Example 6 with SessionManager
use of org.akaza.openclinica.core.SessionManager in project OpenClinica by OpenClinica.
the class RequestAccountServlet method confirmAccount.
/**
*
* @param request
* @param response
*/
private void confirmAccount() throws Exception {
Validator v = new Validator(request);
v.addValidation("name", Validator.NO_BLANKS);
v.addValidation("firstName", Validator.NO_BLANKS);
v.addValidation("lastName", Validator.NO_BLANKS);
v.addValidation("email", Validator.IS_A_EMAIL);
v.addValidation("email2", Validator.CHECK_SAME, "email");
v.addValidation("institutionalAffiliation", Validator.NO_BLANKS);
v.addValidation("activeStudyId", Validator.IS_AN_INTEGER);
v.addValidation("activeStudyRole", Validator.IS_VALID_TERM, TermType.ROLE);
HashMap errors = v.validate();
FormProcessor fp = new FormProcessor(request);
UserAccountBean ubForm = getUserBean();
request.setAttribute("otherStudy", fp.getString("otherStudy"));
session.setAttribute("newUserBean", ubForm);
if (!errors.isEmpty()) {
logger.info("after processing form,error is not empty");
request.setAttribute("formMessages", errors);
forwardPage(Page.REQUEST_ACCOUNT);
} else {
logger.info("after processing form,no errors");
sm = new SessionManager(null, ubForm.getName());
// see whether this user already in the DB
UserAccountBean ubDB = sm.getUserBean();
if (StringUtil.isBlank(ubDB.getName())) {
StudyDAO sdao = new StudyDAO(sm.getDataSource());
StudyBean study = (StudyBean) sdao.findByPK(ubForm.getActiveStudyId());
String studyName = study.getName();
request.setAttribute("studyName", studyName);
forwardPage(Page.REQUEST_ACCOUNT_CONFIRM);
} else {
addPageMessage(respage.getString("your_user_name_used_by_other_try_another"));
forwardPage(Page.REQUEST_ACCOUNT);
}
}
}
Also used :
HashMap(java.util.HashMap)
FormProcessor(org.akaza.openclinica.control.form.FormProcessor)
SessionManager(org.akaza.openclinica.core.SessionManager)
StudyBean(org.akaza.openclinica.bean.managestudy.StudyBean)
UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean)
StudyDAO(org.akaza.openclinica.dao.managestudy.StudyDAO)
Validator(org.akaza.openclinica.control.form.Validator)
Example 7 with SessionManager
use of org.akaza.openclinica.core.SessionManager in project OpenClinica by OpenClinica.
the class RequestPasswordServlet method confirmPassword.
/**
*
* @param request
* @param response
*/
private void confirmPassword() throws Exception {
Validator v = new Validator(request);
FormProcessor fp = new FormProcessor(request);
v.addValidation("name", Validator.NO_BLANKS);
v.addValidation("email", Validator.IS_A_EMAIL);
v.addValidation("passwdChallengeQuestion", Validator.NO_BLANKS);
v.addValidation("passwdChallengeAnswer", Validator.NO_BLANKS);
errors = v.validate();
// user bean from web
UserAccountBean ubForm = new UserAccountBean();
// form
ubForm.setName(fp.getString("name"));
ubForm.setEmail(fp.getString("email"));
ubForm.setPasswdChallengeQuestion(fp.getString("passwdChallengeQuestion"));
ubForm.setPasswdChallengeAnswer(fp.getString("passwdChallengeAnswer"));
sm = new SessionManager(null, ubForm.getName(), SpringServletAccess.getApplicationContext(context));
UserAccountDAO uDAO = new UserAccountDAO(sm.getDataSource());
// see whether this user in the DB
UserAccountBean ubDB = (UserAccountBean) uDAO.findByUserName(ubForm.getName());
UserAccountBean updater = ubDB;
request.setAttribute("userBean1", ubForm);
if (!errors.isEmpty()) {
logger.info("after processing form,has errors");
request.setAttribute("formMessages", errors);
forwardPage(Page.REQUEST_PWD);
} else {
logger.info("after processing form,no errors");
// whether this user's email is in the DB
if (ubDB.getEmail() != null && ubDB.getEmail().equalsIgnoreCase(ubForm.getEmail())) {
logger.info("ubDB.getPasswdChallengeQuestion()" + ubDB.getPasswdChallengeQuestion());
logger.info("ubForm.getPasswdChallengeQuestion()" + ubForm.getPasswdChallengeQuestion());
logger.info("ubDB.getPasswdChallengeAnswer()" + ubDB.getPasswdChallengeAnswer());
logger.info("ubForm.getPasswdChallengeAnswer()" + ubForm.getPasswdChallengeAnswer());
// if this user's password challenge can be verified
if (ubDB.getPasswdChallengeQuestion().equals(ubForm.getPasswdChallengeQuestion()) && ubDB.getPasswdChallengeAnswer().equalsIgnoreCase(ubForm.getPasswdChallengeAnswer())) {
