use of org.akaza.openclinica.core.SecurityManager in project OpenClinica by OpenClinica.
the class ResetPasswordServlet method processRequest.
/**
* Tasks include:
* <ol>
* <li>Validation:
* <ol>
* <li>1. old password match database record
* <li>2. new password is follows requirements
* <li>4. two times entered passwords are same
* <li>5. all required fields are filled
* </ol>
* <li>Update ub - UserAccountBean - in session and database
* </ol>
*/
@Override
public void processRequest() throws Exception {
logger.info("Change expired password");
UserAccountDAO udao = new UserAccountDAO(sm.getDataSource());
Validator v = new Validator(request);
errors.clear();
FormProcessor fp = new FormProcessor(request);
String mustChangePwd = request.getParameter("mustChangePwd");
String newPwd = fp.getString("passwd").trim();
String passwdChallengeQ = fp.getString("passwdChallengeQ");
String passwdChallengeA = fp.getString("passwdChallengeA");
if ("yes".equalsIgnoreCase(mustChangePwd)) {
addPageMessage(respage.getString("your_password_has_expired_must_change"));
} else {
addPageMessage(respage.getString("password_expired") + " " + respage.getString("if_you_do_not_want_change_leave_blank"));
}
request.setAttribute("mustChangePass", mustChangePwd);
String oldPwd = fp.getString("oldPasswd").trim();
// user bean from web
UserAccountBean ubForm = new UserAccountBean();
// form
ubForm.setPasswd(oldPwd);
ubForm.setPasswdChallengeQuestion(passwdChallengeQ);
ubForm.setPasswdChallengeAnswer(passwdChallengeA);
request.setAttribute("userBean1", ubForm);
SecurityManager sm = ((SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager"));
if (!sm.isPasswordValid(ub.getPasswd(), oldPwd, getUserDetails())) {
Validator.addError(errors, "oldPasswd", resexception.getString("wrong_old_password"));
request.setAttribute("formMessages", errors);
forwardPage(Page.RESET_PASSWORD);
} else {
if (mustChangePwd.equalsIgnoreCase("yes")) {
v.addValidation("passwd", Validator.NO_BLANKS);
v.addValidation("passwd1", Validator.NO_BLANKS);
v.addValidation("passwdChallengeQ", Validator.NO_BLANKS);
v.addValidation("passwdChallengeA", Validator.NO_BLANKS);
v.addValidation("passwd", Validator.CHECK_DIFFERENT, "oldPasswd");
}
String newDigestPass = sm.encrytPassword(newPwd, getUserDetails());
List<String> pwdErrors = new ArrayList<String>();
if (!StringUtils.isEmpty(newPwd)) {
v.addValidation("passwd", Validator.IS_A_PASSWORD);
v.addValidation("passwd1", Validator.CHECK_SAME, "passwd");
ConfigurationDao configurationDao = SpringServletAccess.getApplicationContext(context).getBean(ConfigurationDao.class);
PasswordRequirementsDao passwordRequirementsDao = new PasswordRequirementsDao(configurationDao);
Locale locale = LocaleResolver.getLocale(request);
ResourceBundle resexception = ResourceBundleProvider.getExceptionsBundle(locale);
pwdErrors = PasswordValidator.validatePassword(passwordRequirementsDao, udao, ub.getId(), newPwd, newDigestPass, resexception);
}
errors = v.validate();
for (String err : pwdErrors) {
v.addError(errors, "passwd", err);
}
if (!errors.isEmpty()) {
logger.info("ResetPassword page has validation errors");
request.setAttribute("formMessages", errors);
forwardPage(Page.RESET_PASSWORD);
} else {
logger.info("ResetPassword page has no errors");
if (!StringUtils.isBlank(newPwd)) {
ub.setPasswd(newDigestPass);
ub.setPasswdTimestamp(new Date());
} else if ("no".equalsIgnoreCase(mustChangePwd)) {
ub.setPasswdTimestamp(new Date());
}
ub.setOwner(ub);
// when update ub, updator id is required
ub.setUpdater(ub);
ub.setPasswdChallengeQuestion(passwdChallengeQ);
ub.setPasswdChallengeAnswer(passwdChallengeA);
udao.update(ub);
ArrayList<String> pageMessages = new ArrayList<String>();
request.setAttribute(PAGE_MESSAGE, pageMessages);
addPageMessage(respage.getString("your_expired_password_reset_successfully"));
ub.incNumVisitsToMainMenu();
forwardPage(Page.MENU_SERVLET);
}
}
}
use of org.akaza.openclinica.core.SecurityManager in project OpenClinica by OpenClinica.
the class DeleteUserServlet method processRequest.
@Override
protected void processRequest() throws Exception {
UserAccountDAO udao = new UserAccountDAO(sm.getDataSource());
FormProcessor fp = new FormProcessor(request);
int userId = fp.getInt(ARG_USERID);
int action = fp.getInt(ARG_ACTION);
UserAccountBean u = (UserAccountBean) udao.findByPK(userId);
techAdminProtect(u);
String message;
if (!u.isActive()) {
message = respage.getString("the_specified_user_not_exits");
} else if (!EntityAction.contains(action)) {
message = respage.getString("the_specified_action_on_the_user_is_invalid");
} else if (!EntityAction.get(action).equals(EntityAction.DELETE) && !EntityAction.get(action).equals(EntityAction.RESTORE)) {
message = respage.getString("the_specified_action_is_not_allowed");
} else {
EntityAction desiredAction = EntityAction.get(action);
u.setUpdater(ub);
if (desiredAction.equals(EntityAction.DELETE)) {
udao.delete(u);
if (udao.isQuerySuccessful()) {
message = respage.getString("the_user_has_been_removed_successfully");
// YW 07-31-2007 << for feature that deletion doesn't need
// email the deleted user.
