From cac4a7efacd6d975697199197217e57ff2409d4c Mon Sep 17 00:00:00 2001 From: rajesh Date: Mon, 2 Dec 2024 18:20:08 +0530 Subject: [PATCH] User management --- .../config/SamlSuccessHandler.java | 2 +- .../constants/GepafinConstant.java | 1 + .../gepafin/tendermanagement/dao/UserDao.java | 195 ++++++++++++++---- .../entities/SystemEmailTemplatesEntity.java | 2 + .../enums/EmailScenarioTypeEnum.java | 2 + .../enums/UserActionContextEnum.java | 4 +- .../repositories/UserRepository.java | 32 ++- .../tendermanagement/service/UserService.java | 2 +- .../service/impl/AuthenticationService.java | 19 +- .../service/impl/UserServiceImpl.java | 4 +- .../gepafin/tendermanagement/util/Utils.java | 11 +- .../web/rest/api/UserApi.java | 4 +- .../api/impl/CustomUserDetailsService.java | 6 +- .../web/rest/api/impl/UserApiController.java | 23 ++- .../db/changelog/db.changelog-1.0.0.xml | 12 +- ...template_for_reset_password_28_11_2024.sql | 65 ++++++ ...tem_email_template_for_user_28_11_2024.sql | 29 +++ 17 files changed, 351 insertions(+), 62 deletions(-) create mode 100644 src/main/resources/db/dump/insert_system_email_template_for_reset_password_28_11_2024.sql create mode 100644 src/main/resources/db/dump/insert_system_email_template_for_user_28_11_2024.sql diff --git a/src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java b/src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java index 14f2b1bf..850d2451 100644 --- a/src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java +++ b/src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java @@ -63,7 +63,7 @@ public class SamlSuccessHandler implements AuthenticationSuccessHandler { Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) samlAuth.getPrincipal(); Map> userAttributes = principal.getAttributes(); - String token = Utils.generateSecureToken(); + String token = Utils.generateSecureSamlToken(); logger.info("SAML User Attributes: " + userAttributes); // Extracting raw SAML response diff --git a/src/main/java/net/gepafin/tendermanagement/constants/GepafinConstant.java b/src/main/java/net/gepafin/tendermanagement/constants/GepafinConstant.java index 97730f80..aaa3279b 100644 --- a/src/main/java/net/gepafin/tendermanagement/constants/GepafinConstant.java +++ b/src/main/java/net/gepafin/tendermanagement/constants/GepafinConstant.java @@ -302,5 +302,6 @@ public class GepafinConstant { public static final String USER_ID = "userId"; public static final String LOGIN_ATTEMPT_ID = "loginAttemptId"; public static final String USER_ACTION_ID = "userActionId"; + public static final String RESET_PASSWORD_URL_FORMAT = "/reset-password?token=%s&email=%s"; } diff --git a/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java b/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java index da5c6f07..41483d36 100644 --- a/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java +++ b/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java @@ -6,21 +6,15 @@ import net.gepafin.tendermanagement.config.SamlSuccessHandler; import net.gepafin.tendermanagement.config.Translator; import net.gepafin.tendermanagement.constants.GepafinConstant; import net.gepafin.tendermanagement.entities.*; -import net.gepafin.tendermanagement.enums.RoleStatusEnum; -import net.gepafin.tendermanagement.enums.UserActionContextEnum; -import net.gepafin.tendermanagement.enums.UserActionLogsEnum; -import net.gepafin.tendermanagement.enums.UserStatusEnum; -import net.gepafin.tendermanagement.enums.VersionActionTypeEnum; +import net.gepafin.tendermanagement.enums.*; import net.gepafin.tendermanagement.model.request.*; -import net.gepafin.tendermanagement.model.response.CompanyResponse; -import net.gepafin.tendermanagement.model.response.RoleResponseBean; -import net.gepafin.tendermanagement.model.response.UserSamlResponse; -import net.gepafin.tendermanagement.model.response.UserResponseBean; +import net.gepafin.tendermanagement.model.response.