SecurityManager sm = ((SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager"));
String newPass = sm.genPassword();
OpenClinicaJdbcService ocService = ((OpenClinicaJdbcService) SpringServletAccess.getApplicationContext(context).getBean("ocUserDetailsService"));
String newDigestPass = sm.encrytPassword(newPass, ocService.loadUserByUsername(ubForm.getName()));
ubDB.setPasswd(newDigestPass);
// passwdtimestamp should be null ,fix
// PrepareStatementFactory
Calendar cal = Calendar.getInstance();
//Date date = local_df.parse("01/01/1900");
//cal.setTime(date);
//ubDB.setPasswdTimestamp(cal.getTime());
ubDB.setPasswdTimestamp(null);
ubDB.setUpdater(updater);
ubDB.setLastVisitDate(new Date());
logger.info("user bean to be updated:" + ubDB.getId() + ubDB.getName() + ubDB.getActiveStudyId());
uDAO.update(ubDB);
sendPassword(newPass, ubDB);
} else {
addPageMessage(respage.getString("your_password_not_verified_try_again"));
forwardPage(Page.REQUEST_PWD);
}
} else {
addPageMessage(respage.getString("your_email_address_not_found_try_again"));
forwardPage(Page.REQUEST_PWD);
}
}
}
Also used :
SecurityManager(org.akaza.openclinica.core.SecurityManager)
FormProcessor(org.akaza.openclinica.control.form.FormProcessor)
SessionManager(org.akaza.openclinica.core.SessionManager)
Calendar(java.util.Calendar)
UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean)
UserAccountDAO(org.akaza.openclinica.dao.login.UserAccountDAO)
Validator(org.akaza.openclinica.control.form.Validator)
OpenClinicaJdbcService(org.akaza.openclinica.web.filter.OpenClinicaJdbcService)
Date(java.util.Date)
Example 8 with SessionManager
use of org.akaza.openclinica.core.SessionManager in project OpenClinica by OpenClinica.
the class DataEntryServlet method init.
@Override
public void init(ServletConfig config) throws ServletException {
super.init(config);
try {
ServletContext context = getServletContext();
SessionManager sm = new SessionManager(SpringServletAccess.getApplicationContext(context));
dataSource = sm.getDataSource();
} catch (Exception ne) {
ne.printStackTrace();
}
}
Also used :
SessionManager(org.akaza.openclinica.core.SessionManager)
ServletContext(javax.servlet.ServletContext)
InconsistentStateException(org.akaza.openclinica.web.InconsistentStateException)
ServletException(javax.servlet.ServletException)
OpenClinicaException(org.akaza.openclinica.exception.OpenClinicaException)
InsufficientPermissionException(org.akaza.openclinica.web.InsufficientPermissionException)
Example 9 with SessionManager
use of org.akaza.openclinica.core.SessionManager in project OpenClinica by OpenClinica.
the class CoreSecureController method process.
private void process(HttpServletRequest request, HttpServletResponse response) throws OpenClinicaException, UnsupportedEncodingException {
request.setCharacterEncoding("UTF-8");
response.setHeader("Content-Encoding", "gzip");
HttpSession session = request.getSession();
// BWP >> 1/8/2008
try {
// YW 10-03-2007 <<
session.setMaxInactiveInterval(Integer.parseInt(SQLInitServlet.getField("max_inactive_interval")));
// YW >>
} catch (NumberFormatException nfe) {
// BWP>>3600 is the datainfo.properties maxInactiveInterval on
// 1/8/2008
session.setMaxInactiveInterval(3600);
}
// If the session already has a value with key SUPPORT_URL don't reset
if (session.getAttribute(SUPPORT_URL) == null) {
session.setAttribute(SUPPORT_URL, SQLInitServlet.getSupportURL());
}
UserAccountBean ub = (UserAccountBean) session.getAttribute(USER_BEAN_NAME);
StudyBean currentStudy = (StudyBean) session.getAttribute("study");
StudyUserRoleBean currentRole = (StudyUserRoleBean) session.getAttribute("userRole");
// Set current language preferences
Locale locale = LocaleResolver.getLocale(request);
ResourceBundleProvider.updateLocale(locale);
resadmin = ResourceBundleProvider.getAdminBundle(locale);
resaudit = ResourceBundleProvider.getAuditEventsBundle(locale);
resexception = ResourceBundleProvider.getExceptionsBundle(locale);
resformat = ResourceBundleProvider.getFormatBundle(locale);
restext = ResourceBundleProvider.getTextsBundle(locale);
resterm = ResourceBundleProvider.getTermsBundle(locale);
resword = ResourceBundleProvider.getWordsBundle(locale);
respage = ResourceBundleProvider.getPageMessagesBundle(locale);
resworkflow = ResourceBundleProvider.getWorkflowBundle(locale);
try {
