Search in sources :

Example 1 with SecurityManager

use of org.akaza.openclinica.core.SecurityManager in project OpenClinica by OpenClinica.

the class ResetPasswordServlet method processRequest.

/**
 * Tasks include:
 * <ol>
 * <li>Validation:
 * <ol>
 * <li>1. old password match database record
 * <li>2. new password is follows requirements
 * <li>4. two times entered passwords are same
 * <li>5. all required fields are filled
 * </ol>
 * <li>Update ub - UserAccountBean - in session and database
 * </ol>
 */
@Override
public void processRequest() throws Exception {
    logger.info("Change expired password");
    UserAccountDAO udao = new UserAccountDAO(sm.getDataSource());
    Validator v = new Validator(request);
    errors.clear();
    FormProcessor fp = new FormProcessor(request);
    String mustChangePwd = request.getParameter("mustChangePwd");
    String newPwd = fp.getString("passwd").trim();
    String passwdChallengeQ = fp.getString("passwdChallengeQ");
    String passwdChallengeA = fp.getString("passwdChallengeA");
    if ("yes".equalsIgnoreCase(mustChangePwd)) {
        addPageMessage(respage.getString("your_password_has_expired_must_change"));
    } else {
        addPageMessage(respage.getString("password_expired") + " " + respage.getString("if_you_do_not_want_change_leave_blank"));
    }
    request.setAttribute("mustChangePass", mustChangePwd);
    String oldPwd = fp.getString("oldPasswd").trim();
    // user bean from web
    UserAccountBean ubForm = new UserAccountBean();
    // form
    ubForm.setPasswd(oldPwd);
    ubForm.setPasswdChallengeQuestion(passwdChallengeQ);
    ubForm.setPasswdChallengeAnswer(passwdChallengeA);
    request.setAttribute("userBean1", ubForm);
    SecurityManager sm = ((SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager"));
    if (!sm.isPasswordValid(ub.getPasswd(), oldPwd, getUserDetails())) {
        Validator.addError(errors, "oldPasswd", resexception.getString("wrong_old_password"));
        request.setAttribute("formMessages", errors);
        forwardPage(Page.RESET_PASSWORD);
    } else {
        if (mustChangePwd.equalsIgnoreCase("yes")) {
            v.addValidation("passwd", Validator.NO_BLANKS);
            v.addValidation("passwd1", Validator.NO_BLANKS);
            v.addValidation("passwdChallengeQ", Validator.NO_BLANKS);
            v.addValidation("passwdChallengeA", Validator.NO_BLANKS);
            v.addValidation("passwd", Validator.CHECK_DIFFERENT, "oldPasswd");
        }
        String newDigestPass = sm.encrytPassword(newPwd, getUserDetails());
        List<String> pwdErrors = new ArrayList<String>();
        if (!StringUtils.isEmpty(newPwd)) {
            v.addValidation("passwd", Validator.IS_A_PASSWORD);
            v.addValidation("passwd1", Validator.CHECK_SAME, "passwd");
            ConfigurationDao configurationDao = SpringServletAccess.getApplicationContext(context).getBean(ConfigurationDao.class);
            PasswordRequirementsDao passwordRequirementsDao = new PasswordRequirementsDao(configurationDao);
            Locale locale = LocaleResolver.getLocale(request);
            ResourceBundle resexception = ResourceBundleProvider.getExceptionsBundle(locale);
            pwdErrors = PasswordValidator.validatePassword(passwordRequirementsDao, udao, ub.getId(), newPwd, newDigestPass, resexception);
        }
        errors = v.validate();
        for (String err : pwdErrors) {
            v.addError(errors, "passwd", err);
        }
        if (!errors.isEmpty()) {
            logger.info("ResetPassword page has validation errors");
            request.setAttribute("formMessages", errors);
            forwardPage(Page.RESET_PASSWORD);
        } else {
            logger.info("ResetPassword page has no errors");
            if (!StringUtils.isBlank(newPwd)) {
                ub.setPasswd(newDigestPass);
                ub.setPasswdTimestamp(new Date());
            } else if ("no".equalsIgnoreCase(mustChangePwd)) {
                ub.setPasswdTimestamp(new Date());
            }
            ub.setOwner(ub);
            // when update ub, updator id is required
            ub.setUpdater(ub);
            ub.setPasswdChallengeQuestion(passwdChallengeQ);
            ub.setPasswdChallengeAnswer(passwdChallengeA);
            udao.update(ub);
            ArrayList<String> pageMessages = new ArrayList<String>();
            request.setAttribute(PAGE_MESSAGE, pageMessages);
            addPageMessage(respage.getString("your_expired_password_reset_successfully"));
            ub.incNumVisitsToMainMenu();
            forwardPage(Page.MENU_SERVLET);
        }
    }
}
Also used : Locale(java.util.Locale) ConfigurationDao(org.akaza.openclinica.dao.hibernate.ConfigurationDao) SecurityManager(org.akaza.openclinica.core.SecurityManager) FormProcessor(org.akaza.openclinica.control.form.FormProcessor) ArrayList(java.util.ArrayList) UserAccountDAO(org.akaza.openclinica.dao.login.UserAccountDAO) Date(java.util.Date) UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean) ResourceBundle(java.util.ResourceBundle) PasswordRequirementsDao(org.akaza.openclinica.dao.hibernate.PasswordRequirementsDao) Validator(org.akaza.openclinica.control.form.Validator)

Example 2 with SecurityManager

use of org.akaza.openclinica.core.SecurityManager in project OpenClinica by OpenClinica.

the class DeleteUserServlet method processRequest.

@Override
protected void processRequest() throws Exception {
    UserAccountDAO udao = new UserAccountDAO(sm.getDataSource());
    FormProcessor fp = new FormProcessor(request);
    int userId = fp.getInt(ARG_USERID);
    int action = fp.getInt(ARG_ACTION);
    UserAccountBean u = (UserAccountBean) udao.findByPK(userId);
    techAdminProtect(u);
    String message;
    if (!u.isActive()) {
        message = respage.getString("the_specified_user_not_exits");
    } else if (!EntityAction.contains(action)) {
        message = respage.getString("the_specified_action_on_the_user_is_invalid");
    } else if (!EntityAction.get(action).equals(EntityAction.DELETE) && !EntityAction.get(action).equals(EntityAction.RESTORE)) {
        message = respage.getString("the_specified_action_is_not_allowed");
    } else {
        EntityAction desiredAction = EntityAction.get(action);
        u.setUpdater(ub);
        if (desiredAction.equals(EntityAction.DELETE)) {
            udao.delete(u);
            if (udao.isQuerySuccessful()) {
                message = respage.getString("the_user_has_been_removed_successfully");
            // YW 07-31-2007 << for feature that deletion doesn't need
            // email the deleted user.
            /*
                     * //YW 07-26-2007 << catch exception (eg. timeout) and
                     * inform users. try { sendDeleteEmail(u); } catch
                     * (Exception e) { message += " However, there has been an
                     * error sending the user an email regarding this
                     * deletion."; }
                     */
            // YW >>
            } else {
                message = respage.getString("the_user_could_not_be_deleted_due_database_error");
            }
        } else {
            SecurityManager sm = (SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager");
            String password = sm.genPassword();
            String passwordHash = sm.encrytPassword(password, getUserDetails());
            if (!u.isLdapUser()) {
                u.setPasswd(passwordHash);
                u.setPasswdTimestamp(null);
            }
            udao.restore(u);
            if (udao.isQuerySuccessful()) {
                message = respage.getString("the_user_has_been_restored");
                try {
                    if (!u.isLdapUser()) {
                        sendRestoreEmail(u, password);
                    }
                } catch (Exception e) {
                    message += respage.getString("however_was_error_sending_user_email_regarding");
                }
            } else {
                message = respage.getString("the_user_could_not_be_deleted_due_database_error");
            }
        }
    }
    addPageMessage(message);
    forwardPage(Page.LIST_USER_ACCOUNTS_SERVLET);
}
Also used : EntityAction(org.akaza.openclinica.bean.core.EntityAction) SecurityManager(org.akaza.openclinica.core.SecurityManager) FormProcessor(org.akaza.openclinica.control.form.FormProcessor) UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean) UserAccountDAO(org.akaza.openclinica.dao.login.UserAccountDAO) InsufficientPermissionException(org.akaza.openclinica.web.InsufficientPermissionException)

