cr_repor_ref_8550_cr_repor foreign key (rep_id) references cr_report(rep_id);
+--
+-- name: fk_cr_report_rep_id; type: fk constraint
+--
+alter table cr_report_email_sent_log
+    add constraint fk_cr_report_rep_id foreign key (rep_id) references cr_report(rep_id);
+--
+-- name: fk_cr_table_ref_311_cr_tab; type: fk constraint
+--
+alter table cr_table_join
+    add constraint fk_cr_table_ref_311_cr_tab foreign key (src_table_name) references cr_table_source(table_name);
+--
+-- name: fk_cr_table_ref_315_cr_tab; type: fk constraint
+--
+alter table cr_table_join
+    add constraint fk_cr_table_ref_315_cr_tab foreign key (dest_table_name) references cr_table_source(table_name);
+--
+-- name: fk_cr_table_ref_32384_cr_table; type: fk constraint
+--
+alter table cr_table_role
+    add constraint fk_cr_table_ref_32384_cr_table foreign key (table_name) references cr_table_source(table_name);
+--
+-- name: fk_fn_tab_function_cd; type: fk constraint
+--
+alter table fn_tab
+    add constraint fk_fn_tab_function_cd foreign key (function_cd) references fn_function(function_cd);
+--
+-- name: fk_fn_tab_selected_tab_cd; type: fk constraint
+--
+alter table fn_tab_selected
+    add constraint fk_fn_tab_selected_tab_cd foreign key (selected_tab_cd) references fn_tab(tab_cd);
+--
+-- name: fk_fn_tab_set_cd; type: fk constraint
+--
+alter table fn_tab
+    add constraint fk_fn_tab_set_cd foreign key (tab_set_cd) references fn_lu_tab_set(tab_set_cd);
+--
+-- name: fk_fn_user_ref_110_fn_org; type: fk constraint
+-- 
+alter table fn_user
+    add constraint fk_fn_user_ref_110_fn_org foreign key (org_id) references fn_org(org_id); 
+--
+-- name: fk_fn_user_ref_123_fn_lu_al; type: fk constraint
+--
+alter table fn_user
+    add constraint fk_fn_user_ref_123_fn_lu_al foreign key (alert_method_cd) references fn_lu_alert_method(alert_method_cd); 
+--
+-- name: fk_fn_user_ref_197_fn_user; type: fk constraint
+--
+ alter table fn_user
+    add constraint fk_fn_user_ref_197_fn_user foreign key (manager_id) references fn_user(user_id); 
+--
+-- name: fk_fn_user_ref_198_fn_user; type: fk constraint
+--
+alter table fn_user  
+    add constraint fk_fn_user_ref_198_fn_user foreign key (created_id) references fn_user(user_id); 
+--
+-- name: fk_fn_user_ref_199_fn_user; type: fk constraint
+--
+alter table fn_user  
+    add constraint fk_fn_user_ref_199_fn_user foreign key (modified_id) references fn_user(user_id); 
+--
+-- name: fk_parent_key_cr_folder; type: fk constraint
+--
+alter table cr_folder
+    add constraint fk_parent_key_cr_folder foreign key (parent_folder_id) references cr_folder(folder_id);
+--
+-- name: fk_pseudo_role_pseudo_role_id; type: fk constraint
+--
+alter table fn_user_pseudo_role 
+    add constraint fk_pseudo_role_pseudo_role_id foreign key (pseudo_role_id) references fn_role(role_id);
+--
+-- name: fk_pseudo_role_user_id; type: fk constraint
+--
+alter table fn_user_pseudo_role 
+    add constraint fk_pseudo_role_user_id foreign key (user_id) references fn_user(user_id);
+--
+-- name: fk_restricted_url_function_cd; type: fk constraint
+--
+alter table fn_restricted_url
+    add constraint fk_restricted_url_function_cd foreign key (function_cd) references fn_function(function_cd);
+--
+-- name: fk_timezone; type: fk constraint
+--
+alter table fn_user
+    add constraint fk_timezone foreign key (timezone) references fn_lu_timezone(timezone_id); 
+--
+-- name: sys_c0014614; type: fk constraint
+--
+alter table cr_report_file_history
+    add constraint sys_c0014614 foreign key (file_type_id) references cr_lu_file_type(lookup_id);
+--
+-- name: sys_c0014615; type: fk constraint
+--
+alter table cr_report_file_history
+    add constraint sys_c0014615 foreign key (rep_id) references cr_report(rep_id);
+--
+-- name: sys_c0014616; type: fk constraint
+--
+alter table cr_hist_user_map  
+    add constraint sys_c0014616 foreign key (hist_id) references cr_report_file_history(hist_id);
+--
+-- name: sys_c0014617; type: fk constraint
+--
+alter table cr_hist_user_map  
+    add constraint sys_c0014617 foreign key (user_id) references fn_user(user_id);
+--
+-- name: sys_c0014618; type: fk constraint
+--
+alter table fn_menu_favorites
+add constraint sys_c0014618 foreign key (user_id) references fn_user(user_id);  
+    
+--
+-- name: sys_c0014619; type: fk constraint
+--
+alter table fn_menu_favorites
+add constraint sys_c0014619 foreign key (menu_id) references fn_menu_functional(menu_id);
+
+commit;
diff --git a/ecomp-portal-DB-common/PortalDMLMySql_2_4_Common.sql b/ecomp-portal-DB-common/PortalDMLMySql_2_4_Common.sql
new file mode 100644
index 0000000..6c60c50
--- /dev/null
+++ b/ecomp-portal-DB-common/PortalDMLMySql_2_4_Common.sql
@@ -0,0 +1,276 @@
+-- --------------------------------------------------------------------------------------------
+-- This is the common default data for 2.1.0 Version of Portal database called portal 
+
+USE portal;
+
+set foreign_key_checks=1; 
+
+-- FN_FUNCTION
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_process','Process List');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_job','Job Menu');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_job_create','Job Create');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_job_designer','Process in Designer view');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_task','Task Menu');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_task_search','Task Search');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_map','Map Menu');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_sample','Sample Pages Menu');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('login','Login');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_home','Home Menu');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_customer','Customer Menu');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_reports','Reports Menu');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_profile','Profile Menu');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_admin','Admin Menu');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_feedback','Feedback Menu');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_help','Help Menu');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_logout','Logout Menu'); 
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_notes','Notes Menu');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_ajax','Ajax Menu');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_customer_create','Customer Create');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_profile_create','Profile Create');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_profile_import','Profile Import');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('menu_tab','Sample Tab Menu');
+Insert into fn_function (FUNCTION_CD,FUNCTION_NAME) values ('view_reports','View Raptor reports');
+
+-- new 1702
+Insert into fn_function (function_cd,function_name) values ('edit_notification','User Notification');
+Insert INTO fn_function (function_cd,function_name) values ('getAdminNotifications', 'Admin Notifications');
+Insert INTO fn_function (function_cd,function_name) values ('saveNotification', 'publish notifications');
+-- end new 1702
+
+-- new 1707
+INSERT INTO fn_function	(function_cd, function_name) VALUES ('menu_web_analytics', 'Web Analytics');
+-- end new 1707
+
+-- FN_LU_ACTIVITY
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('add_role','add_role');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('remove_role','remove_role');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('add_user_role','add_user_role');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('remove_user_role','remove_user_role');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('add_role_function','add_role_function');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('remove_role_function','remove_role_function');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('add_child_role','add_child_role');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('remove_child_role','remove_child_role');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('mobile_login','Mobile Login');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('mobile_logout','Mobile Logout');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('login','Login');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('logout','Logout');
+
+-- new 1610.2
+insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values('guest_login','Guest Login');  
+-- end new 1610.2
+
+-- new 1702
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('tab_access','Tab Access');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('app_access','App Access');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values('functional_access','Functional Access');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('left_menu_access','Left Menu Access');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('search','Search');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('apa','Add Portal Admin');                            
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('dpa','Delete Portal Admin');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('uaa','Update Account Admin');
+Insert into fn_lu_activity (ACTIVITY_CD,ACTIVITY) values ('uu','Update User');
+
+-- FN_LU_MENU_SET
+Insert into fn_lu_menu_set (MENU_SET_CD,MENU_SET_NAME) values ('APP','Application Menu');
+
+-- FN_MENU   Ecomp Portal now uses the left menu entries from fn_menu
+Insert into fn_menu(MENU_ID,LABEL,PARENT_ID,SORT_ORDER,ACTION,FUNCTION_CD,ACTIVE_YN,MENU_SET_CD,SEPARATOR_YN,IMAGE_SRC)
+                               values(1,'root',NULL,10,NULL,'menu_home','N','APP','N',NULL);
+                               
+Insert into fn_menu(MENU_ID,LABEL,PARENT_ID,SORT_ORDER,ACTION,FUNCTION_CD,ACTIVE_YN,MENU_SET_CD,SEPARATOR_YN,IMAGE_SRC)
+                               values(2,'Home',1,10,'root.applicationsHome','menu_home','Y','APP','N','icon-building-home');
+
+Insert into fn_menu(MENU_ID,LABEL,PARENT_ID,SORT_ORDER,ACTION,FUNCTION_CD,ACTIVE_YN,MENU_SET_CD,SEPARATOR_YN,IMAGE_SRC)
+                               values(3,'Application Catalog',1,15,'root.appCatalog','menu_home','Y','APP','N','icon-retail-gallery');
+
+Insert into fn_menu(MENU_ID,LABEL,PARENT_ID,SORT_ORDER,ACTION,FUNCTION_CD,ACTIVE_YN,MENU_SET_CD,SEPARATOR_YN,IMAGE_SRC)
+                               values(4,'Widget Catalog',1,20,'root.widgetCatalog','menu_home','Y','APP','N','icon-retail-gallery');
+
+Insert into fn_menu(MENU_ID,LABEL,PARENT_ID,SORT_ORDER,ACTION,FUNCTION_CD,ACTIVE_YN,MENU_SET_CD,SEPARATOR_YN,IMAGE_SRC)
+                               values(5,'Admins',1,40,'root.admins','menu_admin','Y','APP','N','icon-content-star');
+
+Insert into fn_menu(MENU_ID,LABEL,PARENT_ID,SORT_ORDER,ACTION,FUNCTION_CD,ACTIVE_YN,MENU_SET_CD,SEPARATOR_YN,IMAGE_SRC)
+                               values(6,'Roles',1,45,'root.roles','menu_acc_admin','Y','APP','N','icon-people-groupcollaboration');
+
+Insert into fn_menu(MENU_ID,LABEL,PARENT_ID,SORT_ORDER,ACTION,FUNCTION_CD,ACTIVE_YN,MENU_SET_CD,SEPARATOR_YN,IMAGE_SRC)
+                               values(7,'Users',1,50,'root.users','menu_acc_admin','Y','APP','N','icon-people-groupcollaboration');
+
+Insert into fn_menu(MENU_ID,LABEL,PARENT_ID,SORT_ORDER,ACTION,FUNCTION_CD,ACTIVE_YN,MENU_SET_CD,SEPARATOR_YN,IMAGE_SRC)
+                               values(8,'Portal Admins',1,60,'root.portalAdmins','menu_admin','Y','APP','N','icon-controls-settingsconnectedactivity');
+
+Insert into fn_menu(MENU_ID,LABEL,PARENT_ID,SORT_ORDER,ACTION,FUNCTION_CD,ACTIVE_YN,MENU_SET_CD,SEPARATOR_YN,IMAGE_SRC)
+                               values(9,'Application Onboarding',1,70,'root.applications','menu_admin','Y','APP','N','icon-content-grid2');
+
+Insert into fn_menu(MENU_ID,LABEL,PARENT_ID,SORT_ORDER,ACTION,FUNCTION_CD,ACTIVE_YN,MENU_SET_CD,SEPARATOR_YN,IMAGE_SRC)
+                               values(10,'Widget Onboarding',1,80,'root.widgetOnboarding','menu_admin','Y','APP','N','icon-content-grid2');
+
+Insert into fn_menu(MENU_ID,LABEL,PARENT_ID,SORT_ORDER,ACTION,FUNCTION_CD,ACTIVE_YN,MENU_SET_CD,SEPARATOR_YN,IMAGE_SRC)
+                               values(11,'Edit Functional Menu',1,90,'root.functionalMenu','menu_admin','Y','APP','N','icon-misc-pen');
+
+Insert into fn_menu(MENU_ID,LABEL,PARENT_ID,SORT_ORDER,ACTION,FUNCTION_CD,ACTIVE_YN,MENU_SET_CD,SEPARATOR_YN,IMAGE_SRC)
+                               values(12,'User Notifications',1,100,'root.userNotifications','edit_notification','Y','APP','N','icon-controls-settingsconnectedactivity');
+                               
+-- end new 1702
+
+-- new 1707
+Insert into fn_menu(MENU_ID,LABEL,PARENT_ID,SORT_ORDER,ACTION,FUNCTION_CD,ACTIVE_YN,MENU_SET_CD,SEPARATOR_YN,IMAGE_SRC)
+								values (13,'Microservice Onboarding', 1, 110, 'root.microserviceOnboarding', 'menu_admin', 'Y', 'APP', 'N', 'icon-content-grid2');
+Insert into fn_menu (menu_id, label, parent_id, sort_order, action, function_cd, active_yn, menu_set_cd, separator_yn, image_src)
+								values(15,'App Account Management', 1, 130, 'root.accountOnboarding', 'menu_admin', 'Y', 'App', 'N', 'icon-content-grid2');  
+
+-- end new 1707
+
+-- FN_LU_ALERT_METHOD
+Insert into fn_lu_alert_method (ALERT_METHOD_CD,ALERT_METHOD) values ('PHONE','Phone');
+Insert into fn_lu_alert_method (ALERT_METHOD_CD,ALERT_METHOD) values ('FAX','Fax');
+Insert into fn_lu_alert_method (ALERT_METHOD_CD,ALERT_METHOD) values ('PAGER','Pager');
+Insert into fn_lu_alert_method (ALERT_METHOD_CD,ALERT_METHOD) values ('EMAIL','Email');
+Insert into fn_lu_alert_method (ALERT_METHOD_CD,ALERT_METHOD) values ('SMS','SMS');
+
+-- FN_LU_PRIORITY
+Insert into fn_lu_priority (PRIORITY_ID,PRIORITY,ACTIVE_YN,SORT_ORDER) values (10,'Low','Y',10);
+Insert into fn_lu_priority (PRIORITY_ID,PRIORITY,ACTIVE_YN,SORT_ORDER) values (20,'Normal','Y',20);
+Insert into fn_lu_priority (PRIORITY_ID,PRIORITY,ACTIVE_YN,SORT_ORDER) values (30,'High','Y',30);
+Insert into fn_lu_priority (PRIORITY_ID,PRIORITY,ACTIVE_YN,SORT_ORDER) values (40,'Urgent','Y',40);
+Insert into fn_lu_priority (PRIORITY_ID,PRIORITY,ACTIVE_YN,SORT_ORDER) values (50,'Fatal','Y',50);
+
+-- FN_LU_TAB_SET
+Insert into fn_lu_tab_set (TAB_SET_CD,TAB_SET_NAME) values ('APP','Application Tabs');
+
+-- FN_LU_TIMEZONE
+Insert into fn_lu_timezone (TIMEZONE_ID,TIMEZONE_NAME,TIMEZONE_VALUE) values (10,'US/Eastern','US/Eastern');
+Insert into fn_lu_timezone (TIMEZONE_ID,TIMEZONE_NAME,TIMEZONE_VALUE) values (20,'US/Central','US/Central');
+Insert into fn_lu_timezone (TIMEZONE_ID,TIMEZONE_NAME,TIMEZONE_VALUE) values (30,'US/Mountain','US/Mountain');
+Insert into fn_lu_timezone (TIMEZONE_ID,TIMEZONE_NAME,TIMEZONE_VALUE) values (40,'US/Arizona','America/Phoenix');
+Insert into fn_lu_timezone (TIMEZONE_ID,TIMEZONE_NAME,TIMEZONE_VALUE) values (50,'US/Pacific','US/Pacific');
+Insert into fn_lu_timezone (TIMEZONE_ID,TIMEZONE_NAME,TIMEZONE_VALUE) values (60,'US/Alaska','US/Alaska');
+Insert into fn_lu_timezone (TIMEZONE_ID,TIMEZONE_NAME,TIMEZONE_VALUE) values (70,'US/Hawaii','US/Hawaii');
+
+-- FN_RESTRICTED_URL
+Insert into fn_restricted_url (restricted_url, function_cd) values ('attachment.htm','menu_admin');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('broadcast.htm','menu_admin');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('file_upload.htm','menu_admin');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('job.htm','menu_admin');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('role.htm','menu_admin');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('role_function.htm','menu_admin');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('test.htm','menu_admin');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('async_test.htm','menu_home');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('chatWindow.htm','menu_home');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('contact_list.htm','menu_home');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('customer_dynamic_list.htm','menu_home');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('event.htm','menu_home');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('event_list.htm','menu_home');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('mobile_welcome.htm','menu_home');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('sample_map.htm','menu_home');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('template.jsp','menu_home');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('jbpm_designer.htm','menu_job_create');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('jbpm_drools.htm','menu_job_create');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('process_job.htm','menu_job_create');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('profile.htm','menu_profile_create');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('raptor.htm','menu_reports');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('raptor2.htm','menu_reports');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('raptor_blob_extract.htm','menu_reports');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('raptor_email_attachment.htm','menu_reports');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('raptor_search.htm','menu_reports');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('report_list.htm','menu_reports');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('gauge.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('gmap_controller.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('gmap_frame.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('map.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('map_download.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('map_grid_search.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('sample_animated_map.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('sample_map_2.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('sample_map_3.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('tab2_sub1.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('tab2_sub2_link1.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('tab2_sub2_link2.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('tab2_sub3.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('tab3.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('tab4.htm','menu_tab');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('raptor.htm','view_reports');
+Insert into fn_restricted_url (restricted_url, function_cd) values ('raptor_blob_extract.htm','view_reports');
+
+-- FN_ROLE
+Insert into fn_role (ROLE_ID, ROLE_NAME, ACTIVE_YN, PRIORITY, APP_ID, APP_ROLE_ID) values (1,'System Administrator','Y',1,NULL,NULL);
+Insert into fn_role (ROLE_ID, ROLE_NAME, ACTIVE_YN, PRIORITY, APP_ID, APP_ROLE_ID) values (16,'Standard User','Y',5,NULL,NULL);
+Insert into fn_role (ROLE_ID, ROLE_NAME, ACTIVE_YN, PRIORITY, APP_ID, APP_ROLE_ID) values (999,'Account Administrator','Y',1,NULL,NULL);
+Insert into fn_role (ROLE_ID, ROLE_NAME, ACTIVE_YN, PRIORITY, APP_ID, APP_ROLE_ID) values (900,'Restricted App Role','Y','1',NULL,NULL);
+
+-- new 1702
+Insert into fn_role (ROLE_ID, ROLE_NAME, ACTIVE_YN, PRIORITY, APP_ID, APP_ROLE_ID) values (950,'Portal Notification Admin','Y','1',NULL,NULL);
+-- end new 1702
+
+-- new 1707
+INSERT INTO fn_role (role_id, role_name, active_yn, priority) VALUES ('1010', 'Usage Analyst', 'Y', '1');
+INSERT INTO fn_role (role_id, role_name, active_yn, priority) VALUES ('2115', 'Portal Usage Analyst', 'Y', '6');
+-- end new 1707
+
+-- FN_ROLE_Composite
+Insert into fn_role_composite (PARENT_ROLE_ID,CHILD_ROLE_ID) values (1,16);
+
+-- FN_ROLE_FUNCTION
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'login');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_admin');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_ajax');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_customer');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_customer_create');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_feedback');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_help');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_home');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_job');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_job_create');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_logout');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_notes');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_process');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_profile');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_profile_create');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_profile_import');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_reports');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_sample');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (1,'menu_tab');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (16,'login');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (16,'menu_ajax');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (16,'menu_customer');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (16,'menu_customer_create');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (16,'menu_home');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (16,'menu_logout');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (16,'menu_map');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (16,'menu_profile');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (16,'menu_reports');
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (16,'menu_tab');
+
+-- new 1702
+Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (950,'edit_notification');
+Insert INTO fn_role_function (ROLE_ID,FUNCTION_CD) values (950, 'getAdminNotifications');
+Insert INTO fn_role_function (ROLE_ID,FUNCTION_CD) values (950, 'saveNotification');
+-- end new 1702
+
+-- new 1707
+INSERT INTO fn_role_function (role_id, function_cd) VALUES ('1010', 'menu_web_analytics');
+INSERT INTO fn_role_function (role_id, function_cd) VALUES ('2115', 'menu_web_analytics');
+-- end new 1707
+
+-- FN_TAB
+Insert into fn_tab (TAB_CD,TAB_NAME,TAB_DESCR,ACTION,FUNCTION_CD,ACTIVE_YN,SORT_ORDER,PARENT_TAB_CD,TAB_SET_CD) values ('TAB2_SUB1_S1','Left Tab 1','Sub - Sub Tab 1 Information','tab2_sub1.htm','menu_tab','Y',10,'TAB2_SUB1','APP');
+Insert into fn_tab (TAB_CD,TAB_NAME,TAB_DESCR,ACTION,FUNCTION_CD,ACTIVE_YN,SORT_ORDER,PARENT_TAB_CD,TAB_SET_CD) values ('TAB1','Tab 1','Tab 1 Information','tab1.htm','menu_tab','Y',10,null,'APP');
+Insert into fn_tab (TAB_CD,TAB_NAME,TAB_DESCR,ACTION,FUNCTION_CD,ACTIVE_YN,SORT_ORDER,PARENT_TAB_CD,TAB_SET_CD) values ('TAB2','Tab 2','Tab 2 Information','tab2_sub1.htm','menu_tab','Y',20,null,'APP');
+Insert into fn_tab (TAB_CD,TAB_NAME,TAB_DESCR,ACTION,FUNCTION_CD,ACTIVE_YN,SORT_ORDER,PARENT_TAB_CD,TAB_SET_CD) values ('TAB3','Tab 3','Tab 3 Information','tab3.htm','menu_tab','Y',30,null,'APP');
+Insert into fn_tab (TAB_CD,TAB_NAME,TAB_DESCR,ACTION,FUNCTION_CD,ACTIVE_YN,SORT_ORDER,PARENT_TAB_CD,TAB_SET_CD) values ('TAB4','Tab 4','Tab 4 Information','tab4.htm','menu_tab','Y',40,null,'APP');
+Insert into fn_tab (TAB_CD,TAB_NAME,TAB_DESCR,ACTION,FUNCTION_CD,ACTIVE_YN,SORT_ORDER,PARENT_TAB_CD,TAB_SET_CD) values ('TAB2_SUB1','Sub Tab 1','Sub Tab 1 Information','tab2_sub1.htm','menu_tab','Y',10,'TAB2','APP');
+Insert into fn_tab (TAB_CD,TAB_NAME,TAB_DESCR,ACTION,FUNCTION_CD,ACTIVE_YN,SORT_ORDER,PARENT_TAB_CD,TAB_SET_CD) values ('TAB2_SUB2','Sub Tab 2','Sub Tab 2 Information','tab2_sub2.htm','menu_tab','Y',20,'TAB2','APP');
+Insert into fn_tab (TAB_CD,TAB_NAME,TAB_DESCR,ACTION,FUNCTION_CD,ACTIVE_YN,SORT_ORDER,PARENT_TAB_CD,TAB_SET_CD) values ('TAB2_SUB3','Sub Tab 3','Sub Tab 3 Information','tab2_sub3.htm','menu_tab','Y',30,'TAB2','APP');
+
+-- FN_TAB_SELECTED
+Insert into fn_tab_selected (SELECTED_TAB_CD,TAB_URI) values ('TAB1','tab1');
+Insert into fn_tab_selected (SELECTED_TAB_CD,TAB_URI) values ('TAB2','tab2_sub1');
+Insert into fn_tab_selected (SELECTED_TAB_CD,TAB_URI) values ('TAB2','tab2_sub2');
+Insert into fn_tab_selected (SELECTED_TAB_CD,TAB_URI) values ('TAB2','tab2_sub3');
+Insert into fn_tab_selected (SELECTED_TAB_CD,TAB_URI) values ('TAB2_SUB1','tab2_sub1');
+Insert into fn_tab_selected (SELECTED_TAB_CD,TAB_URI) values ('TAB2_SUB1_S1','tab2_sub1');
+Insert into fn_tab_selected (SELECTED_TAB_CD,TAB_URI) values ('TAB2_SUB2','tab2_sub2');
+Insert into fn_tab_selected (SELECTED_TAB_CD,TAB_URI) values ('TAB2_SUB3','tab2_sub3');
+Insert into fn_tab_selected (SELECTED_TAB_CD,TAB_URI) values ('TAB3','tab3');
+Insert into fn_tab_selected (SELECTED_TAB_CD,TAB_URI) values ('TAB4','tab4');
+
+commit;
\ No newline at end of file
diff --git a/ecomp-portal-DB-os/PortalDMLMySql_2_1_OS.sql b/ecomp-portal-DB-os/PortalDMLMySql_2_1_OS.sql
index eb1564e..fcb8997 100644
--- a/ecomp-portal-DB-os/PortalDMLMySql_2_1_OS.sql
+++ b/ecomp-portal-DB-os/PortalDMLMySql_2_1_OS.sql
@@ -20,7 +20,7 @@
 Insert into fn_user (USER_ID, ORG_ID, MANAGER_ID,FIRST_NAME,MIDDLE_NAME,LAST_NAME,PHONE,FAX,CELLULAR,EMAIL,ADDRESS_ID,ALERT_METHOD_CD,HRID,ORG_USER_ID,ORG_CODE,LOGIN_ID,LOGIN_PWD,LAST_LOGIN_DATE,ACTIVE_YN,CREATED_ID,CREATED_DATE,MODIFIED_ID,MODIFIED_DATE,IS_INTERNAL_YN,ADDRESS_LINE_1,ADDRESS_LINE_2,CITY,STATE_CD,ZIP_CODE,COUNTRY_CD,LOCATION_CLLI,ORG_MANAGER_USERID,COMPANY,DEPARTMENT_NAME,JOB_TITLE,TIMEZONE,DEPARTMENT,BUSINESS_UNIT,BUSINESS_UNIT_NAME,COST_CENTER,FIN_LOC_CODE,SILO_STATUS) values (1,NULL,NULL,'Demo',NULL,'User',NULL,NULL,NULL,'demo@openecomp.org',NULL,NULL,NULL,'demo',NULL,'demo','4Gl6WL1bmwviYm+XZa6pS1vC0qKXWtn9wcZWdLx61L0=','2016-10-20 15:11:16','Y',NULL,'2016-10-14 21:00:00',1,'2016-10-20 15:11:16','N',NULL,NULL,NULL,'NJ',NULL,'US',NULL,NULL,NULL,NULL,NULL,10,NULL,NULL,NULL,NULL,NULL,NULL);
 