/*
* //YW 07-26-2007 << catch exception (eg. timeout) and
* inform users. try { sendDeleteEmail(u); } catch
* (Exception e) { message += " However, there has been an
* error sending the user an email regarding this
* deletion."; }
*/
// YW >>
} else {
message = respage.getString("the_user_could_not_be_deleted_due_database_error");
}
} else {
SecurityManager sm = (SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager");
String password = sm.genPassword();
String passwordHash = sm.encrytPassword(password, getUserDetails());
if (!u.isLdapUser()) {
u.setPasswd(passwordHash);
u.setPasswdTimestamp(null);
}
udao.restore(u);
if (udao.isQuerySuccessful()) {
message = respage.getString("the_user_has_been_restored");
try {
if (!u.isLdapUser()) {
sendRestoreEmail(u, password);
}
} catch (Exception e) {
message += respage.getString("however_was_error_sending_user_email_regarding");
}
} else {
message = respage.getString("the_user_could_not_be_deleted_due_database_error");
}
}
}
addPageMessage(message);
forwardPage(Page.LIST_USER_ACCOUNTS_SERVLET);
}
use of org.akaza.openclinica.core.SecurityManager in project OpenClinica by OpenClinica.
the class SignStudySubjectServlet method processRequest.
@Override
public void processRequest() throws Exception {
SubjectDAO sdao = new SubjectDAO(sm.getDataSource());
StudySubjectDAO subdao = new StudySubjectDAO(sm.getDataSource());
FormProcessor fp = new FormProcessor(request);
String action = fp.getString("action");
// studySubjectId
int studySubId = fp.getInt("id", true);
String module = fp.getString(MODULE);
request.setAttribute(MODULE, module);
if (studySubId == 0) {
addPageMessage(respage.getString("please_choose_a_subject_to_view"));
forwardPage(Page.LIST_STUDY_SUBJECTS);
return;
}
StudySubjectBean studySub = (StudySubjectBean) subdao.findByPK(studySubId);
if (!permitSign(studySub, sm.getDataSource())) {
addPageMessage(respage.getString("subject_event_cannot_signed"));
// forwardPage(Page.SUBMIT_DATA_SERVLET);
forwardPage(Page.LIST_STUDY_SUBJECTS_SERVLET);
// >> changed tbh, 06/2009
return;
}
if (action.equalsIgnoreCase("confirm")) {
String username = request.getParameter("j_user");
String password = request.getParameter("j_pass");
SecurityManager securityManager = ((SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager"));
// String encodedUserPass =
// org.akaza.openclinica.core.SecurityManager
// .getInstance().encrytPassword(password);
UserAccountBean ub = (UserAccountBean) session.getAttribute("userBean");
if (securityManager.verifyPassword(password, getUserDetails()) && ub.getName().equals(username)) {
if (signSubjectEvents(studySub, sm.getDataSource(), ub)) {
// Making the StudySubject signed as all the events have
// become signed.
studySub.setStatus(Status.SIGNED);
studySub.setUpdater(ub);
subdao.update(studySub);
addPageMessage(respage.getString("subject_event_signed"));
// forwardPage(Page.SUBMIT_DATA_SERVLET);
forwardPage(Page.LIST_STUDY_SUBJECTS_SERVLET);
// >> changed tbh, 06/2009
return;
} else {
addPageMessage(respage.getString("errors_in_submission_see_below"));
forwardPage(Page.LIST_STUDY_SUBJECTS);
return;
}
} else {
request.setAttribute("id", new Integer(studySubId).toString());
addPageMessage(restext.getString("password_match"));
forwardPage(Page.LIST_STUDY_SUBJECTS);
return;
}
}
request.setAttribute("studySub", studySub);
int studyId = studySub.getStudyId();
int subjectId = studySub.getSubjectId();
SubjectBean subject = (SubjectBean) sdao.findByPK(subjectId);
if (currentStudy.getStudyParameterConfig().getCollectDob().equals("2")) {
Date dob = subject.getDateOfBirth();
if (dob != null) {
Calendar cal = Calendar.getInstance();
cal.setTime(dob);
int year = cal.get(Calendar.YEAR);
request.setAttribute("yearOfBirth", new Integer(year));
} else {
request.setAttribute("yearOfBirth", "");
}
}
request.setAttribute("subject", subject);
StudyDAO studydao = new StudyDAO(sm.getDataSource());
StudyBean study = (StudyBean) studydao.findByPK(studyId);
StudyParameterValueDAO spvdao = new StudyParameterValueDAO(sm.getDataSource());
study.getStudyParameterConfig().setCollectDob(spvdao.findByHandleAndStudy(studyId, "collectDob").getValue());
if (study.getParentStudyId() > 0) {
// this is a site,find parent
StudyBean parentStudy = (StudyBean) studydao.findByPK(study.getParentStudyId());
request.setAttribute("parentStudy", parentStudy);
} else {
request.setAttribute("parentStudy", new StudyBean());
}
ArrayList children = (ArrayList) sdao.findAllChildrenByPK(subjectId);
request.setAttribute("children", children);
// find study events
StudyEventDAO sedao = new StudyEventDAO(sm.getDataSource());
StudyEventDefinitionDAO seddao = new StudyEventDefinitionDAO(sm.getDataSource());
EventDefinitionCRFDAO edcdao = new EventDefinitionCRFDAO(sm.getDataSource());
// find all eventcrfs for each event
EventCRFDAO ecdao = new EventCRFDAO(sm.getDataSource());
ArrayList<DisplayStudyEventBean> displayEvents = getDisplayStudyEventsForStudySubject(study, studySub, sm.getDataSource(), ub, currentRole);
DiscrepancyNoteUtil discNoteUtil = new DiscrepancyNoteUtil();
// Don't filter for now; disc note beans are returned with eventCRFId
// set
discNoteUtil.injectParentDiscNotesIntoDisplayStudyEvents(displayEvents, new HashSet(), sm.getDataSource(), 0);
// All the displaystudyevents for one subject
request.setAttribute("displayStudyEvents", displayEvents);
// Set up a Map for the JSP view, mapping the eventCRFId to another Map:
// the
// inner Map maps the resolution status name to the number of notes for
// that
// eventCRF id, as in New --> 2
Map discNoteByEventCRFid = discNoteUtil.createDiscNoteMapByEventCRF(displayEvents);
request.setAttribute("discNoteByEventCRFid", discNoteByEventCRFid);
EntityBeanTable table = fp.getEntityBeanTable();
// sort by start date,
table.setSortingIfNotExplicitlySet(1, false);
// desc