Example 3 with SecurityManager

use of org.akaza.openclinica.core.SecurityManager in project OpenClinica by OpenClinica.

the class SignStudySubjectServlet method processRequest.

@Override
public void processRequest() throws Exception {
    SubjectDAO sdao = new SubjectDAO(sm.getDataSource());
    StudySubjectDAO subdao = new StudySubjectDAO(sm.getDataSource());
    FormProcessor fp = new FormProcessor(request);
    String action = fp.getString("action");
    // studySubjectId
    int studySubId = fp.getInt("id", true);
    String module = fp.getString(MODULE);
    request.setAttribute(MODULE, module);
    if (studySubId == 0) {
        addPageMessage(respage.getString("please_choose_a_subject_to_view"));
        forwardPage(Page.LIST_STUDY_SUBJECTS);
        return;
    }
    StudySubjectBean studySub = (StudySubjectBean) subdao.findByPK(studySubId);
    if (!permitSign(studySub, sm.getDataSource())) {
        addPageMessage(respage.getString("subject_event_cannot_signed"));
        // forwardPage(Page.SUBMIT_DATA_SERVLET);
        forwardPage(Page.LIST_STUDY_SUBJECTS_SERVLET);
        // >> changed tbh, 06/2009
        return;
    }
    if (action.equalsIgnoreCase("confirm")) {
        String username = request.getParameter("j_user");
        String password = request.getParameter("j_pass");
        SecurityManager securityManager = ((SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager"));
        // String encodedUserPass =
        // org.akaza.openclinica.core.SecurityManager
        // .getInstance().encrytPassword(password);
        UserAccountBean ub = (UserAccountBean) session.getAttribute("userBean");
        if (securityManager.verifyPassword(password, getUserDetails()) && ub.getName().equals(username)) {
            if (signSubjectEvents(studySub, sm.getDataSource(), ub)) {
                // Making the StudySubject signed as all the events have
                // become signed.
                studySub.setStatus(Status.SIGNED);
                studySub.setUpdater(ub);
                subdao.update(studySub);
                addPageMessage(respage.getString("subject_event_signed"));
                // forwardPage(Page.SUBMIT_DATA_SERVLET);
                forwardPage(Page.LIST_STUDY_SUBJECTS_SERVLET);
                // >> changed tbh, 06/2009
                return;
            } else {
                addPageMessage(respage.getString("errors_in_submission_see_below"));
                forwardPage(Page.LIST_STUDY_SUBJECTS);
                return;
            }
        } else {
            request.setAttribute("id", new Integer(studySubId).toString());
            addPageMessage(restext.getString("password_match"));
            forwardPage(Page.LIST_STUDY_SUBJECTS);
            return;
        }
    }
    request.setAttribute("studySub", studySub);
    int studyId = studySub.getStudyId();
    int subjectId = studySub.getSubjectId();
    SubjectBean subject = (SubjectBean) sdao.findByPK(subjectId);
    if (currentStudy.getStudyParameterConfig().getCollectDob().equals("2")) {
        Date dob = subject.getDateOfBirth();
        if (dob != null) {
            Calendar cal = Calendar.getInstance();
            cal.setTime(dob);
            int year = cal.get(Calendar.YEAR);
            request.setAttribute("yearOfBirth", new Integer(year));
        } else {
            request.setAttribute("yearOfBirth", "");
        }
    }
    request.setAttribute("subject", subject);
    StudyDAO studydao = new StudyDAO(sm.getDataSource());
    StudyBean study = (StudyBean) studydao.findByPK(studyId);
    StudyParameterValueDAO spvdao = new StudyParameterValueDAO(sm.getDataSource());
    study.getStudyParameterConfig().setCollectDob(spvdao.findByHandleAndStudy(studyId, "collectDob").getValue());
    if (study.getParentStudyId() > 0) {
        // this is a site,find parent
        StudyBean parentStudy = (StudyBean) studydao.findByPK(study.getParentStudyId());
        request.setAttribute("parentStudy", parentStudy);
    } else {
        request.setAttribute("parentStudy", new StudyBean());
    }
    ArrayList children = (ArrayList) sdao.findAllChildrenByPK(subjectId);
    request.setAttribute("children", children);
    // find study events
    StudyEventDAO sedao = new StudyEventDAO(sm.getDataSource());
    StudyEventDefinitionDAO seddao = new StudyEventDefinitionDAO(sm.getDataSource());
    EventDefinitionCRFDAO edcdao = new EventDefinitionCRFDAO(sm.getDataSource());
    // find all eventcrfs for each event
    EventCRFDAO ecdao = new EventCRFDAO(sm.getDataSource());
    ArrayList<DisplayStudyEventBean> displayEvents = getDisplayStudyEventsForStudySubject(study, studySub, sm.getDataSource(), ub, currentRole);
    DiscrepancyNoteUtil discNoteUtil = new DiscrepancyNoteUtil();
    // Don't filter for now; disc note beans are returned with eventCRFId
    // set
    discNoteUtil.injectParentDiscNotesIntoDisplayStudyEvents(displayEvents, new HashSet(), sm.getDataSource(), 0);
    // All the displaystudyevents for one subject
    request.setAttribute("displayStudyEvents", displayEvents);
    // Set up a Map for the JSP view, mapping the eventCRFId to another Map:
    // the
    // inner Map maps the resolution status name to the number of notes for
    // that
    // eventCRF id, as in New --> 2
    Map discNoteByEventCRFid = discNoteUtil.createDiscNoteMapByEventCRF(displayEvents);
    request.setAttribute("discNoteByEventCRFid", discNoteByEventCRFid);
    EntityBeanTable table = fp.getEntityBeanTable();
    // sort by start date,
    table.setSortingIfNotExplicitlySet(1, false);
    // desc
    ArrayList allEventRows = DisplayStudyEventRow.generateRowsFromBeans(displayEvents);
    String[] columns = { resword.getString("event") + " (" + resword.getString("occurrence_number") + ")", resword.getString("start_date1"), resword.getString("location"), resword.getString("status"), resword.getString("actions"), resword.getString("CRFs_atrib") };
    table.setColumns(new ArrayList(Arrays.asList(columns)));
    table.hideColumnLink(4);
    table.hideColumnLink(5);
    if (!"removed".equalsIgnoreCase(studySub.getStatus().getName()) && !"auto-removed".equalsIgnoreCase(studySub.getStatus().getName())) {
        table.addLink(resword.getString("add_new_event"), "CreateNewStudyEvent?" + CreateNewStudyEventServlet.INPUT_STUDY_SUBJECT_ID_FROM_VIEWSUBJECT + "=" + studySub.getId());
    }
    HashMap args = new HashMap();
    args.put("id", new Integer(studySubId).toString());
    table.setQuery("ViewStudySubject", args);
    table.setRows(allEventRows);
    table.computeDisplay();
    request.setAttribute("table", table);
    SubjectGroupMapDAO sgmdao = new SubjectGroupMapDAO(sm.getDataSource());
    ArrayList groupMaps = (ArrayList) sgmdao.findAllByStudySubject(studySubId);
    request.setAttribute("groups", groupMaps);
    AuditEventDAO aedao = new AuditEventDAO(sm.getDataSource());
    ArrayList logs = aedao.findEventStatusLogByStudySubject(studySubId);
    UserAccountDAO udao = new UserAccountDAO(sm.getDataSource());
    ArrayList eventLogs = new ArrayList();
    for (int i = 0; i < logs.size(); i++) {
        AuditEventBean avb = (AuditEventBean) logs.get(i);
        StudyEventAuditBean sea = new StudyEventAuditBean();
        sea.setAuditEvent(avb);
        StudyEventBean se = (StudyEventBean) sedao.findByPK(avb.getEntityId());
        StudyEventDefinitionBean sed = (StudyEventDefinitionBean) seddao.findByPK(se.getStudyEventDefinitionId());
        sea.setDefinition(sed);
        String old = avb.getOldValue().trim();
        try {
            if (!StringUtil.isBlank(old)) {
                SubjectEventStatus oldStatus = SubjectEventStatus.get(new Integer(old).intValue());
                sea.setOldSubjectEventStatus(oldStatus);
            }
            String newValue = avb.getNewValue().trim();
            if (!StringUtil.isBlank(newValue)) {
                SubjectEventStatus newStatus = SubjectEventStatus.get(new Integer(newValue).intValue());
                sea.setNewSubjectEventStatus(newStatus);
            }
        } catch (NumberFormatException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        // logger.warning("^^^ caught NFE");
        }
        UserAccountBean updater = (UserAccountBean) udao.findByPK(avb.getUserId());
        sea.setUpdater(updater);
        eventLogs.add(sea);
    }
    // logger.warning("^^^ finished iteration");
    request.setAttribute("eventLogs", eventLogs);
    forwardPage(Page.SIGN_STUDY_SUBJECT);
}
Also used : SecurityManager(org.akaza.openclinica.core.SecurityManager) HashMap(java.util.HashMap) StudySubjectDAO(org.akaza.openclinica.dao.managestudy.StudySubjectDAO) SubjectDAO(org.akaza.openclinica.dao.submit.SubjectDAO) EntityBeanTable(org.akaza.openclinica.web.bean.EntityBeanTable) ArrayList(java.util.ArrayList) StudyEventDefinitionBean(org.akaza.openclinica.bean.managestudy.StudyEventDefinitionBean) StudyEventBean(org.akaza.openclinica.bean.managestudy.StudyEventBean) DisplayStudyEventBean(org.akaza.openclinica.bean.managestudy.DisplayStudyEventBean) SubjectEventStatus(org.akaza.openclinica.bean.core.SubjectEventStatus) StudyEventDAO(org.akaza.openclinica.dao.managestudy.StudyEventDAO) UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean) DiscrepancyNoteUtil(org.akaza.openclinica.service.DiscrepancyNoteUtil) AuditEventBean(org.akaza.openclinica.bean.admin.AuditEventBean) StudyEventAuditBean(org.akaza.openclinica.bean.admin.StudyEventAuditBean) StudyDAO(org.akaza.openclinica.dao.managestudy.StudyDAO) EventCRFDAO(org.akaza.openclinica.dao.submit.EventCRFDAO) HashSet(java.util.HashSet) SubjectGroupMapDAO(org.akaza.openclinica.dao.submit.SubjectGroupMapDAO) FormProcessor(org.akaza.openclinica.control.form.FormProcessor) Calendar(java.util.Calendar) StudyBean(org.akaza.openclinica.bean.managestudy.StudyBean) AuditEventDAO(org.akaza.openclinica.dao.admin.AuditEventDAO) EventDefinitionCRFDAO(org.akaza.openclinica.dao.managestudy.EventDefinitionCRFDAO) StudySubjectDAO(org.akaza.openclinica.dao.managestudy.StudySubjectDAO) UserAccountDAO(org.akaza.openclinica.dao.login.UserAccountDAO) Date(java.util.Date) SubjectBean(org.akaza.openclinica.bean.submit.SubjectBean) StudySubjectBean(org.akaza.openclinica.bean.managestudy.StudySubjectBean) DisplayStudyEventBean(org.akaza.openclinica.bean.managestudy.DisplayStudyEventBean) StudySubjectBean(org.akaza.openclinica.bean.managestudy.StudySubjectBean) StudyEventDefinitionDAO(org.akaza.openclinica.dao.managestudy.StudyEventDefinitionDAO) StudyParameterValueDAO(org.akaza.openclinica.dao.service.StudyParameterValueDAO) Map(java.util.Map) HashMap(java.util.HashMap)

