Example 86 with UserAccountBean
use of org.akaza.openclinica.bean.login.UserAccountBean in project OpenClinica by OpenClinica.
the class SubjectService method getUserAccount.
/**
* Getting the first user account from the database. This would be replaced by an authenticated user who is doing the SOAP requests .
*
* @return UserAccountBean
*/
private UserAccountBean getUserAccount() {
UserAccountBean user = new UserAccountBean();
user.setId(1);
return user;
}
Also used :
UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean)
Example 87 with UserAccountBean
use of org.akaza.openclinica.bean.login.UserAccountBean in project OpenClinica by OpenClinica.
the class ApiSecurityFilter method doFilterInternal.
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
System.out.println("Oh look at you triggering API calls i see !!!!!!");
String authHeader = request.getHeader("Authorization");
if (authHeader != null) {
StringTokenizer st = new StringTokenizer(authHeader);
if (st.hasMoreTokens()) {
String basic = st.nextToken();
if (basic.equalsIgnoreCase("Basic")) {
try {
String credentials = new String(Base64.decodeBase64(st.nextToken().getBytes()), "UTF-8");
int p = credentials.indexOf(":");
if (p != -1) {
String _username = credentials.substring(0, p).trim();
String _password = credentials.substring(p + 1).trim();
UserAccountDAO userAccountDAO = new UserAccountDAO(dataSource);
UserAccountBean ub = (UserAccountBean) userAccountDAO.findByApiKey(_username);
if (!_username.equals("") && ub.getId() != 0) {
request.getSession().setAttribute("userBean", ub);
} else {
unauthorized(response, "Bad credentials");
return;
}
} else {
unauthorized(response, "Invalid authentication token");
return;
}
} catch (UnsupportedEncodingException e) {
throw new Error("Couldn't retrieve authentication", e);
}
}
}
} else {
unauthorized(response);
}
filterChain.doFilter(request, response);
}
Also used :
StringTokenizer(java.util.StringTokenizer)
UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
UserAccountDAO(org.akaza.openclinica.dao.login.UserAccountDAO)
Example 88 with UserAccountBean
use of org.akaza.openclinica.bean.login.UserAccountBean in project OpenClinica by OpenClinica.
the class AuditEventDAO method setStudyAndSubjectInfo.
public AuditEventBean setStudyAndSubjectInfo(AuditEventBean aeb) {
if (aeb.getStudyId() > 0) {
StudyDAO sdao = new StudyDAO(this.ds);
StudyBean sbean = (StudyBean) sdao.findByPK(aeb.getStudyId());
aeb.setStudyName(sbean.getName());
}
if (aeb.getSubjectId() > 0) {
SubjectBean subbean = new SubjectBean();
SubjectDAO subdao = new SubjectDAO(this.ds);
subbean = (SubjectBean) subdao.findByPK(aeb.getSubjectId());
aeb.setSubjectName(subbean.getName());
}
if (aeb.getUserId() > 0) {
UserAccountBean updater = new UserAccountBean();
UserAccountDAO uadao = new UserAccountDAO(this.ds);
updater = (UserAccountBean) uadao.findByPK(aeb.getUserId());
aeb.setUpdater(updater);
}
return aeb;
}
Also used :
SubjectBean(org.akaza.openclinica.bean.submit.SubjectBean)
SubjectDAO(org.akaza.openclinica.dao.submit.SubjectDAO)
StudyBean(org.akaza.openclinica.bean.managestudy.StudyBean)
UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean)
StudyDAO(org.akaza.openclinica.dao.managestudy.StudyDAO)
UserAccountDAO(org.akaza.openclinica.dao.login.UserAccountDAO)
Example 89 with UserAccountBean
use of org.akaza.openclinica.bean.login.UserAccountBean in project OpenClinica by OpenClinica.
the class CreateUserAccountServlet method processRequest.