*; import net.gepafin.tendermanagement.model.util.JWTToken; import net.gepafin.tendermanagement.repositories.BeneficiaryRepository; import net.gepafin.tendermanagement.repositories.UserRepository; import net.gepafin.tendermanagement.service.HubService; import net.gepafin.tendermanagement.service.RoleService; +import net.gepafin.tendermanagement.service.SystemEmailTemplatesService; import net.gepafin.tendermanagement.service.impl.AuthenticationService; import net.gepafin.tendermanagement.util.LoggingUtil; import net.gepafin.tendermanagement.util.Utils; @@ -39,6 +33,7 @@ import org.springframework.stereotype.Component; import java.util.ArrayList; import java.util.List; +import java.util.Map; import java.util.stream.Collectors; import static net.gepafin.tendermanagement.util.Utils.setIfUpdated; @@ -90,6 +85,18 @@ public class UserDao { @Autowired private HttpServletRequest request; + @Autowired + private SystemEmailTemplatesService systemEmailTemplatesService; + + @Autowired + private EmailLogDao emailLogDao; + + @Autowired + private EmailNotificationDao emailNotificationDao; + + @Value("${fe.base.url}") + private String feBaseUrl; + public JWTToken createUser(HttpServletRequest request, String tempToken, UserReq userReq) { if (StringUtils.isEmpty(userReq.getHubUuid())) { @@ -120,9 +127,35 @@ public class UserDao { /** This code is responsible for adding a version history log for the "Create user" operation. **/ loggingUtil.addVersionHistory(VersionHistoryRequest.builder().request(request).actionType(VersionActionTypeEnum.INSERT).newData(userEntity).build()); + if(beneficiary == null){ + sendEmailToOnboardingUser(userEntity); + } return token; } - + public void sendEmailToOnboardingUser(UserEntity userEntity){ + SystemEmailTemplateResponse emailTemplate = systemEmailTemplatesService.retrieveTemplateByTypeAndCall( + SystemEmailTemplatesEntity.SystemEmailTemplatesEntityTypeEnum.USER_ONBOARDING, userEntity.getHub(), null); + EmailLogRequest emailLogRequest = emailLogDao.createEmailLogRequest(emailTemplate.getEmailScenario(), RecipientTypeEnum.USER, userEntity.getId(), userEntity.getEmail(), + userEntity.getId(), null, null, null); + String firstName = userEntity.getFirstName() != null ? userEntity.getFirstName() : ""; + String lastName = userEntity.getLastName() != null ? userEntity.getLastName() : ""; + String userName = String.join(" ", firstName, lastName).trim(); + String subject = Utils.replacePlaceholders(emailTemplate.getSubject(), Map.of( + "{{user_name}}", userName + )); + String body = Utils.replacePlaceholders(emailTemplate.getHtmlContent(), Map.of( + "{{user_name}}", userName, + "{{user_email}}", userEntity.getEmail() + )); + + emailNotificationDao.sendMail( + userEntity.getHub().getId(), + subject, + body, + List.of(userEntity.getEmail()), + emailLogRequest + ); + } private BeneficiaryEntity createBeneficiary(RoleEntity roleEntity, UserReq userReq, HubEntity hub) { BeneficiaryEntity beneficiaryEntity = null; if (RoleStatusEnum.ROLE_BENEFICIARY.getValue().equals(roleEntity.getRoleType())) { @@ -164,12 +197,10 @@ public class UserDao { Translator.toLocale(GepafinConstant.VALIDATE_EMAIL)); } log.info("Creating user with email: {}", userReq.getEmail()); - if (userRepository.existsByEmailIgnoreCaseAndHubUniqueUuid(userReq.getEmail(), userReq.getHubUuid())) { - log.error("User creation failed: Email {} already exists", userReq.getEmail()); - throw new CustomValidationException(Status.VALIDATION_ERROR, - Translator.toLocale(GepafinConstant.EMAIL_ALREADY_EXISTS)); - } - if (Boolean.FALSE.equals(StringUtils.isEmpty(userReq.getCodiceFiscale())) + RoleEntity roleEntity = roleService.validateRole(userReq.getRoleId()); + validateDuplicateEmail(userReq.getEmail(), userReq.getHubUuid(), roleEntity.getRoleType()); + + if (Boolean.FALSE.equals(StringUtils.isEmpty(userReq.getCodiceFiscale())) && userRepository.existsByBeneficiaryCodiceFiscaleAndHubId(userReq.getCodiceFiscale(), hub.getId())) { log.error("User creation failed: CodiceFiscale {} already exists", userReq.getCodiceFiscale()); throw new CustomValidationException(Status.VALIDATION_ERROR, @@ -191,8 +222,29 @@ public class UserDao { } } } + private void validateDuplicateEmail(String email, String hubUuid, String roleType) { + Boolean existsForNonBeneficiaries = userRepository.existsByEmailIgnoreCaseForNonBeneficiaries( + email, hubUuid, RoleStatusEnum.ROLE_BENEFICIARY.getValue()); - private void validatePassword(String password, String confirmPassword, String tempToken) { + Boolean beneficiaryExistsInHub = userRepository.existsByEmailIgnoreCaseForBeneficiaries( + email, hubUuid, RoleStatusEnum.ROLE_BENEFICIARY.getValue()); + + if (Boolean.TRUE.equals(RoleStatusEnum.ROLE_BENEFICIARY.getValue().equals(roleType))) { + if (beneficiaryExistsInHub) { + throw new CustomValidationException(Status.VALIDATION_ERROR, + Translator.toLocale(GepafinConstant.EMAIL_ALREADY_EXISTS)); + } + } + else { + if (existsForNonBeneficiaries) { + throw new CustomValidationException(Status.VALIDATION_ERROR, + Translator.toLocale(GepafinConstant.EMAIL_ALREADY_EXISTS)); + } + } + } + + + private void validatePassword(String password, String confirmPassword, String tempToken) { if (StringUtils.isEmpty(password) || StringUtils.isEmpty(confirmPassword)) { if(tempToken == null) { throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.VALIDATE_PASSWORD)); @@ -263,7 +315,7 @@ public class UserDao { userEntity.setAddress(userReq.getAddress()); userEntity.setPhoneNumber(userReq.getPhoneNumber()); userEntity.setDateOfBirth(userReq.getDateOfBirth()); - } + } return userRepository.save(userEntity); } @@ -362,25 +414,83 @@ public class UserDao { return user; } - public String initiatePasswordReset(InitiatePasswordResetReq resetReq) { - UserEntity user = userRepository - .findByEmailIgnoreCaseAndHubUniqueUuid(resetReq.getEmail(), resetReq.getHubUuid()) - .orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND, - Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG))); + public void initiatePasswordReset(InitiatePasswordResetReq resetReq) { + UserEntity user = userRepository.findUserExcludingRoleType( + resetReq.getEmail(), + resetReq.getHubUuid(), + RoleStatusEnum.ROLE_BENEFICIARY.getValue() + ).orElseThrow(() -> new ResourceNotFoundException( + Status.NOT_FOUND, + Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG) + )); + UserEntity oldUserEntity = Utils.getClonedEntityForData(user); String token = Utils.generateSecureToken(); user.setResetPasswordToken(token); userRepository.save(user); + + /** This code is responsible for adding a version history log for the "Initiate password reset request" operation **/ + loggingUtil.addVersionHistory(VersionHistoryRequest.builder().request(request).actionType(VersionActionTypeEnum.UPDATE).oldData(oldUserEntity).newData(user).build()); + log.info("Password reset token generated for user: {}", resetReq.getEmail()); - return token; + + sendResetPasswordTokenEmail(user, token); + } + public void sendResetPasswordTokenEmail(UserEntity user, String token) { + + SystemEmailTemplateResponse emailTemplate = systemEmailTemplatesService.retrieveTemplateByTypeAndCall( + SystemEmailTemplatesEntity.SystemEmailTemplatesEntityTypeEnum.PASSWORD_RESET, user.getHub(), null); + String redirectUrl = feBaseUrl; + if (Boolean.FALSE.equals(StringUtils.isEmpty(user.getHub().getDomainName()))) { + redirectUrl = user.getHub().getDomainName(); + } + + EmailLogRequest emailLogRequest = emailLogDao.createEmailLogRequest( + emailTemplate.getEmailScenario(), + RecipientTypeEnum.USER, + user.getId(), + user.getEmail(), + user.getId(), + null, + null, + null); + redirectUrl = String.format( + user.getHub().getDomainName() + GepafinConstant.RESET_PASSWORD_URL_FORMAT, + token, + user.getEmail() + ); + String firstName = user.getFirstName() != null ? user.getFirstName() : ""; + String lastName = user.getLastName() != null ? user.getLastName() : ""; + String userName = String.join(" ", firstName, lastName).trim(); + String subject = Utils.replacePlaceholders(emailTemplate.getSubject(), Map.of( + "{{user_name}}", userName + )); + String body = Utils.replacePlaceholders(emailTemplate.getHtmlContent(), Map.of( + "{{user_name}}", userName, + "{{reset_password_link}}", redirectUrl + )); + emailNotificationDao.sendMail( + user.getHub().getId(), + subject, + body, + List.of(user.getEmail()), + emailLogRequest + ); + + log.info("Password reset token email sent to: {}", user.getEmail()); } public Boolean resetPassword(ResetPasswordReq resetPasswordReq) { - UserEntity user = userRepository - .findByEmailIgnoreCaseAndHubUniqueUuid(resetPasswordReq.getEmail(), resetPasswordReq.getHubUuid()) - .orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND, - Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG))); - + UserEntity user = userRepository.findUserExcludingRoleType( + resetPasswordReq.getEmail(), + resetPasswordReq.getHubUuid(), + RoleStatusEnum.ROLE_BENEFICIARY.getValue() + ).orElseThrow(() -> new ResourceNotFoundException( + Status.NOT_FOUND, + Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG) + )); + + UserEntity oldUserEntity = Utils.getClonedEntityForData(user); if (!resetPasswordReq.getNewPassword().equals(resetPasswordReq.getConfirmPassword())) { log.info("User creation failed: Passwords do not match for email {}", user.getEmail()); throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.PASSWORD_DOESNT_MATCH)); @@ -395,25 +505,36 @@ public class UserDao { user.setPassword(passwordEncoder.encode(resetPasswordReq.getNewPassword())); user.setResetPasswordToken(null); userRepository.save(user); + + /** This code is responsible for adding a version history log for the "Reset Password " operation **/ + loggingUtil.addVersionHistory(VersionHistoryRequest.builder().request(request).actionType(VersionActionTypeEnum.UPDATE).oldData(oldUserEntity).newData(user).build()); + log.info("Password