Example 4 with SecurityManager

use of org.akaza.openclinica.core.SecurityManager in project OpenClinica by OpenClinica.

the class RequestPasswordServlet method confirmPassword.

/**
 * @param request
 * @param response
 */
private void confirmPassword() throws Exception {
    Validator v = new Validator(request);
    FormProcessor fp = new FormProcessor(request);
    v.addValidation("name", Validator.NO_BLANKS);
    v.addValidation("email", Validator.IS_A_EMAIL);
    v.addValidation("passwdChallengeQuestion", Validator.NO_BLANKS);
    v.addValidation("passwdChallengeAnswer", Validator.NO_BLANKS);
    errors = v.validate();
    // user bean from web
    UserAccountBean ubForm = new UserAccountBean();
    // form
    ubForm.setName(fp.getString("name"));
    ubForm.setEmail(fp.getString("email"));
    ubForm.setPasswdChallengeQuestion(fp.getString("passwdChallengeQuestion"));
    ubForm.setPasswdChallengeAnswer(fp.getString("passwdChallengeAnswer"));
    sm = new SessionManager(null, ubForm.getName(), SpringServletAccess.getApplicationContext(context));
    UserAccountDAO uDAO = new UserAccountDAO(sm.getDataSource());
    // see whether this user in the DB
    UserAccountBean ubDB = (UserAccountBean) uDAO.findByUserName(ubForm.getName());
    UserAccountBean updater = ubDB;
    request.setAttribute("userBean1", ubForm);
    if (!errors.isEmpty()) {
        logger.info("after processing form,has errors");
        request.setAttribute("formMessages", errors);
        forwardPage(Page.REQUEST_PWD);
    } else {
        logger.info("after processing form,no errors");
        // whether this user's email is in the DB
        if (ubDB.getEmail() != null && ubDB.getEmail().equalsIgnoreCase(ubForm.getEmail())) {
            logger.info("ubDB.getPasswdChallengeQuestion()" + ubDB.getPasswdChallengeQuestion());
            logger.info("ubForm.getPasswdChallengeQuestion()" + ubForm.getPasswdChallengeQuestion());
            logger.info("ubDB.getPasswdChallengeAnswer()" + ubDB.getPasswdChallengeAnswer());
            logger.info("ubForm.getPasswdChallengeAnswer()" + ubForm.getPasswdChallengeAnswer());
            // if this user's password challenge can be verified
            if (ubDB.getPasswdChallengeQuestion().equals(ubForm.getPasswdChallengeQuestion()) && ubDB.getPasswdChallengeAnswer().equalsIgnoreCase(ubForm.getPasswdChallengeAnswer())) {
                SecurityManager sm = ((SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager"));
                String newPass = sm.genPassword();
                OpenClinicaJdbcService ocService = ((OpenClinicaJdbcService) SpringServletAccess.getApplicationContext(context).getBean("ocUserDetailsService"));
                String newDigestPass = sm.encrytPassword(newPass, ocService.loadUserByUsername(ubForm.getName()));
                ubDB.setPasswd(newDigestPass);
                // passwdtimestamp should be null ,fix
                // PrepareStatementFactory
                Calendar cal = Calendar.getInstance();
                // Date date = local_df.parse("01/01/1900");
                // cal.setTime(date);
                // ubDB.setPasswdTimestamp(cal.getTime());
                ubDB.setPasswdTimestamp(null);
                ubDB.setUpdater(updater);
                ubDB.setLastVisitDate(new Date());
                logger.info("user bean to be updated:" + ubDB.getId() + ubDB.getName() + ubDB.getActiveStudyId());
                uDAO.update(ubDB);
                sendPassword(newPass, ubDB);
            } else {
                addPageMessage(respage.getString("your_password_not_verified_try_again"));
                forwardPage(Page.REQUEST_PWD);
            }
        } else {
            addPageMessage(respage.getString("your_email_address_not_found_try_again"));
            forwardPage(Page.REQUEST_PWD);
        }
    }
}
Also used : SecurityManager(org.akaza.openclinica.core.SecurityManager) FormProcessor(org.akaza.openclinica.control.form.FormProcessor) SessionManager(org.akaza.openclinica.core.SessionManager) Calendar(java.util.Calendar) UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean) UserAccountDAO(org.akaza.openclinica.dao.login.UserAccountDAO) Validator(org.akaza.openclinica.control.form.Validator) OpenClinicaJdbcService(org.akaza.openclinica.web.filter.OpenClinicaJdbcService) Date(java.util.Date)

Example 5 with SecurityManager

use of org.akaza.openclinica.core.SecurityManager in project OpenClinica by OpenClinica.

the class UpdateStudyEventServlet method processRequest.

