BFLOWS/bflows-bandi-be
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #114 from Kitzanos/feature/GEPAFINBE-120

Browse Source 
GEPAFINBE-120 (User Management )
This commit is contained in:
Rinaldo
2025-01-03 08:28:11 +01:00
committed by GitHub
parent 3a7ca2b222 e61b4788a5
commit 137cd4c448
17 changed files with 352 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java
View File

@@ -63,7 +63,7 @@ public class SamlSuccessHandler implements AuthenticationSuccessHandler {
Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) samlAuth.getPrincipal();
Map<String, List<Object>> userAttributes = principal.getAttributes();
String token = Utils.generateSecureToken();
String token = Utils.generateSecureSamlToken();
logger.info("SAML User Attributes: " + userAttributes);
// Extracting raw SAML response

1
src/main/java/net/gepafin/tendermanagement/constants/GepafinConstant.java
View File

@@ -305,6 +305,7 @@ public class GepafinConstant {
public static final String USER_ID = "userId";
public static final String LOGIN_ATTEMPT_ID = "loginAttemptId";
public static final String USER_ACTION_ID = "userActionId";
public static final String RESET_PASSWORD_URL_FORMAT = "/reset-password?token=%s&email=%s";
public static final String VALID_VATNUMBER_MSG = "valid.vatnumber.message";
public static final String ATLEAST_ONE_ID_REQUIRED="atleast.one.id.required";