@Override
protected void processRequest() throws Exception {
FormProcessor fp = new FormProcessor(request);
StudyDAO sdao = new StudyDAO(sm.getDataSource());
// YW 11-28-2007 << list sites under their studies
ArrayList<StudyBean> all = (ArrayList<StudyBean>) sdao.findAll();
ArrayList<StudyBean> finalList = new ArrayList<StudyBean>();
for (StudyBean sb : all) {
if (!(sb.getParentStudyId() > 0)) {
finalList.add(sb);
finalList.addAll(sdao.findAllByParent(sb.getId()));
}
}
addEntityList("studies", finalList, respage.getString("a_user_cannot_be_created_no_study_as_active"), Page.ADMIN_SYSTEM);
// YW >>
Map roleMap = new LinkedHashMap();
for (Iterator it = getRoles().iterator(); it.hasNext(); ) {
Role role = (Role) it.next();
// I added the below if statement , to exclude displaying on study level the newly added 'ReseachAssisstant2' role by default.
if (role.getId() != 7)
roleMap.put(role.getId(), role.getDescription());
// roleMap.put(role.getId(), role.getDescription());
}
// addEntityList("roles", getRoles(), respage.getString("a_user_cannot_be_created_no_roles_as_role"), Page.ADMIN_SYSTEM);
request.setAttribute("roles", roleMap);
ArrayList types = UserType.toArrayList();
types.remove(UserType.INVALID);
if (!ub.isTechAdmin()) {
types.remove(UserType.TECHADMIN);
}
addEntityList("types", types, respage.getString("a_user_cannot_be_created_no_user_types_for"), Page.ADMIN_SYSTEM);
Boolean changeRoles = request.getParameter("changeRoles") == null ? false : Boolean.parseBoolean(request.getParameter("changeRoles"));
int activeStudy = fp.getInt(INPUT_STUDY);
if (changeRoles) {
StudyBean study = (StudyBean) sdao.findByPK(activeStudy);
roleMap = new LinkedHashMap();
ResourceBundle resterm = org.akaza.openclinica.i18n.util.ResourceBundleProvider.getTermsBundle();
if (study.getParentStudyId() > 0) {
for (Iterator it = getRoles().iterator(); it.hasNext(); ) {
Role role = (Role) it.next();
switch(role.getId()) {
// break;
case 4:
roleMap.put(role.getId(), resterm.getString("site_investigator").trim());
break;
case 5:
roleMap.put(role.getId(), resterm.getString("site_Data_Entry_Person").trim());
break;
case 6:
roleMap.put(role.getId(), resterm.getString("site_monitor").trim());
break;
case 7:
roleMap.put(role.getId(), resterm.getString("site_Data_Entry_Person2").trim());
break;
default:
}
}
} else {
for (Iterator it = getRoles().iterator(); it.hasNext(); ) {
Role role = (Role) it.next();
switch(role.getId()) {
case 2:
roleMap.put(role.getId(), resterm.getString("Study_Coordinator").trim());
break;
case 3:
roleMap.put(role.getId(), resterm.getString("Study_Director").trim());
break;
case 4:
roleMap.put(role.getId(), resterm.getString("Investigator").trim());
break;
case 5:
roleMap.put(role.getId(), resterm.getString("Data_Entry_Person").trim());
break;
case 6:
roleMap.put(role.getId(), resterm.getString("Monitor").trim());
break;
default:
}
}
}
request.setAttribute("roles", roleMap);
}
request.setAttribute("ldapEnabled", isLdapEnabled());
request.setAttribute("activeStudy", activeStudy);
if (!fp.isSubmitted() || changeRoles) {
String[] textFields = { INPUT_USER_SOURCE, INPUT_USERNAME, INPUT_FIRST_NAME, INPUT_LAST_NAME, INPUT_EMAIL, INPUT_INSTITUTION, INPUT_DISPLAY_PWD };
fp.setCurrentStringValuesAsPreset(textFields);
String[] ddlbFields = { INPUT_STUDY, INPUT_ROLE, INPUT_TYPE, INPUT_RUN_WEBSERVICES };
fp.setCurrentIntValuesAsPreset(ddlbFields);
HashMap presetValues = fp.getPresetValues();
// Mantis Issue 6058.