String userName = request.getRemoteUser();
ServletContext context = getServletContext();
// BWP 1/8/08<< the sm variable may already be set with a mock
// object,
// from the perspective of
// JUnit servlets tests
/*
* if(sm==null && (!StringUtil.isBlank(userName))) {//check if user
* logged in, then create a new sessionmanger to get ub //create a
* new sm in order to get a new ub object sm = new
* SessionManager(ub, userName); }
*/
// BWP 01/08 >>
// sm = new SessionManager(ub, userName);
SessionManager sm = new SessionManager(ub, userName, SpringServletAccess.getApplicationContext(context));
ub = sm.getUserBean();
request.getSession().setAttribute("sm", sm);
session.setAttribute("userBean", ub);
StudyDAO sdao = new StudyDAO(getDataSource());
if (currentStudy == null || currentStudy.getId() <= 0) {
if (ub.getId() > 0 && ub.getActiveStudyId() > 0) {
StudyParameterValueDAO spvdao = new StudyParameterValueDAO(getDataSource());
currentStudy = (StudyBean) sdao.findByPK(ub.getActiveStudyId());
ArrayList studyParameters = spvdao.findParamConfigByStudy(currentStudy);
currentStudy.setStudyParameters(studyParameters);
StudyConfigService scs = new StudyConfigService(getDataSource());
if (currentStudy.getParentStudyId() <= 0) {
// top study
scs.setParametersForStudy(currentStudy);
} else {
// YW <<
currentStudy.setParentStudyName(((StudyBean) sdao.findByPK(currentStudy.getParentStudyId())).getName());
// YW >>
scs.setParametersForSite(currentStudy);
}
// set up the panel here, tbh
panel.reset();
/*
* panel.setData("Study", currentStudy.getName());
* panel.setData("Summary", currentStudy.getSummary());
* panel.setData("Start Date",
* sdf.format(currentStudy.getDatePlannedStart()));
* panel.setData("End Date",
* sdf.format(currentStudy.getDatePlannedEnd()));
* panel.setData("Principal Investigator",
* currentStudy.getPrincipalInvestigator());
*/
session.setAttribute(STUDY_INFO_PANEL, panel);
} else {
currentStudy = new StudyBean();
}
// The above line is moved here since currentstudy's value is set in else block and could change
session.setAttribute("study", currentStudy);
} else if (currentStudy.getId() > 0) {
// restored
if (currentStudy.getParentStudyId() > 0) {
currentStudy.setParentStudyName(((StudyBean) sdao.findByPK(currentStudy.getParentStudyId())).getName());
}
// YW >>
}
if (currentStudy.getParentStudyId() > 0) {
/*
* The Role decription will be set depending on whether the user
* logged in at study lever or site level. issue-2422
*/
List roles = Role.toArrayList();
for (Iterator it = roles.iterator(); it.hasNext(); ) {
Role role = (Role) it.next();
switch(role.getId()) {
case 2:
role.setDescription("site_Study_Coordinator");
break;
case 3:
role.setDescription("site_Study_Director");
break;
case 4:
role.setDescription("site_investigator");
break;
case 5:
role.setDescription("site_Data_Entry_Person");
break;
case 6:
role.setDescription("site_monitor");
break;
case 7:
role.setDescription("site_Data_Entry_Person2");
break;
default:
}
}
} else {
/*
* If the current study is a site, we will change the role
* description. issue-2422
*/
List roles = Role.toArrayList();
for (Iterator it = roles.iterator(); it.hasNext(); ) {
Role role = (Role) it.next();
switch(role.getId()) {
case 2:
role.setDescription("Study_Coordinator");
break;
case 3:
role.setDescription("Study_Director");
break;
case 4:
role.setDescription("Investigator");
break;
case 5:
role.setDescription("Data_Entry_Person");
break;
case 6:
role.setDescription("Monitor");
break;
default:
}
}
}
if (currentRole == null || currentRole.getId() <= 0) {
// kept as "invalid" -- YW 06-21-2007
if (ub.getId() > 0 && currentStudy.getId() > 0 && !currentStudy.getStatus().getName().equals("removed")) {
currentRole = ub.getRoleByStudy(currentStudy.getId());
if (currentStudy.getParentStudyId() > 0) {
// Checking if currentStudy has been removed or not will
// ge good enough -- YW 10-17-2007
StudyUserRoleBean roleInParent = ub.getRoleByStudy(currentStudy.getParentStudyId());
// inherited role from parent study, pick the higher
// role
currentRole.setRole(Role.max(currentRole.getRole(), roleInParent.getRole()));
}
// logger.info("currentRole:" + currentRole.getRoleName());
} else {
currentRole = new StudyUserRoleBean();
}
session.setAttribute("userRole", currentRole);
} else // active study has been removed.
