List of usage examples for javax.servlet.http HttpServletResponse encodeRedirectUrl
@Deprecated
public String encodeRedirectUrl(String url);
From source file:org.josso.servlet.agent.JossoFilter.java
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest hreq = (HttpServletRequest) request; HttpServletResponse hres = (HttpServletResponse) response; debug = 1;//from w w w. ja v a 2s . c o m if (debug == 1) log.debug("Processing : " + hreq.getContextPath()); try { // ------------------------------------------------------------------ // Check with the agent if this context should be processed. // ------------------------------------------------------------------ String contextPath = hreq.getContextPath(); String vhost = hreq.getServerName(); //_agent.setCatalinaContainer(container); // In catalina, the empty context is considered the root context if ("".equals(contextPath)) contextPath = "/"; // T1 si l'appli n'est pas partenaire alors pas de SSO on continue if (!_agent.isPartnerApp(vhost, contextPath)) { filterChain.doFilter(hreq, hres); logg("T1 Context is not a josso partner app : " + hreq.getContextPath()); hres.sendError(hres.SC_UNAUTHORIZED, "vrifier config agent ajouter le contexte"); return; } else { logg("T1 Context IS a josso partner app =" + hreq.getContextPath()); } //T2 // ------------------------------------------------------------------ // Check some basic HTTP handling // ------------------------------------------------------------------ // P3P Header for IE 6+ compatibility when embedding JOSSO in a IFRAME SSOPartnerAppConfig cfg = _agent.getPartnerAppConfig(vhost, contextPath); if (cfg.isSendP3PHeader() && !hres.isCommitted()) { hres.setHeader("P3P", cfg.getP3PHeaderValue()); } //T9 // ------------------------------------------------------------------ // Check if this URI is subject to SSO protection // ------------------------------------------------------------------ if (_agent.isResourceIgnored(cfg, hreq)) { logg("T9 ressource non ssois (accs libre)"); filterChain.doFilter(hreq, hres); return; } // Get our session ... HttpSession session = hreq.getSession(true); testCookieSession(hreq); //TA1 pas de cookie et on trouve la page de login attendue dans la dclaration du contexte agent logg("TA1 uri=" + hreq.getRequestURI() + " se termine par " + cfg.getLoginPage() + " rep=" + hreq.getRequestURI().endsWith(cfg.getLoginPage()) + " test cookie=" + testCookie2Session(hreq, session.getId())); if (!testCookie2Session(hreq, session.getId()) && hreq.getRequestURI().endsWith(cfg.getLoginPage())) { logg("TA1 on demande l'authentification locale on switche vers Josso"); Cookie gato = newJossoCookie2(hreq.getContextPath(), session.getId(), COOKIE_LOGIN); hres.addCookie(gato); String loginUrl = _agent.buildLoginUrl(hreq); hres.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); //response.setHeader("Location", jeVeux); hres.sendRedirect(loginUrl); return; } //T3 on revient aprs authentification russie et pour finalisation if (_agent.isSSOIDloged(jossoSessionId)) { iBoucle++; logg("T3 Info retour authentifi pour " + jossoSessionId + " faire retour vers " + theOriginal); SSOAgentRequest r = doMakeSSOAgentRequest(SSOAgentRequest.ACTION_ESTABLISH_SECURITY_CONTEXT, jossoSessionId, localSession, null, hreq, hres); SingleSignOnEntry entry = _agent.processRequest(r); if (debug == 1) log.debug("Executed agent."); // Get session map for this servlet context. Map sessionMap = (Map) hreq.getSession().getServletContext().getAttribute(KEY_SESSION_MAP); if (sessionMap.get(localSession.getWrapped()) == null) { // the local session is new so, make the valve listen for its events so that it can // map them to local session events. // Not supported : session.addSessionListener(this); sessionMap.put(session, localSession); } // ------------------------------------------------------------------ // Has a valid user already been authenticated? // ------------------------------------------------------------------ if (debug == 1) log.debug("Process request for '" + hreq.getRequestURI() + "'"); if (entry != null) { if (debug == 1) log.debug("Principal '" + entry.principal + "' has already been authenticated"); // TODO : Not supported // (request).setAuthType(entry.authType); // (request).setUserPrincipal(entry.principal); } else { log.info("No Valid SSO Session, attempt an optional login?"); // This is a standard anonymous request! if (cookie != null) { // cookie is not valid cookie = _agent.newJossoCookie(hreq.getContextPath(), "-"); hres.addCookie(cookie); } if (cookie != null || (getSavedRequestURL(session) == null && _agent.isAutomaticLoginRequired(hreq))) { if (debug == 1) log.debug("SSO Session is not valid, attempting automatic login"); // Save current request, so we can co back to it later ... saveRequestURL(hreq, session); String loginUrl = _agent.buildLoginOptionalUrl(hreq); if (debug == 1) log.debug("Redirecting to login url '" + loginUrl + "'"); //set non cache headers _agent.prepareNonCacheResponse(hres); hres.sendRedirect(hres.encodeRedirectURL(loginUrl)); return; } else { if (debug == 1) log.debug("SSO cookie is not present, but login optional process is not required"); } } try { logg("Avant sur webProgrammaticLogin -------------" + iBoucle); if (!WebProgrammaticLogin.login(jossoSessionId, assertionId, "jossoRealm", hreq, hres)) { logg("Erreur sur webProgrammaticLogin"); } else { logg("Russite sur webProgrammaticLogin"); } logg("Aprs sur webProgrammaticLogin-------------" + iBoucle); } catch (Exception err) { logg("SSOAgentValve Erreur2 finalisation contexte securit", err); throw new ServletException(err); } // propagate the login and logout URLs to // partner applications. hreq.setAttribute("org.josso.agent.gateway-login-url", _agent.getGatewayLoginUrl()); hreq.setAttribute("org.josso.agent.gateway-logout-url", _agent.getGatewayLogoutUrl()); hreq.setAttribute("org.josso.agent.ssoSessionid", jossoSessionId); // ------------------------------------------------------------------ // Invoke the next Valve in our pipeline // ------------------------------------------------------------------ filterChain.doFilter(hreq, hres); } //T4 // ------------------------------------------------------------------ // Check if the partner application required the login form // ------------------------------------------------------------------ if (debug == 1) log.debug("T4 Checking if its a josso_login_request for '" + hreq.getRequestURI() + "'"); if (hreq.getRequestURI().endsWith(_agent.getJOSSOLoginUri()) || hreq.getRequestURI().endsWith(_agent.getJOSSOUserLoginUri())) { if (debug == 1) log.debug("T4 josso_login_request received for uri '" + hreq.getRequestURI() + "'"); //save referer url in case the user clicked on Login from some public resource (page) //so agent can redirect the user back to that page after successful login if (hreq.getRequestURI().endsWith(_agent.getJOSSOUserLoginUri())) { saveLoginBackToURL(hreq, session, true); } else { saveLoginBackToURL(hreq, session, false); } String loginUrl = _agent.buildLoginUrl(hreq); if (debug == 1) log.debug("T4 Redirecting to login url '" + loginUrl + "'"); //set non cache headers _agent.prepareNonCacheResponse(hres); hres.sendRedirect(hres.encodeRedirectURL(loginUrl)); return; } //T5 // ------------------------------------------------------------------ // Check if the partner application required a logout // ------------------------------------------------------------------ if (debug == 1) log.debug("T5 Checking if its a josso_logout request for '" + hreq.getRequestURI() + "'"); if (hreq.getRequestURI().endsWith(_agent.getJOSSOLogoutUri())) { if (debug == 1) log.debug("T5 josso_logout request received for uri '" + hreq.getRequestURI() + "'"); String logoutUrl = _agent.buildLogoutUrl(hreq, cfg); if (debug == 1) log.debug("T5 Redirecting to logout url '" + logoutUrl + "'"); // Clear previous COOKIE ... Cookie ssoCookie = _agent.newJossoCookie(hreq.getContextPath(), "-"); hres.addCookie(ssoCookie); // invalidate session (unbind josso security context) session.invalidate(); //set non cache headers _agent.prepareNonCacheResponse(hres); hres.sendRedirect(hres.encodeRedirectURL(logoutUrl)); return; } //T6 testCookieSession(hreq); //T7 // ------------------------------------------------------------------ // Check if the partner application submitted custom login form // ------------------------------------------------------------------ if (debug == 1) { log.debug("T7 Checking if its a josso_authentication for '" + hreq.getRequestURI() + "'"); } if (hreq.getRequestURI().endsWith(_agent.getJOSSOAuthenticationUri())) { if (debug == 1) { log.debug("T7 josso_authentication received for uri '" + hreq.getRequestURI() + "'"); } GenericServletSSOAgentRequest customAuthRequest = (GenericServletSSOAgentRequest) doMakeSSOAgentRequest( SSOAgentRequest.ACTION_CUSTOM_AUTHENTICATION, jossoSessionId, localSession, null, hreq, hres); _agent.processRequest(customAuthRequest); return; } //T8 // si pas de cookie de session SSO if (cookie == null || cookie.getValue().equals("-")) { // ------------------------------------------------------------------ // Trigger LOGIN OPTIONAL if required // ------------------------------------------------------------------ if (debug == 1) log.debug("T8 SSO cookie is not present, verifying optional login process "); // We have no cookie, remember me is enabled and a security check without assertion was received ... // This means that the user could not be identified ... go back to the original resource if (hreq.getRequestURI().endsWith(_agent.getJOSSOSecurityCheckUri()) && hreq.getParameter("josso_assertion_id") == null) { if (debug == 1) log.debug("T8-1 " + _agent.getJOSSOSecurityCheckUri() + " received without assertion. Login Optional Process failed"); String requestURI = getSavedRequestURL(session); _agent.prepareNonCacheResponse(hres); hres.sendRedirect(hres.encodeRedirectURL(requestURI)); return; } // This is a standard anonymous request! if (!hreq.getRequestURI().endsWith(_agent.getJOSSOSecurityCheckUri())) { if (!_agent.isResourceIgnored(cfg, hreq) && _agent.isAutomaticLoginRequired(hreq)) { if (debug == 1) log.debug("T8-2 SSO cookie is not present, attempting automatic login"); // Save current request, so we can co back to it later ... saveRequestURL(hreq, session); String loginUrl = _agent.buildLoginOptionalUrl(hreq); if (debug == 1) log.debug("T8-2 Redirecting to login url '" + loginUrl + "'"); //set non cache headers _agent.prepareNonCacheResponse(hres); hres.sendRedirect(hres.encodeRedirectURL(loginUrl)); return; } else { if (debug == 1) log.debug("T8-2 SSO cookie is not present, but login optional process is not required"); } } if (debug == 1) log.debug("T8-3 SSO cookie is not present, checking for outbound relaying"); if (!