Merge branch 'develop' of https://github.com/Kitzanos/GEPAFIN-BE into develop

src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java

@@ -63,7 +63,7 @@ public class SamlSuccessHandler implements AuthenticationSuccessHandler {
 			Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) samlAuth.getPrincipal();
 
 			Map<String, List<Object>> userAttributes = principal.getAttributes();
-			String token = Utils.generateSecureToken();
+			String token = Utils.generateSecureSamlToken();
 			logger.info("SAML User Attributes: " + userAttributes);
 			
 			  // Extracting raw SAML response

src/main/java/net/gepafin/tendermanagement/constants/GepafinConstant.java

@@ -305,6 +305,7 @@ public class GepafinConstant {
     public static final String USER_ID = "userId";
     public static final String LOGIN_ATTEMPT_ID = "loginAttemptId";
     public static final String USER_ACTION_ID = "userActionId";
+    public static final String RESET_PASSWORD_URL_FORMAT = "/reset-password?token=%s&email=%s";
     public static final String VALID_VATNUMBER_MSG = "valid.vatnumber.message";
     public static final String ATLEAST_ONE_ID_REQUIRED="atleast.one.id.required";
 

src/main/java/net/gepafin/tendermanagement/dao/UserDao.java

@@ -6,21 +6,15 @@ import net.gepafin.tendermanagement.config.SamlSuccessHandler;
 import net.gepafin.tendermanagement.config.Translator;
 import net.gepafin.tendermanagement.constants.GepafinConstant;
 import net.gepafin.tendermanagement.entities.*;
-import net.gepafin.tendermanagement.enums.RoleStatusEnum;
+import net.gepafin.tendermanagement.enums.*;
-import net.gepafin.tendermanagement.enums.UserActionContextEnum;
-import net.gepafin.tendermanagement.enums.UserActionLogsEnum;
-import net.gepafin.tendermanagement.enums.UserStatusEnum;
-import net.gepafin.tendermanagement.enums.VersionActionTypeEnum;
 import net.gepafin.tendermanagement.model.request.*;
-import net.gepafin.tendermanagement.model.response.CompanyResponse;
+import net.gepafin.tendermanagement.model.response.*;
-import net.gepafin.tendermanagement.model.response.RoleResponseBean;
-import net.gepafin.tendermanagement.model.response.UserSamlResponse;
-import net.gepafin.tendermanagement.model.response.UserResponseBean;
 import net.gepafin.tendermanagement.model.util.JWTToken;
 import net.gepafin.tendermanagement.repositories.BeneficiaryRepository;
 import net.gepafin.tendermanagement.repositories.UserRepository;
 import net.gepafin.tendermanagement.service.HubService;
 import net.gepafin.tendermanagement.service.RoleService;
+import net.gepafin.tendermanagement.service.SystemEmailTemplatesService;
 import net.gepafin.tendermanagement.service.impl.AuthenticationService;
 import net.gepafin.tendermanagement.util.LoggingUtil;
 import net.gepafin.tendermanagement.util.Utils;
@@ -39,6 +33,7 @@ import org.springframework.stereotype.Component;
 import java.util.ArrayList;
 import java.util.List;
 
+import java.util.Map;
 import java.util.stream.Collectors;
 
 import static net.gepafin.tendermanagement.util.Utils.setIfUpdated;
@@ -90,6 +85,18 @@ public class UserDao {
     @Autowired
     private HttpServletRequest request;
 
+    @Autowired
+    private SystemEmailTemplatesService systemEmailTemplatesService;
+    
+    @Autowired
+    private EmailLogDao emailLogDao;
+
+    @Autowired
+    private EmailNotificationDao emailNotificationDao;
+
+    @Value("${fe.base.url}")
+    private String feBaseUrl;
+
     public JWTToken createUser(HttpServletRequest request, String tempToken, UserReq userReq) {
 
         if (StringUtils.isEmpty(userReq.getHubUuid())) {
@@ -120,9 +127,35 @@ public class UserDao {
         /** This code is responsible for adding a version history log for the "Create user" operation. **/
         loggingUtil.addVersionHistory(VersionHistoryRequest.builder().request(request).actionType(VersionActionTypeEnum.INSERT).newData(userEntity).build());
 