@Override
public void processRequest() throws Exception {
    FormDiscrepancyNotes discNotes = null;
    FormProcessor fp = new FormProcessor(request);
    int studyEventId = fp.getInt(EVENT_ID, true);
    int studySubjectId = fp.getInt(STUDY_SUBJECT_ID, true);
    String module = fp.getString(MODULE);
    request.setAttribute(MODULE, module);
    String fromResolvingNotes = fp.getString("fromResolvingNotes", true);
    if (StringUtil.isBlank(fromResolvingNotes)) {
        session.removeAttribute(ViewNotesServlet.WIN_LOCATION);
        session.removeAttribute(ViewNotesServlet.NOTES_TABLE);
        checkStudyLocked(Page.MANAGE_STUDY, respage.getString("current_study_locked"));
        checkStudyFrozen(Page.MANAGE_STUDY, respage.getString("current_study_frozen"));
    }
    if (studyEventId == 0 || studySubjectId == 0) {
        addPageMessage(respage.getString("choose_a_study_event_to_edit"));
        request.setAttribute("id", new Integer(studySubjectId).toString());
        forwardPage(Page.VIEW_STUDY_SUBJECT_SERVLET);
        return;
    }
    StudySubjectDAO ssdao = new StudySubjectDAO(sm.getDataSource());
    StudySubjectBean ssub = null;
    if (studySubjectId > 0) {
        ssub = (StudySubjectBean) ssdao.findByPK(studySubjectId);
        request.setAttribute("studySubject", ssub);
        // for the workflow
        request.setAttribute("id", studySubjectId + "");
    // box, so it can
    // link back to view
    // study subject
    }
    // YW 11-07-2007, a study event could not be updated if its study
    // subject has been removed
    // Status s = ((StudySubjectBean)new
    // StudySubjectDAO(sm.getDataSource()).findByPK(studySubjectId)).getStatus();
    Status s = ssub.getStatus();
    if ("removed".equalsIgnoreCase(s.getName()) || "auto-removed".equalsIgnoreCase(s.getName())) {
        addPageMessage(resword.getString("study_event") + resterm.getString("could_not_be") + resterm.getString("updated") + "." + respage.getString("study_subject_has_been_deleted"));
        request.setAttribute("id", new Integer(studySubjectId).toString());
        forwardPage(Page.VIEW_STUDY_SUBJECT_SERVLET);
    }
    // YW
    request.setAttribute(STUDY_SUBJECT_ID, new Integer(studySubjectId).toString());
    StudyEventDAO sedao = new StudyEventDAO(sm.getDataSource());
    EventCRFDAO ecrfdao = new EventCRFDAO(sm.getDataSource());
    StudyEventBean studyEvent = (StudyEventBean) sedao.findByPK(studyEventId);
    studyEvent.setEventCRFs(ecrfdao.findAllByStudyEvent(studyEvent));
    // only owner, admins, and study director/coordinator can update
    // if (ub.getId() != studyEvent.getOwnerId()) {
    // if (!ub.isSysAdmin() &&
    // !currentRole.getRole().equals(Role.STUDYDIRECTOR)
    // && !currentRole.getRole().equals(Role.COORDINATOR)) {
    // addPageMessage(respage.getString("no_have_correct_privilege_current_study")
    // + respage.getString("change_study_contact_sysadmin"));
    // request.setAttribute("id", new Integer(studySubjectId).toString());
    // forwardPage(Page.VIEW_STUDY_SUBJECT_SERVLET);
    // return;
    // }
    // }
    // above removed tbh 11162007
    ArrayList statuses = SubjectEventStatus.toArrayList();
    // remove more statuses here, tbh, 092007
    // ### updates to status setting, below added tbh 102007
    // following pieces of logic to be added:
    /*
         * REMOVED can happen at any step, COMPLETED can happen if the Subject
         * Event is already complete, COMPLETED can also happen if all required
         * CRFs in the Subject Event are completed, LOCKED can occur when all
         * Event CRFs are completed, or not started, or removed, LOCKED/REMOVED
         * are only options, however, when the user is study director or study
         * coordinator SKIPPED/STOPPED? Additional rules spelled out on Nov 16
         * 2007: STOPPED should only be in the list of choices after IDE has
         * been started, i.e. not when SCHEDULED SKIPPED should only be in the
         * list before IDE has been started, i.e. when SCHEDULED reminder about
         * LOCKED happening only when CRFs are completed (not as in the
         * above...) if a status is LOCKED already, it should allow a user to
         * set the event back to COMPLETED
         */
    StudyDAO sdao = new StudyDAO(this.sm.getDataSource());
    StudyBean studyBean = (StudyBean) sdao.findByPK(ssub.getStudyId());
    checkRoleByUserAndStudy(ub, studyBean.getParentStudyId(), studyBean.getId());
    // To remove signed status from the list
    EventDefinitionCRFDAO edcdao = new EventDefinitionCRFDAO(sm.getDataSource());
    boolean removeSign = false;
    // DiscrepancyNoteDAO discDao = new
    // DiscrepancyNoteDAO(sm.getDataSource());
    ArrayList eventCrfs = studyEvent.getEventCRFs();
    for (int i = 0; i < eventCrfs.size(); i++) {
        EventCRFBean ecrf = (EventCRFBean) eventCrfs.get(i);
        EventDefinitionCRFBean edcBean = edcdao.findByStudyEventIdAndCRFVersionId(studyBean, studyEventId, ecrf.getCRFVersionId());
        if (ecrf.getStage().equals(DataEntryStage.INITIAL_DATA_ENTRY) || ecrf.getStage().equals(DataEntryStage.INITIAL_DATA_ENTRY_COMPLETE) && edcBean.isDoubleEntry() == true) {
            removeSign = true;
            break;
        }
    }
    if (currentRole.isResearchAssistant()) {
        removeSign = true;
    }
    if (currentRole.isResearchAssistant2()) {
        removeSign = true;
    }
    if (removeSign == true || !currentRole.isInvestigator()) {
        statuses.remove(SubjectEventStatus.SIGNED);
    }
    /*
         * if(!studyEvent.getSubjectEventStatus().equals(SubjectEventStatus.
         * DATA_ENTRY_STARTED)) {
         * statuses.remove(SubjectEventStatus.DATA_ENTRY_STARTED);
         * //statuses.remove(SubjectEventStatus.SKIPPED); // per new rule
         * 11-2007 }
         */
    if (!studyEvent.getSubjectEventStatus().equals(SubjectEventStatus.NOT_SCHEDULED)) {
        statuses.remove(SubjectEventStatus.NOT_SCHEDULED);
    }
    if (!studyEvent.getSubjectEventStatus().equals(SubjectEventStatus.SCHEDULED)) {
        // can't lock a non-completed CRF, but removed above
        statuses.remove(SubjectEventStatus.SCHEDULED);
    // statuses.remove(SubjectEventStatus.SKIPPED);
    // addl rule: skipped should only be present before data starts