(hreq.getRequestURI().endsWith(_agent.getJOSSOSecurityCheckUri()) && hreq.getParameter("josso_assertion_id") != null)) { log.debug("T8-3 SSO cookie not present and relaying was not requested, skipping"); filterChain.doFilter(hreq, hres); return; } } // This URI should be protected by SSO, go on ... if (debug == 1) log.debug("Session is: " + session); // ------------------------------------------------------------------ // Invoke the SSO Agent // ------------------------------------------------------------------ if (debug == 1) log.debug("Executing agent..."); //T10 /josso_security_check // ------------------------------------------------------------------ // Check if a user has been authenitcated and should be checked by the agent. // ------------------------------------------------------------------ if (debug == 1) log.debug("T10 Checking if its a josso_security_check for '" + hreq.getRequestURI() + "'"); if (hreq.getRequestURI().endsWith(_agent.getJOSSOSecurityCheckUri()) && hreq.getParameter("josso_assertion_id") != null) { if (debug == 1) log.debug("T10 josso_security_check received for uri '" + hreq.getRequestURI() + "' assertion id '" + hreq.getParameter("josso_assertion_id")); assertionId = hreq.getParameter(Constants.JOSSO_ASSERTION_ID_PARAMETER); GenericServletSSOAgentRequest relayRequest; if (debug == 1) log.debug("T10 Outbound relaying requested for assertion id [" + assertionId + "]"); relayRequest = (GenericServletSSOAgentRequest) doMakeSSOAgentRequest(SSOAgentRequest.ACTION_RELAY, null, localSession, assertionId, hreq, hres); SingleSignOnEntry entry = _agent.processRequest(relayRequest); if (entry == null) { // This is wrong! We should have an entry here! log.error("T10-1 Outbound relaying failed for assertion id [" + assertionId + "], no Principal found."); // Throw an exception and let the container send the INERNAL SERVER ERROR throw new ServletException("No Principal found. Verify your SSO Agent Configuration!"); } if (debug == 1) log.debug("T10-2 Outbound relaying succesfull for assertion id [" + assertionId + "]"); if (debug == 1) log.debug("T10-2 Assertion id [" + assertionId + "] mapped to SSO session id [" + entry.ssoId + "]"); // The cookie is valid to for the partner application only ... in the future each partner app may // store a different auth. token (SSO SESSION) value cookie = _agent.newJossoCookie(hreq.getContextPath(), entry.ssoId); hres.addCookie(cookie); // Redirect the user to the original request URI (which will cause // the original request to be restored) String requestURI = getSavedSplashResource(session); if (requestURI == null) { requestURI = getSavedRequestURL(session); if (requestURI == null) { if (cfg.getDefaultResource() != null) { requestURI = cfg.getDefaultResource(); } else { // If no saved request is found, redirect to the partner app root : requestURI = hreq.getRequestURI().substring(0, (hreq.getRequestURI().length() - _agent.getJOSSOSecurityCheckUri().length())); } // If we're behind a reverse proxy, we have to alter the URL ... this was not necessary on tomcat 5.0 ?! String singlePointOfAccess = _agent.getSinglePointOfAccess(); if (singlePointOfAccess != null) { requestURI = singlePointOfAccess + requestURI; } else { String reverseProxyHost = hreq .getHeader(org.josso.gateway.Constants.JOSSO_REVERSE_PROXY_HEADER); if (reverseProxyHost != null) { requestURI = reverseProxyHost + requestURI; } } if (debug == 1) log.debug("T10 No saved request found, using : '" + requestURI + "'"); } } clearSavedRequestURLs(session); _agent.clearAutomaticLoginReferer(hreq); _agent.prepareNonCacheResponse(hres); // Check if we have a post login resource : String postAuthURI = cfg.getPostAuthenticationResource(); if (postAuthURI != null) { String postAuthURL = _agent.buildPostAuthUrl(hres, requestURI, postAuthURI); if (debug == 1) log.debug("T10 Redirecting to post-auth-resource '" + postAuthURL + "'"); hres.sendRedirect(postAuthURL); } else { if (debug == 1) log.debug("T10 Redirecting to original '" + requestURI + "'"); hres.sendRedirect(hres.encodeRedirectURL(requestURI)); } _agent.addEntrySSOIDsuccessed(entry.ssoId, entry.getPrincipal().getName()); return; } } finally { if (debug == 1) log.debug("Processed : " + hreq.getContextPath()); } }
From source file:eu.eidas.node.service.IdPResponseServlet.java
private String handleExecute(HttpServletRequest request, HttpServletResponse response) throws ServletException { IdPResponseBean controllerService = (IdPResponseBean) getApplicationContext() .getBean(NodeBeanNames.IdP_RESPONSE.toString()); ISpecificProxyService specificProxyService = controllerService.getSpecificProxyService(); ILightResponse lightResponse;/*from w w w . j a v a2 s .c o m*/ try { lightResponse = specificProxyService.processResponse(request, response); } catch (SpecificException e) { getLogger().error("SpecificException" + e, e); // Illegal state: no error AND no success response received from the specific throw new ServletException("Unable to process specific response: " + e, e); } if (null == lightResponse) { getLogger().error("SpecificException: Missing specific response"); // Illegal state: no error AND no success response received from the specific throw new ServletException("Missing specific response: no error and no success"); } HttpSession session = request.getSession(); SessionHolder.setId(session); session.setAttribute(EidasParameterKeys.SAML_PHASE.toString(), EIDASValues.EIDAS_SERVICE_RESPONSE); // This is not the specific Map CorrelationMap<StoredAuthenticationRequest> requestCorrelationMap = controllerService .getProxyServiceRequestCorrelationMap(); StoredAuthenticationRequest storedAuthenticationRequest = requestCorrelationMap .remove(lightResponse.getInResponseToId()); if (null == storedAuthenticationRequest) { // send the error back: if (LOG.isErrorEnabled()) { LOG.error("Could not correlate any eIDAS request to the received specific IdP response: " + lightResponse); } throw new ServletException( "Could not correlate specific response ID: " + lightResponse.getId() + " to any eIDAS request"); } IAuthenticationRequest originalRequest = storedAuthenticationRequest.getRequest(); WebRequest webRequest = new IncomingRequest(request); String retVal; IResponseStatus responseStatus = lightResponse.getStatus(); if (responseStatus.isFailure()) { String statusCode = responseStatus.getStatusCode(); String errorMessage = responseStatus.getStatusMessage(); String errorSubCode = responseStatus.getSubStatusCode(); // send the error back: if (LOG.isErrorEnabled()) { LOG.error("Received failed authentication from Specific Idp: errorMessage=\"" + errorMessage + "\", statusCode=\"" + statusCode + "\", subCode=\"" + errorSubCode + "\""); } retVal = NodeViewNames.EIDAS_CONNECTOR_REDIRECT.toString(); getLogger() .trace("Generate SAMLTokenFail because of authentication failure received from specific IdP"); String samlTokenFail = controllerService.getProxyService().generateSamlTokenFail(originalRequest, statusCode, null, errorSubCode, errorMessage, webRequest.getRemoteIpAddress(), false); request.setAttribute(NodeParameterNames.SAML_TOKEN_FAIL.toString(), samlTokenFail); } else { // generate the eIDAS response with the ProxyService and send it back to the Connector: if (controllerService.isAskConsentValue()) { getLogger().trace("consent-value"); retVal = NodeViewNames.EIDAS_SERVICE_CITIZEN_CONSENT.toString(); // TODO: DO NOT generate this in advance! getLogger().trace( "Generate SAMLTokenFail proactively in case of future consent refusal by the citizen"); String samlTokenFail = controllerService.getProxyService().generateSamlTokenFail(originalRequest, EIDASStatusCode.REQUESTER_URI.toString(), EidasErrorKey.CITIZEN_NO_CONSENT_MANDATORY, webRequest.getRemoteIpAddress()); request.setAttribute(NodeParameterNames.SAML_TOKEN_FAIL.toString(), samlTokenFail); } else { getLogger().trace("no-consent-value"); retVal = NodeViewNames.EIDAS_CONNECTOR_REDIRECT.toString(); } IResponseMessage responseMessage = controllerService.getProxyService().processIdpResponse(webRequest, storedAuthenticationRequest, lightResponse); String samlToken = EidasStringUtil.encodeToBase64(responseMessage.getMessageBytes()); request.setAttribute(NodeParameterNames.SAML_TOKEN.toString(), samlToken); IAuthenticationResponse authnResponse = responseMessage.getResponse(); ImmutableAttributeMap responseAttributeMap = authnResponse.getAttributes(); ImmutableAttributeMap.Builder attrMapBuilder = new ImmutableAttributeMap.Builder(); ProtocolProcessorI extProx = controllerService.getProxyService().getSamlService().getSamlEngine() .getProtocolProcessor(); for (AttributeDefinition attrDef : responseAttributeMap.getAttributeMap().keySet()) { // filter out non file-registry attributes = dynamic, additional ones, where value must not be displayed if (extProx.getAttributeDefinitionNullable(attrDef.getNameUri().toString()) != null && extProx.getAdditionalAttributes().getByName(attrDef.getNameUri().toString()) == null) { attrMapBuilder.put(attrDef, responseAttributeMap.getAttributeValuesByNameUri(attrDef.getNameUri())); } } request.setAttribute(NodeParameterNames.PAL.toString(), attrMapBuilder.build().getAttributeMap()); boolean hasEidasAttributes = false; for (final AttributeDefinition attributeDefinition : responseAttributeMap.getAttributeMap().keySet()) { if (EidasSpec.REGISTRY.contains(attributeDefinition)) { hasEidasAttributes = true; break; } } request.setAttribute(NodeParameterNames.EIDAS_ATTRIBUTES_PARAM.toString(), Boolean.valueOf(hasEidasAttributes)); if (StringUtils.isNotBlank(authnResponse.getLevelOfAssurance())) { request.setAttribute(NodeParameterNames.LOA_VALUE.toString(), EidasAttributesUtil.getUserFriendlyLoa(authnResponse.getLevelOfAssurance())); } } // Prevent cookies from being accessed through client-side script. setHTTPOnlyHeaderToSession(false, request, response); // Gets the attributes from Attribute Providers and validates mandatory // attributes. // Setting internal variables, to be included by the Struts on the JSP getLogger().trace("setting internal variables"); String redirectUrl = originalRequest.getAssertionConsumerServiceURL(); getLogger().debug("redirectUrl: " + redirectUrl); // These attributes are used by citizenConsent.jsp request.setAttribute(NodeParameterNames.REDIRECT_URL.toString(), response.encodeRedirectURL(redirectUrl)); // Correct URl redirect cookie implementation request.setAttribute(EidasParameterKeys.SP_ID.toString(), originalRequest.getProviderName()); if (originalRequest instanceof IStorkAuthenticationRequest) { request.setAttribute(NodeParameterNames.QAA_LEVEL.toString(), ((IStorkAuthenticationRequest) originalRequest).getQaa()); } String relayState = storedAuthenticationRequest.getRelayState(); if (StringUtils.isNotBlank(relayState)) { getLogger().debug("Relay State ProxyService " + relayState); request.setAttribute(NodeParameterNames.RELAY_STATE.toString(), relayState); } return retVal; }
From source file:org.jahia.bin.Render.java
private void doAction(HttpServletRequest req, HttpServletResponse resp, URLResolver urlResolver, RenderContext renderContext, Resource resource, Action action, Map<String, List<String>> parameters) throws Exception { final String requestWith = req.getHeader("x-requested-with"); boolean isAjaxRequest = req.getHeader("accept") != null && req.getHeader("accept").contains("application/json") && requestWith != null && requestWith.equals("XMLHttpRequest"); final Action originalAction = action; int tokenResult = TokenChecker.NO_TOKEN; if (!isWebflowRequest(req)) { tokenResult = TokenChecker.checkToken(req, resp, parameters); }/*from w w w . ja va 2s .c o m*/ switch (tokenResult) { case TokenChecker.NO_TOKEN: break; case TokenChecker.INVALID_TOKEN: throw new AccessDeniedException("Invalid token."); case TokenChecker.INVALID_CAPTCHA: Map<String, String[]> formDatas = new HashMap<String, String[]>(); Set<Map.Entry<String, List<String>>> set = parameters.entrySet(); for (Map.Entry<String, List<String>> params : set) { formDatas.put(params.getKey(), params.getValue().toArray(new String[params.getValue().size()])); } String errorMessage = Messages.getInternal("failure.captcha", urlResolver.getLocale(), "Your captcha is invalid"); if (!isAjaxRequest) { req.getSession().setAttribute("formDatas", formDatas); req.getSession().setAttribute("formError", errorMessage); performRedirect(renderContext.getMainResource().getNode().getPath(), urlResolver.getPath(), req, resp, parameters, true); } else { resp.setContentType("application/json; charset=UTF-8"); Map<String, String> res = new HashMap<String, String>(); res.put("status", errorMessage); new JSONObject(res).write(resp.getWriter()); } return; case TokenChecker.INVALID_HIDDEN_FIELDS: throw new AccessDeniedException(); case TokenChecker.VALID_TOKEN: action = new SystemAction() { @Override public ActionResult doExecuteAsSystem(HttpServletRequest req, RenderContext renderContext, JCRSessionWrapper systemSession, Resource resource, Map<String, List<String>> parameters, URLResolver urlResolver) throws Exception { return originalAction.doExecute(req, renderContext, resource, systemSession, parameters, urlResolver); } }; } if (!