197
src/main/java/net/gepafin/tendermanagement/dao/UserDao.java
View File

@@ -6,21 +6,15 @@ import net.gepafin.tendermanagement.config.SamlSuccessHandler;
import net.gepafin.tendermanagement.config.Translator;
import net.gepafin.tendermanagement.constants.GepafinConstant;
import net.gepafin.tendermanagement.entities.*;
import net.gepafin.tendermanagement.enums.RoleStatusEnum;
import net.gepafin.tendermanagement.enums.UserActionContextEnum;
import net.gepafin.tendermanagement.enums.UserActionLogsEnum;
import net.gepafin.tendermanagement.enums.UserStatusEnum;
import net.gepafin.tendermanagement.enums.VersionActionTypeEnum;
import net.gepafin.tendermanagement.enums.*;
import net.gepafin.tendermanagement.model.request.*;
import net.gepafin.tendermanagement.model.response.CompanyResponse;
import net.gepafin.tendermanagement.model.response.RoleResponseBean;
import net.gepafin.tendermanagement.model.response.UserSamlResponse;
import net.gepafin.tendermanagement.model.response.UserResponseBean;
import net.gepafin.tendermanagement.model.response.*;
import net.gepafin.tendermanagement.model.util.JWTToken;
import net.gepafin.tendermanagement.repositories.BeneficiaryRepository;
import net.gepafin.tendermanagement.repositories.UserRepository;
import net.gepafin.tendermanagement.service.HubService;
import net.gepafin.tendermanagement.service.RoleService;
import net.gepafin.tendermanagement.service.SystemEmailTemplatesService;
import net.gepafin.tendermanagement.service.impl.AuthenticationService;
import net.gepafin.tendermanagement.util.LoggingUtil;
import net.gepafin.tendermanagement.util.Utils;
@@ -39,6 +33,7 @@ import org.springframework.stereotype.Component;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import static net.gepafin.tendermanagement.util.Utils.setIfUpdated;
@@ -90,6 +85,18 @@ public class UserDao {
@Autowired
private HttpServletRequest request;
@Autowired
private SystemEmailTemplatesService systemEmailTemplatesService;
@Autowired
private EmailLogDao emailLogDao;
@Autowired
private EmailNotificationDao emailNotificationDao;
@Value("${fe.base.url}")
private String feBaseUrl;
public JWTToken createUser(HttpServletRequest request, String tempToken, UserReq userReq) {
if (StringUtils.isEmpty(userReq.getHubUuid())) {
@@ -120,9 +127,35 @@ public class UserDao {
/** This code is responsible for adding a version history log for the "Create user" operation. **/
loggingUtil.addVersionHistory(VersionHistoryRequest.builder().request(request).actionType(VersionActionTypeEnum.INSERT).newData(userEntity).build());
if(beneficiary == null){
sendEmailToOnboardingUser(userEntity);
}
return token;
}
public void sendEmailToOnboardingUser(UserEntity userEntity){
SystemEmailTemplateResponse emailTemplate = systemEmailTemplatesService.retrieveTemplateByTypeAndCall(
SystemEmailTemplatesEntity.SystemEmailTemplatesEntityTypeEnum.USER_ONBOARDING, userEntity.getHub(), null);
EmailLogRequest emailLogRequest = emailLogDao.createEmailLogRequest(emailTemplate.getEmailScenario(), RecipientTypeEnum.USER, userEntity.getId(), userEntity.getEmail(),
userEntity.getId(), null, null, null);
String firstName = userEntity.getFirstName() != null ? userEntity.getFirstName() : "";
String lastName = userEntity.getLastName() != null ? userEntity.getLastName() : "";
String userName = String.join(" ", firstName, lastName).trim();
String subject = Utils.replacePlaceholders(emailTemplate.getSubject(), Map.of(
"{{user_name}}", userName
));
String body = Utils.replacePlaceholders(emailTemplate.getHtmlContent(), Map.of(
"{{user_name}}", userName,
"{{user_email}}", userEntity.getEmail()
));
emailNotificationDao.sendMail(
userEntity.getHub().getId(),
subject,
body,
List.of(userEntity.getEmail()),
emailLogRequest
);
}
private BeneficiaryEntity createBeneficiary(RoleEntity roleEntity, UserReq userReq, HubEntity hub) {
BeneficiaryEntity beneficiaryEntity = null;
if (RoleStatusEnum.ROLE_BENEFICIARY.getValue().equals(roleEntity.getRoleType())) {
@@ -164,12 +197,10 @@ public class UserDao {
Translator.toLocale(GepafinConstant.VALIDATE_EMAIL));
}
log.info("Creating user with email: {}", userReq.getEmail());
if (userRepository.existsByEmailIgnoreCaseAndHubUniqueUuid(userReq.getEmail(), userReq.getHubUuid())) {
log.error("User creation failed: Email {} already exists", userReq.getEmail());
throw new CustomValidationException(Status.VALIDATION_ERROR,
Translator.toLocale(GepafinConstant.EMAIL_ALREADY_EXISTS));
}
if (Boolean.FALSE.equals(StringUtils.isEmpty(userReq.getCodiceFiscale()))
RoleEntity roleEntity = roleService.validateRole(userReq.getRoleId());
validateDuplicateEmail(userReq.getEmail(), userReq.getHubUuid(), roleEntity.getRoleType());
if (Boolean.FALSE.equals(StringUtils.isEmpty(userReq.getCodiceFiscale()))
&& userRepository.existsByBeneficiaryCodiceFiscaleAndHubId(userReq.getCodiceFiscale(), hub.getId())) {
log.error("User creation failed: CodiceFiscale {} already exists", userReq.getCodiceFiscale());
throw new CustomValidationException(Status.VALIDATION_ERROR,
@@ -192,7 +223,30 @@ public class UserDao {
}
}
private void validatePassword(String password, String confirmPassword, String tempToken) {
private void validateDuplicateEmail(String email, String hubUuid, String roleType) {
String beneficiaryRoleType = RoleStatusEnum.ROLE_BENEFICIARY.getValue();
if (beneficiaryRoleType.equals(roleType)) {
Boolean beneficiaryExistsInHub = userRepository.existsByEmailIgnoreCaseForBeneficiaries(
email, hubUuid, beneficiaryRoleType);
if (Boolean.TRUE.equals(beneficiaryExistsInHub)) {
throw new CustomValidationException(Status.VALIDATION_ERROR,
Translator.toLocale(GepafinConstant.EMAIL_ALREADY_EXISTS));
}
} else {
Boolean existsForNonBeneficiaries = userRepository.existsByEmailIgnoreCaseForNonBeneficiaries(
email, hubUuid, beneficiaryRoleType);
if (Boolean.TRUE.equals(existsForNonBeneficiaries)) {
throw new CustomValidationException(Status.VALIDATION_ERROR,
Translator.toLocale(GepafinConstant.EMAIL_ALREADY_EXISTS));
}
}
}
private void validatePassword(String password, String confirmPassword, String tempToken) {
if (StringUtils.isEmpty(password) || StringUtils.isEmpty(confirmPassword)) {
if(tempToken == null) {
throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.VALIDATE_PASSWORD));