 -- fn_appokYTaDrhzibcbGVq5mjkVQ==
-Insert INTO fn_app (APP_ID, APP_NAME, APP_IMAGE_URL, APP_DESCRIPTION, APP_NOTES, APP_URL, APP_ALTERNATE_URL, APP_REST_ENDPOINT, ML_APP_NAME, ML_APP_ADMIN_ID, MOTS_ID, APP_PASSWORD, OPEN, ENABLED, THUMBNAIL, APP_USERNAME, UEB_KEY, UEB_SECRET, UEB_TOPIC_NAME, APP_TYPE, AUTH_CENTRAL, AUTH_NAMESPACE) values (1,'Default','assets/images/tmp/portal1.png','Some Default Description','Some Default Note','http://localhost','http://localhost','http://localhost:8080/ecompportal','EcompPortal','',NULL,'okYTaDrhzibcbGVq5mjkVQ==','N','N',NULL,'portal','EkrqsjQqZt4ZrPh6',NULL,NULL,1,'Y',NULL);
+Insert INTO fn_app (APP_ID, APP_NAME, APP_IMAGE_URL, APP_DESCRIPTION, APP_NOTES, APP_URL, APP_ALTERNATE_URL, APP_REST_ENDPOINT, ML_APP_NAME, ML_APP_ADMIN_ID, MOTS_ID, APP_PASSWORD, OPEN, ENABLED, THUMBNAIL, APP_USERNAME, UEB_KEY, UEB_SECRET, UEB_TOPIC_NAME, APP_TYPE, AUTH_CENTRAL, AUTH_NAMESPACE) values (1,'Default','assets/images/tmp/portal1.png','Some Default Description','Some Default Note','http://localhost','http://localhost','http://localhost:8080/ecompportal','EcompPortal','',NULL,'dR2NABMkxPaFbIbym87ZwQ==','N','N',NULL,'m00468@portal.onap.org','EkrqsjQqZt4ZrPh6',NULL,NULL,1,'Y',NULL);
 