(action instanceof SystemAction)) { if (action.getRequiredWorkspace() != null && !action.getRequiredWorkspace().equals(urlResolver.getWorkspace())) { throw new PathNotFoundException("Action is not supported for this workspace"); } if (action.isRequireAuthenticatedUser() && !renderContext.isLoggedIn()) { throw new AccessDeniedException("Action '" + action.getName() + "' requires an authenticated user"); } if (!action.isPermitted(urlResolver.getNode())) { throw new AccessDeniedException("Action '" + action.getName() + "' requires '" + action.getRequiredPermission() + "' permission."); } } else if (originalAction instanceof LicensedAction) { LicensedAction licensedAction = (LicensedAction) originalAction; if (!licensedAction.isAllowedByLicense()) { logger.error( "Action '{}' requires a licene feature '{}'" + " which is not allowed by the current license terms", originalAction.getName(), licensedAction.getLicenseFeature()); throw new AccessDeniedException("Action '" + action.getName() + "' requires a licene feature '" + licensedAction.getLicenseFeature() + "' which is not allowed by the current license terms"); } } JCRSessionWrapper session = null; if (resource != null) { session = resource.getNode().getSession(); } else { session = JCRSessionFactory.getInstance().getCurrentUserSession(urlResolver.getWorkspace(), urlResolver.getLocale()); } ActionResult result; try { result = action.doExecute(req, renderContext, resource, session, parameters, urlResolver); } catch (Exception e) { logger.error("An error occurs when executing action {}", action.getName(), e); throw e; } if (result != null) { boolean returnJSON = "json".equals( parameters.get(RETURN_CONTENTTYPE) != null ? parameters.get(RETURN_CONTENTTYPE).get(0) : "") || req.getHeader("accept") != null && req.getHeader("accept").contains("application/json"); if (result.getResultCode() < 300 || returnJSON) { resp.setStatus(result.getResultCode()); addCookie(req, resp); if (result.getJson() != null && returnJSON) { try { String contentType = parameters.get(RETURN_CONTENTTYPE_OVERRIDE) != null ? StringUtils.defaultIfEmpty(parameters.get(RETURN_CONTENTTYPE_OVERRIDE).get(0), null) : null; if (contentType == null) { contentType = "application/json; charset=UTF-8"; } else if (!contentType.toLowerCase().contains("charset")) { // append the charset contentType += "; charset=UTF-8"; } resp.setContentType(contentType); result.getJson().write(resp.getWriter()); } catch (JSONException e) { logger.error(e.getMessage(), e); } } else { if (!result.isAbsoluteUrl()) { performRedirect(result.getUrl(), urlResolver.getPath(), req, resp, parameters, false); } else { resp.sendRedirect(resp.encodeRedirectURL(result.getUrl())); } } } else { resp.sendError(result.getResultCode()); } } }
From source file:gov.nih.nci.evs.browser.servlet.AjaxServlet.java
public static void search_value_set(HttpServletRequest request, HttpServletResponse response) { String selectValueSetSearchOption = HTTPUtils .cleanXSS((String) request.getParameter("selectValueSetSearchOption")); request.getSession().setAttribute("selectValueSetSearchOption", selectValueSetSearchOption); String algorithm = HTTPUtils.cleanXSS((String) request.getParameter("valueset_search_algorithm")); request.getSession().setAttribute("valueset_search_algorithm", algorithm); // check if any checkbox is checked. String contextPath = request.getContextPath(); String view_str = HTTPUtils.cleanXSS((String) request.getParameter("view")); String vsd_uri = HTTPUtils.cleanXSS((String) request.getParameter("vsd_uri")); String root_vsd_uri = HTTPUtils.cleanXSS((String) request.getParameter("root_vsd_uri")); int view = Constants.STANDARD_VIEW; boolean isInteger = DataUtils.isInteger(view_str); if (isInteger) { view = Integer.parseInt(view_str); }// w w w . j a va 2 s . co m if (vsd_uri != null && root_vsd_uri == null) { root_vsd_uri = vsd_uri; } String msg = null; request.getSession().removeAttribute("checked_vocabularies"); String checked_vocabularies = HTTPUtils.cleanXSS((String) request.getParameter("checked_vocabularies")); request.getSession().removeAttribute("partial_checked_vocabularies"); String matchText = HTTPUtils.cleanXSS((String) request.getParameter("matchText")); if (DataUtils.isNull(matchText)) { matchText = ""; } else { matchText = matchText.trim(); } request.getSession().setAttribute("matchText", matchText); String ontology_display_name = HTTPUtils.cleanXSS((String) request.getParameter("ontology_display_name")); String ontology_version = HTTPUtils.cleanXSS((String) request.getParameter("ontology_version")); if (matchText.compareTo("") == 0) { msg = "Please enter a search string."; request.getSession().setAttribute("message", msg); if (!DataUtils.isNull(ontology_display_name) && !DataUtils.isNull(ontology_version)) { create_vs_tree(request, response, view, ontology_display_name, ontology_version); } else { create_vs_tree(request, response, view); } return; } if (checked_vocabularies == null || (checked_vocabularies.compareTo("") == 0)) { msg = "No value set definition is selected."; request.getSession().setAttribute("message", msg); if (!DataUtils.isNull(ontology_display_name) && !DataUtils.isNull(ontology_version)) { create_vs_tree(request, response, view, ontology_display_name, ontology_version); } else { vsd_uri = HTTPUtils.cleanXSS((String) request.getParameter("vsd_uri")); if (DataUtils.isNull(vsd_uri)) { create_vs_tree(request, response, view); } else { create_vs_tree(request, response, view, vsd_uri); } } } else { try { String retstr = valueSetSearchAction(request); //KLO, 041312 if (retstr.compareTo("message") == 0) { if (!DataUtils.isNull(ontology_display_name) && !DataUtils.isNull(ontology_version)) { create_vs_tree(request, response, view, ontology_display_name, ontology_version); } else { create_vs_tree(request, response, view); } return; } //Vector matched_vsds = (Vector) request.getSession().getAttribute("matched_vsds"); //String destination = contextPath + "/pages/value_set_search_results.jsf"; String destination = contextPath + "/pages/value_set_entity_search_results.jsf"; if (!DataUtils.isNull(vsd_uri)) { destination = contextPath + "/pages/value_set_entity_search_results.jsf?value_set_tab=false&root_vsd_uri=" + root_vsd_uri; } response.sendRedirect(response.encodeRedirectURL(destination)); //request.getSession().setAttribute("checked_vocabularies", checked_vocabularies); } catch (Exception ex) { ex.printStackTrace(); } } }
From source file:org.wso2.carbon.identity.application.authenticator.duoauth.DuoAuthenticator.java
@Override protected void initiateAuthenticationRequest(HttpServletRequest request, HttpServletResponse response, AuthenticationContext context) throws AuthenticationFailedException { String username = null;/*from w w w. j a v a 2 s .co m*/ String loginPage = ConfigurationFacade.getInstance().getAuthenticationEndpointURL(); AKEY = DuoAuthenticatorConstants.stringGenerator(); for (int i = context.getSequenceConfig().getStepMap().size() - 1; i > 0; i--) { //Getting the last authenticated local user if (context.getSequenceConfig().getStepMap().get(i).getAuthenticatedUser() != null && context.getSequenceConfig().getStepMap().get(i).getAuthenticatedAutenticator() .getApplicationAuthenticator() instanceof LocalApplicationAuthenticator) { username = context.getSequenceConfig().getStepMap().get(i).getAuthenticatedUser(); if (log.isDebugEnabled()) { log.debug("username :" + username); } break; } } String mobile = null; if (username != null) { int tenantId = 0; try { tenantId = IdentityUtil.getTenantIdOFUser(username); UserRealm userRealm = DuoAuthenticatorServiceComponent.getRealmService() .getTenantUserRealm(tenantId); username = MultitenantUtils.getTenantAwareUsername(username); if (userRealm != null) { UserStoreManager userStoreManager = (UserStoreManager) userRealm.getUserStoreManager(); mobile = userStoreManager.getUserClaimValue(username, DuoAuthenticatorConstants.MOBILE_CLAIM, null); } else { throw new AuthenticationFailedException( "Cannot find the user realm for the given tenant: " + tenantId); } } catch (IdentityException e) { if (log.isDebugEnabled()) { log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_GETTING_PHONE); } throw new AuthenticationFailedException(DuoAuthenticatorConstants.DuoErrors.ERROR_GETTING_PHONE, e); } catch (UserStoreException e) { if (log.isDebugEnabled()) { log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_GETTING_PHONE); } throw new AuthenticationFailedException(DuoAuthenticatorConstants.DuoErrors.ERROR_GETTING_PHONE, e); } if (log.isDebugEnabled()) { log.debug("mobile number : " + mobile); } Object result = null; if (mobile != null) { //Initiate Duo API request to get the user Http duoRequest = new Http(DuoAuthenticatorConstants.HTTP_GET, getAuthenticatorConfig().getParameterMap().get(DuoAuthenticatorConstants.HOST), DuoAuthenticatorConstants.API_USER); duoRequest.addParam(DuoAuthenticatorConstants.DUO_USERNAME, username); try { duoRequest.signRequest( getAuthenticatorConfig().getParameterMap().get(DuoAuthenticatorConstants.ADMIN_IKEY), getAuthenticatorConfig().getParameterMap().get(DuoAuthenticatorConstants.ADMIN_SKEY)); } catch (UnsupportedEncodingException e) { if (log.isDebugEnabled()) { log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_SIGN_REQUEST); } throw new AuthenticationFailedException(DuoAuthenticatorConstants.DuoErrors.ERROR_SIGN_REQUEST, e); } try { //Execute Duo API request result = duoRequest.executeRequest(); } catch (Exception e) { if (log.isDebugEnabled()) { log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_EXECUTE_REQUEST); } throw new AuthenticationFailedException( DuoAuthenticatorConstants.DuoErrors.ERROR_EXECUTE_REQUEST, e); } if (result != null) { if (log.isDebugEnabled()) { log.debug(result.toString()); } try { JSONArray array = new JSONArray(result.toString()); if (array.length() == 0) { if (log.isDebugEnabled()) { log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_USER_NOT_FOUND); } throw new AuthenticationFailedException( DuoAuthenticatorConstants.DuoErrors.ERROR_USER_NOT_FOUND); } else { JSONArray phoneArray; JSONObject object = array.getJSONObject(0); phoneArray = (JSONArray) object.get(DuoAuthenticatorConstants.DUO_PHONES); if (phoneArray.length() == 0) { if (log.isDebugEnabled()) { log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_NUMBER_INVALID); } throw new AuthenticationFailedException( DuoAuthenticatorConstants.DuoErrors.ERROR_NUMBER_INVALID); } else { String number = ((JSONObject) phoneArray.get(0)) .getString(DuoAuthenticatorConstants.DUO_NUMBER); if (mobile.equals(number)) { String sig_request = DuoWeb.signRequest( getAuthenticatorConfig().getParameterMap() .get(DuoAuthenticatorConstants.IKEY), getAuthenticatorConfig().getParameterMap() .get(DuoAuthenticatorConstants.SKEY), AKEY, username); String DuoUrl = loginPage + "?" + FrameworkConstants.RequestParams.AUTHENTICATOR + "=" + getName() + ":" + FrameworkConstants.LOCAL_IDP_NAME + "&" + FrameworkConstants.RequestParams.TYPE + "=" + DuoAuthenticatorConstants.RequestParams.DUO + "&" + DuoAuthenticatorConstants.RequestParams.SIG_REQUEST + "=" + sig_request + "&" + FrameworkConstants.SESSION_DATA_KEY + "=" + context.getContextIdentifier() + "&" + DuoAuthenticatorConstants.RequestParams.DUO_HOST + "=" + getAuthenticatorConfig().getParameterMap() .get(DuoAuthenticatorConstants.HOST); try { //Redirect to Duo Authentication page response.sendRedirect(response.encodeRedirectURL(DuoUrl)); } catch (IOException e) { if (log.isDebugEnabled()) { log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_REDIRECTING); } throw new AuthenticationFailedException( DuoAuthenticatorConstants.DuoErrors.ERROR_REDIRECTING, e); } } else { if (log.isDebugEnabled()) { log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_NUMBER_MISMATCH); } throw new AuthenticationFailedException( DuoAuthenticatorConstants.DuoErrors.ERROR_NUMBER_MISMATCH); } } } } catch (JSONException e) { if (log.isDebugEnabled()) { log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_JSON); } throw new AuthenticationFailedException(DuoAuthenticatorConstants.DuoErrors.ERROR_JSON, e); } } } else { if (log.isDebugEnabled()) { log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_NUMBER_NOT_FOUND); } throw new AuthenticationFailedException(DuoAuthenticatorConstants.DuoErrors.ERROR_NUMBER_NOT_FOUND); } } else { if (log.isDebugEnabled()) { log.debug("No local user found"); } throw new AuthenticationFailedException("Duo authenticator failed to initialize"); } }
From source file:org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.java