@@ -267,7 +321,7 @@ public class UserDao {
userEntity.setAddress(userReq.getAddress());
userEntity.setPhoneNumber(userReq.getPhoneNumber());
userEntity.setDateOfBirth(userReq.getDateOfBirth());
}
}
return userRepository.save(userEntity);
}
@@ -366,25 +420,83 @@ public class UserDao {
return user;
}
public String initiatePasswordReset(InitiatePasswordResetReq resetReq) {
UserEntity user = userRepository
.findByEmailIgnoreCaseAndHubUniqueUuid(resetReq.getEmail(), resetReq.getHubUuid())
.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)));
public void initiatePasswordReset(InitiatePasswordResetReq resetReq) {
UserEntity user = userRepository.findUserExcludingRoleType(
resetReq.getEmail(),
resetReq.getHubUuid(),
RoleStatusEnum.ROLE_BENEFICIARY.getValue()
).orElseThrow(() -> new ResourceNotFoundException(
Status.NOT_FOUND,
Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)
));
UserEntity oldUserEntity = Utils.getClonedEntityForData(user);
String token = Utils.generateSecureToken();
user.setResetPasswordToken(token);
userRepository.save(user);
/** This code is responsible for adding a version history log for the "Initiate password reset request" operation **/
loggingUtil.addVersionHistory(VersionHistoryRequest.builder().request(request).actionType(VersionActionTypeEnum.UPDATE).oldData(oldUserEntity).newData(user).build());
log.info("Password reset token generated for user: {}", resetReq.getEmail());
return token;
sendResetPasswordTokenEmail(user, token);
}
public void sendResetPasswordTokenEmail(UserEntity user, String token) {
SystemEmailTemplateResponse emailTemplate = systemEmailTemplatesService.retrieveTemplateByTypeAndCall(
SystemEmailTemplatesEntity.SystemEmailTemplatesEntityTypeEnum.PASSWORD_RESET, user.getHub(), null);
String redirectUrl = feBaseUrl;
if (Boolean.FALSE.equals(StringUtils.isEmpty(user.getHub().getDomainName()))) {
redirectUrl = user.getHub().getDomainName();
}
EmailLogRequest emailLogRequest = emailLogDao.createEmailLogRequest(
emailTemplate.getEmailScenario(),
RecipientTypeEnum.USER,
user.getId(),
user.getEmail(),
user.getId(),
null,
null,
null);
redirectUrl = String.format(
user.getHub().getDomainName() + GepafinConstant.RESET_PASSWORD_URL_FORMAT,
token,
user.getEmail()
);
String firstName = user.getFirstName() != null ? user.getFirstName() : "";
String lastName = user.getLastName() != null ? user.getLastName() : "";
String userName = String.join(" ", firstName, lastName).trim();
String subject = Utils.replacePlaceholders(emailTemplate.getSubject(), Map.of(
"{{user_name}}", userName
));
String body = Utils.replacePlaceholders(emailTemplate.getHtmlContent(), Map.of(
"{{user_name}}", userName,
"{{reset_password_link}}", redirectUrl
));
emailNotificationDao.sendMail(
user.getHub().getId(),
subject,
body,
List.of(user.getEmail()),
emailLogRequest
);
log.info("Password reset token email sent to: {}", user.getEmail());
}
public Boolean resetPassword(ResetPasswordReq resetPasswordReq) {
UserEntity user = userRepository
.findByEmailIgnoreCaseAndHubUniqueUuid(resetPasswordReq.getEmail(), resetPasswordReq.getHubUuid())
.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)));
UserEntity user = userRepository.findUserExcludingRoleType(
resetPasswordReq.getEmail(),
resetPasswordReq.getHubUuid(),
RoleStatusEnum.ROLE_BENEFICIARY.getValue()
).orElseThrow(() -> new ResourceNotFoundException(
Status.NOT_FOUND,
Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)
));
UserEntity oldUserEntity = Utils.getClonedEntityForData(user);
if (!resetPasswordReq.getNewPassword().equals(resetPasswordReq.getConfirmPassword())) {
log.info("User creation failed: Passwords do not match for email {}", user.getEmail());
throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.PASSWORD_DOESNT_MATCH));
@@ -399,25 +511,36 @@ public class UserDao {
user.setPassword(passwordEncoder.encode(resetPasswordReq.getNewPassword()));
user.setResetPasswordToken(null);
userRepository.save(user);
/** This code is responsible for adding a version history log for the "Reset Password " operation **/
loggingUtil.addVersionHistory(VersionHistoryRequest.builder().request(request).actionType(VersionActionTypeEnum.UPDATE).oldData(oldUserEntity).newData(user).build());
log.info("Password successfully reset for user: {}", resetPasswordReq.getEmail());
return true;
}
public Boolean changePassword(UserEntity userEntity, ChangePasswordRequest request) {
public Boolean changePassword(UserEntity userEntity, ChangePasswordRequest changePasswordRequest) {
UserEntity user = userRepository
.findByEmailIgnoreCaseAndHubUniqueUuid(request.getEmail(), userEntity.getHub().getUniqueUuid())
.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)));
if (!passwordEncoder.matches(request.getPassword(), user.getPassword())) {
.findUserExcludingRoleType(changePasswordRequest.getEmail(), userEntity.getHub().getUniqueUuid(),RoleStatusEnum.ROLE_BENEFICIARY.getValue())
.orElseThrow(() -> new ResourceNotFoundException(
Status.NOT_FOUND,
Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)
));
UserEntity oldUserEntity = Utils.getClonedEntityForData(userEntity);
if (!passwordEncoder.matches(changePasswordRequest.getPassword(), user.getPassword())) {
throw new ResourceNotFoundException(Status.NOT_FOUND, Translator.toLocale(GepafinConstant.CURRENT_PASSWORD_INCORRECT));
}
if (!request.getNewPassword().equals(request.getConfirmPassword())) {
if (!changePasswordRequest.getNewPassword().equals(changePasswordRequest.getConfirmPassword())) {
log.info("User creation failed: Passwords do not match for email {}", user.getEmail());
throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.PASSWORD_DOESNT_MATCH));
}
user.setPassword(passwordEncoder.encode(request.getNewPassword()));
user.setPassword(passwordEncoder.encode(changePasswordRequest.getNewPassword()));
userRepository.save(user);
/** This code is responsible for adding a version history log for the "Change user password" operation **/
loggingUtil.addVersionHistory(VersionHistoryRequest.builder().request(request).actionType(VersionActionTypeEnum.UPDATE).oldData(oldUserEntity).newData(user).build());
return true;
}
public void logout(HttpServletRequest request, HttpServletResponse response) {