 -- fn_user_role
 Insert into fn_user_role (USER_ID,ROLE_ID,PRIORITY,APP_ID) values (1,1,NULL,1);
diff --git a/ecomp-portal-FE-common/client/app/services/applications/applications.service.js b/ecomp-portal-FE-common/client/app/services/applications/applications.service.js
index 75fc7fe..c595c71 100644
--- a/ecomp-portal-FE-common/client/app/services/applications/applications.service.js
+++ b/ecomp-portal-FE-common/client/app/services/applications/applications.service.js
@@ -639,8 +639,8 @@
               }).then( res => {
                      // If response comes back as a redirected HTML page which IS NOT a success
                  	// But don't declare an empty list to be an error.
-                     if (res == null || res.data == null || _this13.utilsService.isValidJSON(res.data) == false) {
-                         deferred.reject("ApplicationsService::syncRolesEcompFromExtAuthSystem Failed");
+                     if (res == null || res.data == null || _this13.utilsService.isValidJSON(res.data) == false ||  res.data.status == 'ERROR') {
+                         deferred.reject("ApplicationsService::syncRolesEcompFromExtAuthSystem Failed"  + res.data.message);
                      } else {
                          deferred.resolve(res);
                      }
diff --git a/ecomp-portal-FE-common/client/app/services/users/users.service.js b/ecomp-portal-FE-common/client/app/services/users/users.service.js
index dc415c4..9e06271 100644
--- a/ecomp-portal-FE-common/client/app/services/users/users.service.js
+++ b/ecomp-portal-FE-common/client/app/services/users/users.service.js
@@ -200,8 +200,8 @@
             }).then( res => {
                 // this.$log.debug('getUserAppRoles response: ', JSON.stringify(res))
                 // If response comes back as a redirected HTML page which IS NOT a success
-                if (this.utilsService.isValidJSON(res)== false) {
-                    deferred.reject('UsersService::updateUserAppRoles: Failed');
+                if (this.utilsService.isValidJSON(res)== false ||  res.data.httpStatusCode == '500' || res.data.status == 'ERROR') {
+                    deferred.reject('UsersService::updateUserAppRoles: Failed'  + res.data.message);
                 } else {
                     // this.$log.info('UsersService::updateUserAppRoles: Succeeded');
                     deferred.resolve(res.data);
diff --git a/ecomp-portal-FE-common/client/app/views/account-onboarding/account-add-details/account-add-details.html b/ecomp-portal-FE-common/client/app/views/account-onboarding/account-add-details/account-add-details.html
index 03d7d1c..6e20703 100644
--- a/ecomp-portal-FE-common/client/app/views/account-onboarding/account-add-details/account-add-details.html
+++ b/ecomp-portal-FE-common/client/app/views/account-onboarding/account-add-details/account-add-details.html
@@ -61,6 +61,10 @@
 .account-property{
 padding-top:10px;
 }
+
+.add-label-right{
+opacity: 0.6
+} 
 </style>
 