String sendPwd = SQLInitServlet.getField("user_account_notification");
fp.addPresetValue(USER_ACCOUNT_NOTIFICATION, sendPwd);
//
setPresetValues(presetValues);
forwardPage(Page.CREATE_ACCOUNT);
} else {
UserAccountDAO udao = new UserAccountDAO(sm.getDataSource());
Validator v = new Validator(request);
// username must not be blank,
// must be in the format specified by Validator.USERNAME,
// and must be unique
v.addValidation(INPUT_USERNAME, Validator.NO_BLANKS);
v.addValidation(INPUT_USERNAME, Validator.LENGTH_NUMERIC_COMPARISON, NumericComparisonOperator.LESS_THAN_OR_EQUAL_TO, 64);
v.addValidation(INPUT_USERNAME, Validator.IS_A_USERNAME);
v.addValidation(INPUT_USERNAME, Validator.USERNAME_UNIQUE, udao);
v.addValidation(INPUT_FIRST_NAME, Validator.NO_BLANKS);
v.addValidation(INPUT_LAST_NAME, Validator.NO_BLANKS);
v.addValidation(INPUT_FIRST_NAME, Validator.LENGTH_NUMERIC_COMPARISON, NumericComparisonOperator.LESS_THAN_OR_EQUAL_TO, 50);
v.addValidation(INPUT_LAST_NAME, Validator.LENGTH_NUMERIC_COMPARISON, NumericComparisonOperator.LESS_THAN_OR_EQUAL_TO, 50);
v.addValidation(INPUT_EMAIL, Validator.NO_BLANKS);
v.addValidation(INPUT_EMAIL, Validator.LENGTH_NUMERIC_COMPARISON, NumericComparisonOperator.LESS_THAN_OR_EQUAL_TO, 120);
v.addValidation(INPUT_EMAIL, Validator.IS_A_EMAIL);
v.addValidation(INPUT_INSTITUTION, Validator.NO_BLANKS);
v.addValidation(INPUT_INSTITUTION, Validator.LENGTH_NUMERIC_COMPARISON, NumericComparisonOperator.LESS_THAN_OR_EQUAL_TO, 255);
v.addValidation(INPUT_STUDY, Validator.ENTITY_EXISTS, sdao);
v.addValidation(INPUT_ROLE, Validator.IS_VALID_TERM, TermType.ROLE);
HashMap errors = v.validate();
if (errors.isEmpty()) {
UserAccountBean createdUserAccountBean = new UserAccountBean();
createdUserAccountBean.setName(fp.getString(INPUT_USERNAME));
createdUserAccountBean.setFirstName(fp.getString(INPUT_FIRST_NAME));
createdUserAccountBean.setLastName(fp.getString(INPUT_LAST_NAME));
createdUserAccountBean.setEmail(fp.getString(INPUT_EMAIL));
createdUserAccountBean.setInstitutionalAffiliation(fp.getString(INPUT_INSTITUTION));
boolean isLdap = fp.getString(INPUT_USER_SOURCE).equals("ldap");
String password = null;
String passwordHash = UserAccountBean.LDAP_PASSWORD;
if (!isLdap) {
SecurityManager secm = (SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager");
password = secm.genPassword();
passwordHash = secm.encrytPassword(password, getUserDetails());
}
createdUserAccountBean.setPasswd(passwordHash);
createdUserAccountBean.setPasswdTimestamp(null);
createdUserAccountBean.setLastVisitDate(null);
createdUserAccountBean.setStatus(Status.AVAILABLE);
createdUserAccountBean.setPasswdChallengeQuestion("");
createdUserAccountBean.setPasswdChallengeAnswer("");
createdUserAccountBean.setPhone("");
createdUserAccountBean.setOwner(ub);
createdUserAccountBean.setRunWebservices(fp.getBoolean(INPUT_RUN_WEBSERVICES));
createdUserAccountBean.setAccessCode("null");
createdUserAccountBean.setEnableApiKey(true);
String apiKey = null;
do {
apiKey = getRandom32ChApiKey();
} while (isApiKeyExist(apiKey));
createdUserAccountBean.setApiKey(apiKey);
int studyId = fp.getInt(INPUT_STUDY);
Role r = Role.get(fp.getInt(INPUT_ROLE));
createdUserAccountBean = addActiveStudyRole(createdUserAccountBean, studyId, r);
UserType type = UserType.get(fp.getInt("type"));