+        if(beneficiary == null){
+            sendEmailToOnboardingUser(userEntity);
+        }
         return token;
     }
-    
+        public void sendEmailToOnboardingUser(UserEntity userEntity){
+            SystemEmailTemplateResponse emailTemplate = systemEmailTemplatesService.retrieveTemplateByTypeAndCall(
+                    SystemEmailTemplatesEntity.SystemEmailTemplatesEntityTypeEnum.USER_ONBOARDING, userEntity.getHub(), null);
+            EmailLogRequest emailLogRequest = emailLogDao.createEmailLogRequest(emailTemplate.getEmailScenario(), RecipientTypeEnum.USER, userEntity.getId(), userEntity.getEmail(),
+                    userEntity.getId(), null, null, null);
+            String firstName = userEntity.getFirstName() != null ? userEntity.getFirstName() : "";
+            String lastName = userEntity.getLastName() != null ? userEntity.getLastName() : "";
+            String userName = String.join(" ", firstName, lastName).trim();
+            String subject = Utils.replacePlaceholders(emailTemplate.getSubject(), Map.of(
+                    "{{user_name}}", userName
+            ));
+            String body = Utils.replacePlaceholders(emailTemplate.getHtmlContent(), Map.of(
+                    "{{user_name}}", userName,
+                    "{{user_email}}", userEntity.getEmail()
+            ));
+
+            emailNotificationDao.sendMail(
+                    userEntity.getHub().getId(),
+                    subject,
+                    body,
+                    List.of(userEntity.getEmail()),
+                    emailLogRequest
+            );
+        }
 	private BeneficiaryEntity createBeneficiary(RoleEntity roleEntity, UserReq userReq, HubEntity hub) {
 		BeneficiaryEntity beneficiaryEntity = null;
 		if (RoleStatusEnum.ROLE_BENEFICIARY.getValue().equals(roleEntity.getRoleType())) {
@@ -164,12 +197,10 @@ public class UserDao {
 					Translator.toLocale(GepafinConstant.VALIDATE_EMAIL));
 		}
 		log.info("Creating user with email: {}", userReq.getEmail());
-		if (userRepository.existsByEmailIgnoreCaseAndHubUniqueUuid(userReq.getEmail(), userReq.getHubUuid())) {
+        RoleEntity roleEntity = roleService.validateRole(userReq.getRoleId());
-			log.error("User creation failed: Email {} already exists", userReq.getEmail());
+        validateDuplicateEmail(userReq.getEmail(), userReq.getHubUuid(), roleEntity.getRoleType());
-			throw new CustomValidationException(Status.VALIDATION_ERROR,
+
-					Translator.toLocale(GepafinConstant.EMAIL_ALREADY_EXISTS));
+        if (Boolean.FALSE.equals(StringUtils.isEmpty(userReq.getCodiceFiscale()))
-		}
-		if (Boolean.FALSE.equals(StringUtils.isEmpty(userReq.getCodiceFiscale()))
 				&& userRepository.existsByBeneficiaryCodiceFiscaleAndHubId(userReq.getCodiceFiscale(), hub.getId())) {
 			log.error("User creation failed: CodiceFiscale {} already exists", userReq.getCodiceFiscale());
 			throw new CustomValidationException(Status.VALIDATION_ERROR,
@@ -192,7 +223,30 @@ public class UserDao {
 		}
 	}
 
-	private void validatePassword(String password, String confirmPassword, String tempToken) {
+    private void validateDuplicateEmail(String email, String hubUuid, String roleType) {
+        String beneficiaryRoleType = RoleStatusEnum.ROLE_BENEFICIARY.getValue();
+
+        if (beneficiaryRoleType.equals(roleType)) {
+            Boolean beneficiaryExistsInHub = userRepository.existsByEmailIgnoreCaseForBeneficiaries(
+                    email, hubUuid, beneficiaryRoleType);
+
+            if (Boolean.TRUE.equals(beneficiaryExistsInHub)) {
+                throw new CustomValidationException(Status.VALIDATION_ERROR,
+                        Translator.toLocale(GepafinConstant.EMAIL_ALREADY_EXISTS));
+            }
+        } else {
+            Boolean existsForNonBeneficiaries = userRepository.existsByEmailIgnoreCaseForNonBeneficiaries(
+                    email, hubUuid, beneficiaryRoleType);
+
+            if (Boolean.TRUE.equals(existsForNonBeneficiaries)) {
+                throw new CustomValidationException(Status.VALIDATION_ERROR,
+                        Translator.toLocale(GepafinConstant.EMAIL_ALREADY_EXISTS));
+            }
+        }
+    }
+
+
+    private void validatePassword(String password, String confirmPassword, String tempToken) {
         if (StringUtils.isEmpty(password) || StringUtils.isEmpty(confirmPassword)) {
         	if(tempToken == null) {        		
         		throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.VALIDATE_PASSWORD));
@@ -267,7 +321,7 @@ public class UserDao {
 			userEntity.setAddress(userReq.getAddress());
 			userEntity.setPhoneNumber(userReq.getPhoneNumber());
 			userEntity.setDateOfBirth(userReq.getDateOfBirth());
-		}
+        }
         return userRepository.save(userEntity);
     }
 