    // being entered
    }
    if (studyEvent.getSubjectEventStatus().equals(SubjectEventStatus.DATA_ENTRY_STARTED)) {
        statuses.remove(SubjectEventStatus.SKIPPED);
    }
    ArrayList getECRFs = studyEvent.getEventCRFs();
    // above removed tbh 102007, require to get all definitions, no matter
    // if they are filled in or now
    EventDefinitionCRFDAO edefcrfdao = new EventDefinitionCRFDAO(sm.getDataSource());
    ArrayList getAllECRFs = (ArrayList) edefcrfdao.findAllByDefinition(studyBean, studyEvent.getStudyEventDefinitionId());
    // does the study event have all complete CRFs which are required?
    logger.debug("found number of ecrfs: " + getAllECRFs.size());
    // may not be populated, only entered crfs seem to ping the list
    for (int u = 0; u < getAllECRFs.size(); u++) {
        EventDefinitionCRFBean ecrfBean = (EventDefinitionCRFBean) getAllECRFs.get(u);
        // 
        logger.debug("found number of existing ecrfs: " + getECRFs.size());
        if (getECRFs.size() == 0) {
            statuses.remove(SubjectEventStatus.COMPLETED);
            statuses.remove(SubjectEventStatus.LOCKED);
        }
        // otherwise...
        for (int uv = 0; uv < getECRFs.size(); uv++) {
            EventCRFBean existingBean = (EventCRFBean) getECRFs.get(uv);
            logger.debug("***** found: " + existingBean.getCRFVersionId() + " " + existingBean.getCrf().getId() + " " + existingBean.getCrfVersion().getName() + " " + existingBean.getStatus().getName() + " " + existingBean.getStage().getName());
            logger.debug("***** comparing above to ecrfBean.DefaultVersionID: " + ecrfBean.getDefaultVersionId());
            // this is addressed in the if-clause above
            if (!existingBean.getStatus().equals(Status.UNAVAILABLE) && edefcrfdao.isRequiredInDefinition(existingBean.getCRFVersionId(), studyEvent)) {
                logger.debug("found that " + existingBean.getCrfVersion().getName() + " is required...");
                // that is, it's not completed but required to complete
                statuses.remove(SubjectEventStatus.COMPLETED);
                statuses.remove(SubjectEventStatus.LOCKED);
            // per new rule above 11-16-2007
            }
        // }
        }
    }
    // below added 092007, tbh, task #1390
    if (!ub.isSysAdmin() && !currentRole.getRole().equals(Role.STUDYDIRECTOR) && !currentRole.getRole().equals(Role.COORDINATOR)) {
        statuses.remove(SubjectEventStatus.LOCKED);
    }
    // scheduled
    if (studyEvent.getSubjectEventStatus().equals(SubjectEventStatus.DATA_ENTRY_STARTED)) {
        statuses.remove(SubjectEventStatus.NOT_SCHEDULED);
        statuses.remove(SubjectEventStatus.SCHEDULED);
    }
    // ### tbh, above modified 102007
    request.setAttribute("statuses", statuses);
    String action = fp.getString("action");
    StudyEventDefinitionDAO seddao = new StudyEventDefinitionDAO(sm.getDataSource());
    StudyEventDefinitionBean sed = (StudyEventDefinitionBean) seddao.findByPK(studyEvent.getStudyEventDefinitionId());
    request.setAttribute(EVENT_DEFINITION_BEAN, sed);
    if (action.equalsIgnoreCase("submit")) {
        discNotes = (FormDiscrepancyNotes) session.getAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME);
        DiscrepancyValidator v = new DiscrepancyValidator(request, discNotes);
        SubjectEventStatus ses = SubjectEventStatus.get(fp.getInt(SUBJECT_EVENT_STATUS_ID));
        studyEvent.setSubjectEventStatus(ses);
        EventCRFDAO ecdao = new EventCRFDAO(sm.getDataSource());
        ArrayList<EventCRFBean> eventCRFs = ecdao.findAllByStudyEvent(studyEvent);
        if (ses.equals(SubjectEventStatus.SKIPPED) || ses.equals(SubjectEventStatus.STOPPED)) {
            studyEvent.setStatus(Status.UNAVAILABLE);
            for (int i = 0; i < eventCRFs.size(); i++) {
                EventCRFBean ecb = eventCRFs.get(i);
                ecb.setOldStatus(ecb.getStatus());
                ecb.setStatus(Status.UNAVAILABLE);
                ecb.setUpdater(ub);
                ecb.setUpdatedDate(new Date());
                ecdao.update(ecb);
            }
        } else {
            for (int i = 0; i < eventCRFs.size(); i++) {
                EventCRFBean ecb = eventCRFs.get(i);
                ecb.setUpdater(ub);
                ecb.setUpdatedDate(new Date());
                ecdao.update(ecb);
            }
        }
        // YW 3-12-2008, 2220 fix
        String strEnd = fp.getDateTimeInputString(INPUT_ENDDATE_PREFIX);
        String strEndScheduled = fp.getDateTimeInputString(INPUT_ENDDATE_PREFIX);
        Date start = fp.getDateTime(INPUT_STARTDATE_PREFIX);
        Date end = null;
        v.addValidation(INPUT_STARTDATE_PREFIX, Validator.IS_DATE_TIME);
        v.alwaysExecuteLastValidation(INPUT_STARTDATE_PREFIX);
        if (!strEndScheduled.equals("")) {
            v.addValidation(INPUT_ENDDATE_PREFIX, Validator.IS_DATE_TIME);
            v.alwaysExecuteLastValidation(INPUT_ENDDATE_PREFIX);
        }
        // v.addValidation(INPUT_LOCATION, Validator.NO_BLANKS); Disable validation on location, location can be empty when updating a study event
        HashMap errors = v.validate();
        // YW, 3-12-2008, 2220 fix <<
        if (!strEnd.equals("") && !errors.containsKey(INPUT_STARTDATE_PREFIX) && !errors.containsKey(INPUT_ENDDATE_PREFIX)) {
            end = fp.getDateTime(INPUT_ENDDATE_PREFIX);
            if (!fp.getString(INPUT_STARTDATE_PREFIX + "Date").equals(fp.getString(INPUT_ENDDATE_PREFIX + "Date"))) {
                if (end.before(start)) {
                    v.addError(errors, INPUT_ENDDATE_PREFIX, resexception.getString("input_provided_not_occure_after_previous_start_date_time"));
                }
            } else {
                // if in same date, only check when both had time entered
                if (fp.timeEntered(INPUT_STARTDATE_PREFIX) && fp.timeEntered(INPUT_ENDDATE_PREFIX)) {
                    if (end.before(start) || end.equals(start)) {
                        v.addError(errors, INPUT_ENDDATE_PREFIX, resexception.getString("input_provided_not_occure_after_previous_start_date_time"));
                    }
                }
            }
        }
        if (!errors.isEmpty()) {
            setInputMessages(errors);