logger.debug("*** found type: " + fp.getInt("type"));
logger.debug("*** setting type: " + type.getDescription());
createdUserAccountBean.addUserType(type);
createdUserAccountBean = (UserAccountBean) udao.create(createdUserAccountBean);
AuthoritiesDao authoritiesDao = (AuthoritiesDao) SpringServletAccess.getApplicationContext(context).getBean("authoritiesDao");
authoritiesDao.saveOrUpdate(new AuthoritiesBean(createdUserAccountBean.getName()));
String displayPwd = fp.getString(INPUT_DISPLAY_PWD);
if (createdUserAccountBean.isActive()) {
addPageMessage(respage.getString("the_user_account") + "\"" + createdUserAccountBean.getName() + "\"" + respage.getString("was_created_succesfully"));
if (!isLdap) {
if ("no".equalsIgnoreCase(displayPwd)) {
try {
sendNewAccountEmail(createdUserAccountBean, password);
} catch (Exception e) {
addPageMessage(respage.getString("there_was_an_error_sending_account_creating_mail"));
}
} else {
addPageMessage(respage.getString("user_password") + ":<br/>" + password + "<br/> " + respage.getString("please_write_down_the_password_and_provide"));
}
}
} else {
addPageMessage(respage.getString("the_user_account") + "\"" + createdUserAccountBean.getName() + "\"" + respage.getString("could_not_created_due_database_error"));
}
if (createdUserAccountBean.isActive()) {
request.setAttribute(ViewUserAccountServlet.ARG_USER_ID, new Integer(createdUserAccountBean.getId()).toString());
forwardPage(Page.VIEW_USER_ACCOUNT_SERVLET);
} else {
forwardPage(Page.LIST_USER_ACCOUNTS_SERVLET);
}
} else {
String[] textFields = { INPUT_USERNAME, INPUT_FIRST_NAME, INPUT_LAST_NAME, INPUT_EMAIL, INPUT_INSTITUTION, INPUT_DISPLAY_PWD, INPUT_USER_SOURCE };
fp.setCurrentStringValuesAsPreset(textFields);
String[] ddlbFields = { INPUT_STUDY, INPUT_ROLE, INPUT_TYPE, INPUT_RUN_WEBSERVICES };
fp.setCurrentIntValuesAsPreset(ddlbFields);
HashMap presetValues = fp.getPresetValues();
setPresetValues(presetValues);
setInputMessages(errors);
addPageMessage(respage.getString("there_were_some_errors_submission") + respage.getString("see_below_for_details"));
forwardPage(Page.CREATE_ACCOUNT);
}
}
}
Also used :
AuthoritiesBean(org.akaza.openclinica.domain.user.AuthoritiesBean)
SecurityManager(org.akaza.openclinica.core.SecurityManager)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
ArrayList(java.util.ArrayList)
LinkedHashMap(java.util.LinkedHashMap)
Iterator(java.util.Iterator)
UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean)
AuthoritiesDao(org.akaza.openclinica.dao.hibernate.AuthoritiesDao)
StudyDAO(org.akaza.openclinica.dao.managestudy.StudyDAO)
FormProcessor(org.akaza.openclinica.control.form.FormProcessor)
StudyBean(org.akaza.openclinica.bean.managestudy.StudyBean)
UserAccountDAO(org.akaza.openclinica.dao.login.UserAccountDAO)
InsufficientPermissionException(org.akaza.openclinica.web.InsufficientPermissionException)
Role(org.akaza.openclinica.bean.core.Role)
ResourceBundle(java.util.ResourceBundle)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
Map(java.util.Map)
UserType(org.akaza.openclinica.bean.core.UserType)
Validator(org.akaza.openclinica.control.form.Validator)
Example 90 with UserAccountBean
use of org.akaza.openclinica.bean.login.UserAccountBean in project OpenClinica by OpenClinica.
the class DeleteStudyUserRoleServlet method processRequest.