@@ -366,25 +420,83 @@ public class UserDao {
         return user;
     }
 
-    public String initiatePasswordReset(InitiatePasswordResetReq resetReq) {
+    public void initiatePasswordReset(InitiatePasswordResetReq resetReq) {
-		UserEntity user = userRepository
+        UserEntity user = userRepository.findUserExcludingRoleType(
-				.findByEmailIgnoreCaseAndHubUniqueUuid(resetReq.getEmail(), resetReq.getHubUuid())
+                resetReq.getEmail(),
-				.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
+                resetReq.getHubUuid(),
-						Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)));
+                RoleStatusEnum.ROLE_BENEFICIARY.getValue()
+        ).orElseThrow(() -> new ResourceNotFoundException(
+                Status.NOT_FOUND,
+                Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)
+        ));
 
+        UserEntity oldUserEntity = Utils.getClonedEntityForData(user);
         String token = Utils.generateSecureToken();
         user.setResetPasswordToken(token);
         userRepository.save(user);
+
+        /** This code is responsible for adding a version history log for the "Initiate password reset request" operation **/
+        loggingUtil.addVersionHistory(VersionHistoryRequest.builder().request(request).actionType(VersionActionTypeEnum.UPDATE).oldData(oldUserEntity).newData(user).build());
+
         log.info("Password reset token generated for user: {}", resetReq.getEmail());
-        return token;
+
+        sendResetPasswordTokenEmail(user, token);
+    }
+    public void sendResetPasswordTokenEmail(UserEntity user, String token) {
+
+        SystemEmailTemplateResponse emailTemplate = systemEmailTemplatesService.retrieveTemplateByTypeAndCall(
+                SystemEmailTemplatesEntity.SystemEmailTemplatesEntityTypeEnum.PASSWORD_RESET, user.getHub(), null);
+        String redirectUrl = feBaseUrl;
+        if (Boolean.FALSE.equals(StringUtils.isEmpty(user.getHub().getDomainName()))) {
+            redirectUrl = user.getHub().getDomainName();
+        }
+
+        EmailLogRequest emailLogRequest = emailLogDao.createEmailLogRequest(
+                emailTemplate.getEmailScenario(),
+                RecipientTypeEnum.USER,
+                user.getId(),
+                user.getEmail(),
+                user.getId(),
+                null,
+                null,
+                null);
+        redirectUrl = String.format(
+                user.getHub().getDomainName() + GepafinConstant.RESET_PASSWORD_URL_FORMAT,
+                token,
+                user.getEmail()
+        );
+        String firstName = user.getFirstName() != null ? user.getFirstName() : "";
+        String lastName = user.getLastName() != null ? user.getLastName() : "";
+        String userName = String.join(" ", firstName, lastName).trim();
+        String subject = Utils.replacePlaceholders(emailTemplate.getSubject(), Map.of(
+                "{{user_name}}", userName
+        ));
+        String body = Utils.replacePlaceholders(emailTemplate.getHtmlContent(), Map.of(
+                "{{user_name}}", userName,
+                "{{reset_password_link}}", redirectUrl
+        ));
+        emailNotificationDao.sendMail(
+                user.getHub().getId(),
+                subject,
+                body,
+                List.of(user.getEmail()),
+                emailLogRequest
+        );
+
+        log.info("Password reset token email sent to: {}", user.getEmail());
     }
 
     public Boolean resetPassword(ResetPasswordReq resetPasswordReq) {
-    	UserEntity user = userRepository
+        UserEntity user = userRepository.findUserExcludingRoleType(
-				.findByEmailIgnoreCaseAndHubUniqueUuid(resetPasswordReq.getEmail(), resetPasswordReq.getHubUuid())
+                resetPasswordReq.getEmail(),
-				.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
+                resetPasswordReq.getHubUuid(),
-						Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)));
+                RoleStatusEnum.ROLE_BENEFICIARY.getValue()
-    	
+        ).orElseThrow(() -> new ResourceNotFoundException(
+                Status.NOT_FOUND,
+                Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)
+        ));
+
+        UserEntity oldUserEntity = Utils.getClonedEntityForData(user);
         if (!resetPasswordReq.getNewPassword().equals(resetPasswordReq.getConfirmPassword())) {
             log.info("User creation failed: Passwords do not match for email {}", user.getEmail());
             throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.PASSWORD_DOESNT_MATCH));
@@ -399,25 +511,36 @@ public class UserDao {
         user.setPassword(passwordEncoder.encode(resetPasswordReq.getNewPassword()));
         user.setResetPasswordToken(null);
         userRepository.save(user);
+
+        /** This code is responsible for adding a version history log for the "Reset Password " operation **/
+        loggingUtil.addVersionHistory(VersionHistoryRequest.builder().request(request).actionType(VersionActionTypeEnum.UPDATE).oldData(oldUserEntity).newData(user).build());
+
         log.info("Password successfully reset for user: {}", resetPasswordReq.getEmail());
         return true;
     }
 
