Search in sources :

Example 21 with APIException

use of org.openmrs.api.APIException in project openmrs-core by openmrs.

the class ProgramWorkflowServiceImpl method triggerStateConversion.

/**
 * @see org.openmrs.api.ProgramWorkflowService#triggerStateConversion(org.openmrs.Patient,
 *      org.openmrs.Concept, java.util.Date)
 */
public void triggerStateConversion(Patient patient, Concept trigger, Date dateConverted) {
    // Check input parameters
    if (patient == null) {
        throw new APIException("convert.state.invalid.patient", (Object[]) null);
    }
    if (trigger == null) {
        throw new APIException("convert.state.patient.without.valid.trigger", (Object[]) null);
    }
    if (dateConverted == null) {
        throw new APIException("convert.state.invalid.date", (Object[]) null);
    }
    for (PatientProgram patientProgram : getPatientPrograms(patient, null, null, null, null, null, false)) {
        // skip past patient programs that already completed
        if (patientProgram.getDateCompleted() == null) {
            Set<ProgramWorkflow> workflows = patientProgram.getProgram().getWorkflows();
            for (ProgramWorkflow workflow : workflows) {
                // (getWorkflows() is only returning over nonretired workflows)
                PatientState patientState = patientProgram.getCurrentState(workflow);
                // #1080 cannot exit patient from care
                // Should allow a transition from a null state to a terminal state
                // Or we should require a user to ALWAYS add an initial workflow/state when a patient is added to a program
                ProgramWorkflowState currentState = (patientState != null) ? patientState.getState() : null;
                ProgramWorkflowState transitionState = workflow.getState(trigger);
                log.debug("Transitioning from current state [" + currentState + "]");
                log.debug("|---> Transitioning to final state [" + transitionState + "]");
                if (transitionState != null && workflow.isLegalTransition(currentState, transitionState)) {
                    patientProgram.transitionToState(transitionState, dateConverted);
                    log.debug("State Conversion Triggered: patientProgram=" + patientProgram + " transition from " + currentState + " to " + transitionState + " on " + dateConverted);
                }
            }
            // #1068 - Exiting a patient from care causes "not-null property references
            // a null or transient value: org.openmrs.PatientState.dateCreated". Explicitly
            // calling the savePatientProgram() method will populate the metadata properties.
            // 
            // #1067 - We should explicitly save the patient program rather than let
            // Hibernate do so when it flushes the session.
            Context.getProgramWorkflowService().savePatientProgram(patientProgram);
        }
    }
}
Also used : ProgramWorkflow(org.openmrs.ProgramWorkflow) APIException(org.openmrs.api.APIException) ProgramWorkflowState(org.openmrs.ProgramWorkflowState) PatientProgram(org.openmrs.PatientProgram) PatientState(org.openmrs.PatientState)

Example 22 with APIException

use of org.openmrs.api.APIException in project openmrs-core by openmrs.

the class OpenmrsUtil method validatePassword.

