From 3b5a035b3185e778d11891822ab4415dda852ee8 Mon Sep 17 00:00:00 2001
From: chasegawa <chasegawa@unicon.net>
Date: Tue, 6 Jul 2021 10:27:04 -0700
Subject: [PATCH] SHIBUI-1740

minor code clarifications/cleanup
---
 .../admin/ui/security/service/GroupServiceImpl.java          | 2 +-
 .../shibboleth/admin/ui/security/service/UserAccess.java     | 2 +-
 .../shibboleth/admin/ui/security/service/UserService.java    | 5 ++---
 3 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/GroupServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/GroupServiceImpl.java
index 1d6d81e4a..9d0a7293f 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/GroupServiceImpl.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/GroupServiceImpl.java
@@ -23,7 +23,7 @@ public class GroupServiceImpl implements IGroupService {
     @Override
     public Group createGroup(Group group) throws GroupExistsConflictException {
         Group foundGroup = find(group.getResourceId());
-        // If already defined, we can't create a new one, nor do we want this call update the definition
+        // If already defined, we don't want to create a new one, nor do we want this call update the definition
         if (foundGroup != null) {
             throw new GroupExistsConflictException(
                             String.format("Call update (PUT) to modify the group with resource id: [%s] and name: [%s]",
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserAccess.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserAccess.java
index 7aae59d5d..7fd476605 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserAccess.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserAccess.java
@@ -2,6 +2,6 @@
 
 public enum UserAccess {
     ADMIN, // Access to everything
-    GROUP, // Group users also should have owner access
+    GROUP, // Group is the basic default
     NONE //
 }
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java
index f0bbea881..74849f5a5 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java
@@ -57,14 +57,13 @@ public boolean isAuthorizedFor(Group objectGroup) {
     
     
     public boolean isAuthorizedFor(String objectGroupResourceId) {
-        // Shouldn't be null, but for safety...
-        String groupId = objectGroupResourceId == null ? "" : objectGroupResourceId;
-        
         switch (getCurrentUserAccess()) { // no user returns NONE
         case ADMIN:
             return true;
         case GROUP:
             User currentUser = getCurrentUser();
+            // Shouldn't be null, but for safety...
+            String groupId = objectGroupResourceId == null ? "" : objectGroupResourceId;            
             return groupId.equals(currentUser.getGroupId());
         default:
             return false;