-    public Boolean changePassword(UserEntity userEntity, ChangePasswordRequest request) {
+    public Boolean changePassword(UserEntity userEntity, ChangePasswordRequest changePasswordRequest) {
     	UserEntity user = userRepository
-				.findByEmailIgnoreCaseAndHubUniqueUuid(request.getEmail(), userEntity.getHub().getUniqueUuid())
+				.findUserExcludingRoleType(changePasswordRequest.getEmail(), userEntity.getHub().getUniqueUuid(),RoleStatusEnum.ROLE_BENEFICIARY.getValue())
-				.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
+                .orElseThrow(() -> new ResourceNotFoundException(
-						Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)));
+                        Status.NOT_FOUND,
-    	
+                        Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)
-        if (!passwordEncoder.matches(request.getPassword(), user.getPassword())) {
+                ));
+        UserEntity oldUserEntity = Utils.getClonedEntityForData(userEntity);
+        if (!passwordEncoder.matches(changePasswordRequest.getPassword(), user.getPassword())) {
             throw new ResourceNotFoundException(Status.NOT_FOUND, Translator.toLocale(GepafinConstant.CURRENT_PASSWORD_INCORRECT));
         }
-        if (!request.getNewPassword().equals(request.getConfirmPassword())) {
+        if (!changePasswordRequest.getNewPassword().equals(changePasswordRequest.getConfirmPassword())) {
             log.info("User creation failed: Passwords do not match for email {}", user.getEmail());
             throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.PASSWORD_DOESNT_MATCH));
         }
-        user.setPassword(passwordEncoder.encode(request.getNewPassword()));
+        user.setPassword(passwordEncoder.encode(changePasswordRequest.getNewPassword()));
         userRepository.save(user);
+
+        /** This code is responsible for adding a version history log for the "Change user password" operation **/
+        loggingUtil.addVersionHistory(VersionHistoryRequest.builder().request(request).actionType(VersionActionTypeEnum.UPDATE).oldData(oldUserEntity).newData(user).build());
+
+
         return true;
     }
     public void logout(HttpServletRequest request, HttpServletResponse response) {

src/main/java/net/gepafin/tendermanagement/entities/SystemEmailTemplatesEntity.java

@@ -47,6 +47,8 @@ public class SystemEmailTemplatesEntity extends BaseEntity {
 		INADMISSIBILITY_NOTIFICATION_DUE_TO_FAILURE("INADMISSIBILITY_NOTIFICATION_DUE_TO_FAILURE"),
 		ADMISSIBILITY_NOTIFICATION("ADMISSIBILITY_NOTIFICATION"),
 		AMENDMENT_REMINDER("AMENDMENT_REMINDER"),
+		USER_ONBOARDING("USER_ONBOARDING"),
+		PASSWORD_RESET("PASSWORD_RESET"),
 		INADMISSIBILITY_TEMPLATE("INADMISSIBILITY_NOTIFICATION");
 		
 		private String value;

src/main/java/net/gepafin/tendermanagement/enums/EmailScenarioTypeEnum.java

@@ -9,6 +9,8 @@ public enum EmailScenarioTypeEnum {
     APPLICATION_AMENDMENT_EXPIRED("APPLICATION_AMENDMENT_EXPIRED"),
     APPLICATION_AMENDMENT_REMINDER("APPLICATION_AMENDMENT_REMINDER"),
     APPLICATION_APPROVED("APPLICATION_APPROVED"),
+    USER_CREATION("USER_CREATION"),
+    PASSWORD_RESET_REQUEST("PASSWORD_RESET_REQUEST"),
     APPLICATION_REJECTED("APPLICATION_REJECTED");
 
     private final String value;