 <div>
@@ -147,7 +151,7 @@
 				<div class="add-endpoint-item">
 					<div class="item-label add-label-left">Add Endpoint</div>
 					<div class="icon-add add-label-right" id="accountAddDetails-button-accordion"
-						ng-click="accountAddDetails.addEndpoint()"><span class="icon-primary-accordion-plus"></span></div>
+						ng-click="accountAddDetails.addEndpoint()" ng-disabled="true"><span class="icon-primary-accordion-plus"></span></div>
 				</div>
 				<div class="item">
 					<div class="item-label"
diff --git a/ecomp-portal-FE-common/client/app/views/account-onboarding/account-add-details/account-add-details.js b/ecomp-portal-FE-common/client/app/views/account-onboarding/account-add-details/account-add-details.js
index f92d2d2..d776656 100644
--- a/ecomp-portal-FE-common/client/app/views/account-onboarding/account-add-details/account-add-details.js
+++ b/ecomp-portal-FE-common/client/app/views/account-onboarding/account-add-details/account-add-details.js
@@ -41,9 +41,11 @@
         constructor($scope, $log, $interval, basicAuthAccountService, $modalInstance, errorMessageByCode, ECOMP_URL_REGEX, $window, confirmBoxService, $cookies,items) {
          
            this.addEndpoint = () => {
-           	  this.account.endpointList.push({
+        	   confirmBoxService.showInformation('Please add the roles to this Username/MechId through AAF Screen ').then(isConfirmed => {});
+               return;
+           	 /* this.account.endpointList.push({
            		  valid: true
-           	  }); 
+           	  }); */
            }
             let init = () => {
             	this.account = [];
diff --git a/ecomp-portal-FE-common/client/app/views/account-onboarding/account-onboarding.tpl.html b/ecomp-portal-FE-common/client/app/views/account-onboarding/account-onboarding.tpl.html
index 2dd4f98..e4df68e 100644
--- a/ecomp-portal-FE-common/client/app/views/account-onboarding/account-onboarding.tpl.html
+++ b/ecomp-portal-FE-common/client/app/views/account-onboarding/account-onboarding.tpl.html
@@ -67,8 +67,8 @@
 											b2b-table-header key="{{header.value}}"
 											sortable="{{header.isSortable}}">{{header.name}}</th>
 
-										<th id="account-catalog-th-header-endpoints" b2b-table-header
-											key="endpoints" sortable="false">Endpoints</th>
+										<!-- <th id="account-catalog-th-header-endpoints" b2b-table-header
+											key="endpoints" sortable="false">Endpoints</th> -->
 