2
src/main/java/net/gepafin/tendermanagement/entities/SystemEmailTemplatesEntity.java
View File

@@ -47,6 +47,8 @@ public class SystemEmailTemplatesEntity extends BaseEntity {
INADMISSIBILITY_NOTIFICATION_DUE_TO_FAILURE("INADMISSIBILITY_NOTIFICATION_DUE_TO_FAILURE"),
ADMISSIBILITY_NOTIFICATION("ADMISSIBILITY_NOTIFICATION"),
AMENDMENT_REMINDER("AMENDMENT_REMINDER"),
USER_ONBOARDING("USER_ONBOARDING"),
PASSWORD_RESET("PASSWORD_RESET"),
INADMISSIBILITY_TEMPLATE("INADMISSIBILITY_NOTIFICATION");
private String value;

2
src/main/java/net/gepafin/tendermanagement/enums/EmailScenarioTypeEnum.java
View File

@@ -9,6 +9,8 @@ public enum EmailScenarioTypeEnum {
APPLICATION_AMENDMENT_EXPIRED("APPLICATION_AMENDMENT_EXPIRED"),
APPLICATION_AMENDMENT_REMINDER("APPLICATION_AMENDMENT_REMINDER"),
APPLICATION_APPROVED("APPLICATION_APPROVED"),
USER_CREATION("USER_CREATION"),
PASSWORD_RESET_REQUEST("PASSWORD_RESET_REQUEST"),
APPLICATION_REJECTED("APPLICATION_REJECTED");
private final String value;

4
src/main/java/net/gepafin/tendermanagement/enums/UserActionContextEnum.java
View File