ArrayList allEventRows = DisplayStudyEventRow.generateRowsFromBeans(displayEvents);
String[] columns = { resword.getString("event") + " (" + resword.getString("occurrence_number") + ")", resword.getString("start_date1"), resword.getString("location"), resword.getString("status"), resword.getString("actions"), resword.getString("CRFs_atrib") };
table.setColumns(new ArrayList(Arrays.asList(columns)));
table.hideColumnLink(4);
table.hideColumnLink(5);
if (!"removed".equalsIgnoreCase(studySub.getStatus().getName()) && !"auto-removed".equalsIgnoreCase(studySub.getStatus().getName())) {
table.addLink(resword.getString("add_new_event"), "CreateNewStudyEvent?" + CreateNewStudyEventServlet.INPUT_STUDY_SUBJECT_ID_FROM_VIEWSUBJECT + "=" + studySub.getId());
}
HashMap args = new HashMap();
args.put("id", new Integer(studySubId).toString());
table.setQuery("ViewStudySubject", args);
table.setRows(allEventRows);
table.computeDisplay();
request.setAttribute("table", table);
SubjectGroupMapDAO sgmdao = new SubjectGroupMapDAO(sm.getDataSource());
ArrayList groupMaps = (ArrayList) sgmdao.findAllByStudySubject(studySubId);
request.setAttribute("groups", groupMaps);
AuditEventDAO aedao = new AuditEventDAO(sm.getDataSource());
ArrayList logs = aedao.findEventStatusLogByStudySubject(studySubId);
UserAccountDAO udao = new UserAccountDAO(sm.getDataSource());
ArrayList eventLogs = new ArrayList();
for (int i = 0; i < logs.size(); i++) {
AuditEventBean avb = (AuditEventBean) logs.get(i);
StudyEventAuditBean sea = new StudyEventAuditBean();
sea.setAuditEvent(avb);
StudyEventBean se = (StudyEventBean) sedao.findByPK(avb.getEntityId());
StudyEventDefinitionBean sed = (StudyEventDefinitionBean) seddao.findByPK(se.getStudyEventDefinitionId());
sea.setDefinition(sed);
String old = avb.getOldValue().trim();
try {
if (!StringUtil.isBlank(old)) {
SubjectEventStatus oldStatus = SubjectEventStatus.get(new Integer(old).intValue());
sea.setOldSubjectEventStatus(oldStatus);
}
String newValue = avb.getNewValue().trim();
if (!StringUtil.isBlank(newValue)) {
SubjectEventStatus newStatus = SubjectEventStatus.get(new Integer(newValue).intValue());
sea.setNewSubjectEventStatus(newStatus);
}
} catch (NumberFormatException e) {
// TODO Auto-generated catch block
e.printStackTrace();
// logger.warning("^^^ caught NFE");
}
UserAccountBean updater = (UserAccountBean) udao.findByPK(avb.getUserId());
sea.setUpdater(updater);
eventLogs.add(sea);
}
// logger.warning("^^^ finished iteration");
request.setAttribute("eventLogs", eventLogs);
forwardPage(Page.SIGN_STUDY_SUBJECT);
}
use of org.akaza.openclinica.core.SecurityManager in project OpenClinica by OpenClinica.
the class RequestPasswordServlet method confirmPassword.
/**
* @param request
* @param response
*/
private void confirmPassword() throws Exception {
Validator v = new Validator(request);
FormProcessor fp = new FormProcessor(request);
v.addValidation("name", Validator.NO_BLANKS);
v.addValidation("email", Validator.IS_A_EMAIL);
v.addValidation("passwdChallengeQuestion", Validator.NO_BLANKS);
v.addValidation("passwdChallengeAnswer", Validator.NO_BLANKS);
errors = v.validate();
// user bean from web
UserAccountBean ubForm = new UserAccountBean();
// form
ubForm.setName(fp.getString("name"));
ubForm.setEmail(fp.getString("email"));
ubForm.setPasswdChallengeQuestion(fp.getString("passwdChallengeQuestion"));
ubForm.setPasswdChallengeAnswer(fp.getString("passwdChallengeAnswer"));
sm = new SessionManager(null, ubForm.getName(), SpringServletAccess.getApplicationContext(context));
UserAccountDAO uDAO = new UserAccountDAO(sm.getDataSource());
// see whether this user in the DB
UserAccountBean ubDB = (UserAccountBean) uDAO.findByUserName(ubForm.getName());
UserAccountBean updater = ubDB;
request.setAttribute("userBean1", ubForm);
if (!errors.isEmpty()) {
logger.info("after processing form,has errors");
request.setAttribute("formMessages", errors);
forwardPage(Page.REQUEST_PWD);
} else {
logger.info("after processing form,no errors");
// whether this user's email is in the DB
if (ubDB.getEmail() != null && ubDB.getEmail().equalsIgnoreCase(ubForm.getEmail())) {
logger.info("ubDB.getPasswdChallengeQuestion()" + ubDB.getPasswdChallengeQuestion());
logger.info("ubForm.getPasswdChallengeQuestion()" + ubForm.getPasswdChallengeQuestion());
logger.info("ubDB.getPasswdChallengeAnswer()" + ubDB.getPasswdChallengeAnswer());
logger.info("ubForm.getPasswdChallengeAnswer()" + ubForm.getPasswdChallengeAnswer());
// if this user's password challenge can be verified
if (ubDB.getPasswdChallengeQuestion().equals(ubForm.getPasswdChallengeQuestion()) && ubDB.getPasswdChallengeAnswer().equalsIgnoreCase(ubForm.getPasswdChallengeAnswer())) {
SecurityManager sm = ((SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager"));
String newPass = sm.genPassword();
OpenClinicaJdbcService ocService = ((OpenClinicaJdbcService) SpringServletAccess.getApplicationContext(context).getBean("ocUserDetailsService"));
String newDigestPass = sm.encrytPassword(newPass, ocService.loadUserByUsername(ubForm.getName()));
ubDB.setPasswd(newDigestPass);
// passwdtimestamp should be null ,fix
// PrepareStatementFactory
Calendar cal = Calendar.getInstance();
// Date date = local_df.parse("01/01/1900");
// cal.setTime(date);
// ubDB.setPasswdTimestamp(cal.getTime());
ubDB.setPasswdTimestamp(null);
ubDB.setUpdater(updater);
ubDB.setLastVisitDate(new Date());
logger.info("user bean to be updated:" + ubDB.getId() + ubDB.getName() + ubDB.getActiveStudyId());
uDAO.update(ubDB);
sendPassword(newPass, ubDB);
} else {
addPageMessage(respage.getString("your_password_not_verified_try_again"));
forwardPage(Page.REQUEST_PWD);
}
} else {
addPageMessage(respage.getString("your_email_address_not_found_try_again"));
forwardPage(Page.REQUEST_PWD);
}
}
}
use of org.akaza.openclinica.core.SecurityManager in project OpenClinica by OpenClinica.