/** * Initiate the authentication request/*from ww w. j ava 2s . com*/ */ @Override protected void initiateAuthenticationRequest(HttpServletRequest request, HttpServletResponse response, AuthenticationContext context) throws AuthenticationFailedException { try { Map<String, String> authenticatorProperties = context.getAuthenticatorProperties(); Map<String, String> emailOTPParameters = getAuthenticatorConfig().getParameterMap(); if (!context.isRetrying() || (context.isRetrying() && StringUtils.isEmpty(request.getParameter(EmailOTPAuthenticatorConstants.RESEND))) || (context.isRetrying() && Boolean.parseBoolean(request.getParameter(EmailOTPAuthenticatorConstants.RESEND)))) { String username = null; String email = null; for (Integer stepMap : context.getSequenceConfig().getStepMap().keySet()) { if (context.getSequenceConfig().getStepMap().get(stepMap).getAuthenticatedUser() != null && context.getSequenceConfig().getStepMap().get(stepMap).getAuthenticatedAutenticator() .getApplicationAuthenticator() instanceof LocalApplicationAuthenticator) { username = String.valueOf( context.getSequenceConfig().getStepMap().get(stepMap).getAuthenticatedUser()); break; } } if (StringUtils.isNotEmpty(username)) { UserRealm userRealm = null; String tenantDomain = MultitenantUtils.getTenantDomain(username); int tenantId = IdentityTenantUtil.getTenantId(tenantDomain); RealmService realmService = IdentityTenantUtil.getRealmService(); try { userRealm = (UserRealm) realmService.getTenantUserRealm(tenantId); } catch (org.wso2.carbon.user.api.UserStoreException e) { throw new AuthenticationFailedException("Cannot find the user realm", e); } username = MultitenantUtils.getTenantAwareUsername(String.valueOf(username)); if (userRealm != null) { email = userRealm.getUserStoreManager().getUserClaimValue(username, EmailOTPAuthenticatorConstants.EMAIL_CLAIM, null); if (StringUtils.isEmpty(email)) { log.error("Receiver's email ID can not be null."); throw new AuthenticationFailedException("Receiver's email ID can not be null."); } else { context.setProperty(EmailOTPAuthenticatorConstants.RECEIVER_EMAIL, email); } } } OneTimePassword token = new OneTimePassword(); String secret = OneTimePassword.getRandomNumber(EmailOTPAuthenticatorConstants.SECRET_KEY_LENGTH); String myToken = token.generateToken(secret, "" + EmailOTPAuthenticatorConstants.NUMBER_BASE, EmailOTPAuthenticatorConstants.NUMBER_DIGIT); context.setProperty(EmailOTPAuthenticatorConstants.OTP_TOKEN, myToken); if (authenticatorProperties != null) { if (StringUtils.isNotEmpty(myToken)) { if (isSMTP(emailOTPParameters, authenticatorProperties)) { sendOTP(username, myToken, email); } else if (StringUtils.isNotEmpty(email)) { String failureString = null; if (isAccessTokenRequired(emailOTPParameters, authenticatorProperties)) { String tokenResponse = sendTokenRequest(authenticatorProperties, emailOTPParameters); if (StringUtils.isEmpty(tokenResponse) || tokenResponse.startsWith(EmailOTPAuthenticatorConstants.FAILED)) { log.error("Unable to get the access token"); throw new AuthenticationFailedException("Unable to get the access token"); } else { JSONObject tokenObj = new JSONObject(tokenResponse); String accessToken = tokenObj .getString(EmailOTPAuthenticatorConstants.EMAILOTP_ACCESS_TOKEN); context.getAuthenticatorProperties() .put(EmailOTPAuthenticatorConstants.EMAILOTP_ACCESS_TOKEN, accessToken); authenticatorProperties = context.getAuthenticatorProperties(); } } String payload = preparePayload(authenticatorProperties, emailOTPParameters, email, myToken); String formData = prepareFormData(authenticatorProperties, emailOTPParameters, email, myToken); String urlParams = prepareURLParams(authenticatorProperties, emailOTPParameters, email, myToken); String sendCodeResponse = sendMailUsingAPIs(authenticatorProperties, emailOTPParameters, urlParams, payload, formData); String api = getAPI(authenticatorProperties); if (emailOTPParameters.containsKey(api + EmailOTPAuthenticatorConstants.FAILURE)) { failureString = emailOTPParameters .get(api + EmailOTPAuthenticatorConstants.FAILURE); } if (StringUtils.isEmpty(sendCodeResponse) || sendCodeResponse.startsWith(EmailOTPAuthenticatorConstants.FAILED) || (StringUtils.isNotEmpty(failureString) && sendCodeResponse.contains(failureString))) { log.error("Unable to send the code"); throw new AuthenticationFailedException("Unable to send the code"); } } } } else { log.error("Error while retrieving properties. Authenticator Properties cannot be null"); throw new AuthenticationFailedException( "Error while retrieving properties. Authenticator Properties cannot be null"); } } if (context.isRetrying() || StringUtils.isEmpty(request.getParameter(EmailOTPAuthenticatorConstants.RESEND))) { String emailOTPPage = ConfigurationFacade.getInstance().getAuthenticationEndpointURL().replace( EmailOTPAuthenticatorConstants.LOGIN_PAGE, EmailOTPAuthenticatorConstants.EMILOTP_PAGE); String queryParams = FrameworkUtils.getQueryStringWithFrameworkContextId(context.getQueryParams(), context.getCallerSessionKey(), context.getContextIdentifier()); String retryParam = ""; if (context.isRetrying()) { retryParam = EmailOTPAuthenticatorConstants.RETRY_PARAMS; } try { response.sendRedirect(response.encodeRedirectURL(emailOTPPage + ("?" + queryParams)) + EmailOTPAuthenticatorConstants.AUTHENTICATORS + getName() + ":" + EmailOTPAuthenticatorConstants.LOCAL + retryParam); } catch (IOException e) { log.error("Authentication failed: " + e.getMessage(), e); throw new AuthenticationFailedException(e.getMessage(), e); } } } catch (UserStoreException e) { log.error("Cannot find the user claim for email", e); throw new AuthenticationFailedException("Cannot find the user claim for email " + e.getMessage(), e); } catch (AuthenticationFailedException e) { log.error(e.getMessage(), e); throw new AuthenticationFailedException(e.getMessage(), e); } }
From source file:com.exedio.cope.live.Bar.java
void doRequest(final HttpServletRequest request, final HttpSession httpSession, final HttpServletResponse response, final Anchor anchor) throws IOException { if (!Cop.isPost(request)) { try {/*from w ww . j a va 2 s . c om*/ startTransaction("redirectHome"); anchor.redirectHome(request, response); model.commit(); } finally { model.rollbackIfNotCommitted(); } return; } final String referer; if (isMultipartContent(request)) { final HashMap<String, String> fields = new HashMap<String, String>(); final HashMap<String, FileItem> files = new HashMap<String, FileItem>(); final FileItemFactory factory = new DiskFileItemFactory(); final ServletFileUpload upload = new ServletFileUpload(factory); upload.setHeaderEncoding(UTF_8.name()); try { for (final Iterator<?> i = upload.parseRequest(request).iterator(); i.hasNext();) { final FileItem item = (FileItem) i.next(); if (item.isFormField()) fields.put(item.getFieldName(), item.getString(UTF_8.name())); else files.put(item.getFieldName(), item); } } catch (final FileUploadException e) { throw new RuntimeException(e); } final String featureID = fields.get(FEATURE); if (featureID == null) throw new NullPointerException(); final Media feature = (Media) model.getFeature(featureID); if (feature == null) throw new NullPointerException(featureID); final String itemID = fields.get(ITEM); if (itemID == null) throw new NullPointerException(); final FileItem file = files.get(FILE); try { startTransaction("publishFile(" + featureID + ',' + itemID + ')'); final Item item = model.getItem(itemID); if (fields.get(PUBLISH_NOW) != null) { for (final History history : History.getHistories(item.getCopeType())) { final History.Event event = history.createEvent(item, anchor.getHistoryAuthor(), false); event.createFeature(feature, feature.getName(), feature.isNull(item) ? null : ("file type=" + feature.getContentType(item) + " size=" + feature.getLength(item)), "file name=" + file.getName() + " type=" + file.getContentType() + " size=" + file.getSize()); } // TODO use more efficient setter with File or byte[] feature.set(item, file.getInputStream(), file.getContentType()); } else { anchor.modify(file, feature, item); } model.commit(); } catch (final NoSuchIDException e) { throw new RuntimeException(e); } finally { model.rollbackIfNotCommitted(); } referer = fields.get(REFERER); } else // isMultipartContent { if (request.getParameter(BORDERS_ON) != null || request.getParameter(BORDERS_ON_IMAGE) != null) { anchor.borders = true; } else if (request.getParameter(BORDERS_OFF) != null || request.getParameter(BORDERS_OFF_IMAGE) != null) { anchor.borders = false; } else if (request.getParameter(CLOSE) != null || request.getParameter(CLOSE_IMAGE) != null) { httpSession.removeAttribute(LoginServlet.ANCHOR); } else if (request.getParameter(SWITCH_TARGET) != null) { anchor.setTarget(servlet.getTarget(request.getParameter(SWITCH_TARGET))); } else if (request.getParameter(SAVE_TARGET) != null) { try { startTransaction("saveTarget"); anchor.getTarget().save(anchor); model.commit(); } finally { model.rollbackIfNotCommitted(); } anchor.notifyPublishedAll(); } else { final String featureID = request.getParameter(FEATURE); if (featureID == null) throw new NullPointerException(); final Feature featureO = model.getFeature(featureID); if (featureO == null) throw new NullPointerException(featureID); final String itemID = request.getParameter(ITEM); if (itemID == null) throw new NullPointerException(); if (featureO instanceof StringField) { final StringField feature = (StringField) featureO; final String value = request.getParameter(TEXT); try { startTransaction("barText(" + featureID + ',' + itemID + ')'); final Item item = model.getItem(itemID); if (request.getParameter(PUBLISH_NOW) != null) { String v = value; if ("".equals(v)) v = null; for (final History history : History.getHistories(item.getCopeType())) { final History.Event event = history.createEvent(item, anchor.getHistoryAuthor(), false); event.createFeature(feature, feature.getName(), feature.get(item), v); } feature.set(item, v); anchor.notifyPublished(feature, item); } else { anchor.modify(value, feature, item); } model.commit(); } catch (final NoSuchIDException e) { throw new RuntimeException(e); } finally { model.rollbackIfNotCommitted(); } } else { final IntegerField feature = (IntegerField) featureO; final String itemIDFrom = request.getParameter(ITEM_FROM); if (itemIDFrom == null) throw new NullPointerException(); try { startTransaction("swapPosition(" + featureID + ',' + itemIDFrom + ',' + itemID + ')'); final Item itemFrom = model.getItem(itemIDFrom); final Item itemTo = model.getItem(itemID); final Integer positionFrom = feature.get(itemFrom); final Integer positionTo = feature.get(itemTo); feature.set(itemFrom, feature.getMinimum()); feature.set(itemTo, positionFrom); feature.set(itemFrom, positionTo); for (final History history : History.getHistories(itemFrom.getCopeType())) { final History.Event event = history.createEvent(itemFrom, anchor.getHistoryAuthor(), false); event.createFeature(feature, feature.getName(), positionFrom, positionTo); } for (final History history : History.getHistories(itemTo.getCopeType())) { final History.Event event = history.createEvent(itemTo, anchor.getHistoryAuthor(), false); event.createFeature(feature, feature.getName(), positionTo, positionFrom); } model.commit(); } catch (final NoSuchIDException e) { throw new RuntimeException(e); } finally { model.rollbackIfNotCommitted(); } } } referer = request.getParameter(REFERER); } if (referer != null) response.sendRedirect(response.encodeRedirectURL(referer)); }
From source file:at.gv.egovernment.moa.id.protocols.pvp2x.SingleLogOutAction.java