successfully reset for user: {}", resetPasswordReq.getEmail()); return true; } - public Boolean changePassword(UserEntity userEntity, ChangePasswordRequest request) { + public Boolean changePassword(UserEntity userEntity, ChangePasswordRequest changePasswordRequest) { UserEntity user = userRepository - .findByEmailIgnoreCaseAndHubUniqueUuid(request.getEmail(), userEntity.getHub().getUniqueUuid()) - .orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND, - Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG))); - - if (!passwordEncoder.matches(request.getPassword(), user.getPassword())) { + .findUserExcludingRoleType(changePasswordRequest.getEmail(), userEntity.getHub().getUniqueUuid(),RoleStatusEnum.ROLE_BENEFICIARY.getValue()) + .orElseThrow(() -> new ResourceNotFoundException( + Status.NOT_FOUND, + Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG) + )); + UserEntity oldUserEntity = Utils.getClonedEntityForData(userEntity); + if (!passwordEncoder.matches(changePasswordRequest.getPassword(), user.getPassword())) { throw new ResourceNotFoundException(Status.NOT_FOUND, Translator.toLocale(GepafinConstant.CURRENT_PASSWORD_INCORRECT)); } - if (!request.getNewPassword().equals(request.getConfirmPassword())) { + if (!changePasswordRequest.getNewPassword().equals(changePasswordRequest.getConfirmPassword())) { log.info("User creation failed: Passwords do not match for email {}", user.getEmail()); throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.PASSWORD_DOESNT_MATCH)); } - user.setPassword(passwordEncoder.encode(request.getNewPassword())); + user.setPassword(passwordEncoder.encode(changePasswordRequest.getNewPassword())); userRepository.save(user); + + /** This code is responsible for adding a version history log for the "Change user password" operation **/ + loggingUtil.addVersionHistory(VersionHistoryRequest.builder().request(request).actionType(VersionActionTypeEnum.UPDATE).oldData(oldUserEntity).newData(user).build()); + + return true; } public void logout(HttpServletRequest request, HttpServletResponse response) { diff --git a/src/main/java/net/gepafin/tendermanagement/entities/SystemEmailTemplatesEntity.java b/src/main/java/net/gepafin/tendermanagement/entities/SystemEmailTemplatesEntity.java index f7974eca..dac3a432 100644 --- a/src/main/java/net/gepafin/tendermanagement/entities/SystemEmailTemplatesEntity.java +++ b/src/main/java/net/gepafin/tendermanagement/entities/SystemEmailTemplatesEntity.java @@ -47,6 +47,8 @@ public class SystemEmailTemplatesEntity extends BaseEntity { INADMISSIBILITY_NOTIFICATION_DUE_TO_FAILURE("INADMISSIBILITY_NOTIFICATION_DUE_TO_FAILURE"), ADMISSIBILITY_NOTIFICATION("ADMISSIBILITY_NOTIFICATION"), AMENDMENT_REMINDER("AMENDMENT_REMINDER"), + USER_ONBOARDING("USER_ONBOARDING"), + PASSWORD_RESET("PASSWORD_RESET"), INADMISSIBILITY_TEMPLATE("INADMISSIBILITY_NOTIFICATION"); private String value; diff --git a/src/main/java/net/gepafin/tendermanagement/enums/EmailScenarioTypeEnum.java b/src/main/java/net/gepafin/tendermanagement/enums/EmailScenarioTypeEnum.java index 493f987c..415f1dd2 100644 --- a/src/main/java/net/gepafin/tendermanagement/enums/EmailScenarioTypeEnum.java +++ b/src/main/java/net/gepafin/tendermanagement/enums/EmailScenarioTypeEnum.java @@ -9,6 +9,8 @@ public enum EmailScenarioTypeEnum { APPLICATION_AMENDMENT_EXPIRED("APPLICATION_AMENDMENT_EXPIRED"), APPLICATION_AMENDMENT_REMINDER("APPLICATION_AMENDMENT_REMINDER"), APPLICATION_APPROVED("APPLICATION_APPROVED"), + USER_CREATION("USER_CREATION"), + PASSWORD_RESET_REQUEST("PASSWORD_RESET_REQUEST"), APPLICATION_REJECTED("APPLICATION_REJECTED"); private final String value; diff --git a/src/main/java/net/gepafin/tendermanagement/enums/UserActionContextEnum.java b/src/main/java/net/gepafin/tendermanagement/enums/UserActionContextEnum.java index 0a92143b..a4d7f3c2 100644 --- a/src/main/java/net/gepafin/tendermanagement/enums/UserActionContextEnum.java +++ b/src/main/java/net/gepafin/tendermanagement/enums/UserActionContextEnum.java @@ -24,7 +24,9 @@ public enum UserActionContextEnum { VALIDATE_EXISTING_USER_WITH_SPID_TOKEN("VALIDATE_EXISTING_USER_WITH_SPID_TOKEN"), GET_VALID_USER_DETAILS("GET_VALID_USER_DETAILS"), GET_ALL_USERS_BY_ROLE("GET_ALL_USERS_BY_ROLE"), - + CHANGE_USER_PASSWORD("CHANGE_USER_PASSWORD"), + INITIATE_PASSWORD_RESET_REQUEST("INITIATE_PASSWORD_RESET_REQUEST"), + RESET_USER_PASSWORD("RESET_USER_PASSWORD"), /** application action context **/ GET_APPLICATION("GET_APPLICATION"), CREATE_UPDATE_APPLICATION_FORM("CREATE_UPDATE_APPLICATION_FORM"), diff --git a/src/main/java/net/gepafin/tendermanagement/repositories/UserRepository.java