src/main/java/net/gepafin/tendermanagement/enums/UserActionContextEnum.java

@@ -24,7 +24,9 @@ public enum UserActionContextEnum {
     VALIDATE_EXISTING_USER_WITH_SPID_TOKEN("VALIDATE_EXISTING_USER_WITH_SPID_TOKEN"),
     GET_VALID_USER_DETAILS("GET_VALID_USER_DETAILS"),
     GET_ALL_USERS_BY_ROLE("GET_ALL_USERS_BY_ROLE"),
-
+    CHANGE_USER_PASSWORD("CHANGE_USER_PASSWORD"),
+    INITIATE_PASSWORD_RESET_REQUEST("INITIATE_PASSWORD_RESET_REQUEST"),
+    RESET_USER_PASSWORD("RESET_USER_PASSWORD"),
     /** application action context **/
     GET_APPLICATION("GET_APPLICATION"),
     CREATE_UPDATE_APPLICATION_FORM("CREATE_UPDATE_APPLICATION_FORM"),

src/main/java/net/gepafin/tendermanagement/repositories/UserRepository.java

@@ -2,6 +2,8 @@ package net.gepafin.tendermanagement.repositories;
 
 import net.gepafin.tendermanagement.entities.UserEntity;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
 
 import java.util.List;
@@ -12,9 +14,16 @@ public interface UserRepository extends JpaRepository<UserEntity, Long> {
 	
     UserEntity findByBeneficiaryId(Long beneficiaryId);
 
-    Optional<UserEntity> findByEmailIgnoreCaseAndHubUniqueUuid(String email, String hubUuid);
+//    Optional<UserEntity> findByEmailIgnoreCaseAndHubUniqueUuid(String email, String hubUuid);
 
-	boolean existsByEmailIgnoreCaseAndHubUniqueUuid(String email, String hubUuid);
+	@Query("SELECT u FROM UserEntity u WHERE LOWER(u.email) = LOWER(:email) AND u.hub.uniqueUuid = :hubUuid AND u.roleEntity.roleType <> :roleType")
+	Optional<UserEntity> findUserExcludingRoleType(
+			@Param("email") String email,
+			@Param("hubUuid") String hubUuid,
+			@Param("roleType") String roleType
+	);
+
+//	boolean existsByEmailIgnoreCaseAndHubUniqueUuid(String email, String hubUuid);
 
 	List<UserEntity> findByRoleEntityIdInAndHubId(List<Long> roleIds, Long hubId);
 
@@ -24,7 +33,28 @@ public interface UserRepository extends JpaRepository<UserEntity, Long> {
 
 	Optional<UserEntity> findByBeneficiaryCodiceFiscaleAndHubId(String codiceFiscale, Long hubId);
 
-	boolean existsByBeneficiaryCodiceFiscaleAndHubId(String codiceFiscale, Long hubId);
+//	Boolean existsByBeneficiaryCodiceFiscaleAndHubId(String codiceFiscale, Long hubId);
+
+    @Query("SELECT COUNT(u) > 0 " +
+            "FROM UserEntity u " +
+            "WHERE LOWER(u.email) = LOWER(:email) " +
+            "AND u.hub.uniqueUuid = :hubUuid " +
+            "AND u.roleEntity.roleType <> :beneficiaryRoleType")
+    Boolean existsByEmailIgnoreCaseForNonBeneficiaries(@Param("email") String email,
+                                                       @Param("hubUuid") String hubUuid,
+                                                       @Param("beneficiaryRoleType") String beneficiaryRoleType);
+
+    @Query("SELECT COUNT(u) > 0 " +
+            "FROM UserEntity u " +
+            "WHERE LOWER(u.email) = LOWER(:email) " +
+            "AND u.hub.uniqueUuid = :hubUuid " +
+            "AND u.roleEntity.roleType = :beneficiaryRoleType")
+    Boolean existsByEmailIgnoreCaseForBeneficiaries(@Param("email") String email,
+                                                    @Param("hubUuid") String hubUuid,
+                                                    @Param("beneficiaryRoleType") String beneficiaryRoleType);
+
+
+    boolean existsByBeneficiaryCodiceFiscaleAndHubId(String codiceFiscale, Long hubId);
 
 	List<UserEntity> findByRoleEntity_RoleTypeAndHubId(String roleType, Long hubId);
 

src/main/java/net/gepafin/tendermanagement/service/UserService.java

@@ -27,7 +27,7 @@ public interface UserService {
 
 	UserEntity validateUser(Long userId);
     
-    String initiatePasswordReset(InitiatePasswordResetReq resetReq);
+    void initiatePasswordReset(InitiatePasswordResetReq resetReq);
 