the class UpdateStudyEventServlet method processRequest.
@Override
public void processRequest() throws Exception {
FormDiscrepancyNotes discNotes = null;
FormProcessor fp = new FormProcessor(request);
int studyEventId = fp.getInt(EVENT_ID, true);
int studySubjectId = fp.getInt(STUDY_SUBJECT_ID, true);
String module = fp.getString(MODULE);
request.setAttribute(MODULE, module);
String fromResolvingNotes = fp.getString("fromResolvingNotes", true);
if (StringUtil.isBlank(fromResolvingNotes)) {
session.removeAttribute(ViewNotesServlet.WIN_LOCATION);
session.removeAttribute(ViewNotesServlet.NOTES_TABLE);
checkStudyLocked(Page.MANAGE_STUDY, respage.getString("current_study_locked"));
checkStudyFrozen(Page.MANAGE_STUDY, respage.getString("current_study_frozen"));
}
if (studyEventId == 0 || studySubjectId == 0) {
addPageMessage(respage.getString("choose_a_study_event_to_edit"));
request.setAttribute("id", new Integer(studySubjectId).toString());
forwardPage(Page.VIEW_STUDY_SUBJECT_SERVLET);
return;
}
StudySubjectDAO ssdao = new StudySubjectDAO(sm.getDataSource());
StudySubjectBean ssub = null;
if (studySubjectId > 0) {
ssub = (StudySubjectBean) ssdao.findByPK(studySubjectId);
request.setAttribute("studySubject", ssub);
// for the workflow
request.setAttribute("id", studySubjectId + "");
// box, so it can
// link back to view
// study subject
}
// YW 11-07-2007, a study event could not be updated if its study
// subject has been removed
// Status s = ((StudySubjectBean)new
// StudySubjectDAO(sm.getDataSource()).findByPK(studySubjectId)).getStatus();
Status s = ssub.getStatus();
if ("removed".equalsIgnoreCase(s.getName()) || "auto-removed".equalsIgnoreCase(s.getName())) {
addPageMessage(resword.getString("study_event") + resterm.getString("could_not_be") + resterm.getString("updated") + "." + respage.getString("study_subject_has_been_deleted"));
request.setAttribute("id", new Integer(studySubjectId).toString());
forwardPage(Page.VIEW_STUDY_SUBJECT_SERVLET);
}
// YW
request.setAttribute(STUDY_SUBJECT_ID, new Integer(studySubjectId).toString());
StudyEventDAO sedao = new StudyEventDAO(sm.getDataSource());
EventCRFDAO ecrfdao = new EventCRFDAO(sm.getDataSource());
StudyEventBean studyEvent = (StudyEventBean) sedao.findByPK(studyEventId);
studyEvent.setEventCRFs(ecrfdao.findAllByStudyEvent(studyEvent));
// only owner, admins, and study director/coordinator can update
// if (ub.getId() != studyEvent.getOwnerId()) {
// if (!ub.isSysAdmin() &&
// !currentRole.getRole().equals(Role.STUDYDIRECTOR)
// && !currentRole.getRole().equals(Role.COORDINATOR)) {
// addPageMessage(respage.getString("no_have_correct_privilege_current_study")
// + respage.getString("change_study_contact_sysadmin"));
// request.setAttribute("id", new Integer(studySubjectId).toString());
// forwardPage(Page.VIEW_STUDY_SUBJECT_SERVLET);
// return;
// }
// }
// above removed tbh 11162007
ArrayList statuses = SubjectEventStatus.toArrayList();
// remove more statuses here, tbh, 092007
// ### updates to status setting, below added tbh 102007
// following pieces of logic to be added:
/*
* REMOVED can happen at any step, COMPLETED can happen if the Subject
* Event is already complete, COMPLETED can also happen if all required
* CRFs in the Subject Event are completed, LOCKED can occur when all
* Event CRFs are completed, or not started, or removed, LOCKED/REMOVED
* are only options, however, when the user is study director or study
* coordinator SKIPPED/STOPPED? Additional rules spelled out on Nov 16
* 2007: STOPPED should only be in the list of choices after IDE has
* been started, i.e. not when SCHEDULED SKIPPED should only be in the
* list before IDE has been started, i.e. when SCHEDULED reminder about
* LOCKED happening only when CRFs are completed (not as in the
* above...) if a status is LOCKED already, it should allow a user to
* set the event back to COMPLETED
*/
StudyDAO sdao = new StudyDAO(this.sm.getDataSource());
StudyBean studyBean = (StudyBean) sdao.findByPK(ssub.getStudyId());
checkRoleByUserAndStudy(ub, studyBean.getParentStudyId(), studyBean.getId());
// To remove signed status from the list
EventDefinitionCRFDAO edcdao = new EventDefinitionCRFDAO(sm.getDataSource());
boolean removeSign = false;
// DiscrepancyNoteDAO discDao = new
// DiscrepancyNoteDAO(sm.getDataSource());
ArrayList eventCrfs = studyEvent.getEventCRFs();
for (int i = 0; i < eventCrfs.size(); i++) {
EventCRFBean ecrf = (EventCRFBean) eventCrfs.get(i);
EventDefinitionCRFBean edcBean = edcdao.findByStudyEventIdAndCRFVersionId(studyBean, studyEventId, ecrf.getCRFVersionId());
if (ecrf.getStage().equals(DataEntryStage.INITIAL_DATA_ENTRY) || ecrf.getStage().equals(DataEntryStage.INITIAL_DATA_ENTRY_COMPLETE) && edcBean.isDoubleEntry() == true) {
removeSign = true;
break;
}
}
if (currentRole.isResearchAssistant()) {
removeSign = true;
}
if (currentRole.isResearchAssistant2()) {
removeSign = true;
}
if (removeSign == true || !currentRole.isInvestigator()) {
statuses.remove(SubjectEventStatus.SIGNED);
}
/*
* if(!studyEvent.getSubjectEventStatus().equals(SubjectEventStatus.