b/src/main/java/net/gepafin/tendermanagement/repositories/UserRepository.java index 47ab16b8..3a0cf957 100644 --- a/src/main/java/net/gepafin/tendermanagement/repositories/UserRepository.java +++ b/src/main/java/net/gepafin/tendermanagement/repositories/UserRepository.java @@ -2,6 +2,8 @@ package net.gepafin.tendermanagement.repositories; import net.gepafin.tendermanagement.entities.UserEntity; import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.query.Param; import org.springframework.stereotype.Repository; import java.util.List; @@ -12,9 +14,16 @@ public interface UserRepository extends JpaRepository { UserEntity findByBeneficiaryId(Long beneficiaryId); - Optional findByEmailIgnoreCaseAndHubUniqueUuid(String email, String hubUuid); +// Optional findByEmailIgnoreCaseAndHubUniqueUuid(String email, String hubUuid); - boolean existsByEmailIgnoreCaseAndHubUniqueUuid(String email, String hubUuid); + @Query("SELECT u FROM UserEntity u WHERE LOWER(u.email) = LOWER(:email) AND u.hub.uniqueUuid = :hubUuid AND u.roleEntity.roleType <> :roleType") + Optional findUserExcludingRoleType( + @Param("email") String email, + @Param("hubUuid") String hubUuid, + @Param("roleType") String roleType + ); + +// boolean existsByEmailIgnoreCaseAndHubUniqueUuid(String email, String hubUuid); List findByRoleEntityIdAndHubId(Long roleId, Long hubId); @@ -24,5 +33,22 @@ public interface UserRepository extends JpaRepository { Optional findByBeneficiaryCodiceFiscaleAndHubId(String codiceFiscale, Long hubId); - boolean existsByBeneficiaryCodiceFiscaleAndHubId(String codiceFiscale, Long hubId); + Boolean existsByBeneficiaryCodiceFiscaleAndHubId(String codiceFiscale, Long hubId); + + @Query("SELECT COUNT(u) > 0 " + + "FROM UserEntity u " + + "WHERE u.email = :email " + + "AND u.hub.uniqueUuid = :hubUuid " + + "AND u.roleEntity.roleType <> :beneficiaryRoleType") + Boolean existsByEmailIgnoreCaseForNonBeneficiaries(@Param("email") String email, + @Param("hubUuid") String hubUuid, + @Param("beneficiaryRoleType") String beneficiaryRoleType); + + @Query("SELECT CASE WHEN COUNT(u) > 0 THEN true ELSE false END " + + "FROM UserEntity u " + + "WHERE LOWER(u.email) = LOWER(:email) AND u.hub.uniqueUuid = :hubUuid " + + "AND u.roleEntity.roleType = :beneficiaryRoleType") + Boolean existsByEmailIgnoreCaseForBeneficiaries(String email, String hubUuid, String beneficiaryRoleType); + + } diff --git a/src/main/java/net/gepafin/tendermanagement/service/UserService.java b/src/main/java/net/gepafin/tendermanagement/service/UserService.java index 21109a5e..aa534bea 100644 --- a/src/main/java/net/gepafin/tendermanagement/service/UserService.java +++ b/src/main/java/net/gepafin/tendermanagement/service/UserService.java @@ -27,7 +27,7 @@ public interface UserService { UserEntity validateUser(Long userId); - String initiatePasswordReset(InitiatePasswordResetReq resetReq); + void initiatePasswordReset(InitiatePasswordResetReq resetReq); Boolean resetPassword(ResetPasswordReq resetPasswordReq); diff --git a/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java b/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java index d4dab052..1f0194d9 100644 --- a/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java +++ b/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java @@ -12,10 +12,7 @@ import net.gepafin.tendermanagement.entities.HubEntity; import net.gepafin.tendermanagement.entities.LoginAttemptEntity; import net.gepafin.tendermanagement.entities.SamlResponseEntity; import net.gepafin.tendermanagement.entities.UserEntity; -import net.gepafin.tendermanagement.enums.LoginAttemptResultEnum; -import net.gepafin.tendermanagement.enums.LoginAttemptTypeEnum; -import net.gepafin.tendermanagement.enums.UserStatusEnum; -import net.gepafin.tendermanagement.enums.VersionActionTypeEnum; +import net.gepafin.tendermanagement.enums.*; import net.gepafin.tendermanagement.model.request.LoginReq; import net.gepafin.tendermanagement.model.request.VersionHistoryRequest; import net.gepafin.tendermanagement.model.response.CompanyResponse; @@ -40,6 +37,7 @@ import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler; import org.springframework.stereotype.Service; @@ -95,15 +93,22 @@ public class AuthenticationService { LoginAttemptEntity loginAttemptEntity = prepareLoginAttemptEntity(loginReq, request); try { log.info("Attempting login for email: {}", loginReq.getEmail()); + user = userRepository.findUserExcludingRoleType( + loginReq.getEmail(), + loginReq.getHubUuid(), + RoleStatusEnum.ROLE_BENEFICIARY.getValue() + ).orElseThrow(() -> new