@@ -24,7 +24,9 @@ public enum UserActionContextEnum {
VALIDATE_EXISTING_USER_WITH_SPID_TOKEN("VALIDATE_EXISTING_USER_WITH_SPID_TOKEN"),
GET_VALID_USER_DETAILS("GET_VALID_USER_DETAILS"),
GET_ALL_USERS_BY_ROLE("GET_ALL_USERS_BY_ROLE"),
CHANGE_USER_PASSWORD("CHANGE_USER_PASSWORD"),
INITIATE_PASSWORD_RESET_REQUEST("INITIATE_PASSWORD_RESET_REQUEST"),
RESET_USER_PASSWORD("RESET_USER_PASSWORD"),
/** application action context **/
GET_APPLICATION("GET_APPLICATION"),
CREATE_UPDATE_APPLICATION_FORM("CREATE_UPDATE_APPLICATION_FORM"),

36
src/main/java/net/gepafin/tendermanagement/repositories/UserRepository.java
View File

@@ -2,6 +2,8 @@ package net.gepafin.tendermanagement.repositories;
import net.gepafin.tendermanagement.entities.UserEntity;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.query.Param;
import org.springframework.stereotype.Repository;
import java.util.List;
@@ -12,9 +14,16 @@ public interface UserRepository extends JpaRepository<UserEntity, Long> {
UserEntity findByBeneficiaryId(Long beneficiaryId);
Optional<UserEntity> findByEmailIgnoreCaseAndHubUniqueUuid(String email, String hubUuid);
// Optional<UserEntity> findByEmailIgnoreCaseAndHubUniqueUuid(String email, String hubUuid);
boolean existsByEmailIgnoreCaseAndHubUniqueUuid(String email, String hubUuid);
@Query("SELECT u FROM UserEntity u WHERE LOWER(u.email) = LOWER(:email) AND u.hub.uniqueUuid = :hubUuid AND u.roleEntity.roleType <> :roleType")
Optional<UserEntity> findUserExcludingRoleType(
@Param("email") String email,
@Param("hubUuid") String hubUuid,
@Param("roleType") String roleType
);
// boolean existsByEmailIgnoreCaseAndHubUniqueUuid(String email, String hubUuid);
List<UserEntity> findByRoleEntityIdInAndHubId(List<Long> roleIds, Long hubId);
@@ -24,7 +33,28 @@ public interface UserRepository extends JpaRepository<UserEntity, Long> {
Optional<UserEntity> findByBeneficiaryCodiceFiscaleAndHubId(String codiceFiscale, Long hubId);
boolean existsByBeneficiaryCodiceFiscaleAndHubId(String codiceFiscale, Long hubId);
// Boolean existsByBeneficiaryCodiceFiscaleAndHubId(String codiceFiscale, Long hubId);
@Query("SELECT COUNT(u) > 0 " +
"FROM UserEntity u " +
"WHERE LOWER(u.email) = LOWER(:email) " +
"AND u.hub.uniqueUuid = :hubUuid " +
"AND u.roleEntity.roleType <> :beneficiaryRoleType")
Boolean existsByEmailIgnoreCaseForNonBeneficiaries(@Param("email") String email,
@Param("hubUuid") String hubUuid,
@Param("beneficiaryRoleType") String beneficiaryRoleType);
@Query("SELECT COUNT(u) > 0 " +
"FROM UserEntity u " +
"WHERE LOWER(u.email) = LOWER(:email) " +
"AND u.hub.uniqueUuid = :hubUuid " +
"AND u.roleEntity.roleType = :beneficiaryRoleType")
Boolean existsByEmailIgnoreCaseForBeneficiaries(@Param("email") String email,
@Param("hubUuid") String hubUuid,
@Param("beneficiaryRoleType") String beneficiaryRoleType);
boolean existsByBeneficiaryCodiceFiscaleAndHubId(String codiceFiscale, Long hubId);
List<UserEntity> findByRoleEntity_RoleTypeAndHubId(String roleType, Long hubId);

2
src/main/java/net/gepafin/tendermanagement/service/UserService.java
View File

@@ -27,7 +27,7 @@ public interface UserService {
UserEntity validateUser(Long userId);
String initiatePasswordReset(InitiatePasswordResetReq resetReq);
void initiatePasswordReset(InitiatePasswordResetReq resetReq);
Boolean resetPassword(ResetPasswordReq resetPasswordReq);