* DATA_ENTRY_STARTED)) {
* statuses.remove(SubjectEventStatus.DATA_ENTRY_STARTED);
* //statuses.remove(SubjectEventStatus.SKIPPED); // per new rule
* 11-2007 }
*/
if (!studyEvent.getSubjectEventStatus().equals(SubjectEventStatus.NOT_SCHEDULED)) {
statuses.remove(SubjectEventStatus.NOT_SCHEDULED);
}
if (!studyEvent.getSubjectEventStatus().equals(SubjectEventStatus.SCHEDULED)) {
// can't lock a non-completed CRF, but removed above
statuses.remove(SubjectEventStatus.SCHEDULED);
// statuses.remove(SubjectEventStatus.SKIPPED);
// addl rule: skipped should only be present before data starts
// being entered
}
if (studyEvent.getSubjectEventStatus().equals(SubjectEventStatus.DATA_ENTRY_STARTED)) {
statuses.remove(SubjectEventStatus.SKIPPED);
}
ArrayList getECRFs = studyEvent.getEventCRFs();
// above removed tbh 102007, require to get all definitions, no matter
// if they are filled in or now
EventDefinitionCRFDAO edefcrfdao = new EventDefinitionCRFDAO(sm.getDataSource());
ArrayList getAllECRFs = (ArrayList) edefcrfdao.findAllByDefinition(studyBean, studyEvent.getStudyEventDefinitionId());
// does the study event have all complete CRFs which are required?
logger.debug("found number of ecrfs: " + getAllECRFs.size());
// may not be populated, only entered crfs seem to ping the list
for (int u = 0; u < getAllECRFs.size(); u++) {
EventDefinitionCRFBean ecrfBean = (EventDefinitionCRFBean) getAllECRFs.get(u);
//
logger.debug("found number of existing ecrfs: " + getECRFs.size());
if (getECRFs.size() == 0) {
statuses.remove(SubjectEventStatus.COMPLETED);
statuses.remove(SubjectEventStatus.LOCKED);
}
// otherwise...
for (int uv = 0; uv < getECRFs.size(); uv++) {
EventCRFBean existingBean = (EventCRFBean) getECRFs.get(uv);
logger.debug("***** found: " + existingBean.getCRFVersionId() + " " + existingBean.getCrf().getId() + " " + existingBean.getCrfVersion().getName() + " " + existingBean.getStatus().getName() + " " + existingBean.getStage().getName());
logger.debug("***** comparing above to ecrfBean.DefaultVersionID: " + ecrfBean.getDefaultVersionId());
// this is addressed in the if-clause above
if (!existingBean.getStatus().equals(Status.UNAVAILABLE) && edefcrfdao.isRequiredInDefinition(existingBean.getCRFVersionId(), studyEvent)) {
logger.debug("found that " + existingBean.getCrfVersion().getName() + " is required...");
// that is, it's not completed but required to complete
statuses.remove(SubjectEventStatus.COMPLETED);
statuses.remove(SubjectEventStatus.LOCKED);
// per new rule above 11-16-2007
}
// }
}
}
// below added 092007, tbh, task #1390
if (!ub.isSysAdmin() && !currentRole.getRole().equals(Role.STUDYDIRECTOR) && !currentRole.getRole().equals(Role.COORDINATOR)) {
statuses.remove(SubjectEventStatus.LOCKED);
}
// scheduled
if (studyEvent.getSubjectEventStatus().equals(SubjectEventStatus.DATA_ENTRY_STARTED)) {
statuses.remove(SubjectEventStatus.NOT_SCHEDULED);
statuses.remove(SubjectEventStatus.SCHEDULED);
}
// ### tbh, above modified 102007
request.setAttribute("statuses", statuses);
String action = fp.getString("action");
StudyEventDefinitionDAO seddao = new StudyEventDefinitionDAO(sm.getDataSource());
StudyEventDefinitionBean sed = (StudyEventDefinitionBean) seddao.findByPK(studyEvent.getStudyEventDefinitionId());
request.setAttribute(EVENT_DEFINITION_BEAN, sed);
if (action.equalsIgnoreCase("submit")) {
discNotes = (FormDiscrepancyNotes) session.getAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME);
DiscrepancyValidator v = new DiscrepancyValidator(request, discNotes);
SubjectEventStatus ses = SubjectEventStatus.get(fp.getInt(SUBJECT_EVENT_STATUS_ID));
studyEvent.setSubjectEventStatus(ses);
EventCRFDAO ecdao = new EventCRFDAO(sm.getDataSource());
ArrayList<EventCRFBean> eventCRFs = ecdao.findAllByStudyEvent(studyEvent);
if (ses.equals(SubjectEventStatus.SKIPPED) || ses.equals(SubjectEventStatus.STOPPED)) {
studyEvent.setStatus(Status.UNAVAILABLE);
for (int i = 0; i < eventCRFs.size(); i++) {
EventCRFBean ecb = eventCRFs.get(i);
ecb.setOldStatus(ecb.getStatus());
ecb.setStatus(Status.UNAVAILABLE);
ecb.setUpdater(ub);
ecb.setUpdatedDate(new Date());
ecdao.update(ecb);
}
} else {
for (int i = 0; i < eventCRFs.size(); i++) {
EventCRFBean ecb = eventCRFs.get(i);
ecb.setUpdater(ub);
ecb.setUpdatedDate(new Date());
ecdao.update(ecb);
}
}
// YW 3-12-2008, 2220 fix
String strEnd = fp.getDateTimeInputString(INPUT_ENDDATE_PREFIX);
String strEndScheduled = fp.getDateTimeInputString(INPUT_ENDDATE_PREFIX);
Date start = fp.getDateTime(INPUT_STARTDATE_PREFIX);
Date end = null;
v.addValidation(INPUT_STARTDATE_PREFIX, Validator.IS_DATE_TIME);