 										<th id="account-catalog-th-header-delete" b2b-table-header
 											sortable="false">Delete</th>
@@ -85,7 +85,7 @@
 												ng-bind="rowData[header.value]"></div>
 										</td>
 
-										<td b2b-table-body
+										<!-- <td b2b-table-body
 											ng-click="accountOnboarding.openAddNewAccountModal(rowData)">
 											<div ng-show="rowData.endpoints.length > 0">
 												<div ng-repeat="row in rowData.endpoints">
@@ -95,7 +95,7 @@
 											</div>
 											<div ng-hide="rowData.endpoints.length > 0">All
 												endpoints</div>
-										</td>
+										</td> -->
 
 										<td b2b-table-body>
 											<div id="account-onboarding-div-delete-{{$index}}"
diff --git a/ecomp-portal-FE-common/client/app/views/role/bulk-upload-dialogs/bulk-upload-role-functions-controller.js b/ecomp-portal-FE-common/client/app/views/role/bulk-upload-dialogs/bulk-upload-role-functions-controller.js
index 722c634..1303647 100644
--- a/ecomp-portal-FE-common/client/app/views/role/bulk-upload-dialogs/bulk-upload-role-functions-controller.js
+++ b/ecomp-portal-FE-common/client/app/views/role/bulk-upload-dialogs/bulk-upload-role-functions-controller.js
@@ -107,8 +107,17 @@
     		
     		// Caches the file name supplied by the event handler.
     		$scope.fileChangeHandler = (event, files) => {
-    			this.fileSelected = true;
-    			this.fileToRead = files[0];
+    			var fileName = files[0].name;
+	            var validFormats = ['csv', 'txt'];
+	            //Get file extension
+	            var ext = fileName.substring(fileName.lastIndexOf('.') + 1).toLowerCase(); 
+	            //Check for valid format
+	            if(validFormats.indexOf(ext) == -1){
+	            	this.fileSelected = false;
+	            }else{
+	            	this.fileSelected = true;
+	                this.fileToRead = files[0];
+	            }
     			if (debug)
     				$log.debug("BulkRoleAndFunctionsModalCtrl::fileChangeHandler: file is ", this.fileToRead);
     		}; // file change handler
diff --git a/ecomp-portal-FE-common/client/app/views/role/role-list-controller.js b/ecomp-portal-FE-common/client/app/views/role/role-list-controller.js
index 0ae218c..6f28031 100644
--- a/ecomp-portal-FE-common/client/app/views/role/role-list-controller.js
+++ b/ecomp-portal-FE-common/client/app/views/role/role-list-controller.js
@@ -170,14 +170,16 @@
 		
 		   $scope.syncRolesFromExternalAuthSystem = function(appId){
            	applicationsService.syncRolesEcompFromExtAuthSystem(appId).then(function(res){
-           		if(res.status == 200){
+           		if(res.data != null || res.data.status != null || res.data.status == 'OK'){
            	     confirmBoxService.showInformation('Sync operation completed successfully!').then(isConfirmed => {
            	    	$scope.getRolesForSelectedCentralizedApp(appId);
            	     });          			
            		} else{
-  	        		 confirmBoxService.showInformation('Sync operation failed for '+app).then(isConfirmed => {});          			
+  	        		 confirmBoxService.showInformation('Sync operation failed for '+app + res.data.message).then(isConfirmed => {});          			
            		}
-           	});
+           	}).catch(err=> {
+				confirmBoxService.showInformation("Sync operation failed for: " + err);
+			}); 
            };
            
 				
@@ -218,7 +220,7 @@
 		// edit Role
 		$scope.editRoleModalPopup = function(appId, availableRole) {
 			if(!availableRole.active)
-				 return confirmBoxService.showInformation('Edit is disabled! Please toggle the role to activate it.').then(isConfirmed => {});
+				 return confirmBoxService.showInformation('Edit is diabled! Please toggle the role to activate it.').then(isConfirmed => {});
 			$scope.editRole = availableRole;
 			if(appId != undefined && availableRole.id != undefined){
 				RoleService.getRole(appId, availableRole.id).then(function(data){	
@@ -259,7 +261,7 @@
 		// add Role
 		$scope.addRoleModalPopup = function(appId) {
 			if(appId){
-				var roleId = 0;
+				var roleId = -1;
 				RoleService.getRole(appId, roleId).then(function(data){	
 					var response = JSON.parse(data.data);					
 					var role = JSON.parse(response.role);
diff --git a/ecomp-portal-FE-common/client/app/views/users/new-user-dialogs/bulk-user.controller.js b/ecomp-portal-FE-common/client/app/views/users/new-user-dialogs/bulk-user.controller.js
index 2e8018e..718879a 100644
--- a/ecomp-portal-FE-common/client/app/views/users/new-user-dialogs/bulk-user.controller.js
+++ b/ecomp-portal-FE-common/client/app/views/users/new-user-dialogs/bulk-user.controller.js
@@ -134,8 +134,17 @@
     		
     		// Caches the file name supplied by the event handler.
     		$scope.fileChangeHandler = (event, files) => {
-    			this.fileSelected = true;
-    			this.fileToRead = files[0];
+    			var fileName = files[0].name;
+	            var validFormats = ['csv', 'txt'];
+	            //Get file extension
+	            var ext = fileName.substring(fileName.lastIndexOf('.') + 1).toLowerCase(); 
+	            //Check for valid format
+	            if(validFormats.indexOf(ext) == -1){
+	            	this.fileSelected = false;
+	            }else{
+	            	this.fileSelected = true;
+	                this.fileToRead = files[0];
+	            }
     			if (debug)
     				$log.debug("BulkUserModalCtrl::fileChangeHandler: file is ", this.fileToRead);
     		}; // file change handler
diff --git a/ecomp-portal-FE-common/client/app/views/users/new-user-dialogs/bulk-user.modal.html b/ecomp-portal-FE-common/client/app/views/users/new-user-dialogs/bulk-user.modal.html
index e32497b..8852446 100644
--- a/ecomp-portal-FE-common/client/app/views/users/new-user-dialogs/bulk-user.modal.html
+++ b/ecomp-portal-FE-common/client/app/views/users/new-user-dialogs/bulk-user.modal.html
@@ -67,7 +67,7 @@
 						ng-model="fileModel" />
 						<span>Browse...</span>
 				</label>{{selectedFile}}
-				<div class="upload-instructions">File must have one entry per line with this format:
+				<div class="upload-instructions">File must be .csv or .txt and have one entry per line with this format:
 				<pre>orgUserId, role name</pre>
 				</div>
 			</div>
diff --git a/ecomp-portal-FE-common/client/app/views/users/new-user-dialogs/new-user.controller.js b/ecomp-portal-FE-common/client/app/views/users/new-user-dialogs/new-user.controller.js
index 79cc8d3..512c3a0 100644
--- a/ecomp-portal-FE-common/client/app/views/users/new-user-dialogs/new-user.controller.js
+++ b/ecomp-portal-FE-common/client/app/views/users/new-user-dialogs/new-user.controller.js
@@ -193,7 +193,7 @@
                             this.numberAppsSucceeded++;
                         }).catch(err => {
                         	$log.error(err);                       
-                            var errorMessage = 'Failed to update the user application roles: ' + err.status;
+                            var errorMessage = 'Failed to update the user application roles: ' + err;
                             if(err.status == 504){ 
                             	this.numberAppsSucceeded++;
                             	errorMessage = 'Request is being processed, please check back later!';
diff --git a/ecomp-portal-FE-common/client/app/views/widget-onboarding/widget-details-dialog/widget-details.controller.js b/ecomp-portal-FE-common/client/app/views/widget-onboarding/widget-details-dialog/widget-details.controller.js
index b642901..bf0df9f 100644
--- a/ecomp-portal-FE-common/client/app/views/widget-onboarding/widget-details-dialog/widget-details.controller.js
+++ b/ecomp-portal-FE-common/client/app/views/widget-onboarding/widget-details-dialog/widget-details.controller.js
@@ -38,7 +38,7 @@
 'use strict';
 (function () {
     class WidgetOnboardingDetailsModalCtrl {
-        constructor($scope, $log, $interval, applicationsService, adminsService, microserviceService, widgetsCatalogService, errorMessageByCode, ECOMP_URL_REGEX, $window,userProfileService, confirmBoxService, $cookies,items) {
+        constructor($scope, $timeout, $log, $interval, applicationsService, adminsService, microserviceService, widgetsCatalogService, errorMessageByCode, ECOMP_URL_REGEX, $window,userProfileService, confirmBoxService, $cookies,items) {
      	    