19
src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java
View File

@@ -12,10 +12,7 @@ import net.gepafin.tendermanagement.entities.HubEntity;
import net.gepafin.tendermanagement.entities.LoginAttemptEntity;
import net.gepafin.tendermanagement.entities.SamlResponseEntity;
import net.gepafin.tendermanagement.entities.UserEntity;
import net.gepafin.tendermanagement.enums.LoginAttemptResultEnum;
import net.gepafin.tendermanagement.enums.LoginAttemptTypeEnum;
import net.gepafin.tendermanagement.enums.UserStatusEnum;
import net.gepafin.tendermanagement.enums.VersionActionTypeEnum;
import net.gepafin.tendermanagement.enums.*;
import net.gepafin.tendermanagement.model.request.LoginReq;
import net.gepafin.tendermanagement.model.request.VersionHistoryRequest;
import net.gepafin.tendermanagement.model.response.CompanyResponse;
@@ -40,6 +37,7 @@ import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
import org.springframework.stereotype.Service;
@@ -95,15 +93,22 @@ public class AuthenticationService {
LoginAttemptEntity loginAttemptEntity = prepareLoginAttemptEntity(loginReq, request);
try {
log.info("Attempting login for email: {}", loginReq.getEmail());
user = userRepository.findUserExcludingRoleType(
loginReq.getEmail(),
loginReq.getHubUuid(),
RoleStatusEnum.ROLE_BENEFICIARY.getValue()
).orElseThrow(() -> new ResourceNotFoundException(
Status.NOT_FOUND,
Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)
));
String emailWithHubId = loginReq.getEmail()+":"+loginReq.getHubUuid();
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
emailWithHubId, loginReq.getPassword());
Authentication authentication = this.authenticationManager.authenticate(authenticationToken);
SecurityContextHolder.getContext().setAuthentication(authentication);
log.info("Authentication successful for email: {}", loginReq.getEmail());
user = userRepository.findByEmailIgnoreCaseAndHubUniqueUuid(loginReq.getEmail(), loginReq.getHubUuid())
.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)));
loginAttemptEntity.setUserId(user.getId());
if (Boolean.FALSE.equals(UserStatusEnum.ACTIVE.getValue().equals(user.getStatus()))) {
throw new ResourceNotFoundException(Status.NOT_FOUND,

4
src/main/java/net/gepafin/tendermanagement/service/impl/UserServiceImpl.java
View File

@@ -77,8 +77,8 @@ public class UserServiceImpl implements UserService {
}
@Override
public String initiatePasswordReset(InitiatePasswordResetReq resetReq) {
return userDao.initiatePasswordReset(resetReq);
public void initiatePasswordReset(InitiatePasswordResetReq resetReq) {
userDao.initiatePasswordReset(resetReq);
}
@Override

11
src/main/java/net/gepafin/tendermanagement/util/Utils.java
View File

@@ -206,7 +206,7 @@ public class Utils {
return new String(decodedBytes, StandardCharsets.UTF_8);
}
public static String generateSecureToken() {
public static String generateSecureSamlToken() {
SecureRandom secureRandom = new SecureRandom();
byte[] tokenBytes = new byte[24];
secureRandom.nextBytes(tokenBytes);
@@ -214,7 +214,14 @@ public class Utils {
log.debug("Generated secure token: {}", token);
return token;
}
public static String generateSecureToken() {
SecureRandom secureRandom = new SecureRandom();
byte[] tokenBytes = new byte[5];
secureRandom.nextBytes(tokenBytes);
String token = Base64.getUrlEncoder().withoutPadding().encodeToString(tokenBytes);
log.debug("Generated secure token: {}", token);
return token;
}
public static Map<String, List<Object>> convertStringIntoMap(String jsonString) {
try {
return mapper.readValue(jsonString, new TypeReference<Map<String, List<Object>>>() {