v.alwaysExecuteLastValidation(INPUT_STARTDATE_PREFIX);
if (!strEndScheduled.equals("")) {
v.addValidation(INPUT_ENDDATE_PREFIX, Validator.IS_DATE_TIME);
v.alwaysExecuteLastValidation(INPUT_ENDDATE_PREFIX);
}
// v.addValidation(INPUT_LOCATION, Validator.NO_BLANKS); Disable validation on location, location can be empty when updating a study event
HashMap errors = v.validate();
// YW, 3-12-2008, 2220 fix <<
if (!strEnd.equals("") && !errors.containsKey(INPUT_STARTDATE_PREFIX) && !errors.containsKey(INPUT_ENDDATE_PREFIX)) {
end = fp.getDateTime(INPUT_ENDDATE_PREFIX);
if (!fp.getString(INPUT_STARTDATE_PREFIX + "Date").equals(fp.getString(INPUT_ENDDATE_PREFIX + "Date"))) {
if (end.before(start)) {
v.addError(errors, INPUT_ENDDATE_PREFIX, resexception.getString("input_provided_not_occure_after_previous_start_date_time"));
}
} else {
// if in same date, only check when both had time entered
if (fp.timeEntered(INPUT_STARTDATE_PREFIX) && fp.timeEntered(INPUT_ENDDATE_PREFIX)) {
if (end.before(start) || end.equals(start)) {
v.addError(errors, INPUT_ENDDATE_PREFIX, resexception.getString("input_provided_not_occure_after_previous_start_date_time"));
}
}
}
}
if (!errors.isEmpty()) {
setInputMessages(errors);
String[] prefixes = { INPUT_STARTDATE_PREFIX, INPUT_ENDDATE_PREFIX };
fp.setCurrentDateTimeValuesAsPreset(prefixes);
setPresetValues(fp.getPresetValues());
studyEvent.setLocation(fp.getString(INPUT_LOCATION));
request.setAttribute("changeDate", fp.getString("changeDate"));
request.setAttribute(EVENT_BEAN, studyEvent);
forwardPage(Page.UPDATE_STUDY_EVENT);
} else if (studyEvent.getSubjectEventStatus().isSigned()) {
// Checks if the status is signed
// -----------------
request.setAttribute(STUDY_SUBJECT_ID, new Integer(studySubjectId).toString());
if (fp.getString(INPUT_STARTDATE_PREFIX + "Hour").equals("-1") && fp.getString(INPUT_STARTDATE_PREFIX + "Minute").equals("-1") && fp.getString(INPUT_STARTDATE_PREFIX + "Half").equals("")) {
studyEvent.setStartTimeFlag(false);
} else {
studyEvent.setStartTimeFlag(true);
}
studyEvent.setDateStarted(start);
if (!strEnd.equals("")) {
studyEvent.setDateEnded(end);
if (fp.getString(INPUT_ENDDATE_PREFIX + "Hour").equals("-1") && fp.getString(INPUT_ENDDATE_PREFIX + "Minute").equals("-1") && fp.getString(INPUT_ENDDATE_PREFIX + "Half").equals("")) {
studyEvent.setEndTimeFlag(false);
} else {
studyEvent.setEndTimeFlag(true);
}
} else {
// In case of empty value
studyEvent.setDateEnded(end);
}
studyEvent.setLocation(fp.getString(INPUT_LOCATION));
studyEvent.setStudyEventDefinition(sed);
// -------------------
ssdao = new StudySubjectDAO(sm.getDataSource());
StudySubjectBean ssb = (StudySubjectBean) ssdao.findByPK(studyEvent.getStudySubjectId());
ecdao = new EventCRFDAO(sm.getDataSource());
eventCRFs = ecdao.findAllByStudyEvent(studyEvent);
ArrayList<Boolean> doRuleSetsExist = new ArrayList<Boolean>();
RuleSetDAO ruleSetDao = new RuleSetDAO(sm.getDataSource());
StudyBean study = (StudyBean) sdao.findByPK(ssb.getStudyId());
ArrayList eventDefinitionCRFs = (ArrayList) edcdao.findAllActiveByEventDefinitionId(study, studyEvent.getStudyEventDefinitionId());
ArrayList uncompletedEventDefinitionCRFs = getUncompletedCRFs(eventDefinitionCRFs, eventCRFs);
populateUncompletedCRFsWithCRFAndVersions(uncompletedEventDefinitionCRFs);
ArrayList displayEventCRFs = ViewStudySubjectServlet.getDisplayEventCRFs(sm.getDataSource(), eventCRFs, eventDefinitionCRFs, ub, currentRole, studyEvent.getSubjectEventStatus(), study);
request.setAttribute("studySubject", ssb);
request.setAttribute("uncompletedEventDefinitionCRFs", uncompletedEventDefinitionCRFs);
request.setAttribute("displayEventCRFs", displayEventCRFs);
request.setAttribute(EVENT_BEAN, studyEvent);
session.setAttribute("eventSigned", studyEvent);
DiscrepancyNoteUtil discNoteUtil = new DiscrepancyNoteUtil();
DisplayStudyEventBean displayEvBean = new DisplayStudyEventBean();
List<DisplayStudyEventBean> displayEvents = new ArrayList<DisplayStudyEventBean>();
// Set up a Map for the JSP view, mapping the eventCRFId to
// another Map: the
// inner Map maps the resolution status name to the number of
// notes for that
// eventCRF id, as in New --> 2
displayEvBean.setStudyEvent(studyEvent);
displayEvents.add(displayEvBean);
// Don't filter for res status or disc note type; disc note
// beans are returned with eventCRFId set
discNoteUtil.injectParentDiscNotesIntoDisplayStudyEvents(displayEvents, new HashSet(), sm.getDataSource(), 0);
Map discNoteByEventCRFid = discNoteUtil.createDiscNoteMapByEventCRF(displayEvents);