/**
 * Utility to check the validity of a password for a certain {@link User}. Passwords must be
 * non-null. Their required strength is configured via global properties:
 * <table summary="Configuration props">
 * <tr>
 * <th>Description</th>
 * <th>Property</th>
 * <th>Default Value</th>
 * </tr>
 * <tr>
 * <th>Require that it not match the {@link User}'s username or system id
 * <th>{@link OpenmrsConstants#GP_PASSWORD_CANNOT_MATCH_USERNAME_OR_SYSTEMID}</th>
 * <th>true</th>
 * </tr>
 * <tr>
 * <th>Require a minimum length
 * <th>{@link OpenmrsConstants#GP_PASSWORD_MINIMUM_LENGTH}</th>
 * <th>8</th>
 * </tr>
 * <tr>
 * <th>Require both an upper and lower case character
 * <th>{@link OpenmrsConstants#GP_PASSWORD_REQUIRES_UPPER_AND_LOWER_CASE}</th>
 * <th>true</th>
 * </tr>
 * <tr>
 * <th>Require at least one numeric character
 * <th>{@link OpenmrsConstants#GP_PASSWORD_REQUIRES_DIGIT}</th>
 * <th>true</th>
 * </tr>
 * <tr>
 * <th>Require at least one non-numeric character
 * <th>{@link OpenmrsConstants#GP_PASSWORD_REQUIRES_NON_DIGIT}</th>
 * <th>true</th>
 * </tr>
 * <tr>
 * <th>Require a match on the specified regular expression
 * <th>{@link OpenmrsConstants#GP_PASSWORD_CUSTOM_REGEX}</th>
 * <th>null</th>
 * </tr>
 * </table>
 *
 * @param username user name of the user with password to validated
 * @param password string that will be validated
 * @param systemId system id of the user with password to be validated
 * @throws PasswordException
 * @since 1.5
 * @should fail with short password by default
 * @should fail with short password if not allowed
 * @should pass with short password if allowed
 * @should fail with digit only password by default
 * @should fail with digit only password if not allowed
 * @should pass with digit only password if allowed
 * @should fail with char only password by default
 * @should fail with char only password if not allowed
 * @should pass with char only password if allowed
 * @should fail without both upper and lower case password by default
 * @should fail without both upper and lower case password if not allowed
 * @should pass without both upper and lower case password if allowed
 * @should fail with password equals to user name by default
 * @should fail with password equals to user name if not allowed
 * @should pass with password equals to user name if allowed
 * @should fail with password equals to system id by default
 * @should fail with password equals to system id if not allowed
 * @should pass with password equals to system id if allowed
 * @should fail with password not matching configured regex
 * @should pass with password matching configured regex
 * @should allow password to contain non alphanumeric characters
 * @should allow password to contain white spaces
 * @should still work without an open session
 */
public static void validatePassword(String username, String password, String systemId) throws PasswordException {
    // default values for all of the global properties
    String userGp = "true";
    String lengthGp = "8";
    String caseGp = "true";
    String digitGp = "true";
    String nonDigitGp = "true";
    String regexGp = null;
    AdministrationService svc = null;
    try {
        svc = Context.getAdministrationService();
    } catch (APIException apiEx) {
        // if a service isn't available, fail quietly and just do the
        // defaults
        log.debug("Unable to get global properties", apiEx);
    }
    if (svc != null && Context.isSessionOpen()) {
        // (the session won't be open here to allow for the unit test to
        // fake not having the admin service available)
        userGp = svc.getGlobalProperty(OpenmrsConstants.GP_PASSWORD_CANNOT_MATCH_USERNAME_OR_SYSTEMID, userGp);
        lengthGp = svc.getGlobalProperty(OpenmrsConstants.GP_PASSWORD_MINIMUM_LENGTH, lengthGp);
        caseGp = svc.getGlobalProperty(OpenmrsConstants.GP_PASSWORD_REQUIRES_UPPER_AND_LOWER_CASE, caseGp);
        digitGp = svc.getGlobalProperty(OpenmrsConstants.GP_PASSWORD_REQUIRES_DIGIT, digitGp);
        nonDigitGp = svc.getGlobalProperty(OpenmrsConstants.GP_PASSWORD_REQUIRES_NON_DIGIT, nonDigitGp);
        regexGp = svc.getGlobalProperty(OpenmrsConstants.GP_PASSWORD_CUSTOM_REGEX, regexGp);
    }
    if (password == null) {
        throw new WeakPasswordException();
    }
    if ("true".equals(userGp) && (password.equals(username) || password.equals(systemId))) {
        throw new WeakPasswordException();
    }
    if (StringUtils.isNotEmpty(lengthGp)) {
        try {
            int minLength = Integer.parseInt(lengthGp);
            if (password.length() < minLength) {
                throw new ShortPasswordException(getMessage("error.password.length", lengthGp));
            }
        } catch (NumberFormatException nfe) {
            log.warn("Error in global property <" + OpenmrsConstants.GP_PASSWORD_MINIMUM_LENGTH + "> must be an Integer");
        }
    }
    if ("true".equals(caseGp) && !containsUpperAndLowerCase(password)) {
        throw new InvalidCharactersPasswordException(getMessage("error.password.requireMixedCase"));
    }
    if ("true".equals(digitGp) && !containsDigit(password)) {
        throw new InvalidCharactersPasswordException(getMessage("error.password.requireNumber"));
    }
    if ("true".equals(nonDigitGp) && containsOnlyDigits(password)) {
        throw new InvalidCharactersPasswordException(getMessage("error.password.requireLetter"));
    }
    if (StringUtils.isNotEmpty(regexGp)) {
        try {
            Pattern pattern = Pattern.compile(regexGp);
            Matcher matcher = pattern.matcher(password);
            if (!matcher.matches()) {
                throw new InvalidCharactersPasswordException(getMessage("error.password.different"));
            }
        } catch (PatternSyntaxException pse) {
            log.warn("Invalid regex of " + regexGp + " defined in global property <" + OpenmrsConstants.GP_PASSWORD_CUSTOM_REGEX + ">.");
        }
    }
}
Also used : Pattern(java.util.regex.Pattern) ShortPasswordException(org.openmrs.api.ShortPasswordException) APIException(org.openmrs.api.APIException) AdministrationService(org.openmrs.api.AdministrationService) Matcher(java.util.regex.Matcher) InvalidCharactersPasswordException(org.openmrs.api.InvalidCharactersPasswordException) WeakPasswordException(org.openmrs.api.WeakPasswordException) PatternSyntaxException(java.util.regex.PatternSyntaxException)

Example 23 with APIException

use of org.openmrs.api.APIException in project openmrs-core by openmrs.

the class Security method encodeStringSHA1.