4
src/main/java/net/gepafin/tendermanagement/web/rest/api/UserApi.java
View File

@@ -119,7 +119,7 @@ public interface UserApi {
@RequestMapping(value = "/reset-password/initiate",
produces = {"application/json"},
method = RequestMethod.POST)
ResponseEntity<Response<String>> initiatePasswordReset(
ResponseEntity<Response<Void>> initiatePasswordReset(HttpServletRequest request,
@Parameter(description = "Initiate password reset request object", required = true) @Valid @RequestBody InitiatePasswordResetReq initiatePasswordResetReq);
@Operation(summary = "Api to reset password",
@@ -132,7 +132,7 @@ public interface UserApi {
@RequestMapping(value = "/reset-password",
produces = {"application/json"},
method = RequestMethod.POST)
ResponseEntity<Response<Boolean>> resetPassword(
ResponseEntity<Response<Boolean>> resetPassword(HttpServletRequest request,
@Parameter(description = "Reset password request object", required = true) @Valid @RequestBody ResetPasswordReq resetPasswordReq);
@Operation(summary = "Api to change user password",
responses = {

6
src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/CustomUserDetailsService.java
View File

@@ -2,6 +2,7 @@ package net.gepafin.tendermanagement.web.rest.api.impl;
import net.gepafin.tendermanagement.entities.RoleEntity;
import net.gepafin.tendermanagement.entities.UserEntity;
import net.gepafin.tendermanagement.enums.RoleStatusEnum;
import net.gepafin.tendermanagement.repositories.UserRepository;
import org.slf4j.Logger;
@@ -35,7 +36,10 @@ public class CustomUserDetailsService implements UserDetailsService {
String email = loginParts[0];
String hubId = loginParts[1];
UserEntity user = userRepository.findByEmailIgnoreCaseAndHubUniqueUuid(email, hubId)
UserEntity user = userRepository.findUserExcludingRoleType(
email,
hubId,
RoleStatusEnum.ROLE_BENEFICIARY.getValue())
.orElseThrow(
() -> new UsernameNotFoundException("User " + email + " was not found in the database"));
return createSpringSecurityUser(user);

23
src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/UserApiController.java
View File

@@ -125,20 +125,35 @@ public class UserApiController implements UserApi {
@Override
public ResponseEntity<Response<Boolean>> changePassword(HttpServletRequest httpServletRequest, @Valid @RequestBody ChangePasswordRequest request) {
log.info("Change Password attempt for email: {}", request.getEmail());
/** This code is responsible for "Change user password" operation. **/
loggingUtil.logUserAction(UserActionRequest.builder().request(httpServletRequest).actionType(UserActionLogsEnum.UPDATE)
.actionContext(UserActionContextEnum.CHANGE_USER_PASSWORD).build());
userService.changePassword(httpServletRequest, request);
return ResponseEntity.ok(new Response<>(null, Status.SUCCESS, Translator.toLocale(GepafinConstant.SUCCESS_PASSWORD_CHANGED)));
}
@Override
public ResponseEntity<Response<String>> initiatePasswordReset(InitiatePasswordResetReq request) {
public ResponseEntity<Response<Void>> initiatePasswordReset(HttpServletRequest httpServletRequest,InitiatePasswordResetReq request) {
log.info("Initiating password reset for email: {}", request.getEmail());
String resetToken = userService.initiatePasswordReset(request);
/** This code is responsible for "Initiating Password Reset Request" operation. **/
loggingUtil.logUserAction(UserActionRequest.builder().request(httpServletRequest).actionType(UserActionLogsEnum.UPDATE)
.actionContext(UserActionContextEnum.INITIATE_PASSWORD_RESET_REQUEST).build());
userService.initiatePasswordReset(request);
log.info("Password reset token generated for email: {}", request.getEmail());
return ResponseEntity.ok(new Response<>(resetToken, Status.SUCCESS, Translator.toLocale(GepafinConstant.RESET_PASSWORD_INITIATED)));
return ResponseEntity.ok(new Response<>(null, Status.SUCCESS, Translator.toLocale(GepafinConstant.RESET_PASSWORD_INITIATED)));
}
@Override
public ResponseEntity<Response<Boolean>> resetPassword(ResetPasswordReq request) {
public ResponseEntity<Response<Boolean>> resetPassword(HttpServletRequest httpServletRequest,ResetPasswordReq request) {
log.info("Resetting password for username: {}", request.getEmail());
/** This code is responsible for "Resest user password" operation. **/
loggingUtil.logUserAction(UserActionRequest.builder().request(httpServletRequest).actionType(UserActionLogsEnum.UPDATE)
.actionContext(UserActionContextEnum.RESET_USER_PASSWORD).build());
Boolean success = userService.resetPassword(request);
if (success) {
log.info("Password reset successfully for username: {}", request.getEmail());