request.setAttribute("discNoteByEventCRFid", discNoteByEventCRFid);
forwardPage(Page.UPDATE_STUDY_EVENT_SIGNED);
} else {
logger.debug("no validation error");
// YW 08-17-2007 << update start_time_flag column
if (fp.getString(INPUT_STARTDATE_PREFIX + "Hour").equals("-1") && fp.getString(INPUT_STARTDATE_PREFIX + "Minute").equals("-1") && fp.getString(INPUT_STARTDATE_PREFIX + "Half").equals("")) {
studyEvent.setStartTimeFlag(false);
} else {
studyEvent.setStartTimeFlag(true);
}
// YW >>
studyEvent.setDateStarted(start);
// YW, 3-12-2008, 2220 fix which adding End datetime <<
if (!strEnd.equals("")) {
studyEvent.setDateEnded(end);
if (fp.getString(INPUT_ENDDATE_PREFIX + "Hour").equals("-1") && fp.getString(INPUT_ENDDATE_PREFIX + "Minute").equals("-1") && fp.getString(INPUT_ENDDATE_PREFIX + "Half").equals("")) {
studyEvent.setEndTimeFlag(false);
} else {
studyEvent.setEndTimeFlag(true);
}
} else {
// In case of empty value
studyEvent.setDateEnded(end);
}
// YW >>
studyEvent.setLocation(fp.getString(INPUT_LOCATION));
logger.debug("update study event...");
studyEvent.setUpdater(ub);
studyEvent.setUpdatedDate(new Date());
StudyEventBean updatedStudyEvent = (StudyEventBean) sedao.update(studyEvent);
// save discrepancy notes into DB
FormDiscrepancyNotes fdn = (FormDiscrepancyNotes) session.getAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME);
DiscrepancyNoteDAO dndao = new DiscrepancyNoteDAO(sm.getDataSource());
AddNewSubjectServlet.saveFieldNotes(INPUT_LOCATION, fdn, dndao, studyEvent.getId(), "studyEvent", currentStudy);
AddNewSubjectServlet.saveFieldNotes(INPUT_STARTDATE_PREFIX, fdn, dndao, studyEvent.getId(), "studyEvent", currentStudy);
AddNewSubjectServlet.saveFieldNotes(INPUT_ENDDATE_PREFIX, fdn, dndao, studyEvent.getId(), "studyEvent", currentStudy);
// getRuleSetService().runRulesInBeanProperty(createRuleSet(ssub,sed),currentStudy,ub,request,ssub);
addPageMessage(respage.getString("study_event_updated"));
request.setAttribute("id", new Integer(studySubjectId).toString());
session.removeAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME);
forwardPage(Page.VIEW_STUDY_SUBJECT_SERVLET);
// FORWARD SHOULD BE TO THE NEW PAGE
}
} else if (action.equalsIgnoreCase("confirm")) {
// confirming the signed
// status
String username = request.getParameter("j_user");
String password = request.getParameter("j_pass");
// tring encodedUserPass = org.akaza.openclinica.core.SecurityManager.getInstance().encrytPassword(password);
SecurityManager securityManager = ((SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager"));
UserAccountBean ub = (UserAccountBean) session.getAttribute("userBean");
StudyEventBean seb = (StudyEventBean) session.getAttribute("eventSigned");
if (securityManager.verifyPassword(password, getUserDetails()) && ub.getName().equals(username)) {
seb.setUpdater(ub);
seb.setUpdatedDate(new Date());
sedao.update(seb);
// If all the StudyEvents become signed we will make the
// StudySubject signed as well
List studyEvents = sedao.findAllByStudySubject(ssub);
boolean allSigned = true;
for (Iterator iterator = studyEvents.iterator(); iterator.hasNext(); ) {
StudyEventBean temp = (StudyEventBean) iterator.next();
if (!temp.getSubjectEventStatus().equals(SubjectEventStatus.SIGNED)) {
allSigned = false;
break;
}
}
if (allSigned) {
logger.debug("Signing StudySubject [" + ssub.getSubjectId() + "]");
ssub.setStatus(Status.SIGNED);
ssub.setUpdater(ub);
ssdao.update(ssub);
}
// save discrepancy notes into DB
FormDiscrepancyNotes fdn = (FormDiscrepancyNotes) session.getAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME);
DiscrepancyNoteDAO dndao = new DiscrepancyNoteDAO(sm.getDataSource());
AddNewSubjectServlet.saveFieldNotes(INPUT_LOCATION, fdn, dndao, studyEvent.getId(), "studyEvent", currentStudy);
AddNewSubjectServlet.saveFieldNotes(INPUT_STARTDATE_PREFIX, fdn, dndao, studyEvent.getId(), "studyEvent", currentStudy);
AddNewSubjectServlet.saveFieldNotes(INPUT_ENDDATE_PREFIX, fdn, dndao, studyEvent.getId(), "studyEvent", currentStudy);
session.removeAttribute("eventSigned");
request.setAttribute("id", new Integer(studySubjectId).toString());
addPageMessage(respage.getString("study_event_updated"));
forwardPage(Page.VIEW_STUDY_SUBJECT_SERVLET);
} else {
request.setAttribute(STUDY_SUBJECT_ID, new Integer(studySubjectId).toString());
request.setAttribute("studyEvent", seb);
// -------------------
ssdao = new StudySubjectDAO(sm.getDataSource());
StudySubjectBean ssb = (StudySubjectBean) ssdao.findByPK(studyEvent.getStudySubjectId());
// prepare to figure out what the display should look like
EventCRFDAO ecdao = new EventCRFDAO(sm.getDataSource());