            String[] prefixes = { INPUT_STARTDATE_PREFIX, INPUT_ENDDATE_PREFIX };
            fp.setCurrentDateTimeValuesAsPreset(prefixes);
            setPresetValues(fp.getPresetValues());
            studyEvent.setLocation(fp.getString(INPUT_LOCATION));
            request.setAttribute("changeDate", fp.getString("changeDate"));
            request.setAttribute(EVENT_BEAN, studyEvent);
            forwardPage(Page.UPDATE_STUDY_EVENT);
        } else if (studyEvent.getSubjectEventStatus().isSigned()) {
            // Checks if the status is signed
            // -----------------
            request.setAttribute(STUDY_SUBJECT_ID, new Integer(studySubjectId).toString());
            if (fp.getString(INPUT_STARTDATE_PREFIX + "Hour").equals("-1") && fp.getString(INPUT_STARTDATE_PREFIX + "Minute").equals("-1") && fp.getString(INPUT_STARTDATE_PREFIX + "Half").equals("")) {
                studyEvent.setStartTimeFlag(false);
            } else {
                studyEvent.setStartTimeFlag(true);
            }
            studyEvent.setDateStarted(start);
            if (!strEnd.equals("")) {
                studyEvent.setDateEnded(end);
                if (fp.getString(INPUT_ENDDATE_PREFIX + "Hour").equals("-1") && fp.getString(INPUT_ENDDATE_PREFIX + "Minute").equals("-1") && fp.getString(INPUT_ENDDATE_PREFIX + "Half").equals("")) {
                    studyEvent.setEndTimeFlag(false);
                } else {
                    studyEvent.setEndTimeFlag(true);
                }
            } else {
                // In case of empty value
                studyEvent.setDateEnded(end);
            }
            studyEvent.setLocation(fp.getString(INPUT_LOCATION));
            studyEvent.setStudyEventDefinition(sed);
            // -------------------
            ssdao = new StudySubjectDAO(sm.getDataSource());
            StudySubjectBean ssb = (StudySubjectBean) ssdao.findByPK(studyEvent.getStudySubjectId());
            ecdao = new EventCRFDAO(sm.getDataSource());
            eventCRFs = ecdao.findAllByStudyEvent(studyEvent);
            ArrayList<Boolean> doRuleSetsExist = new ArrayList<Boolean>();
            RuleSetDAO ruleSetDao = new RuleSetDAO(sm.getDataSource());
            StudyBean study = (StudyBean) sdao.findByPK(ssb.getStudyId());
            ArrayList eventDefinitionCRFs = (ArrayList) edcdao.findAllActiveByEventDefinitionId(study, studyEvent.getStudyEventDefinitionId());
            ArrayList uncompletedEventDefinitionCRFs = getUncompletedCRFs(eventDefinitionCRFs, eventCRFs);
            populateUncompletedCRFsWithCRFAndVersions(uncompletedEventDefinitionCRFs);
            ArrayList displayEventCRFs = ViewStudySubjectServlet.getDisplayEventCRFs(sm.getDataSource(), eventCRFs, eventDefinitionCRFs, ub, currentRole, studyEvent.getSubjectEventStatus(), study);
            request.setAttribute("studySubject", ssb);
            request.setAttribute("uncompletedEventDefinitionCRFs", uncompletedEventDefinitionCRFs);
            request.setAttribute("displayEventCRFs", displayEventCRFs);
            request.setAttribute(EVENT_BEAN, studyEvent);
            session.setAttribute("eventSigned", studyEvent);
            DiscrepancyNoteUtil discNoteUtil = new DiscrepancyNoteUtil();
            DisplayStudyEventBean displayEvBean = new DisplayStudyEventBean();
            List<DisplayStudyEventBean> displayEvents = new ArrayList<DisplayStudyEventBean>();
            // Set up a Map for the JSP view, mapping the eventCRFId to
            // another Map: the
            // inner Map maps the resolution status name to the number of
            // notes for that
            // eventCRF id, as in New --> 2
            displayEvBean.setStudyEvent(studyEvent);
            displayEvents.add(displayEvBean);
            // Don't filter for res status or disc note type; disc note
            // beans are returned with eventCRFId set
            discNoteUtil.injectParentDiscNotesIntoDisplayStudyEvents(displayEvents, new HashSet(), sm.getDataSource(), 0);
            Map discNoteByEventCRFid = discNoteUtil.createDiscNoteMapByEventCRF(displayEvents);
            request.setAttribute("discNoteByEventCRFid", discNoteByEventCRFid);
            forwardPage(Page.UPDATE_STUDY_EVENT_SIGNED);
        } else {
            logger.debug("no validation error");
            // YW 08-17-2007 << update start_time_flag column
            if (fp.getString(INPUT_STARTDATE_PREFIX + "Hour").equals("-1") && fp.getString(INPUT_STARTDATE_PREFIX + "Minute").equals("-1") && fp.getString(INPUT_STARTDATE_PREFIX + "Half").equals("")) {
                studyEvent.setStartTimeFlag(false);
            } else {
                studyEvent.setStartTimeFlag(true);
            }
            // YW >>
            studyEvent.setDateStarted(start);
            // YW, 3-12-2008, 2220 fix which adding End datetime <<
            if (!strEnd.equals("")) {
                studyEvent.setDateEnded(end);
                if (fp.getString(INPUT_ENDDATE_PREFIX + "Hour").equals("-1") && fp.getString(INPUT_ENDDATE_PREFIX + "Minute").equals("-1") && fp.getString(INPUT_ENDDATE_PREFIX + "Half").equals("")) {
                    studyEvent.setEndTimeFlag(false);
                } else {
                    studyEvent.setEndTimeFlag(true);
                }
            } else {
                // In case of empty value
                studyEvent.setDateEnded(end);
            }
            // YW >>
            studyEvent.setLocation(fp.getString(INPUT_LOCATION));
            logger.debug("update study event...");
            studyEvent.setUpdater(ub);
            studyEvent.setUpdatedDate(new Date());
            StudyEventBean updatedStudyEvent = (StudyEventBean) sedao.update(studyEvent);
            // save discrepancy notes into DB
            FormDiscrepancyNotes fdn = (FormDiscrepancyNotes) session.getAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME);
            DiscrepancyNoteDAO dndao = new DiscrepancyNoteDAO(sm.getDataSource());
            AddNewSubjectServlet.saveFieldNotes(INPUT_LOCATION, fdn, dndao, studyEvent.getId(), "studyEvent", currentStudy);
            AddNewSubjectServlet.saveFieldNotes(INPUT_STARTDATE_PREFIX, fdn, dndao, studyEvent.getId(), "studyEvent", currentStudy);
            AddNewSubjectServlet.saveFieldNotes(INPUT_ENDDATE_PREFIX, fdn, dndao, studyEvent.getId(), "studyEvent", currentStudy);