ResourceNotFoundException( + Status.NOT_FOUND, + Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG) + )); + String emailWithHubId = loginReq.getEmail()+":"+loginReq.getHubUuid(); UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken( emailWithHubId, loginReq.getPassword()); Authentication authentication = this.authenticationManager.authenticate(authenticationToken); SecurityContextHolder.getContext().setAuthentication(authentication); log.info("Authentication successful for email: {}", loginReq.getEmail()); - user = userRepository.findByEmailIgnoreCaseAndHubUniqueUuid(loginReq.getEmail(), loginReq.getHubUuid()) - .orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND, - Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG))); + loginAttemptEntity.setUserId(user.getId()); if (Boolean.FALSE.equals(UserStatusEnum.ACTIVE.getValue().equals(user.getStatus()))) { throw new ResourceNotFoundException(Status.NOT_FOUND, diff --git a/src/main/java/net/gepafin/tendermanagement/service/impl/UserServiceImpl.java b/src/main/java/net/gepafin/tendermanagement/service/impl/UserServiceImpl.java index 9f95b830..744fbacb 100644 --- a/src/main/java/net/gepafin/tendermanagement/service/impl/UserServiceImpl.java +++ b/src/main/java/net/gepafin/tendermanagement/service/impl/UserServiceImpl.java @@ -77,8 +77,8 @@ public class UserServiceImpl implements UserService { } @Override - public String initiatePasswordReset(InitiatePasswordResetReq resetReq) { - return userDao.initiatePasswordReset(resetReq); + public void initiatePasswordReset(InitiatePasswordResetReq resetReq) { + userDao.initiatePasswordReset(resetReq); } @Override diff --git a/src/main/java/net/gepafin/tendermanagement/util/Utils.java b/src/main/java/net/gepafin/tendermanagement/util/Utils.java index 4949e5d5..b3993900 100644 --- a/src/main/java/net/gepafin/tendermanagement/util/Utils.java +++ b/src/main/java/net/gepafin/tendermanagement/util/Utils.java @@ -201,7 +201,7 @@ public class Utils { return new String(decodedBytes, StandardCharsets.UTF_8); } - public static String generateSecureToken() { + public static String generateSecureSamlToken() { SecureRandom secureRandom = new SecureRandom(); byte[] tokenBytes = new byte[24]; secureRandom.nextBytes(tokenBytes); @@ -209,7 +209,14 @@ public class Utils { log.debug("Generated secure token: {}", token); return token; } - + public static String generateSecureToken() { + SecureRandom secureRandom = new SecureRandom(); + byte[] tokenBytes = new byte[5]; + secureRandom.nextBytes(tokenBytes); + String token = Base64.getUrlEncoder().withoutPadding().encodeToString(tokenBytes); + log.debug("Generated secure token: {}", token); + return token; + } public static Map> convertStringIntoMap(String jsonString) { try { return mapper.readValue(jsonString, new TypeReference>>() { diff --git a/src/main/java/net/gepafin/tendermanagement/web/rest/api/UserApi.java b/src/main/java/net/gepafin/tendermanagement/web/rest/api/UserApi.java index c7b8e530..8bf9b780 100644 --- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/UserApi.java +++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/UserApi.java @@ -118,7 +118,7 @@ public interface UserApi { @RequestMapping(value = "/reset-password/initiate", produces = {"application/json"}, method = RequestMethod.POST) - ResponseEntity> initiatePasswordReset( + ResponseEntity> initiatePasswordReset(HttpServletRequest request, @Parameter(description = "Initiate password reset request object", required = true) @Valid @RequestBody InitiatePasswordResetReq initiatePasswordResetReq); @Operation(summary = "Api to reset password", @@ -131,7 +131,7 @@ public interface UserApi { @RequestMapping(value = "/reset-password", produces = {"application/json"}, method = RequestMethod.POST) - ResponseEntity> resetPassword( + ResponseEntity> resetPassword(HttpServletRequest request, @Parameter(description = "Reset password request object", required = true) @Valid @RequestBody ResetPasswordReq resetPasswordReq); @Operation(summary = "Api to change user password", responses = { diff --git a/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/CustomUserDetailsService.java b/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/CustomUserDetailsService.java index d26ab560..dd6ef1ae 100644 --- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/CustomUserDetailsService.java +++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/CustomUserDetailsService.java @@ -2,6 +2,7 @@ package net.gepafin.tendermanagement.web.rest.api.impl; import net.gepafin.tendermanagement.entities.RoleEntity; import net.gepafin.tendermanagement.entities.UserEntity; +import