@Override public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { PVPTargetConfiguration pvpReq = (PVPTargetConfiguration) req; if (pvpReq.getRequest() instanceof MOARequest && ((MOARequest) pvpReq.getRequest()).getSamlRequest() instanceof LogoutRequest) { Logger.debug("Process Single LogOut request"); MOARequest samlReq = (MOARequest) pvpReq.getRequest(); LogoutRequest logOutReq = (LogoutRequest) samlReq.getSamlRequest(); AuthenticationSession session = AuthenticationSessionStoreage.searchMOASessionWithNameIDandOAID( logOutReq.getIssuer().getValue(), logOutReq.getNameID().getValue()); if (session == null) { Logger.warn("Can not find active SSO session with nameID " + logOutReq.getNameID().getValue() + " and OA " + logOutReq.getIssuer().getValue()); Logger.info("Search active SSO session with SSO session cookie"); SSOManager ssomanager = SSOManager.getInstance(); String ssoID = ssomanager.getSSOSessionID(httpReq); if (MiscUtil.isEmpty(ssoID)) { Logger.warn("Can not find active Session. Single LogOut not possible!"); SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(pvpReq); //LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI); LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService, pvpReq, null); Logger.info("Sending SLO success message to requester ..."); SingleLogOutBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState()); return null; } else { String moasession = ssomanager.getMOASession(ssoID); try { session = AuthenticationSessionStoreage.getSession(moasession); } catch (MOADatabaseException e) { Logger.warn("Can not find active Session. Single LogOut not possible!"); SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(pvpReq); //LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI); LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService, pvpReq, null);//from w w w. j a v a 2 s. co m Logger.info("Sending SLO success message to requester ..."); SingleLogOutBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState()); return null; } } } AuthenticationManager authManager = AuthenticationManager.getInstance(); authManager.performSingleLogOut(httpReq, httpResp, session, pvpReq); } else if (pvpReq.getRequest() instanceof MOAResponse && ((MOAResponse) pvpReq.getRequest()).getResponse() instanceof LogoutResponse) { Logger.debug("Process Single LogOut response"); LogoutResponse logOutResp = (LogoutResponse) ((MOAResponse) pvpReq.getRequest()).getResponse(); Transaction tx = null; try { String relayState = pvpReq.getRequest().getRelayState(); if (MiscUtil.isEmpty(relayState)) { Logger.warn( "SLO Response from " + logOutResp.getIssuer().getValue() + " has no SAML2 RelayState."); throw new SLOException("pvp2.19", null); } Session session = MOASessionDBUtils.getCurrentSession(); boolean storageSuccess = false; int counter = 0; //TODO: add counter to prevent deadlock while (!storageSuccess) { tx = session.beginTransaction(); List result; Query query = session.getNamedQuery("getAssertionWithArtifact"); query.setParameter("artifact", relayState); result = query.list(); Logger.trace("Found entries: " + result.size()); //Assertion requires an unique artifact if (result.size() != 1) { Logger.trace("No entries found."); throw new MOADatabaseException("No sessioninformation found with this ID"); } AssertionStore element = (AssertionStore) result.get(0); Object data = SerializationUtils.deserialize(element.getAssertion()); if (data instanceof SLOInformationContainer) { SLOInformationContainer sloContainer = (SLOInformationContainer) data; //check status SingleLogOutBuilder.checkStatusCode(sloContainer, logOutResp); if (sloContainer.hasFrontChannelOA()) { try { //some response are open byte[] serializedSLOContainer = SerializationUtils .serialize((Serializable) sloContainer); element.setAssertion(serializedSLOContainer); element.setType(sloContainer.getClass().getName()); session.saveOrUpdate(element); tx.commit(); //sloContainer could be stored to database storageSuccess = true; } catch (HibernateException e) { tx.rollback(); counter++; Logger.debug( "SLOContainter could not stored to database. Wait some time and restart storage process ... "); java.util.Random rand = new java.util.Random(); try { Thread.sleep(rand.nextInt(20) * 10); } catch (InterruptedException e1) { Logger.warn("Thread could not stopped. ReStart storage process immediately", e1); } } } else { //last response received. try { session.delete(element); tx.commit(); } catch (HibernateException e) { tx.rollback(); Logger.error("SLOContainter could not deleted from database. "); } storageSuccess = true; String redirectURL = null; if (sloContainer.getSloRequest() != null) { //send SLO response to SLO request issuer SingleLogoutService sloService = SingleLogOutBuilder .getResponseSLODescriptor(sloContainer.getSloRequest()); LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService, sloContainer.getSloRequest(), sloContainer.getSloFailedOAs()); redirectURL = SingleLogOutBuilder.getFrontChannelSLOMessageURL(sloService, message, httpReq, httpResp, sloContainer.getSloRequest().getRequest().getRelayState()); } else { //print SLO information directly redirectURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/idpSingleLogout"; String artifact = Random.nextRandom(); String statusCode = null; if (sloContainer.getSloFailedOAs() == null || sloContainer.getSloFailedOAs().size() == 0) statusCode = SLOSTATUS_SUCCESS; else statusCode = SLOSTATUS_ERROR; AssertionStorage.getInstance().put(artifact, statusCode); redirectURL = addURLParameter(redirectURL, PARAM_SLOSTATUS, artifact); } //redirect to Redirect Servlet String url = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/RedirectServlet"; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(redirectURL, "UTF-8")); url = httpResp.encodeRedirectURL(url); httpResp.setContentType("text/html"); httpResp.setStatus(302); httpResp.addHeader("Location", url); } } else { Logger.warn("Sessioninformation Cast-Exception by using Artifact=" + relayState); throw new MOADatabaseException("Sessioninformation Cast-Exception"); } } } catch (MOADatabaseException e) { Logger.error("MOA AssertionDatabase ERROR", e); throw new SLOException("pvp2.19", null); } catch (UnsupportedEncodingException e) { Logger.error("Finale SLO redirct not possible.", e); throw new AuthenticationException("pvp2.13", new Object[] {}); } finally { if (tx != null && !tx.wasCommitted()) { tx.commit(); } } } else { Logger.error("Process SingleLogOutAction but request is NOT of type LogoutRequest or LogoutResponse."); throw new MOAIDException("pvp2.13", null); } return null; }
From source file:at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorWithLocalSigningServlet.java
private void handleSAMLResponse(HttpServletRequest request, HttpServletResponse response) { Logger.info("handleSAMLResponse started"); String pendingRequestID = null; try {/*from w ww . jav a 2 s .com*/ Logger.info("PEPSConnector Servlet invoked, expecting C-PEPS message."); Logger.debug("This ACS endpoint is: " + HTTPUtils.getBaseURL(request)); super.setNoCachingHeadersInHttpRespone(request, response); Logger.trace("No Caching headers set for HTTP response"); //check if https or only http super.checkIfHTTPisAllowed(request.getRequestURL().toString()); Logger.debug("Beginning to extract SAMLResponse out of HTTP Request"); //extract STORK Response from HTTP Request //Decodes SAML Response byte[] decSamlToken; try { decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLResponse")); Logger.debug("SAMLResponse: " + new String(decSamlToken)); } catch (NullPointerException e) { Logger.error("Unable to retrieve STORK Response", e); throw new MOAIDException("stork.04", null); } //Get SAMLEngine instance STORKSAMLEngine engine = STORKSAMLEngine.getInstance("outgoing"); STORKAuthnResponse authnResponse = null; try { //validate SAML Token Logger.debug("Starting validation of SAML response"); authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, (String) request.getRemoteHost()); Logger.info("SAML response succesfully verified!"); } catch (STORKSAMLEngineException e) { Logger.error("Failed to verify STORK SAML Response", e); throw new MOAIDException("stork.05", null); } Logger.info("STORK SAML Response message succesfully extracted"); Logger.debug("STORK response: "); Logger.debug(authnResponse.toString()); Logger.debug("Trying to find MOA Session-ID ..."); //String moaSessionID = request.getParameter(PARAM_SESSIONID); //first use SAML2 relayState String moaSessionID = request.getParameter("RelayState"); // escape parameter strings moaSessionID = StringEscapeUtils.escapeHtml(moaSessionID); //check if SAML2 relaystate includes a MOA sessionID if (StringUtils.isEmpty(moaSessionID)) { //if relaystate is emtpty, use SAML response -> inResponseTo element as session identifier moaSessionID = authnResponse.getInResponseTo(); moaSessionID = StringEscapeUtils.escapeHtml(moaSessionID); if (StringUtils.isEmpty(moaSessionID)) { //No authentication session has been started before Logger.error("MOA-SessionID was not found, no previous AuthnRequest had been started"); Logger.debug("PEPSConnectorURL was: " + request.getRequestURL()); throw new AuthenticationException("auth.02", new Object[] { moaSessionID }); } else Logger.trace( "Use MOA SessionID " + moaSessionID + " from AuthnResponse->inResponseTo attribute."); } else //Logger.trace("MOA SessionID " + moaSessionID + " is found in http GET parameter."); Logger.trace("MOA SessionID " + moaSessionID + " is found in SAML2 relayState."); /*INFO!!!! * SAML message IDs has an different format then MOASessionIDs * This is only a workaround because many PEPS does not support SAML2 relayState or * MOASessionID as AttributConsumerServiceURL GET parameter */ // if (!ParamValidatorUtils.isValidSessionID(moaSessionID)) // throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12"); pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID); //load MOASession from database AuthenticationSession moaSession = AuthenticationServer.getSession(moaSessionID); //change MOASessionID moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession); Logger.info("Found MOA sessionID: " + moaSessionID); String statusCodeValue = authnResponse.getStatusCode(); if (!statusCodeValue.equals(StatusCode.SUCCESS_URI)) { Logger.error("Received ErrorResponse from PEPS: " + statusCodeValue); throw new MOAIDException("stork.06", new Object[] { statusCodeValue }); } Logger.info("Got SAML response with authentication success message."); Logger.debug("MOA session is still valid"); STORKAuthnRequest storkAuthnRequest = moaSession.getStorkAuthnRequest(); if (storkAuthnRequest == null) { Logger.error( "Could not find any preceeding STORK AuthnRequest to this MOA session: " + moaSessionID); throw new MOAIDException("stork.07", null); } Logger.debug("Found a preceeding STORK AuthnRequest to this MOA session: " + moaSessionID); ////////////// incorporate gender from parameters if not in stork response IPersonalAttributeList attributeList = authnResponse.getPersonalAttributeList(); // but first, check if we have a representation case if (STORKResponseProcessor.hasAttribute("mandateContent", attributeList) || STORKResponseProcessor.hasAttribute("representative", attributeList) || STORKResponseProcessor.hasAttribute("represented", attributeList)) { // in a representation case... moaSession.setUseMandate("true"); // and check if we have the gender value PersonalAttribute gender = attributeList.get("gender"); if (null == gender) { String gendervalue = (String) request.getParameter("gender"); if (null != gendervalue) { gender = new PersonalAttribute(); gender.setName("gender"); ArrayList<String> tmp = new ArrayList<String>(); tmp.add(gendervalue); gender.setValue(tmp); authnResponse.getPersonalAttributeList().add(gender); } } } ////////////////////////////////////////////////////////////////////////// Logger.debug("Starting extraction of signedDoc attribute"); //extract signed doc element and citizen signature String citizenSignature = null; try { PersonalAttribute signedDoc = authnResponse.getPersonalAttributeList().get("signedDoc"); String signatureInfo = null; if (signedDoc != null) { signatureInfo = signedDoc.getValue().get(0); //should not occur } else { //store SAMLResponse moaSession.setSAMLResponse(request.getParameter("SAMLResponse")); //store authnResponse //moaSession.setAuthnResponse(authnResponse);//not serializable moaSession.setAuthnResponseGetPersonalAttributeList(authnResponse.getPersonalAttributeList()); String authnContextClassRef = null; try { authnContextClassRef = authnResponse.getAssertions().get(0).getAuthnStatements().get(0) .getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef(); } catch (Throwable e) { Logger.warn( "STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level"); } moaSession.setAuthnContextClassRef(authnContextClassRef); moaSession.setReturnURL(request.getRequestURL()); //load signedDoc String signRequest = moaSession.getSignedDoc(); //session is implicit stored in changeSessionID!!!! String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession); //set return url to PEPSConnectorWithLocalSigningServlet and add newMOASessionID //signRequest String issuerValue = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); String acsURL = issuerValue + PEPSConnectorWithLocalSigningServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN; String url = acsURL + "?moaSessionID=" + newMOASessionID; //redirect to OASIS module and sign there boolean found = false; try { List<AttributeProviderPlugin> aps = AuthConfigurationProvider.getInstance() .getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()).getStorkAPs(); Logger.info("Found AttributeProviderPlugins:" + aps.size()); for (AttributeProviderPlugin ap : aps) { Logger.info("Found AttributeProviderPlugin attribute:" + ap.getAttributes()); if (ap.getAttributes().equalsIgnoreCase("signedDoc")) { // FIXME[tlenz]: A servlet's class field is not thread safe. oasisDssWebFormURL = ap.getUrl(); found = true; Logger.info("Loaded signedDoc attribute provider url from config:" + oasisDssWebFormURL); break; } } } catch (Exception e) { e.printStackTrace(); Logger.error("Loading the signedDoc attribute provider url from config failed"); } if (!found) { Logger.error("Failed to load the signedDoc attribute provider url from config"); } performRedirect(url, request, response, signRequest); return; } SignResponse dssSignResponse = (SignResponse) ApiUtils .unmarshal(new StreamSource(new java.io.StringReader(signatureInfo))); citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse); // memorize signature into authblock moaSession.setAuthBlock(citizenSignature); X509Certificate cert = getSignerCertificate(citizenSignature); moaSession.setSignerCertificate(cert); moaSession.setForeigner(true); } catch (Throwable e) { Logger.error("Could not extract citizen signature from C-PEPS", e); throw new MOAIDException("stork.09", null); } try { SZRGInsertion(moaSession, authnResponse.getPersonalAttributeList(), authnResponse.getAssertions().get(0).getAuthnStatements().get(0).getAuthnContext() .getAuthnContextClassRef().getAuthnContextClassRef(), citizenSignature); } catch (STORKException e) { // this is really nasty but we work against the system here. We are supposed to get the gender attribute from // stork. If we do not, we cannot register the person in the ERnP - we have to have the // gender for the represented person. So here comes the dirty hack. if (e.getCause() instanceof STORKException && e.getCause().getMessage().equals("gender not found in response")) { try { Logger.trace("Initialize VelocityEngine..."); VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); Template template = velocityEngine.getTemplate("/resources/templates/fetchGender.html"); VelocityContext context = new VelocityContext(); context.put("SAMLResponse", request.getParameter("SAMLResponse")); context.put("action", request.getRequestURL()); StringWriter writer = new StringWriter(); template.merge(context, writer); response.getOutputStream().write(writer.toString().getBytes("UTF-8")); } catch (Exception e1) { Logger.error("Error sending gender retrival form.", e1); // httpSession.invalidate(); throw new MOAIDException("stork.10", null); } return; } Logger.error("Error connecting SZR Gateway", e); throw new MOAIDException("stork.10", null); } Logger.debug("Add full STORK AuthnResponse to MOA session"); moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));//TODO ask Florian/Thomas authnResponse? //session is implicit stored in changeSessionID!!!! String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession); Logger.info("Changed MOASession " + moaSessionID + " to Session " + newMOASessionID); //redirect String redirectURL = null; redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(), ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID), newMOASessionID); redirectURL = response.encodeRedirectURL(redirectURL); response.setContentType("text/html"); response.setStatus(302); response.addHeader("Location", redirectURL); Logger.info("REDIRECT TO: " + redirectURL); } catch (AuthenticationException e) { handleError(null, e, request, response, pendingRequestID); } catch (MOAIDException e) { handleError(null, e, request, response, pendingRequestID); } catch (Exception e) { Logger.error("PEPSConnector has an interal Error.", e); } finally { ConfigurationDBUtils.closeSession(); } }
From source file:org.akaza.openclinica.control.submit.DataEntryServlet.java
@Override protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws Exception { //JN:The following were the the global variables, moved as local. locale = LocaleResolver.getLocale(request); EventCRFBean ecb = (EventCRFBean) request.getAttribute(INPUT_EVENT_CRF); SectionBean sb = (SectionBean) request.getAttribute(SECTION_BEAN); ItemDataDAO iddao = new ItemDataDAO(getDataSource(), locale); HttpSession session = request.getSession(); StudyBean currentStudy = (StudyBean) session.getAttribute("study"); StudyUserRoleBean currentRole = (StudyUserRoleBean) session.getAttribute("userRole"); SectionDAO sdao = new SectionDAO(getDataSource()); /**//from w ww. j a va2s. c om * Determines whether the form was submitted. Calculated once in processRequest. The reason we don't use the normal means to determine if the form was * submitted (ie FormProcessor.isSubmitted) is because when we use forwardPage, Java confuses the inputs from the just-processed form with the inputs for * the forwarded-to page. This is a problem since frequently we're forwarding from one (submitted) section to the next (unsubmitted) section. If we use the * normal means, Java will always think that the unsubmitted section is, in fact, submitted. This member is guaranteed to be calculated before * shouldLoadDBValues() is called. */ boolean isSubmitted = false; boolean hasGroup = false; EventCRFDAO ecdao = null; FormProcessor fp = new FormProcessor(request); logMe("Enterting DataEntry Servlet" + System.currentTimeMillis()); EventDefinitionCRFDAO edcdao = new EventDefinitionCRFDAO(getDataSource()); FormDiscrepancyNotes discNotes; panel.setStudyInfoShown(false); String age = ""; UserAccountBean ub = (UserAccountBean) request.getSession().getAttribute(USER_BEAN_NAME); String instantAtt = CV_INSTANT_META + ecb.getCRFVersionId(); //for 11958: repeating groups rows appear if validation returns to the same section int isFirstTimeOnSection = fp.getInt("isFirstTimeOnSection"); request.setAttribute("isFirstTimeOnSection", isFirstTimeOnSection + ""); if (fp.getString(GO_EXIT).equals("") && !isSubmitted && fp.getString("tabId").equals("") && fp.getString("sectionId").equals("")) { //HashMap unavailableCRF = getUnavailableCRFList(); if (getCrfLocker().isLocked(ecb.getId())) { int userId = getCrfLocker().getLockOwner(ecb.getId()); UserAccountDAO udao = new UserAccountDAO(getDataSource()); UserAccountBean ubean = (UserAccountBean) udao.findByPK(userId); addPageMessage(resword.getString("CRF_unavailable") + " " + ubean.getName() + " " + resword.getString("Currently_entering_data") + " " + resword.getString("Leave_the_CRF"), request); forwardPage(Page.LIST_STUDY_SUBJECTS_SERVLET, request, response); } else { getCrfLocker().lock(ecb.getId(), ub.getId()); } } if (!ecb.isActive()) { throw new InconsistentStateException(Page.LIST_STUDY_SUBJECTS_SERVLET, resexception.getString("event_not_exists")); } logMe("Enterting DataEntry Get the status/number of item discrepancy notes" + System.currentTimeMillis()); // Get the status/number of item discrepancy notes DiscrepancyNoteDAO dndao = new DiscrepancyNoteDAO(getDataSource()); ArrayList<DiscrepancyNoteBean> allNotes = new ArrayList<DiscrepancyNoteBean>(); List<DiscrepancyNoteBean> eventCrfNotes = new ArrayList<DiscrepancyNoteBean>(); List<DiscrepancyNoteThread> noteThreads = new ArrayList<DiscrepancyNoteThread>(); // BWP: this try block is not necessary try { dndao = new DiscrepancyNoteDAO(getDataSource()); allNotes = dndao.findAllTopNotesByEventCRF(ecb.getId()); eventCrfNotes = dndao.findOnlyParentEventCRFDNotesFromEventCRF(ecb); if (!eventCrfNotes.isEmpty()) { allNotes.addAll(eventCrfNotes); } logMe("Entering DataEntry Create disc note threads out of the various notes" + System.currentTimeMillis()); // Create disc note threads out of the various notes DiscrepancyNoteUtil dNoteUtil = new DiscrepancyNoteUtil(); noteThreads = dNoteUtil.createThreadsOfParents(allNotes, getDataSource(), currentStudy, null, -1, true); // variables that provide values for the CRF discrepancy note header int updatedNum = 0; int openNum = 0; int closedNum = 0; int resolvedNum = 0; int notAppNum = 0; DiscrepancyNoteBean tempBean; for (DiscrepancyNoteThread dnThread : noteThreads) { /* * 3014: do not count parent beans, only the last child disc note of the thread. */ tempBean = dnThread.getLinkedNoteList().getLast(); if (tempBean != null) { if (ResolutionStatus.UPDATED.equals(tempBean.getResStatus())) { updatedNum++; } else if (ResolutionStatus.OPEN.equals(tempBean.getResStatus())) { openNum++; } else if (ResolutionStatus.CLOSED.equals(tempBean.getResStatus())) { // if (dn.getParentDnId() > 0){ closedNum++; // } } else if (ResolutionStatus.RESOLVED.equals(tempBean.getResStatus())) { // if (dn.getParentDnId() > 0){ resolvedNum++; // } } else if (ResolutionStatus.NOT_APPLICABLE.equals(tempBean.getResStatus())) { notAppNum++; } } } logMe("Entering DataEntry Create disc note threads out of the various notes DONE" + System.currentTimeMillis()); request.setAttribute("updatedNum", updatedNum + ""); request.setAttribute("openNum", openNum + ""); request.setAttribute("closedNum", closedNum + ""); request.setAttribute("resolvedNum", resolvedNum + ""); request.setAttribute("notAppNum", notAppNum + ""); String fromViewNotes = fp.getString("fromViewNotes"); if (fromViewNotes != null && "1".equals(fromViewNotes)) { request.setAttribute("fromViewNotes", fromViewNotes); } logMe("Entering Create studySubjDao.. ++++stuff" + System.currentTimeMillis()); StudySubjectDAO ssdao = new StudySubjectDAO(getDataSource()); StudySubjectBean ssb = (StudySubjectBean) ssdao.findByPK(ecb.getStudySubjectId()); // YW 11-07-2007, data entry could not be performed if its study subject // has been removed. // Notice: ViewSectionDataEntryServelet, ViewSectionDataEntryPreview, // PrintCRFServlet and PrintDataEntryServlet, have theirs own // processRequest Status s = ssb.getStatus(); if ("removed".equalsIgnoreCase(s.getName()) || "auto-removed".equalsIgnoreCase(s.getName())) { addPageMessage(respage.getString("you_may_not_perform_data_entry_on_a_CRF") + respage.getString("study_subject_has_been_deleted"), request); request.setAttribute("id", new Integer(ecb.getStudySubjectId()).toString()); session.removeAttribute(instantAtt); forwardPage(Page.VIEW_STUDY_SUBJECT_SERVLET, request, response); } // YW >> HashMap<String, String> newUploadedFiles = (HashMap<String, String>) session .getAttribute("newUploadedFiles"); if (newUploadedFiles == null) { newUploadedFiles = new HashMap<String, String>(); } request.setAttribute("newUploadedFiles", newUploadedFiles); if (!fp.getString("exitTo").equals("")) { request.setAttribute("exitTo", fp.getString("exitTo")); } //some EVENT CRF CHECK logMe("Entering some EVENT CRF CHECK" + System.currentTimeMillis()); if (!fp.getString(GO_EXIT).equals("")) { session.removeAttribute(GROUP_HAS_DATA); session.removeAttribute("to_create_crf"); session.removeAttribute("mayProcessUploading"); //Removing the user and EventCRF from the locked CRF List getCrfLocker().unlock(ecb.getId()); if (newUploadedFiles.size() > 0) { if (this.unloadFiles(newUploadedFiles)) { } else { String missed = ""; Iterator iter = newUploadedFiles.keySet().iterator(); while (iter.hasNext()) { missed += " " + newUploadedFiles.get(iter.next()); } addPageMessage(respage.getString("uploaded_files_not_deleted_or_not_exist") + ": " + missed, request); } } session.removeAttribute("newUploadedFiles"); addPageMessage(respage.getString("exit_without_saving"), request); // addPageMessage("You chose to exit the data entry page."); // changed bu jxu 03/06/2007- we should use redirection to go to // another servlet if (fromViewNotes != null && "1".equals(fromViewNotes)) { String viewNotesURL = (String) session.getAttribute("viewNotesURL"); if (viewNotesURL != null && viewNotesURL.length() > 0) { response.sendRedirect(response.encodeRedirectURL(viewNotesURL)); } return; } String fromResolvingNotes = fp.getString("fromResolvingNotes", true); String winLocation = (String) session.getAttribute(ViewNotesServlet.WIN_LOCATION); session.removeAttribute(instantAtt); if (!StringUtil.isBlank(fromResolvingNotes) && !StringUtil.isBlank(winLocation)) { response.sendRedirect(response.encodeRedirectURL(winLocation)); } else { if (!fp.getString("exitTo").equals("")) { response.sendRedirect(response.encodeRedirectURL(fp.getString("exitTo"))); } else response.sendRedirect(response.encodeRedirectURL("ListStudySubjects")); } // forwardPage(Page.SUBMIT_DATA_SERVLET); return; } logMe("Entering some EVENT CRF CHECK DONE" + System.currentTimeMillis()); // checks if the section has items in item group // for repeating items // hasGroup = getInputBeans(); hasGroup = checkGroups(fp, ecb); Boolean b = (Boolean) request.getAttribute(INPUT_IGNORE_PARAMETERS); isSubmitted = fp.isSubmitted() && b == null; // variable is used for fetching any null values like "not applicable" int eventDefinitionCRFId = 0; if (fp != null) { eventDefinitionCRFId = fp.getInt("eventDefinitionCRFId"); } StudyBean study = (StudyBean) session.getAttribute("study"); // constructs the list of items used on UI // tbh>> // logger.trace("trying event def crf id: "+eventDefinitionCRFId); logMe("Entering some EVENT DEF CRF CHECK " + System.currentTimeMillis()); if (eventDefinitionCRFId <= 0) { // TODO we have to get that id before we can continue EventDefinitionCRFBean edcBean = edcdao.findByStudyEventIdAndCRFVersionId(study, ecb.getStudyEventId(), ecb.getCRFVersionId()); eventDefinitionCRFId = edcBean.getId(); } logMe("Entering some EVENT DEF CRF CHECK DONE " + System.currentTimeMillis()); logMe("Entering some Study EVENT DEF CRF CHECK " + System.currentTimeMillis()); StudyEventDAO seDao = new StudyEventDAO(getDataSource()); EventDefinitionCRFBean edcBean = (EventDefinitionCRFBean) edcdao.findByPK(eventDefinitionCRFId); EventDefinitionCRFBean edcb = (EventDefinitionCRFBean) edcdao.findByPK(eventDefinitionCRFId); request.setAttribute(EVENT_DEF_CRF_BEAN, edcb);//JN:Putting the event_def_crf_bean in the request attribute. StudyEventBean studyEventBean = (StudyEventBean) seDao.findByPK(ecb.getStudyEventId()); edcBean.setId(eventDefinitionCRFId); StudyEventDefinitionDAO seddao = new StudyEventDefinitionDAO(getDataSource()); StudyEventDefinitionBean studyEventDefinition = (StudyEventDefinitionBean) seddao .findByPK(edcBean.getStudyEventDefinitionId()); CRFVersionDAO cvdao = new CRFVersionDAO(getDataSource()); CRFVersionBean crfVersionBean = (CRFVersionBean) cvdao.findByPK(ecb.getCRFVersionId()); Phase phase2 = Phase.INITIAL_DATA_ENTRY; if (getServletPage(request).equals(Page.DOUBLE_DATA_ENTRY_SERVLET)) { phase2 = Phase.DOUBLE_DATA_ENTRY; } else if (getServletPage(request).equals(Page.ADMIN_EDIT_SERVLET)) { phase2 = Phase.ADMIN_EDITING; } logMe("Entering ruleSets::: CreateAndInitializeRuleSet:::" + Thread.currentThread()); logMe("Entering ruleSets::: CreateAndInitializeRuleSet:::" + Thread.currentThread() + "currentStudy?" + currentStudy + "studyEventDefinition" + studyEventDefinition + "crfVersionBean" + crfVersionBean + "studyEventBean" + studyEventBean + "ecb" + ecb); // List<RuleSetBean> ruleSets = createAndInitializeRuleSet(currentStudy, studyEventDefinition, crfVersionBean, studyEventBean, ecb, true, request, response); // boolean shouldRunRules = getRuleSetService(request).shouldRunRulesForRuleSets(ruleSets, phase2); logMe("Entering getDisplayBean:::::Thread::::" + Thread.currentThread()); DisplaySectionBean section = getDisplayBean(hasGroup, false, request, isSubmitted); //hasSCDItem has been initialized in getDisplayBean() which is online above VariableSubstitutionHelper.replaceVariables(section, study, ssb, studyEventDefinition, studyEventBean, dataSource); if (section.getSection().hasSCDItem()) { SimpleConditionalDisplayService cds0 = (SimpleConditionalDisplayService) SpringServletAccess .getApplicationContext(getServletContext()).getBean("simpleConditionalDisplayService"); section = cds0.initConditionalDisplays(section); } logMe("Entering Find out the id of the section's first field " + System.currentTimeMillis()); // 2790: Find out the id of the section's first field String firstFieldId = getSectionFirstFieldId(section.getSection().getId()); request.setAttribute("formFirstField", firstFieldId); // logger.trace("now trying event def crf id: "+eventDefinitionCRFId); // above is necessary to give us null values during DDE // ironically, this only covers vertical null value result sets // horizontal ones are covered in FormBeanUtil, tbh 112007 logMe("Entering displayItemWithGroups " + System.currentTimeMillis()); //@pgawade 30-May-2012 Fix for issue 13963 - added an extra parameter 'isSubmitted' to method createItemWithGroups List<DisplayItemWithGroupBean> displayItemWithGroups = createItemWithGroups(section, hasGroup, eventDefinitionCRFId, request, isSubmitted); logMe("Entering displayItemWithGroups end " + System.currentTimeMillis()); this.getItemMetadataService().updateGroupDynamicsInSection(displayItemWithGroups, section.getSection().getId(), ecb); section.setDisplayItemGroups(displayItemWithGroups); DisplayTableOfContentsBean toc = TableOfContentsServlet.getDisplayBeanWithShownSections(getDataSource(), (DisplayTableOfContentsBean) request.getAttribute(TOC_DISPLAY), (DynamicsMetadataService) SpringServletAccess.getApplicationContext(getServletContext()) .getBean("dynamicsMetadataService")); request.setAttribute(TOC_DISPLAY, toc); LinkedList<Integer> sectionIdsInToc = TableOfContentsServlet.sectionIdsInToc(toc); // why do we get previousSec and nextSec here, rather than in // getDisplayBeans? // so that we can use them in forwarding the user to the previous/next // section // if the validation was successful logMe("Entering displayItemWithGroups sdao.findPrevious " + System.currentTimeMillis()); int sIndex = TableOfContentsServlet.sectionIndexInToc(section.getSection(), toc, sectionIdsInToc); SectionBean previousSec = this.prevSection(section.getSection(), ecb, toc, sIndex); logMe("Entering displayItemWithGroups sdao.findPrevious end " + System.currentTimeMillis()); SectionBean nextSec = this.nextSection(section.getSection(), ecb, toc, sIndex); section.setFirstSection(!previousSec.isActive()); section.setLastSection(!nextSec.isActive()); // this is for generating side info panel // and the information panel under the Title SubjectDAO subjectDao = new SubjectDAO(getDataSource()); StudyDAO studydao = new StudyDAO(getDataSource()); SubjectBean subject = (SubjectBean) subjectDao.findByPK(ssb.getSubjectId()); // Get the study then the parent study logMe("Entering Get the study then the parent study " + System.currentTimeMillis()); if (study.getParentStudyId() > 0) { // this is a site,find parent StudyBean parentStudy = (StudyBean) studydao.findByPK(study.getParentStudyId()); request.setAttribute("studyTitle", parentStudy.getName()); request.setAttribute("siteTitle", study.getName()); } else { request.setAttribute("studyTitle", study.getName()); } logMe("Entering Get the study then the parent study end " + System.currentTimeMillis()); // Let us process the age if (currentStudy.getStudyParameterConfig().getCollectDob().equals("1")) { // YW 11-16-2007 erollment-date is used for calculating age. Date enrollmentDate = ssb.getEnrollmentDate(); age = Utils.getInstacne().processAge(enrollmentDate, subject.getDateOfBirth()); } //ArrayList beans = ViewStudySubjectServlet.getDisplayStudyEventsForStudySubject(ssb, getDataSource(), ub, currentRole); request.setAttribute("studySubject", ssb); request.setAttribute("subject", subject); //request.setAttribute("beans", beans); request.setAttribute("eventCRF", ecb); request.setAttribute("age", age); request.setAttribute("decryptedPassword", ((SecurityManager) SpringServletAccess.getApplicationContext(getServletContext()) .getBean("securityManager")).encrytPassword("root", getUserDetails())); // set up interviewer name and date fp.addPresetValue(INPUT_INTERVIEWER, ecb.getInterviewerName()); if (ecb.getDateInterviewed() != null) { DateFormat local_df = new SimpleDateFormat(resformat.getString("date_format_string"), ResourceBundleProvider.getLocale()); String idateFormatted = local_df.format(ecb.getDateInterviewed()); fp.addPresetValue(INPUT_INTERVIEW_DATE, idateFormatted); } else { fp.addPresetValue(INPUT_INTERVIEW_DATE, ""); } setPresetValues(fp.getPresetValues(), request); logMe("Entering Checks !submitted " + System.currentTimeMillis()); if (!isSubmitted) { // TODO: prevent data enterer from seeing results of first round of // data // entry, if this is second round // FLAG--SLOW HERE WHEN LOADING logMe("Entering Checks !submitted entered " + System.currentTimeMillis()); long t = System.currentTimeMillis(); request.setAttribute(BEAN_DISPLAY, section); request.setAttribute(BEAN_ANNOTATIONS, getEventCRFAnnotations(request)); session.setAttribute("shouldRunValidation", null); session.setAttribute("rulesErrors", null); session.setAttribute(DataEntryServlet.NOTE_SUBMITTED, null); discNotes = new FormDiscrepancyNotes(); // discNotes = (FormDiscrepancyNotes) session.getAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME); // if (discNotes == null) { // discNotes = new FormDiscrepancyNotes(); // } // << tbh 01/2010 section = populateNotesWithDBNoteCounts(discNotes, section, request); populateInstantOnChange(request.getSession(), ecb, section); LOGGER.debug( "+++ just ran populateNotes, printing field notes: " + discNotes.getFieldNotes().toString()); LOGGER.debug("found disc notes: " + discNotes.getNumExistingFieldNotes().toString()); session.setAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME, discNotes); if (section.getSection().hasSCDItem()) { section = SCDItemDisplayInfo.generateSCDDisplayInfo(section, this.getServletPage(request).equals(Page.INITIAL_DATA_ENTRY) || this.getServletPage(request).equals(Page.ADMIN_EDIT_SERVLET) && !this.isAdminForcedReasonForChange(request)); } int keyId = ecb.getId(); session.removeAttribute(DoubleDataEntryServlet.COUNT_VALIDATE + keyId); setUpPanel(section); if (newUploadedFiles.size() > 0) { if (this.unloadFiles(newUploadedFiles)) { } else { String missed = ""; Iterator iter = newUploadedFiles.keySet().iterator(); while (iter.hasNext()) { missed += " " + newUploadedFiles.get(iter.next()); } addPageMessage(respage.getString("uploaded_files_not_deleted_or_not_exist") + ": " + missed, request); } } logMe("Entering Checks !submitted entered end forwarding page " + System.currentTimeMillis()); logMe("Time Took for this block" + (System.currentTimeMillis() - t)); forwardPage(getJSPPage(), request, response); return; } else { logMe("Entering Checks !submitted not entered " + System.currentTimeMillis()); // // VALIDATION / LOADING DATA // // If validation is required for this round, we will go through // each item and add an appropriate validation to the Validator // // Otherwise, we will just load the data into the DisplayItemBean // so that we can write to the database later. // // Validation is required if two conditions are met: // 1. The user clicked a "Save" button, not a "Confirm" button // 2. In this type of data entry servlet, when the user clicks // a Save button, the inputs are validated // boolean validate = fp.getBoolean(INPUT_CHECK_INPUTS) && validateInputOnFirstRound(); // did the user click a "Save" button? // is validation required in this type of servlet when the user // clicks // "Save"? // We can conclude that the user is trying to save data; therefore, // set a request // attribute indicating that default values for items