     	    this.appUpdate = function(){
     	    	this.hasSelectedApp = false;
@@ -398,12 +398,46 @@
             		});
             	}
             };
+            // Caches the file name supplied by the event handler.
+        	$scope.widgetFileHandler = (event, files) => {
+        		if(files[0]){
+        			var fileName = files[0].name;
+                    var validFormats = ['zip'];
+                    //Get file extension
+                    var ext = fileName.substring(fileName.lastIndexOf('.') + 1).toLowerCase(); 
+                    //Check for valid format
+                    if(validFormats.indexOf(ext) == -1){
+                    	document.getElementById('widget-onboarding-details-upload-file').value = null;
+                        $scope.widgetFileTypeError=true;
+                        $timeout(function(){
+                        	$scope.widgetFileTypeError=false;
+                        }, 5000);
+                    }
+        		}
+        	}; // file change handler
+        	
             init();
             $scope.$on('$stateChangeStart', e => {
                 e.preventDefault();
             });
         }
     }
-    WidgetOnboardingDetailsModalCtrl.$inject = ['$scope', '$log', '$interval', 'applicationsService', 'adminsService', 'microserviceService', 'widgetsCatalogService', 'errorMessageByCode', 'ECOMP_URL_REGEX', '$window','userProfileService', 'confirmBoxService', '$cookies','items'];
+    WidgetOnboardingDetailsModalCtrl.$inject = ['$scope', '$timeout', '$log', '$interval', 'applicationsService', 'adminsService', 'microserviceService', 'widgetsCatalogService', 'errorMessageByCode', 'ECOMP_URL_REGEX', '$window','userProfileService', 'confirmBoxService', '$cookies','items'];
     angular.module('ecompApp').controller('WidgetOnboardingDetailsModalCtrl', WidgetOnboardingDetailsModalCtrl);
+    
+    angular.module('ecompApp').directive('fileChange', ['$parse', function($parse){
+    	return {
+    		require: 'ngModel',
+    	    restrict: 'A',
+    	    link : function($scope, element, attrs, ngModel) {
+    	    	var attrHandler = $parse(attrs['fileChange']);
+    	    	var handler=function(e) {
+    	    		$scope.$apply(function() {
+    	    			attrHandler($scope, { $event:e, files:e.target.files } );
+    	    		});
+    	    	};
+    	    	element[0].addEventListener('change',handler,false);
+    	   }
+    	}
+    }]);
 })(); 
diff --git a/ecomp-portal-FE-common/client/app/views/widget-onboarding/widget-details-dialog/widget-details.modal.html b/ecomp-portal-FE-common/client/app/views/widget-onboarding/widget-details-dialog/widget-details.modal.html
index ade07b9..3526ce0 100644
--- a/ecomp-portal-FE-common/client/app/views/widget-onboarding/widget-details-dialog/widget-details.modal.html
+++ b/ecomp-portal-FE-common/client/app/views/widget-onboarding/widget-details-dialog/widget-details.modal.html
@@ -150,8 +150,13 @@
 				<div>
 					<input id="widget-onboarding-details-upload-file"
 						file-model="widgetOnboardingDetails.widget.file" type="file"
-						class="widget-onboarding-details-upload-file ht" />
-
+						class="widget-onboarding-details-upload-file ht" 
+						ng-model="widgetDetails.widgetFile"
+						file-change="widgetFileHandler($event,files)"/> 
+					<div class="error-container"
+						ng-show="widgetFileTypeError" class="ng-hide">
+						<div class="err-message">File must be .zip</div>
+					</div>
 
 					<div class="error-container"
 						ng-show="widgetOnboardingDetails.widget.file == undefined && !widgetOnboardingDetails.isEditMode">
diff --git a/ecomp-portal-FE-os/client/configurations/dev.json b/ecomp-portal-FE-os/client/configurations/dev.json
index ec7ca82..c60e9bc 100644
--- a/ecomp-portal-FE-os/client/configurations/dev.json
+++ b/ecomp-portal-FE-os/client/configurations/dev.json
@@ -97,7 +97,7 @@
 		"ecompTitle":"http://localhost:8080/ecompportal/portalApi/ecompTitle",
 		"loggedinUser" : "http://localhost:8080/ecompportal/portalApi/loggedinUser",
 		"modifyLoggedinUser" : "http://localhost:8080/ecompportal/portalApi/modifyLoggedinUser",
-		"centralizedApps": "http:/localhost:8080/ecompportal/portalApi/centralizedApps",
+		"centralizedApps": "http://localhost:8080/ecompportal/portalApi/centralizedApps",
 		"uploadRoleFunction":"http://localhost:8080/ecompportal/portalApi/uploadRoleFunction/:appId"
 	},
 	"cookieDomain": "onap.org"
diff --git a/ecomp-portal-FE-os/client/index.html b/ecomp-portal-FE-os/client/index.html
index dc2ec2d..14a3603 100644
--- a/ecomp-portal-FE-os/client/index.html
+++ b/ecomp-portal-FE-os/client/index.html
@@ -70,6 +70,8 @@
 <!-- endbower -->
 <!-- endbuild -->  
 
+<script src="bower_components_external/utils/purify.js"></script>
+
 <!-- kpi dashboard related styles -->
 <!--  kpi start -->
 <!--  kpi end -->
@@ -120,6 +122,7 @@
 	    
 		var base = window.location.pathname.substring(0, window.location.pathname.indexOf("/",2)+1);
 		document.write("<base href='" + base + "' />");
+		document.write("<base href='" + DOMPurify.sanitize(base) + "' />");
 
 		
 	    
@@ -163,12 +166,14 @@
 <!-- build:js({client,node_modules}) app/vendor.js -->
 <!-- bower:js -->
 <script src="bower_components/jquery/dist/jquery.js"></script>
+<script src="bower_components/es5-shim/es5-shim.js"></script>
 <script src="bower_components/angular/angular.js"></script>
 <script src="bower_components/angular-animate/angular-animate.js"></script>
 <script src="bower_components/angular-route/angular-route.js"></script>
 <script src="bower_components/angular-aria/angular-aria.js"></script>
 <script src="bower_components/angular-messages/angular-messages.js"></script>
 <script src="bower_components/angular-material/angular-material.js"></script>
+<script src="bower_components/json3/lib/json3.js"></script>
 <script src="bower_components/angular-resource/angular-resource.js"></script>
 <script src="bower_components/angular-cookies/angular-cookies.js"></script>
 <script src="bower_components/angular-sanitize/angular-sanitize.js"></script>
@@ -282,6 +287,7 @@
   <script src="app/views/notification-history/notificationhistory.controller.js"></script>
   <script src="app/views/portal-admin/new-portal-admin/new-portal-admin.controller.js"></script>
   <script src="app/views/portal-admin/portal-admin-controller.js"></script>
+  <script src="app/views/role/bulk-upload-dialogs/bulk-upload-role-functions-controller.js"></script>
   <script src="app/views/role/role-controller.js"></script>
   <script src="app/views/role/role-create-edit-popup-controller.js"></script>
   <script src="app/views/role/role-function-list-controller.js"></script>
diff --git a/ecomp-portal-FE-os/client/src/app.js b/ecomp-portal-FE-os/client/src/app.js
index a481d86..ec53184 100644
--- a/ecomp-portal-FE-os/client/src/app.js
+++ b/ecomp-portal-FE-os/client/src/app.js
@@ -55,7 +55,7 @@
         'oc.lazyLoad',
         'b2b.att'
     ])
-    .config(($stateProvider, $urlRouterProvider, $locationProvider, $httpProvider, ngDialogProvider, $controllerProvider, hammerDefaultOptsProvider) => {
+    .config(($stateProvider, $urlRouterProvider, $locationProvider, $httpProvider, ngDialogProvider, $controllerProvider, hammerDefaultOptsProvider, $sanitizeProvider) => {
     	app.controllerProvider = $controllerProvider;
         $urlRouterProvider.otherwise('/error404');
         $locationProvider.html5Mode(true);
@@ -102,13 +102,14 @@
                 'responseError': function (rejection) {
                     $log.error('Interceptor rejection: ' + JSON.stringify(rejection));
                     var $state = $injector.get('$state');
+                    var $sanitize = $injector.get('$sanitize');
                     switch (rejection.status) {
                         case 401:
                             var globalLoginUrl = rejection.headers()['global-login-url'];
                             if (globalLoginUrl) {
-                                window.location = globalLoginUrl +
+                            	window.location = $sanitize(globalLoginUrl +
                                     (globalLoginUrl.indexOf('?') === -1 ? '?' : '') +
-                                    '&retUrl=' + encodeURI(window.location);
+                                    '&retUrl=' + encodeURI(window.location));
                                 return;
                             }
                             break;
diff --git a/ecomp-portal-FE-os/client/src/views/applications/application-details-dialog/application-details.controller.js b/ecomp-portal-FE-os/client/src/views/applications/application-details-dialog/application-details.controller.js
index 1a6c5b1..efd5165 100644
--- a/ecomp-portal-FE-os/client/src/views/applications/application-details-dialog/application-details.controller.js
+++ b/ecomp-portal-FE-os/client/src/views/applications/application-details-dialog/application-details.controller.js
@@ -38,7 +38,7 @@
 'use strict';
 (function () {
     class AppDetailsModalCtrl {
-        constructor($scope, $log, applicationsService, errorMessageByCode,
+    	constructor($scope, $log, $timeout, applicationsService, errorMessageByCode,
                     ECOMP_URL_REGEX,userProfileService, $cookies, confirmBoxService,items) {
 //            let emptyImg = 'data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==';
             // empty image should really be empty, or it causes problems for the back end
@@ -173,14 +173,26 @@
 