if (currentRole.getId() > 0 && (currentStudy.getStatus().equals(Status.DELETED) || currentStudy.getStatus().equals(Status.AUTO_DELETED))) {
currentRole.setRole(Role.INVALID);
currentRole.setStatus(Status.DELETED);
session.setAttribute("userRole", currentRole);
}
// YW 06-19-2007 >>
request.setAttribute("isAdminServlet", getAdminServlet());
// logger.info(rq_names);
if (!request.getRequestURI().endsWith("ResetPassword")) {
passwdTimeOut(request, response, ub);
}
mayProceed(request, response);
// pingJobServer(request);
processRequest(request, response);
} catch (InconsistentStateException ise) {
ise.printStackTrace();
LOGGER.warn("InconsistentStateException: org.akaza.openclinica.control.CoreSecureController: ", ise);
unlockCRFOnError(request);
addPageMessage(ise.getOpenClinicaMessage(), request);
forwardPage(ise.getGoTo(), request, response);
} catch (InsufficientPermissionException ipe) {
ipe.printStackTrace();
LOGGER.warn("InsufficientPermissionException: org.akaza.openclinica.control.CoreSecureController: ", ipe);
unlockCRFOnError(request);
// addPageMessage(ipe.getOpenClinicaMessage());
forwardPage(ipe.getGoTo(), request, response);
} catch (Exception e) {
LOGGER.error("Error processing request", e);
unlockCRFOnError(request);
forwardPage(Page.ERROR, request, response);
}
}
Also used :
Locale(java.util.Locale)
HttpSession(javax.servlet.http.HttpSession)
SessionManager(org.akaza.openclinica.core.SessionManager)
StudyBean(org.akaza.openclinica.bean.managestudy.StudyBean)
StudyUserRoleBean(org.akaza.openclinica.bean.login.StudyUserRoleBean)
ArrayList(java.util.ArrayList)
InsufficientPermissionException(org.akaza.openclinica.web.InsufficientPermissionException)
InconsistentStateException(org.akaza.openclinica.web.InconsistentStateException)
ServletException(javax.servlet.ServletException)
OpenClinicaException(org.akaza.openclinica.exception.OpenClinicaException)
MessagingException(javax.mail.MessagingException)
MailException(org.springframework.mail.MailException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
InconsistentStateException(org.akaza.openclinica.web.InconsistentStateException)
InsufficientPermissionException(org.akaza.openclinica.web.InsufficientPermissionException)
SchedulerException(org.quartz.SchedulerException)
IOException(java.io.IOException)
Role(org.akaza.openclinica.bean.core.Role)
StudyConfigService(org.akaza.openclinica.dao.service.StudyConfigService)
UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean)
Iterator(java.util.Iterator)
ServletContext(javax.servlet.ServletContext)
List(java.util.List)
ArrayList(java.util.ArrayList)
StudyParameterValueDAO(org.akaza.openclinica.dao.service.StudyParameterValueDAO)
StudyDAO(org.akaza.openclinica.dao.managestudy.StudyDAO)
Aggregations
SessionManager (org.akaza.openclinica.core.SessionManager)9
StudyBean (org.akaza.openclinica.bean.managestudy.StudyBean)6
ArrayList (java.util.ArrayList)5
FormProcessor (org.akaza.openclinica.control.form.FormProcessor)5
StudyDAO (org.akaza.openclinica.dao.managestudy.StudyDAO)5
Iterator (java.util.Iterator)4
InconsistentStateException (org.akaza.openclinica.web.InconsistentStateException)4
List (java.util.List)3
Locale (java.util.Locale)3
ServletContext (javax.servlet.ServletContext)3
ServletException (javax.servlet.ServletException)3
HttpSession (javax.servlet.http.HttpSession)3
StudyUserRoleBean (org.akaza.openclinica.bean.login.StudyUserRoleBean)3
UserAccountBean (org.akaza.openclinica.bean.login.UserAccountBean)3
EventDefinitionCRFBean (org.akaza.openclinica.bean.managestudy.EventDefinitionCRFBean)3
CRFVersionBean (org.akaza.openclinica.bean.submit.CRFVersionBean)3
DisplayItemGroupBean (org.akaza.openclinica.bean.submit.DisplayItemGroupBean)3
DisplaySectionBean (org.akaza.openclinica.bean.submit.DisplaySectionBean)3
EventCRFBean (org.akaza.openclinica.bean.submit.EventCRFBean)3
SectionBean (org.akaza.openclinica.bean.submit.SectionBean)3