@Override
protected void processRequest() throws Exception {
UserAccountDAO udao = new UserAccountDAO(sm.getDataSource());
FormProcessor fp = new FormProcessor(request);
int studyId = fp.getInt(ARG_STUDYID);
String uName = fp.getString(ARG_USERNAME);
UserAccountBean user = (UserAccountBean) udao.findByUserName(uName);
int action = fp.getInt(ARG_ACTION);
StudyUserRoleBean s = udao.findRoleByUserNameAndStudyId(uName, studyId);
String message;
if (!s.isActive()) {
message = respage.getString("the_specified_user_role_not_exits_for_study");
} else if (!EntityAction.contains(action)) {
message = respage.getString("the_specified_action_is_invalid");
} else if (!EntityAction.get(action).equals(EntityAction.DELETE) && !EntityAction.get(action).equals(EntityAction.RESTORE)) {
message = respage.getString("the_specified_action_is_not_allowed");
} else if (EntityAction.get(action).equals(EntityAction.RESTORE) && user.getStatus().equals(Status.DELETED)) {
message = respage.getString("the_role_cannot_be_restored_since_user_deleted");
} else {
EntityAction desiredAction = EntityAction.get(action);
if (desiredAction.equals(EntityAction.DELETE)) {
s.setStatus(Status.DELETED);
message = respage.getString("the_study_user_role_deleted");
} else {
s.setStatus(Status.AVAILABLE);
message = respage.getString("the_study_user_role_restored");
}
s.setUpdater(ub);
udao.updateStudyUserRole(s, uName);
}
addPageMessage(message);
forwardPage(Page.LIST_USER_ACCOUNTS_SERVLET);
}
Also used :
EntityAction(org.akaza.openclinica.bean.core.EntityAction)
FormProcessor(org.akaza.openclinica.control.form.FormProcessor)
StudyUserRoleBean(org.akaza.openclinica.bean.login.StudyUserRoleBean)
UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean)
UserAccountDAO(org.akaza.openclinica.dao.login.UserAccountDAO)
Aggregations
UserAccountBean (org.akaza.openclinica.bean.login.UserAccountBean)152
UserAccountDAO (org.akaza.openclinica.dao.login.UserAccountDAO)64
StudyBean (org.akaza.openclinica.bean.managestudy.StudyBean)56
ArrayList (java.util.ArrayList)52
HashMap (java.util.HashMap)38
StudyDAO (org.akaza.openclinica.dao.managestudy.StudyDAO)36
StudyUserRoleBean (org.akaza.openclinica.bean.login.StudyUserRoleBean)35
Date (java.util.Date)32
FormProcessor (org.akaza.openclinica.control.form.FormProcessor)32
Locale (java.util.Locale)30
StudySubjectBean (org.akaza.openclinica.bean.managestudy.StudySubjectBean)18
Iterator (java.util.Iterator)16
InsufficientPermissionException (org.akaza.openclinica.web.InsufficientPermissionException)16
ResponseEntity (org.springframework.http.ResponseEntity)16
EventCRFBean (org.akaza.openclinica.bean.submit.EventCRFBean)15
Validator (org.akaza.openclinica.control.form.Validator)12
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)12
Role (org.akaza.openclinica.bean.core.Role)11
DiscrepancyNoteBean (org.akaza.openclinica.bean.managestudy.DiscrepancyNoteBean)10
StudyEventBean (org.akaza.openclinica.bean.managestudy.StudyEventBean)10