            // getRuleSetService().runRulesInBeanProperty(createRuleSet(ssub,sed),currentStudy,ub,request,ssub);
            addPageMessage(respage.getString("study_event_updated"));
            request.setAttribute("id", new Integer(studySubjectId).toString());
            session.removeAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME);
            forwardPage(Page.VIEW_STUDY_SUBJECT_SERVLET);
        // FORWARD SHOULD BE TO THE NEW PAGE
        }
    } else if (action.equalsIgnoreCase("confirm")) {
        // confirming the signed
        // status
        String username = request.getParameter("j_user");
        String password = request.getParameter("j_pass");
        // tring encodedUserPass = org.akaza.openclinica.core.SecurityManager.getInstance().encrytPassword(password);
        SecurityManager securityManager = ((SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager"));
        UserAccountBean ub = (UserAccountBean) session.getAttribute("userBean");
        StudyEventBean seb = (StudyEventBean) session.getAttribute("eventSigned");
        if (securityManager.verifyPassword(password, getUserDetails()) && ub.getName().equals(username)) {
            seb.setUpdater(ub);
            seb.setUpdatedDate(new Date());
            sedao.update(seb);
            // If all the StudyEvents become signed we will make the
            // StudySubject signed as well
            List studyEvents = sedao.findAllByStudySubject(ssub);
            boolean allSigned = true;
            for (Iterator iterator = studyEvents.iterator(); iterator.hasNext(); ) {
                StudyEventBean temp = (StudyEventBean) iterator.next();
                if (!temp.getSubjectEventStatus().equals(SubjectEventStatus.SIGNED)) {
                    allSigned = false;
                    break;
                }
            }
            if (allSigned) {
                logger.debug("Signing StudySubject [" + ssub.getSubjectId() + "]");
                ssub.setStatus(Status.SIGNED);
                ssub.setUpdater(ub);
                ssdao.update(ssub);
            }
            // save discrepancy notes into DB
            FormDiscrepancyNotes fdn = (FormDiscrepancyNotes) session.getAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME);
            DiscrepancyNoteDAO dndao = new DiscrepancyNoteDAO(sm.getDataSource());
            AddNewSubjectServlet.saveFieldNotes(INPUT_LOCATION, fdn, dndao, studyEvent.getId(), "studyEvent", currentStudy);
            AddNewSubjectServlet.saveFieldNotes(INPUT_STARTDATE_PREFIX, fdn, dndao, studyEvent.getId(), "studyEvent", currentStudy);
            AddNewSubjectServlet.saveFieldNotes(INPUT_ENDDATE_PREFIX, fdn, dndao, studyEvent.getId(), "studyEvent", currentStudy);
            session.removeAttribute("eventSigned");
            request.setAttribute("id", new Integer(studySubjectId).toString());
            addPageMessage(respage.getString("study_event_updated"));
            forwardPage(Page.VIEW_STUDY_SUBJECT_SERVLET);
        } else {
            request.setAttribute(STUDY_SUBJECT_ID, new Integer(studySubjectId).toString());
            request.setAttribute("studyEvent", seb);
            // -------------------
            ssdao = new StudySubjectDAO(sm.getDataSource());
            StudySubjectBean ssb = (StudySubjectBean) ssdao.findByPK(studyEvent.getStudySubjectId());
            // prepare to figure out what the display should look like
            EventCRFDAO ecdao = new EventCRFDAO(sm.getDataSource());
            ArrayList<EventCRFBean> eventCRFs = ecdao.findAllByStudyEvent(studyEvent);
            ArrayList<Boolean> doRuleSetsExist = new ArrayList<Boolean>();
            RuleSetDAO ruleSetDao = new RuleSetDAO(sm.getDataSource());
            StudyBean study = (StudyBean) sdao.findByPK(ssb.getStudyId());
            ArrayList eventDefinitionCRFs = (ArrayList) edcdao.findAllActiveByEventDefinitionId(study, studyEvent.getStudyEventDefinitionId());
            ArrayList uncompletedEventDefinitionCRFs = getUncompletedCRFs(eventDefinitionCRFs, eventCRFs);
            populateUncompletedCRFsWithCRFAndVersions(uncompletedEventDefinitionCRFs);
            ArrayList displayEventCRFs = ViewStudySubjectServlet.getDisplayEventCRFs(sm.getDataSource(), eventCRFs, eventDefinitionCRFs, ub, currentRole, studyEvent.getSubjectEventStatus(), study);
            request.setAttribute("studySubject", ssb);
            request.setAttribute("uncompletedEventDefinitionCRFs", uncompletedEventDefinitionCRFs);
            request.setAttribute("displayEventCRFs", displayEventCRFs);
            // ------------------
            request.setAttribute("studyEvent", session.getAttribute("eventSigned"));
            addPageMessage(restext.getString("password_match"));
            forwardPage(Page.UPDATE_STUDY_EVENT_SIGNED);
        }
    } else {
        logger.debug("no action, go to update page");
        DiscrepancyNoteDAO discrepancyNoteDAO = new DiscrepancyNoteDAO(sm.getDataSource());
        StudySubjectBean studySubjectBean = (StudySubjectBean) ssdao.findByPK(studyEvent.getStudySubjectId());
        int studyId = studySubjectBean.getStudyId();
        boolean subjectStudyIsCurrentStudy = studyId == currentStudy.getId();
        boolean isParentStudy = studyBean.getParentStudyId() < 1;
        ArrayList<DiscrepancyNoteBean> allNotesforSubjectAndEvent = new ArrayList<DiscrepancyNoteBean>();
        if (subjectStudyIsCurrentStudy && isParentStudy) {
            allNotesforSubjectAndEvent = discrepancyNoteDAO.findAllStudyEventByStudyAndId(currentStudy, studySubjectBean.getId());
        } else {
            // findAllStudyEventByStudiesAndSubjectId
            if (!isParentStudy) {
                StudyBean stParent = (StudyBean) sdao.findByPK(studyBean.getParentStudyId());
                allNotesforSubjectAndEvent = discrepancyNoteDAO.findAllStudyEventByStudiesAndSubjectId(stParent, studyBean, studySubjectBean.getId());
            } else {
                allNotesforSubjectAndEvent = discrepancyNoteDAO.findAllStudyEventByStudiesAndSubjectId(currentStudy, studyBean, studySubjectBean.getId());
            }
        }
        if (!allNotesforSubjectAndEvent.isEmpty()) {
            setRequestAttributesForNotes(allNotesforSubjectAndEvent);