11
src/main/resources/db/changelog/db.changelog-1.0.0.xml
View File

@@ -1961,6 +1961,17 @@
</column>
</addColumn>
</changeSet>
<changeSet id="02-12-2024_1" author="Rajesh Khore">
<sql dbms="postgresql">select
setval('gepafin_schema.system_email_template_id_seq', (select
max(id)+1
from gepafin_schema.system_email_template), false)
</sql>
<sqlFile dbms="postgresql"
path="db/dump/insert_system_email_template_for_user_28_11_2024.sql"/>
<sqlFile dbms="postgresql"
path="db/dump/insert_system_email_template_for_reset_password_28_11_2024.sql"/>
</changeSet>
<changeSet id="03-12-2024_1" author="Piyush">
<sqlFile dbms="postgresql"
path="db/dump/update_system_email_template_for_updating_amendment_mail_notification_mail_03_12_2024_1.sql"/>

60
src/main/resources/db/dump/insert_system_email_template_for_reset_password_28_11_2024.sql Normal file
View File

@@ -0,0 +1,60 @@
INSERT INTO gepafin_schema.system_email_template
(template_name, "type", html_content, subject, "json", "system", is_deleted, created_date, updated_date,email_scenario)
VALUES
(
'Password Reset Link Email (Italian)',
'PASSWORD_RESET',
'<table border="0" style="background: #f5f5f5; text-align: center; width: 100%; max-width: 600px; padding: 20px;" align="center" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td>
<table>
<thead>
<tr>
<th>
<p style="font-weight: 600; color: #000; font-family: open sans; font-size: 26px; margin: 0; padding-bottom: 20px;">Richiesta di Reimpostazione Password</p>
</th>
</tr>
</thead>
<tbody align="left">
<tr>
<td>
<p style="margin: 8px 0px;">Gentile {{user_name}},</p>
<p style="margin: 8px 0px;">Hai richiesto di reimpostare la tua password.</p>
</td>
</tr>
<tr>
<td>
<p style="margin: 8px 0px;">Cordiali saluti,</p>
<p style="margin: 8px 0px;"><strong>{{email_signature}}</strong></p>
</td>
</tr>
<tr>
<td style="padding-top: 20px;">
<!-- Button added here -->
<a href="{{reset_password_link}}" style="background-color: #007bff;
color: #fff;
font-family: open sans;
border-radius: 5px;
box-sizing: border-box;
cursor: pointer;
font-size: 14px;
font-weight: bold;
width: 100%;
max-width: 280px;
padding: 12px 25px;">Reimposta la Password</a>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>',
'Richiesta di Reimpostazione Password',
NULL,
true,
false,
CURRENT_TIMESTAMP,
CURRENT_TIMESTAMP,
'PASSWORD_RESET_REQUEST');

29
src/main/resources/db/dump/insert_system_email_template_for_user_28_11_2024.sql Normal file
View File

@@ -0,0 +1,29 @@
INSERT INTO gepafin_schema.system_email_template
(template_name, "type", html_content, subject, "json", "system", is_deleted, created_date, updated_date, email_scenario)
VALUES
(
'Welcome Email for New User',
'USER_ONBOARDING',
'<html>
<body style="font-family: Arial, sans-serif; color: #000; line-height: 1.6;">
<div style="padding: 20px; border: 1px solid #ddd; border-radius: 8px; max-width: 600px; margin: auto;">
<p><strong>Benvenuto!</strong></p>
<p>Ciao {{user_name}},</p>
<p>Siamo lieti di averti con noi. Di seguito trovi alcune informazioni utili:</p>
<ul>
<li><strong>Nome Utente:</strong> {{user_email}}</li>
</ul>
<p>Per accedere, utilizza il tuo indirizzo email registrato. Se hai bisogno di supporto, non esitare a contattarci.</p>
<p>Distinti saluti,</p>
<p><strong>{{email_signature}}</strong></p>
</div>
</body>
</html>',
'Welcome - {{user_name}}',
NULL,
true,
false,
CURRENT_TIMESTAMP,
CURRENT_TIMESTAMP,
'USER_CREATION'
);