     Boolean resetPassword(ResetPasswordReq resetPasswordReq);
 

src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java

@@ -12,10 +12,7 @@ import net.gepafin.tendermanagement.entities.HubEntity;
 import net.gepafin.tendermanagement.entities.LoginAttemptEntity;
 import net.gepafin.tendermanagement.entities.SamlResponseEntity;
 import net.gepafin.tendermanagement.entities.UserEntity;
-import net.gepafin.tendermanagement.enums.LoginAttemptResultEnum;
+import net.gepafin.tendermanagement.enums.*;
-import net.gepafin.tendermanagement.enums.LoginAttemptTypeEnum;
-import net.gepafin.tendermanagement.enums.UserStatusEnum;
-import net.gepafin.tendermanagement.enums.VersionActionTypeEnum;
 import net.gepafin.tendermanagement.model.request.LoginReq;
 import net.gepafin.tendermanagement.model.request.VersionHistoryRequest;
 import net.gepafin.tendermanagement.model.response.CompanyResponse;
@@ -40,6 +37,7 @@ import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
 import org.springframework.stereotype.Service;
 
@@ -95,15 +93,22 @@ public class AuthenticationService {
 			LoginAttemptEntity loginAttemptEntity = prepareLoginAttemptEntity(loginReq, request);
 		try {
 			log.info("Attempting login for email: {}", loginReq.getEmail());
+			user = userRepository.findUserExcludingRoleType(
+					loginReq.getEmail(),
+					loginReq.getHubUuid(),
+					RoleStatusEnum.ROLE_BENEFICIARY.getValue()
+			).orElseThrow(() -> new ResourceNotFoundException(
+					Status.NOT_FOUND,
+					Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)
+			));
+
 			String emailWithHubId = loginReq.getEmail()+":"+loginReq.getHubUuid();
 			UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
 					emailWithHubId, loginReq.getPassword());
 			Authentication authentication = this.authenticationManager.authenticate(authenticationToken);
 			SecurityContextHolder.getContext().setAuthentication(authentication);
 			log.info("Authentication successful for email: {}", loginReq.getEmail());
-			 user = userRepository.findByEmailIgnoreCaseAndHubUniqueUuid(loginReq.getEmail(), loginReq.getHubUuid())
+
-					.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
-							Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)));
 			 loginAttemptEntity.setUserId(user.getId());
 			if (Boolean.FALSE.equals(UserStatusEnum.ACTIVE.getValue().equals(user.getStatus()))) {
 				throw new ResourceNotFoundException(Status.NOT_FOUND,

src/main/java/net/gepafin/tendermanagement/service/impl/UserServiceImpl.java

@@ -77,8 +77,8 @@ public class UserServiceImpl implements UserService {
     }
 
     @Override
-    public String initiatePasswordReset(InitiatePasswordResetReq resetReq) {
+    public void initiatePasswordReset(InitiatePasswordResetReq resetReq) {
-        return userDao.initiatePasswordReset(resetReq);
+        userDao.initiatePasswordReset(resetReq);
     }
 
     @Override

src/main/java/net/gepafin/tendermanagement/util/Utils.java

@@ -206,7 +206,7 @@ public class Utils {
         return new String(decodedBytes, StandardCharsets.UTF_8);
     }
 
-	public static String generateSecureToken() {
+	public static String generateSecureSamlToken() {
         SecureRandom secureRandom = new SecureRandom();
         byte[] tokenBytes = new byte[24];
         secureRandom.nextBytes(tokenBytes);
@@ -214,7 +214,14 @@ public class Utils {
         log.debug("Generated secure token: {}", token);
         return token;
     }
-
+	public static String generateSecureToken() {
+		SecureRandom secureRandom = new SecureRandom();
+		byte[] tokenBytes = new byte[5];
+		secureRandom.nextBytes(tokenBytes);
+		String token = Base64.getUrlEncoder().withoutPadding().encodeToString(tokenBytes);
+		log.debug("Generated secure token: {}", token);
+		return token;
+	}
 	public static Map<String, List<Object>> convertStringIntoMap(String jsonString) {
 		try {
 			return mapper.readValue(jsonString, new TypeReference<Map<String, List<Object>>>() {

src/main/java/net/gepafin/tendermanagement/web/rest/api/UserApi.java

@@ -119,7 +119,7 @@ public interface UserApi {
     @RequestMapping(value = "/reset-password/initiate",
             produces = {"application/json"},
             method = RequestMethod.POST)
-    ResponseEntity<Response<String>> initiatePasswordReset(
+    ResponseEntity<Response<Void>> initiatePasswordReset(HttpServletRequest request,
             @Parameter(description = "Initiate password reset request object", required = true) @Valid @RequestBody InitiatePasswordResetReq initiatePasswordResetReq);
 