        }
        HashMap presetValues = new HashMap();
        // YW 08-17-2007 <<
        if (studyEvent.getStartTimeFlag() == true) {
            Calendar c = new GregorianCalendar();
            c.setTime(studyEvent.getDateStarted());
            presetValues.put(INPUT_STARTDATE_PREFIX + "Hour", new Integer(c.get(Calendar.HOUR_OF_DAY)));
            presetValues.put(INPUT_STARTDATE_PREFIX + "Minute", new Integer(c.get(Calendar.MINUTE)));
            // necessary.
            switch(c.get(Calendar.AM_PM)) {
                case 0:
                    presetValues.put(INPUT_STARTDATE_PREFIX + "Half", "am");
                    break;
                case 1:
                    presetValues.put(INPUT_STARTDATE_PREFIX + "Half", "pm");
                    break;
                default:
                    presetValues.put(INPUT_STARTDATE_PREFIX + "Half", "");
                    break;
            }
        } else {
            presetValues.put(INPUT_STARTDATE_PREFIX + "Hour", new Integer(-1));
            presetValues.put(INPUT_STARTDATE_PREFIX + "Minute", new Integer(-1));
            presetValues.put(INPUT_STARTDATE_PREFIX + "Half", "");
        }
        // YW >>
        String dateValue = local_df.format(studyEvent.getDateStarted());
        presetValues.put(INPUT_STARTDATE_PREFIX + "Date", dateValue);
        // YW 3-12-2008, add end datetime for 2220 fix<<
        presetValues.put(INPUT_ENDDATE_PREFIX + "Hour", new Integer(-1));
        presetValues.put(INPUT_ENDDATE_PREFIX + "Minute", new Integer(-1));
        presetValues.put(INPUT_ENDDATE_PREFIX + "Half", "");
        if (studyEvent.getDateEnded() != null) {
            if (studyEvent.getEndTimeFlag() == true) {
                Calendar c = new GregorianCalendar();
                c.setTime(studyEvent.getDateEnded());
                presetValues.put(INPUT_ENDDATE_PREFIX + "Hour", new Integer(c.get(Calendar.HOUR_OF_DAY)));
                presetValues.put(INPUT_ENDDATE_PREFIX + "Minute", new Integer(c.get(Calendar.MINUTE)));
                // necessary.
                switch(c.get(Calendar.AM_PM)) {
                    case 0:
                        presetValues.put(INPUT_ENDDATE_PREFIX + "Half", "am");
                        break;
                    case 1:
                        presetValues.put(INPUT_ENDDATE_PREFIX + "Half", "pm");
                        break;
                    default:
                        presetValues.put(INPUT_ENDDATE_PREFIX + "Half", "");
                        break;
                }
            }
            presetValues.put(INPUT_ENDDATE_PREFIX + "Date", local_df.format(studyEvent.getDateEnded()));
        }
        // YW >>
        setPresetValues(presetValues);
        request.setAttribute("studyEvent", studyEvent);
        request.setAttribute("studySubject", studySubjectBean);
        discNotes = new FormDiscrepancyNotes();
        session.setAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME, discNotes);
        forwardPage(Page.UPDATE_STUDY_EVENT);
    }
// else
}
Also used : RuleSetDAO(org.akaza.openclinica.dao.rule.RuleSetDAO) SecurityManager(org.akaza.openclinica.core.SecurityManager) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) StudyEventDefinitionBean(org.akaza.openclinica.bean.managestudy.StudyEventDefinitionBean) StudyEventBean(org.akaza.openclinica.bean.managestudy.StudyEventBean) DisplayStudyEventBean(org.akaza.openclinica.bean.managestudy.DisplayStudyEventBean) SubjectEventStatus(org.akaza.openclinica.bean.core.SubjectEventStatus) EventCRFBean(org.akaza.openclinica.bean.submit.EventCRFBean) StudyEventDAO(org.akaza.openclinica.dao.managestudy.StudyEventDAO) UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean) Iterator(java.util.Iterator) List(java.util.List) ArrayList(java.util.ArrayList) DiscrepancyNoteUtil(org.akaza.openclinica.service.DiscrepancyNoteUtil) StudyDAO(org.akaza.openclinica.dao.managestudy.StudyDAO) EventCRFDAO(org.akaza.openclinica.dao.submit.EventCRFDAO) HashSet(java.util.HashSet) Status(org.akaza.openclinica.bean.core.Status) SubjectEventStatus(org.akaza.openclinica.bean.core.SubjectEventStatus) DiscrepancyNoteDAO(org.akaza.openclinica.dao.managestudy.DiscrepancyNoteDAO) FormDiscrepancyNotes(org.akaza.openclinica.control.form.FormDiscrepancyNotes) FormProcessor(org.akaza.openclinica.control.form.FormProcessor) StudyBean(org.akaza.openclinica.bean.managestudy.StudyBean) GregorianCalendar(java.util.GregorianCalendar) Calendar(java.util.Calendar) GregorianCalendar(java.util.GregorianCalendar) EventDefinitionCRFDAO(org.akaza.openclinica.dao.managestudy.EventDefinitionCRFDAO) StudySubjectDAO(org.akaza.openclinica.dao.managestudy.StudySubjectDAO) Date(java.util.Date) DiscrepancyValidator(org.akaza.openclinica.control.form.DiscrepancyValidator) DisplayStudyEventBean(org.akaza.openclinica.bean.managestudy.DisplayStudyEventBean) StudySubjectBean(org.akaza.openclinica.bean.managestudy.StudySubjectBean) StudyEventDefinitionDAO(org.akaza.openclinica.dao.managestudy.StudyEventDefinitionDAO) DiscrepancyNoteBean(org.akaza.openclinica.bean.managestudy.DiscrepancyNoteBean) EventDefinitionCRFBean(org.akaza.openclinica.bean.managestudy.EventDefinitionCRFBean) DisplayEventDefinitionCRFBean(org.akaza.openclinica.bean.managestudy.DisplayEventDefinitionCRFBean) Map(java.util.Map) HashMap(java.util.HashMap)

Aggregations

SecurityManager (org.akaza.openclinica.core.SecurityManager)10 UserAccountBean (org.akaza.openclinica.bean.login.UserAccountBean)9 FormProcessor (org.akaza.openclinica.control.form.FormProcessor)8 UserAccountDAO (org.akaza.openclinica.dao.login.UserAccountDAO)7 ArrayList (java.util.ArrayList)5 HashMap (java.util.HashMap)5 Validator (org.akaza.openclinica.control.form.Validator)5 Date (java.util.Date)4 Map (java.util.Map)4 StudyBean (org.akaza.openclinica.bean.managestudy.StudyBean)4 InsufficientPermissionException (org.akaza.openclinica.web.InsufficientPermissionException)4 Calendar (java.util.Calendar)3 ResourceBundle (java.util.ResourceBundle)3 UserType (org.akaza.openclinica.bean.core.UserType)3 StudyDAO (org.akaza.openclinica.dao.managestudy.StudyDAO)3 HashSet (java.util.HashSet)2 Iterator (java.util.Iterator)2 LinkedHashMap (java.util.LinkedHashMap)2 Locale (java.util.Locale)2 Role (org.akaza.openclinica.bean.core.Role)2