             this.saveChanges = () => {
                 //if valid..
-            	 if(((angular.isUndefined(this.app.name) || !this.app.name)&&(angular.isUndefined(this.app.url) || !this.app.url)
-            			 &&(angular.isUndefined(this.app.username) || !this.app.username)&&(angular.isUndefined(this.app.appPassword) || !this.app.appPassword))) {
-            		 confirmBoxService.showInformation('Please fill in all required fields').then(isConfirmed => {});
-                     return;
-                 }else if(!((angular.isUndefined(this.app.name) || !!this.app.name)&&(angular.isUndefined(this.app.url) || !!this.app.url))){
-                     confirmBoxService.showInformation('Please fill in all required fields').then(isConfirmed => {});
-                     return;
-                 }
+            	if(this.app.isCentralAuth){
+                    //if valid..
+                	 if(((angular.isUndefined(this.app.myLoginsAppName) || !this.app.myLoginsAppName)&&(angular.isUndefined(this.app.myLoginsAppOwner) || !this.app.myLoginsAppOwner)&&(angular.isUndefined(this.app.name) || !this.app.name)&&(angular.isUndefined(this.app.url) || !this.app.url)
+                			 &&(angular.isUndefined(this.app.username) || !this.app.username))) {
+                		 confirmBoxService.showInformation('Please fill in all required fields').then(isConfirmed => {});
+                         return;
+                     }else if(!((angular.isUndefined(this.app.name) || !!this.app.name)&&(angular.isUndefined(this.app.url) || !!this.app.url))){
+                         confirmBoxService.showInformation('Please fill in all required fields').then(isConfirmed => {});
+                         return;
+                     }
+                	}else{
+                		 if(((angular.isUndefined(this.app.myLoginsAppName) || !this.app.myLoginsAppName)||(angular.isUndefined(this.app.myLoginsAppOwner) || !this.app.myLoginsAppOwner)||(angular.isUndefined(this.app.name) || !this.app.name)||(angular.isUndefined(this.app.url) || !this.app.url)
+                    			 ||(angular.isUndefined(this.app.username) || !this.app.username)||(angular.isUndefined(this.app.appPassword) || !this.app.appPassword))) {
+                    		 confirmBoxService.showInformation('Please fill in all required fields along with password as the app is not centralized').then(isConfirmed => {});
+                             return;
+                         }else if(!((angular.isUndefined(this.app.name) || !!this.app.name)&&(angular.isUndefined(this.app.url) || !!this.app.url))){
+                             confirmBoxService.showInformation('Please fill in all required fields').then(isConfirmed => {});
+                             return;
+                         }
+                	}
                 this.isSaving = true;
                 // For a restricted app, null out all irrelevant fields
                 if (this.app.restrictedApp) {
@@ -263,6 +275,23 @@
                 }
             	
             };
+            
+         // Caches the file name supplied by the event handler.
+        	$scope.appImageHandler = (event, files) => {
+        		if(files[0]){
+        			var fileName = files[0].name;
+                    var validFormats = ['jpg', 'jpeg', 'bmp', 'gif', 'png'];
+                    //Get file extension
+                    var ext = fileName.substring(fileName.lastIndexOf('.') + 1).toLowerCase(); 
+                    //Check for valid format
+                    if(validFormats.indexOf(ext) == -1){
+                        $scope.appImageTypeError=true;
+                        $timeout(function(){
+                        	$scope.appImageTypeError=false;
+                        }, 5000);
+                    }
+        		}
+        	}; // file change handler
 
 
             init();
@@ -293,7 +322,7 @@
             });
         }
     }
-    AppDetailsModalCtrl.$inject = ['$scope', '$log', 'applicationsService', 'errorMessageByCode',
+    AppDetailsModalCtrl.$inject = ['$scope', '$log', '$timeout', 'applicationsService', 'errorMessageByCode',
         'ECOMP_URL_REGEX','userProfileService','$cookies', 'confirmBoxService','items'];
     angular.module('ecompApp').controller('AppDetailsModalCtrl', AppDetailsModalCtrl);
-})();
\ No newline at end of file
+})();
diff --git a/ecomp-portal-FE-os/client/src/views/applications/application-details-dialog/application-details.modal.html b/ecomp-portal-FE-os/client/src/views/applications/application-details-dialog/application-details.modal.html
index 959bb90..b4251f1 100644
--- a/ecomp-portal-FE-os/client/src/views/applications/application-details-dialog/application-details.modal.html
+++ b/ecomp-portal-FE-os/client/src/views/applications/application-details-dialog/application-details.modal.html
@@ -138,7 +138,7 @@
 							</div>
 						</div>
 					</div>
-					<div class="property required"
+					<!-- <div class="property required"
 						ng-show="!appDetails.app.restrictedApp">
 						<div id="pwd-property-label" class="property-label">Password</div>
 						<input type="password" id="input-mylogins-password"
@@ -154,6 +154,12 @@
 									required</small>
 							</div>
 						</div>
+					</div> -->
+					<div class="property" ng-show="!appDetails.app.restrictedApp">
+						<div id="pwd-property-label" class="property-label">Password</div>
+						<input type="password" id="input-mylogins-password"
+							ng-model="appDetails.app.appPassword" autocomplete="new-password"
+							name="appPassword" maxlength="256"/>
 					</div>
 					<div class="property" ng-show="!appDetails.app.restrictedApp">
 						<div id="pwd-property-label" class="property-label">Name
@@ -173,15 +179,27 @@
 							image-upload-resize-max-height="300"
 							image-upload-resize-max-width="360"
 							image-upload-resize-quality="0.7"
-							image-upload-api="appDetails.imageApi" style="height: 24px;" />
+							image-upload-api="appDetails.imageApi" style="height: 24px;" 
+							file-change="appImageHandler($event,files)" />
+						<div id="app-error-image-upload-type" class="error-container"
+							ng-show="appImageTypeError" class="ng-hide">
+							<div class="error-container">
+								 <small id="error-app-invalid-image-size" class="err-message">File must be an image</small>
+							</div>
+						</div> 
+							file-change="appImageHandler($event,files)" />
+						<div id="app-error-image-upload-type" class="error-container"
+							ng-show="appImageTypeError" class="ng-hide">
+							<div class="error-container">
+								 <small id="error-app-invalid-image-size" class="err-message">File must be an image</small>
+							</div>
+						</div>
 
 						<div id="app-error-image-upload" class="error-container"
 							ng-show="appForm.appImage.$dirty">
 							<div ng-messages="appForm.appImage.$error"
 								class="error-container">
-								<small id="error-app-invalid-image" class="err-message"
-									ng-message="mimeType">Uploaded file must be an image</small> <small
-									id="error-app-invalid-image-size" class="err-message"
+								<small id="error-app-invalid-image-size" class="err-message"
 									ng-message="imageSize">Image file must be smaller than
 									1MB</small>
 							</div>
diff --git a/ecomp-portal-FE-os/pom.xml b/ecomp-portal-FE-os/pom.xml
index df47d54..f39a31c 100644
--- a/ecomp-portal-FE-os/pom.xml
+++ b/ecomp-portal-FE-os/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>org.onap.portal</groupId>
 		<artifactId>onap-portal-parent</artifactId>
-		<version>2.3.0</version>
+		<version>2.5.0</version>
 	</parent>
 
 	<artifactId>portal-FE-os</artifactId>
diff --git a/ecomp-portal-widget-ms/common-widgets/pom.xml b/ecomp-portal-widget-ms/common-widgets/pom.xml
index 7a1d8b8..1641603 100644
--- a/ecomp-portal-widget-ms/common-widgets/pom.xml
+++ b/ecomp-portal-widget-ms/common-widgets/pom.xml
@@ -6,7 +6,7 @@
         <parent>
                 <groupId>org.onap.portal</groupId>
                 <artifactId>widget-ms-parent</artifactId>
-                <version>2.3.0</version>
+                <version>2.5.0</version>
         </parent>
 