     @Operation(summary = "Api to reset password",
@@ -132,7 +132,7 @@ public interface UserApi {
     @RequestMapping(value = "/reset-password",
             produces = {"application/json"},
             method = RequestMethod.POST)
-    ResponseEntity<Response<Boolean>> resetPassword(
+    ResponseEntity<Response<Boolean>> resetPassword(HttpServletRequest request,
             @Parameter(description = "Reset password request object", required = true) @Valid @RequestBody ResetPasswordReq resetPasswordReq);
     @Operation(summary = "Api to change user password",
             responses = {

src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/CustomUserDetailsService.java

@@ -2,6 +2,7 @@ package net.gepafin.tendermanagement.web.rest.api.impl;
 
 import net.gepafin.tendermanagement.entities.RoleEntity;
 import net.gepafin.tendermanagement.entities.UserEntity;
+import net.gepafin.tendermanagement.enums.RoleStatusEnum;
 import net.gepafin.tendermanagement.repositories.UserRepository;
 
 import org.slf4j.Logger;
@@ -35,7 +36,10 @@ public class CustomUserDetailsService implements UserDetailsService {
         String email = loginParts[0];
         String hubId = loginParts[1];
 
-		UserEntity user = userRepository.findByEmailIgnoreCaseAndHubUniqueUuid(email, hubId)
+        UserEntity user = userRepository.findUserExcludingRoleType(
+                email,
+                hubId,
+                RoleStatusEnum.ROLE_BENEFICIARY.getValue())
 				.orElseThrow(
 		                () -> new UsernameNotFoundException("User " + email + " was not found in the database"));
         return createSpringSecurityUser(user);

src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/UserApiController.java

@@ -125,20 +125,35 @@ public class UserApiController implements UserApi {
     @Override
     public ResponseEntity<Response<Boolean>> changePassword(HttpServletRequest httpServletRequest, @Valid @RequestBody ChangePasswordRequest request) {
         log.info("Change Password attempt for email: {}", request.getEmail());
+
+        /** This code is responsible for "Change user password" operation. **/
+        loggingUtil.logUserAction(UserActionRequest.builder().request(httpServletRequest).actionType(UserActionLogsEnum.UPDATE)
+                .actionContext(UserActionContextEnum.CHANGE_USER_PASSWORD).build());
+
         userService.changePassword(httpServletRequest, request);
         return ResponseEntity.ok(new Response<>(null, Status.SUCCESS, Translator.toLocale(GepafinConstant.SUCCESS_PASSWORD_CHANGED)));
     }
     @Override
-    public ResponseEntity<Response<String>> initiatePasswordReset(InitiatePasswordResetReq request) {
+    public ResponseEntity<Response<Void>> initiatePasswordReset(HttpServletRequest httpServletRequest,InitiatePasswordResetReq request) {
         log.info("Initiating password reset for email: {}", request.getEmail());
-        String resetToken = userService.initiatePasswordReset(request);
+
+        /** This code is responsible for "Initiating Password Reset Request" operation. **/
+        loggingUtil.logUserAction(UserActionRequest.builder().request(httpServletRequest).actionType(UserActionLogsEnum.UPDATE)
+                .actionContext(UserActionContextEnum.INITIATE_PASSWORD_RESET_REQUEST).build());
+
+        userService.initiatePasswordReset(request);
         log.info("Password reset token generated for email: {}", request.getEmail());
-        return ResponseEntity.ok(new Response<>(resetToken, Status.SUCCESS, Translator.toLocale(GepafinConstant.RESET_PASSWORD_INITIATED)));
+        return ResponseEntity.ok(new Response<>(null, Status.SUCCESS, Translator.toLocale(GepafinConstant.RESET_PASSWORD_INITIATED)));
     }
 
     @Override
-    public ResponseEntity<Response<Boolean>> resetPassword(ResetPasswordReq request) {
+    public ResponseEntity<Response<Boolean>> resetPassword(HttpServletRequest httpServletRequest,ResetPasswordReq request) {
         log.info("Resetting password for username: {}", request.getEmail());
+
+        /** This code is responsible for "Resest user password" operation. **/
+        loggingUtil.logUserAction(UserActionRequest.builder().request(httpServletRequest).actionType(UserActionLogsEnum.UPDATE)
+                .actionContext(UserActionContextEnum.RESET_USER_PASSWORD).build());
+
         Boolean success = userService.resetPassword(request);
         if (success) {
             log.info("Password reset successfully for username: {}", request.getEmail());