net.gepafin.tendermanagement.enums.RoleStatusEnum; import net.gepafin.tendermanagement.repositories.UserRepository; import org.slf4j.Logger; @@ -35,7 +36,10 @@ public class CustomUserDetailsService implements UserDetailsService { String email = loginParts[0]; String hubId = loginParts[1]; - UserEntity user = userRepository.findByEmailIgnoreCaseAndHubUniqueUuid(email, hubId) + UserEntity user = userRepository.findUserExcludingRoleType( + email, + hubId, + RoleStatusEnum.ROLE_BENEFICIARY.getValue()) .orElseThrow( () -> new UsernameNotFoundException("User " + email + " was not found in the database")); return createSpringSecurityUser(user); diff --git a/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/UserApiController.java b/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/UserApiController.java index 7ff12c2a..9f02a8f6 100644 --- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/UserApiController.java +++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/UserApiController.java @@ -125,20 +125,35 @@ public class UserApiController implements UserApi { @Override public ResponseEntity> changePassword(HttpServletRequest httpServletRequest, @Valid @RequestBody ChangePasswordRequest request) { log.info("Change Password attempt for email: {}", request.getEmail()); + + /** This code is responsible for "Change user password" operation. **/ + loggingUtil.logUserAction(UserActionRequest.builder().request(httpServletRequest).actionType(UserActionLogsEnum.UPDATE) + .actionContext(UserActionContextEnum.CHANGE_USER_PASSWORD).build()); + userService.changePassword(httpServletRequest, request); return ResponseEntity.ok(new Response<>(null, Status.SUCCESS, Translator.toLocale(GepafinConstant.SUCCESS_PASSWORD_CHANGED))); } @Override - public ResponseEntity> initiatePasswordReset(InitiatePasswordResetReq request) { + public ResponseEntity> initiatePasswordReset(HttpServletRequest httpServletRequest,InitiatePasswordResetReq request) { log.info("Initiating password reset for email: {}", request.getEmail()); - String resetToken = userService.initiatePasswordReset(request); + + /** This code is responsible for "Initiating Password Reset Request" operation. **/ + loggingUtil.logUserAction(UserActionRequest.builder().request(httpServletRequest).actionType(UserActionLogsEnum.UPDATE) + .actionContext(UserActionContextEnum.INITIATE_PASSWORD_RESET_REQUEST).build()); + + userService.initiatePasswordReset(request); log.info("Password reset token generated for email: {}", request.getEmail()); - return ResponseEntity.ok(new Response<>(resetToken, Status.SUCCESS, Translator.toLocale(GepafinConstant.RESET_PASSWORD_INITIATED))); + return ResponseEntity.ok(new Response<>(null, Status.SUCCESS, Translator.toLocale(GepafinConstant.RESET_PASSWORD_INITIATED))); } @Override - public ResponseEntity> resetPassword(ResetPasswordReq request) { + public ResponseEntity> resetPassword(HttpServletRequest httpServletRequest,ResetPasswordReq request) { log.info("Resetting password for username: {}", request.getEmail()); + + /** This code is responsible for "Resest user password" operation. **/ + loggingUtil.logUserAction(UserActionRequest.builder().request(httpServletRequest).actionType(UserActionLogsEnum.UPDATE) + .actionContext(UserActionContextEnum.RESET_USER_PASSWORD).build()); + Boolean success = userService.resetPassword(request); if (success) { log.info("Password reset successfully for username: {}", request.getEmail()); diff --git a/src/main/resources/db/changelog/db.changelog-1.0.0.xml b/src/main/resources/db/changelog/db.changelog-1.0.0.xml index c209f76a..cc2ee820 100644 --- a/src/main/resources/db/changelog/db.changelog-1.0.0.xml +++ b/src/main/resources/db/changelog/db.changelog-1.0.0.xml @@ -1875,5 +1875,15 @@ - + + select + setval('gepafin_schema.system_email_template_id_seq', (select + max(id)+1 + from gepafin_schema.system_email_template), false) + + + + diff --git a/src/main/resources/db/dump/insert_system_email_template_for_reset_password_28_11_2024.sql b/src/main/resources/db/dump/insert_system_email_template_for_reset_password_28_11_2024.sql new file mode 100644 index 00000000..facb4fdf --- /dev/null +++ b/src/main/resources/db/dump/insert_system_email_template_for_reset_password_28_11_2024.sql @@ -0,0 +1,65 @@ +INSERT INTO gepafin_schema.system_email_template +(template_name, "type", html_content, subject, "json", "system", is_deleted, created_date, updated_date,email_scenario) +VALUES +( + 'Password Reset Link Email (Italian)', + 'PASSWORD_RESET', + ' + + + + + +
+ + + + + + + + + + + + + + + + + + + + +
+