 	<artifactId>common-widgets</artifactId>
diff --git a/ecomp-portal-widget-ms/pom.xml b/ecomp-portal-widget-ms/pom.xml
index 08f4b64..cb24651 100644
--- a/ecomp-portal-widget-ms/pom.xml
+++ b/ecomp-portal-widget-ms/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>org.onap.portal</groupId>
 		<artifactId>onap-portal-parent</artifactId>
-		<version>2.3.0</version>
+		<version>2.5.0</version>
 	</parent>
 
 	<artifactId>widget-ms-parent</artifactId>
diff --git a/ecomp-portal-widget-ms/widget-ms/pom.xml b/ecomp-portal-widget-ms/widget-ms/pom.xml
index 91dc4fd..a6ed0aa 100644
--- a/ecomp-portal-widget-ms/widget-ms/pom.xml
+++ b/ecomp-portal-widget-ms/widget-ms/pom.xml
@@ -13,7 +13,7 @@
 
 	<groupId>org.onap.portal</groupId>
 	<artifactId>widget-ms</artifactId>
-	<version>2.3.0</version>
+	<version>2.5.0</version>
 	<packaging>jar</packaging>
 	<name>widget-microservice</name>
 
@@ -55,11 +55,11 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-thymeleaf</artifactId>
 		</dependency>
-		<dependency>
+		<!-- <dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-devtools</artifactId>
 			<optional>true</optional>
-		</dependency>
+		</dependency> -->
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-configuration-processor</artifactId>
diff --git a/ecomp-portal-widget-ms/widget-ms/src/main/resources/application-properties b/ecomp-portal-widget-ms/widget-ms/src/main/resources/application-properties
deleted file mode 100644
index 8f8207c..0000000
--- a/ecomp-portal-widget-ms/widget-ms/src/main/resources/application-properties
+++ /dev/null
@@ -1,28 +0,0 @@
-## General App Properties
-server.contextPath=/widget
-server.port=8082
-spring.http.multipart.max-file-size=128MB
-spring.http.multipart.max-request-size=128MB
-microservice.widget.location=/tmp
-
-## App DB Properties
-spring.datasource.url=jdbc:mariadb://localhost:3306/ecomp_portal_1702&connectTimeout=2000
-spring.datasource.username=widget-user
-spring.datasource.password=widget-pass
-spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQLDialect
-spring.database.driver.classname=org.mariadb.jdbc.Driver
-spring.jpa.show-sql=false
-spring.jpa.properties.hibernate.format_sql=false
-
-## Basic Authentication Properties
-security.user.name=widget_user
-security.user.password=ENC(IjywcRnI9+nuVEh9+OFFiRWAjBT1n718)
-
-## Certificate Properties
-#server.ssl.key-store=classpath:widget-keystore.p12
-#server.ssl.key-store-password=ENC(DiIYnAMab4u7rEW2yKhF9zBL00uU55q8)
-#server.ssl.keyStoreType=PKCS12
-#server.ssl.keyAlias=widget-microservice
-
-## Jasypt Properties
-jasypt.encryptor.password=EncryptionKey
diff --git a/ecomp-portal-widget-ms/widget-ms/src/main/resources/application.properties b/ecomp-portal-widget-ms/widget-ms/src/main/resources/application.properties
index 5116f96..8f8207c 100644
--- a/ecomp-portal-widget-ms/widget-ms/src/main/resources/application.properties
+++ b/ecomp-portal-widget-ms/widget-ms/src/main/resources/application.properties
@@ -3,16 +3,12 @@
 server.port=8082
 spring.http.multipart.max-file-size=128MB
 spring.http.multipart.max-request-size=128MB
+microservice.widget.location=/tmp
 
 ## App DB Properties
-#
-#db.connectionURL = jdbc:mariadb:failover://mtanjv9pord01.aic.cip.att.com:3306/portal
-#db.userName = m02549
-#db.password = 9zDXMxxzUG1ay5Dny1Eazw==
-#db.encrypt_flag = true
-spring.datasource.url=jdbc:mariadb://vm-ep-dev8.client.research.att.com:3306/portal_2_1_att
-spring.datasource.username=portal_user
-spring.datasource.password=P0rt@l_user
+spring.datasource.url=jdbc:mariadb://localhost:3306/ecomp_portal_1702&connectTimeout=2000
+spring.datasource.username=widget-user
+spring.datasource.password=widget-pass
 spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQLDialect
 spring.database.driver.classname=org.mariadb.jdbc.Driver
 spring.jpa.show-sql=false
@@ -20,15 +16,7 @@
 
 ## Basic Authentication Properties
 security.user.name=widget_user
-security.user.password=widget_pass
-
-## Initalization setting
-initialization.default.widgets=true
-initialization.widgetData.url=http://www.ecomp.att.com:8080/ecompportal-att/commonWidgets
-
-## Account Basic Authentication Properties
-account.user.name=portal
-account.user.password=6APqvG4AU2rfLgCvMdySwQ==
+security.user.password=ENC(IjywcRnI9+nuVEh9+OFFiRWAjBT1n718)
 
 ## Certificate Properties
 #server.ssl.key-store=classpath:widget-keystore.p12
diff --git a/ecomp-portal-widget-ms/widget-ms/src/main/resources/templates/Upload.html b/ecomp-portal-widget-ms/widget-ms/src/main/resources/templates/Upload.html
index a5e7c63..01e0564 100644
--- a/ecomp-portal-widget-ms/widget-ms/src/main/resources/templates/Upload.html
+++ b/ecomp-portal-widget-ms/widget-ms/src/main/resources/templates/Upload.html
@@ -1,12 +1,45 @@
 <html>
+<script>
+var validFileExtensions = [".zip"];    
+function validateInput(form) {
+    var arrInputs = form.getElementsByTagName("input");
+    for (var i = 0; i < arrInputs.length; i++) {
+        var oInput = arrInputs[i];
+        if (oInput.type == "file") {
+            var fileName = oInput.value;
+            if (fileName.length > 0) {
+                var valid = false;
+                for (var j = 0; j < validFileExtensions.length; j++) {
+                    var inputExtension = validFileExtensions[j];
+                    if (fileName.substr(fileName.length - inputExtension.length, inputExtension.length).toLowerCase() == inputExtension.toLowerCase()) {
+                        valid = true;
+                        break;
+                    }
+                }
+                if (!valid) {
+                	document.getElementById("error").style.display="";
+                	setTimeout(function(){ document.getElementById("error").style.display="none";}, 3000);
+                    return false;
+                }
+            }
+        }
+    }
+  
+    return true;
+}
+</script>
 <body>
     <div align="center">
-         <form method="post" action="doUpload/widget-resources" enctype="multipart/form-data">
+         <form method="post" action="doUpload/widget-resources" onSubmit="return validateInput(this);" enctype="multipart/form-data">
             <table border="0">
                 <tr>
                     <td>Pick file:</td>
                     <td><input type="file" name="fileUpload" size="50" /></td>
                 </tr>
+                <tr colspan="2">
+                    <td><span  style="display:none;color:red" id="error">File must be zip.</span></td>
+                    
+                </tr>
                 <tr>
                     <td colspan="2" align="center"><input type="submit" value="Upload" /></td>
                 </tr>
diff --git a/pom.xml b/pom.xml
index e7f3360..31b8266 100644
--- a/pom.xml
+++ b/pom.xml
@@ -12,7 +12,7 @@
 
 	<groupId>org.onap.portal</groupId>
 	<artifactId>onap-portal-parent</artifactId>
-	<version>2.3.0</version>
+	<version>2.5.0</version>
 	<packaging>pom</packaging>
 	<name>portal</name>
 
@@ -27,7 +27,7 @@
 	<properties>
 		<!-- Jenkins should invoke mvn with argument -Dbuild.number=${BUILD_NUMBER} -->
 		<build.number>0</build.number>
-		<epsdk.version>2.3.1</epsdk.version>
+		<epsdk.version>2.5.0</epsdk.version>
 		<springframework.version>4.2.3.RELEASE</springframework.version>
 		<hibernate.version>4.3.11.Final</hibernate.version>
 		<fasterxml.version>2.8.10</fasterxml.version>
diff --git a/version.properties b/version.properties
index bc2c506..ee5d4d0 100644
--- a/version.properties
+++ b/version.properties
@@ -3,8 +3,8 @@
 # because they are used in Jenkins, whose plug-in doesn't support
 
 major=2
-minor=3
-patch=1
+minor=4
+patch=0
 
 base_version=${major}.${minor}.${patch}