/**
 * This method will hash <code>strToEncode</code> using the old SHA-1 algorithm.
 *
 * @param strToEncode string to encode
 * @return the SHA-1 encryption of a given string
 */
private static String encodeStringSHA1(String strToEncode) throws APIException {
    String algorithm = "SHA1";
    MessageDigest md;
    byte[] input;
    try {
        md = MessageDigest.getInstance(algorithm);
        input = strToEncode.getBytes(StandardCharsets.UTF_8);
    } catch (NoSuchAlgorithmException e) {
        // Yikes! Can't encode password...what to do?
        log.error(getPasswordEncodeFailMessage(algorithm), e);
        throw new APIException("system.cannot.find.encryption.algorithm", null, e);
    }
    return hexString(md.digest(input));
}
Also used : APIException(org.openmrs.api.APIException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) MessageDigest(java.security.MessageDigest)

Example 24 with APIException

use of org.openmrs.api.APIException in project openmrs-core by openmrs.

the class Security method generateNewSecretKey.

/**
 * generate a new secret key; should only be called once in order to not invalidate all
 * encrypted data
 *
 * @return generated secret key byte array
 * @since 1.9
 */
public static byte[] generateNewSecretKey() {
    // Get the KeyGenerator
    KeyGenerator kgen;
    try {
        kgen = KeyGenerator.getInstance(OpenmrsConstants.ENCRYPTION_KEY_SPEC);
    } catch (NoSuchAlgorithmException e) {
        throw new APIException("could.not.generate.cipher.key", null, e);
    }
    // 192 and 256 bits may not be available
    kgen.init(128);
    // Generate the secret key specs.
    SecretKey skey = kgen.generateKey();
    return skey.getEncoded();
}
Also used : SecretKey(javax.crypto.SecretKey) APIException(org.openmrs.api.APIException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyGenerator(javax.crypto.KeyGenerator)

Example 25 with APIException

use of org.openmrs.api.APIException in project openmrs-core by openmrs.

the class UpgradeUtil method getConceptIdForUnits.

/**
 * Returns conceptId for the given units from DatabaseUtil#ORDER_ENTRY_UPGRADE_SETTINGS_FILENAME
 * located in application data directory.
 *
 * @param units
 * @return conceptId
 * @should return concept_id for units
 * @should fail if units is not specified
 */
public static Integer getConceptIdForUnits(String units) {
    String appDataDir = OpenmrsUtil.getApplicationDataDirectory();
    Properties props = new Properties();
    String conceptId = null;
    String filePath = appDataDir + System.getProperty("file.separator") + DatabaseUtil.ORDER_ENTRY_UPGRADE_SETTINGS_FILENAME;
    try (FileInputStream fis = new FileInputStream(filePath)) {
        props.load(fis);
        for (Map.Entry prop : props.entrySet()) {
            if (prop.getKey().equals(units)) {
                conceptId = prop.getValue().toString();
                return Integer.valueOf(conceptId);
            }
        }
    } catch (NumberFormatException e) {
        throw new APIException("Your order entry upgrade settings file" + "contains invalid mapping from " + units + " to concept ID " + conceptId + ". ID must be an integer or null. Please refer to upgrade instructions for more details. https://wiki.openmrs.org/x/OALpAw Cause:" + e.getMessage());
    } catch (IOException e) {
        if (e instanceof FileNotFoundException) {
            throw new APIException("Unable to find file named order_entry_upgrade_settings.txt containing order entry upgrade settings in your " + "application data directory: " + appDataDir + "\nPlease refer to upgrade instructions for more details. https://wiki.openmrs.org/x/OALpAw Cause:" + e.getMessage());
        } else {
            throw new APIException(e);
        }
    }
    throw new APIException("Your order entry upgrade settings file" + " does not have mapping for " + units + ". Please refer to upgrade instructions for more details. https://wiki.openmrs.org/x/OALpAw");
}
Also used : APIException(org.openmrs.api.APIException) FileNotFoundException(java.io.FileNotFoundException) IOException(java.io.IOException) Properties(java.util.Properties) Map(java.util.Map) FileInputStream(java.io.FileInputStream)

Aggregations

APIException (org.openmrs.api.APIException)84 IOException (java.io.IOException)10 ArrayList (java.util.ArrayList)10 Date (java.util.Date)10 File (java.io.File)9 Obs (org.openmrs.Obs)7 List (java.util.List)6 Map (java.util.Map)6 FileInputStream (java.io.FileInputStream)5 FileOutputStream (java.io.FileOutputStream)5 Concept (org.openmrs.Concept)5 OpenmrsObject (org.openmrs.OpenmrsObject)5 User (org.openmrs.User)5 InputStream (java.io.InputStream)4 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4 Order (org.openmrs.Order)4 FileNotFoundException (java.io.FileNotFoundException)3 OutputStreamWriter (java.io.OutputStreamWriter)3 MessageDigest (java.security.MessageDigest)3 HashMap (java.util.HashMap)3