ArrayList<EventCRFBean> eventCRFs = ecdao.findAllByStudyEvent(studyEvent);
ArrayList<Boolean> doRuleSetsExist = new ArrayList<Boolean>();
RuleSetDAO ruleSetDao = new RuleSetDAO(sm.getDataSource());
StudyBean study = (StudyBean) sdao.findByPK(ssb.getStudyId());
ArrayList eventDefinitionCRFs = (ArrayList) edcdao.findAllActiveByEventDefinitionId(study, studyEvent.getStudyEventDefinitionId());
ArrayList uncompletedEventDefinitionCRFs = getUncompletedCRFs(eventDefinitionCRFs, eventCRFs);
populateUncompletedCRFsWithCRFAndVersions(uncompletedEventDefinitionCRFs);
ArrayList displayEventCRFs = ViewStudySubjectServlet.getDisplayEventCRFs(sm.getDataSource(), eventCRFs, eventDefinitionCRFs, ub, currentRole, studyEvent.getSubjectEventStatus(), study);
request.setAttribute("studySubject", ssb);
request.setAttribute("uncompletedEventDefinitionCRFs", uncompletedEventDefinitionCRFs);
request.setAttribute("displayEventCRFs", displayEventCRFs);
// ------------------
request.setAttribute("studyEvent", session.getAttribute("eventSigned"));
addPageMessage(restext.getString("password_match"));
forwardPage(Page.UPDATE_STUDY_EVENT_SIGNED);
}
} else {
logger.debug("no action, go to update page");
DiscrepancyNoteDAO discrepancyNoteDAO = new DiscrepancyNoteDAO(sm.getDataSource());
StudySubjectBean studySubjectBean = (StudySubjectBean) ssdao.findByPK(studyEvent.getStudySubjectId());
int studyId = studySubjectBean.getStudyId();
boolean subjectStudyIsCurrentStudy = studyId == currentStudy.getId();
boolean isParentStudy = studyBean.getParentStudyId() < 1;
ArrayList<DiscrepancyNoteBean> allNotesforSubjectAndEvent = new ArrayList<DiscrepancyNoteBean>();
if (subjectStudyIsCurrentStudy && isParentStudy) {
allNotesforSubjectAndEvent = discrepancyNoteDAO.findAllStudyEventByStudyAndId(currentStudy, studySubjectBean.getId());
} else {
// findAllStudyEventByStudiesAndSubjectId
if (!isParentStudy) {
StudyBean stParent = (StudyBean) sdao.findByPK(studyBean.getParentStudyId());
allNotesforSubjectAndEvent = discrepancyNoteDAO.findAllStudyEventByStudiesAndSubjectId(stParent, studyBean, studySubjectBean.getId());
} else {
allNotesforSubjectAndEvent = discrepancyNoteDAO.findAllStudyEventByStudiesAndSubjectId(currentStudy, studyBean, studySubjectBean.getId());
}
}
if (!allNotesforSubjectAndEvent.isEmpty()) {
setRequestAttributesForNotes(allNotesforSubjectAndEvent);
}
HashMap presetValues = new HashMap();
// YW 08-17-2007 <<
if (studyEvent.getStartTimeFlag() == true) {
Calendar c = new GregorianCalendar();
c.setTime(studyEvent.getDateStarted());
presetValues.put(INPUT_STARTDATE_PREFIX + "Hour", new Integer(c.get(Calendar.HOUR_OF_DAY)));
presetValues.put(INPUT_STARTDATE_PREFIX + "Minute", new Integer(c.get(Calendar.MINUTE)));
// necessary.
switch(c.get(Calendar.AM_PM)) {
case 0:
presetValues.put(INPUT_STARTDATE_PREFIX + "Half", "am");
break;
case 1:
presetValues.put(INPUT_STARTDATE_PREFIX + "Half", "pm");
break;
default:
presetValues.put(INPUT_STARTDATE_PREFIX + "Half", "");
break;
}
} else {
presetValues.put(INPUT_STARTDATE_PREFIX + "Hour", new Integer(-1));
presetValues.put(INPUT_STARTDATE_PREFIX + "Minute", new Integer(-1));
presetValues.put(INPUT_STARTDATE_PREFIX + "Half", "");
}
// YW >>
String dateValue = local_df.format(studyEvent.getDateStarted());
presetValues.put(INPUT_STARTDATE_PREFIX + "Date", dateValue);
// YW 3-12-2008, add end datetime for 2220 fix<<
presetValues.put(INPUT_ENDDATE_PREFIX + "Hour", new Integer(-1));
presetValues.put(INPUT_ENDDATE_PREFIX + "Minute", new Integer(-1));
presetValues.put(INPUT_ENDDATE_PREFIX + "Half", "");
if (studyEvent.getDateEnded() != null) {
if (studyEvent.getEndTimeFlag() == true) {
Calendar c = new GregorianCalendar();
c.setTime(studyEvent.getDateEnded());
presetValues.put(INPUT_ENDDATE_PREFIX + "Hour", new Integer(c.get(Calendar.HOUR_OF_DAY)));
presetValues.put(INPUT_ENDDATE_PREFIX + "Minute", new Integer(c.get(Calendar.MINUTE)));
// necessary.
switch(c.get(Calendar.AM_PM)) {
case 0:
presetValues.put(INPUT_ENDDATE_PREFIX + "Half", "am");
break;
case 1:
presetValues.put(INPUT_ENDDATE_PREFIX + "Half", "pm");
break;
default:
presetValues.put(INPUT_ENDDATE_PREFIX + "Half", "");
break;
}
}
presetValues.put(INPUT_ENDDATE_PREFIX + "Date", local_df.format(studyEvent.getDateEnded()));
}
// YW >>
setPresetValues(presetValues);
request.setAttribute("studyEvent", studyEvent);
request.setAttribute("studySubject", studySubjectBean);
discNotes = new FormDiscrepancyNotes();
session.setAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME, discNotes);
forwardPage(Page.UPDATE_STUDY_EVENT);
}
// else
}
Aggregations