src/main/resources/db/changelog/db.changelog-1.0.0.xml

@@ -1961,6 +1961,17 @@
             </column>
         </addColumn>
     </changeSet>
+    <changeSet id="02-12-2024_1" author="Rajesh Khore">
+        <sql dbms="postgresql">select
+            setval('gepafin_schema.system_email_template_id_seq', (select
+            max(id)+1
+            from gepafin_schema.system_email_template), false)
+        </sql>
+        <sqlFile dbms="postgresql"
+                 path="db/dump/insert_system_email_template_for_user_28_11_2024.sql"/>
+        <sqlFile dbms="postgresql"
+                 path="db/dump/insert_system_email_template_for_reset_password_28_11_2024.sql"/>
+    </changeSet>
     <changeSet id="03-12-2024_1" author="Piyush">
         <sqlFile dbms="postgresql"
                  path="db/dump/update_system_email_template_for_updating_amendment_mail_notification_mail_03_12_2024_1.sql"/>

src/main/resources/db/dump/insert_system_email_template_for_reset_password_28_11_2024.sql

@@ -0,0 +1,60 @@
+INSERT INTO gepafin_schema.system_email_template
+(template_name, "type", html_content, subject, "json", "system", is_deleted, created_date, updated_date,email_scenario)
+VALUES
+(
+ 'Password Reset Link Email (Italian)',
+ 'PASSWORD_RESET',
+ '<table border="0" style="background: #f5f5f5; text-align: center; width: 100%; max-width: 600px; padding: 20px;" align="center" cellpadding="0" cellspacing="0">
+      <tbody>
+        <tr>
+          <td>
+            <table>
+              <thead>
+                <tr>
+                  <th>
+                    <p style="font-weight: 600; color: #000; font-family: open sans; font-size: 26px; margin: 0; padding-bottom: 20px;">Richiesta di Reimpostazione Password</p>
+                  </th>
+                </tr>
+              </thead>
+              <tbody align="left">
+                <tr>
+                  <td>
+                    <p style="margin: 8px 0px;">Gentile {{user_name}},</p>
+                    <p style="margin: 8px 0px;">Hai richiesto di reimpostare la tua password.</p>
+                  </td>
+                </tr>
+                <tr>
+                  <td>
+                    <p style="margin: 8px 0px;">Cordiali saluti,</p>
+                    <p style="margin: 8px 0px;"><strong>{{email_signature}}</strong></p>
+                  </td>
+                </tr>
+                   <tr>
+                                  <td style="padding-top: 20px;">
+                                    <!-- Button added here -->
+                                    <a href="{{reset_password_link}}" style="background-color: #007bff;
+                                        color: #fff;
+                                        font-family: open sans;
+                                        border-radius: 5px;
+                                        box-sizing: border-box;
+                                        cursor: pointer;
+                                        font-size: 14px;
+                                        font-weight: bold;
+                                        width: 100%;
+                                        max-width: 280px;
+                                        padding: 12px 25px;">Reimposta la Password</a>
+                                  </td>
+                                </tr>
+              </tbody>
+            </table>
+          </td>
+        </tr>
+      </tbody>
+    </table>',
+ 'Richiesta di Reimpostazione Password',
+ NULL,
+ true,
+ false,
+ CURRENT_TIMESTAMP,
+ CURRENT_TIMESTAMP,
+ 'PASSWORD_RESET_REQUEST');

src/main/resources/db/dump/insert_system_email_template_for_user_28_11_2024.sql

@@ -0,0 +1,29 @@
+INSERT INTO gepafin_schema.system_email_template
+(template_name, "type", html_content, subject, "json", "system", is_deleted, created_date, updated_date, email_scenario)
+VALUES
+(
+    'Welcome Email for New User',
+    'USER_ONBOARDING',
+    '<html>
+        <body style="font-family: Arial, sans-serif; color: #000; line-height: 1.6;">
+            <div style="padding: 20px; border: 1px solid #ddd; border-radius: 8px; max-width: 600px; margin: auto;">
+                <p><strong>Benvenuto!</strong></p>
+                <p>Ciao {{user_name}},</p>
+                <p>Siamo lieti di averti con noi. Di seguito trovi alcune informazioni utili:</p>
+                <ul>
+                    <li><strong>Nome Utente:</strong> {{user_email}}</li>
+                </ul>
+                <p>Per accedere, utilizza il tuo indirizzo email registrato. Se hai bisogno di supporto, non esitare a contattarci.</p>
+                <p>Distinti saluti,</p>
+                <p><strong>{{email_signature}}</strong></p>
+            </div>
+        </body>
+    </html>',
+    'Welcome - {{user_name}}',
+    NULL,
+    true,
+    false,
+    CURRENT_TIMESTAMP,
+    CURRENT_TIMESTAMP,
+    'USER_CREATION'
+);