Richiesta di Reimpostazione Password

+
+

Gentile {{user_name}},

+

Hai richiesto di reimpostare la tua password. Puoi farlo cliccando sul link sottostante:

+
+ {{reset_password_link}} +
+

Cordiali saluti,

+

{{email_signature}}

+
+ + Reimposta la Password +
+
', + 'Richiesta di Reimpostazione Password', + NULL, + true, + false, + CURRENT_TIMESTAMP, + CURRENT_TIMESTAMP, + 'PASSWORD_RESET_REQUEST'); diff --git a/src/main/resources/db/dump/insert_system_email_template_for_user_28_11_2024.sql b/src/main/resources/db/dump/insert_system_email_template_for_user_28_11_2024.sql new file mode 100644 index 00000000..cfe54849 --- /dev/null +++ b/src/main/resources/db/dump/insert_system_email_template_for_user_28_11_2024.sql @@ -0,0 +1,29 @@ +INSERT INTO gepafin_schema.system_email_template +(template_name, "type", html_content, subject, "json", "system", is_deleted, created_date, updated_date, email_scenario) +VALUES +( + 'Welcome Email for New User', + 'USER_ONBOARDING', + ' + +
+

Benvenuto!

+

Ciao {{user_name}},

+

Siamo lieti di averti con noi. Di seguito trovi alcune informazioni utili:

+
    +
  • Nome Utente: {{user_email}}
    • +
+

Per accedere, utilizza il tuo indirizzo email registrato. Se hai bisogno di supporto, non esitare a contattarci.

+

Distinti saluti,

+

{{email_signature}}

+
+ + ', + 'Welcome - {{user_name}}', + NULL, + true, + false, + CURRENT_TIMESTAMP, + CURRENT_TIMESTAMP, + 'USER_CREATION' +);