shouldn't be // displayed // in the application UI that will subsequently be displayed // TODO: find a better, less random place for this // session.setAttribute(HAS_DATA_FLAG, true); // section.setCheckInputs(fp.getBoolean(INPUT_CHECK_INPUTS)); errors = new HashMap(); // ArrayList items = section.getItems(); discNotes = (FormDiscrepancyNotes) session .getAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME); if (discNotes == null) { discNotes = new FormDiscrepancyNotes(); } // populateNotesWithDBNoteCounts(discNotes, section); // all items- inlcude items in item groups and other single items List<DisplayItemWithGroupBean> allItems = section.getDisplayItemGroups(); String attachedFilePath = Utils.getAttachedFilePath(currentStudy); DiscrepancyValidator v = new DiscrepancyValidator(request, discNotes); RuleValidator ruleValidator = new RuleValidator(request); LOGGER.debug("SZE 1 :: " + allItems.size()); logMe("Looping inside !submitted " + System.currentTimeMillis()); for (int i = 0; i < allItems.size(); i++) { LOGGER.trace("===itering through items: " + i); DisplayItemWithGroupBean diwg = allItems.get(i); if (diwg.isInGroup()) { // for the items in groups DisplayItemGroupBean dgb = diwg.getItemGroup(); List<DisplayItemGroupBean> dbGroups = diwg.getDbItemGroups(); //dbGroups = diwg.getItemGroups(); List<DisplayItemGroupBean> formGroups = new ArrayList<DisplayItemGroupBean>(); LOGGER.debug("got db item group size " + dbGroups.size()); if (validate) { // int manualGroups = getManualRows(dbGroups2); // logger.debug("+++ found manual rows from db group 2: " + manualGroups); LOGGER.debug("===IF VALIDATE NOT A SINGLE ITEM: got to this part in the validation loop: " + dgb.getGroupMetaBean().getName()); // TODO next marker tbh 112007 // formGroups = validateDisplayItemGroupBean(v, // dgb,dbGroups, formGroups, // ruleValidator,groupOrdinalPLusItemOid); formGroups = validateDisplayItemGroupBean(v, dgb, dbGroups, formGroups, request, response); LOGGER.debug("form group size after validation " + formGroups.size()); } else { LOGGER.debug("+++ELSE NOT A SINGLE ITEM: got to this part in the validation loop: " + dgb.getGroupMetaBean().getName()); formGroups = loadFormValueForItemGroup(dgb, dbGroups, formGroups, eventDefinitionCRFId, request); LOGGER.debug("form group size without validation " + formGroups.size()); } diwg.setItemGroup(dgb); diwg.setItemGroups(formGroups); allItems.set(i, diwg); } else {// other single items DisplayItemBean dib = diwg.getSingleItem(); // dib = (DisplayItemBean) allItems.get(i); if (validate) { // generate input name here? // DisplayItemGroupBean dgb = diwg.getItemGroup(); String itemName = getInputName(dib); // no Item group for single item, so just use blank // string as parameter for inputName dib = validateDisplayItemBean(v, dib, "", request);// this // should be // used, // otherwise, // DDE not // working-jxu LOGGER.debug("&&& found name: " + itemName); LOGGER.debug("input VALIDATE " + itemName + ": " + fp.getString(itemName)); // dib.loadFormValue(fp.getString(itemName)); LOGGER.debug("input " + itemName + " has a response set of " + dib.getMetadata().getResponseSet().getOptions().size() + " options"); } else { String itemName = getInputName(dib); LOGGER.debug("input NONVALIDATE " + itemName + ": " + fp.getString(itemName)); // dib.loadFormValue(itemName); dib = loadFormValue(dib, request); // String itemName = getInputName(dib); // dib = loadFormValue(itemName); } ArrayList children = dib.getChildren(); for (int j = 0; j < children.size(); j++) { DisplayItemBean child = (DisplayItemBean) children.get(j); // DisplayItemGroupBean dgb = diwg.getItemGroup(); String itemName = getInputName(child); child.loadFormValue(fp.getString(itemName)); if (validate) { // child = validateDisplayItemBean(v, child, // itemName, ruleValidator, groupOrdinalPLusItemOid, // false); child = validateDisplayItemBean(v, child, itemName, request); // was null changed value 092007 tbh } else { // child.loadFormValue(itemName); child = loadFormValue(child, request); } LOGGER.debug("Checking child value for " + itemName + ": " + child.getData().getValue()); children.set(j, child); } dib.setChildren(children); diwg.setSingleItem(runDynamicsItemCheck(dib, null, request)); // logger.trace("just set single item on line 447: // "+dib.getData().getValue()); // items.set(i, dib); LOGGER.debug(" I : " + i); allItems.set(i, diwg); } } logMe("Loop ended " + System.currentTimeMillis()); //JN: This is the list that contains all the scd-shown items. List<ItemBean> itemBeansWithSCDShown = new ArrayList<ItemBean>(); if (validate && section.getSection().hasSCDItem()) { logMe(" Validate and Loop " + System.currentTimeMillis()); for (int i = 0; i < allItems.size(); ++i) { DisplayItemBean dib = allItems.get(i).getSingleItem(); ItemFormMetadataBean ifmb = dib.getMetadata(); if (ifmb.getParentId() == 0) { if (dib.getScdData().getScdSetsForControl().size() > 0) { //for control item //dib has to loadFormValue first. Here loadFormValue has been done in validateDisplayItemBean(v, dib, "") section.setShowSCDItemIds(SimpleConditionalDisplayService .conditionalDisplayToBeShown(dib, section.getShowSCDItemIds())); } if (dib.getScdData().getScdItemMetadataBean().getScdItemFormMetadataId() > 0) { //for scd item //a control item is always before its scd item dib.setIsSCDtoBeShown( section.getShowSCDItemIds().contains(dib.getMetadata().getItemId())); if (dib.getIsSCDtoBeShown()) itemBeansWithSCDShown.add(dib.getItem()); validateSCDItemBean(v, dib); } ArrayList<DisplayItemBean> children = dib.getChildren(); for (int j = 0; j < children.size(); j++) { DisplayItemBean child = children.get(j); if (child.getScdData().getScdSetsForControl().size() > 0) { //for control item //dib has to loadFormValue first. Here loadFormValue has been done in validateDisplayItemBean(v, dib, "") section.setShowSCDItemIds(SimpleConditionalDisplayService .conditionalDisplayToBeShown(child, section.getShowSCDItemIds())); } if (child.getScdData().getScdItemMetadataBean().getScdItemFormMetadataId() > 0) { //for scd item //a control item is always before its scd item child.setIsSCDtoBeShown( section.getShowSCDItemIds().contains(child.getMetadata().getItemId())); if (child.getIsSCDtoBeShown()) itemBeansWithSCDShown.add(dib.getItem()); validateSCDItemBean(v, child); } } } } logMe(" Validate and Loop end " + System.currentTimeMillis()); } logMe(" Validate and Loop end " + System.currentTimeMillis()); //JN:calling again here, for the items with simple conditional display and rules. List<RuleSetBean> ruleSets = createAndInitializeRuleSet(currentStudy, studyEventDefinition, crfVersionBean, studyEventBean, ecb, true, request, response, itemBeansWithSCDShown); boolean shouldRunRules = getRuleSetService(request).shouldRunRulesForRuleSets(ruleSets, phase2); // this.getItemMetadataService().resetItemCounter(); HashMap<String, ArrayList<String>> groupOrdinalPLusItemOid = null; groupOrdinalPLusItemOid = runRules(allItems, ruleSets, true, shouldRunRules, MessageType.ERROR, phase2, ecb, request); logMe("allItems Loop begin " + System.currentTimeMillis()); for (int i = 0; i < allItems.size(); i++) { DisplayItemWithGroupBean diwg = allItems.get(i); if (diwg.isInGroup()) { // for the items in groups DisplayItemGroupBean dgb = diwg.getItemGroup(); List<DisplayItemGroupBean> dbGroups = diwg.getDbItemGroups(); //dbGroups = diwg.getItemGroups(); // tbh 01/2010 change the group list? List<DisplayItemGroupBean> formGroups = new ArrayList<DisplayItemGroupBean>(); // List<DisplayItemGroupBean> dbGroups2 = loadFormValueForItemGroup(dgb, dbGroups, formGroups, eventDefinitionCRFId); // jxu- this part need to be refined, why need to validate // items again? if (validate) { // int manualGroups = getManualRows(dbGroups2); // logger.debug("+++ found manual rows for db group2: " + manualGroups); formGroups = validateDisplayItemGroupBean(v, dgb, dbGroups, formGroups, ruleValidator, groupOrdinalPLusItemOid, request, response); // formGroups = validateDisplayItemGroupBean(v, dgb, // dbGroups, formGroups); LOGGER.debug("*** form group size after validation " + formGroups.size()); } diwg.setItemGroup(dgb); diwg.setItemGroups(formGroups); allItems.set(i, diwg); } else {// other single items DisplayItemBean dib = diwg.getSingleItem(); // dib = (DisplayItemBean) allItems.get(i); if (validate) { String itemName = getInputName(dib); dib = validateDisplayItemBean(v, dib, "", ruleValidator, groupOrdinalPLusItemOid, false, null, request);// // / dib = validateDisplayItemBean(v, dib, "");// this } ArrayList children = dib.getChildren(); for (int j = 0; j < children.size(); j++) { DisplayItemBean child = (DisplayItemBean) children.get(j); // DisplayItemGroupBean dgb = diwg.getItemGroup(); String itemName = getInputName(child); child.loadFormValue(fp.getString(itemName)); if (validate) { child = validateDisplayItemBean(v, child, "", ruleValidator, groupOrdinalPLusItemOid, false, null, request); // child = validateDisplayItemBean(v, child, // itemName); } children.set(j, child); LOGGER.debug(" J (children): " + j); } dib.setChildren(children); diwg.setSingleItem(runDynamicsItemCheck(dib, null, request)); LOGGER.debug(" I : " + i); allItems.set(i, diwg); } } logMe("allItems Loop end " + System.currentTimeMillis()); // YW, 2-1-2008 << // A map from item name to item bean object. HashMap<String, ItemBean> scoreItems = new HashMap<String, ItemBean>(); HashMap<String, String> scoreItemdata = new HashMap<String, String>(); HashMap<String, ItemDataBean> oldItemdata = prepareSectionItemdataObject(sb.getId(), request); // hold all item names of changed ItemBean in current section TreeSet<String> changedItems = new TreeSet<String>(); // holds complete disply item beans for checking against 'request // for change' restriction ArrayList<DisplayItemBean> changedItemsList = new ArrayList<DisplayItemBean>(); // key is repeating item name, value is its display item group bean HashMap<String, DisplayItemGroupBean> changedItemsMap = new HashMap<String, DisplayItemGroupBean>(); // key is itemid, value is set of itemdata-ordinal HashMap<Integer, TreeSet<Integer>> itemOrdinals = prepareItemdataOrdinals(request); // prepare item data for scoring updateDataOrdinals(allItems); section.setDisplayItemGroups(allItems); scoreItems = prepareScoreItems(request); scoreItemdata = prepareScoreItemdata(request); logMe("allItems 2 Loop begin " + System.currentTimeMillis()); for (int i = 0; i < allItems.size(); i++) { DisplayItemWithGroupBean diwb = allItems.get(i); if (diwb.isInGroup()) { List<DisplayItemGroupBean> dbGroups = diwb.getDbItemGroups(); for (int j = 0; j < dbGroups.size(); j++) { DisplayItemGroupBean displayGroup = dbGroups.get(j); List<DisplayItemBean> items = displayGroup.getItems(); if ("remove".equalsIgnoreCase(displayGroup.getEditFlag())) { for (DisplayItemBean displayItem : items) { int itemId = displayItem.getItem().getId(); int ordinal = displayItem.getData().getOrdinal(); if (itemOrdinals.containsKey(itemId)) { itemOrdinals.get(itemId).remove(ordinal); } if (scoreItemdata.containsKey(itemId + "_" + ordinal)) { scoreItemdata.remove(itemId + "_" + ordinal); } changedItems.add(displayItem.getItem().getName()); changedItemsList.add(displayItem); String formName = displayItem.getItem().getName(); // logger.debug("SET: formName:" + formName); if (displayGroup.isAuto()) { formName = getGroupItemInputName(displayGroup, displayGroup.getFormInputOrdinal(), displayItem); LOGGER.debug("GET: changed formName to " + formName); } else { formName = getGroupItemManualInputName(displayGroup, displayGroup.getFormInputOrdinal(), displayItem); LOGGER.debug("GET-MANUAL: changed formName to " + formName); } changedItemsMap.put(formName, displayGroup); LOGGER.debug("adding to changed items map: " + formName); } } } List<DisplayItemGroupBean> dgbs = diwb.getItemGroups(); int groupsize = dgbs.size(); HashMap<Integer, Integer> maxOrdinals = new HashMap<Integer, Integer>(); boolean first = true; for (int j = 0; j < dgbs.size(); j++) { DisplayItemGroupBean displayGroup = dgbs.get(j); List<DisplayItemBean> items = displayGroup.getItems(); boolean isAdd = "add".equalsIgnoreCase(displayGroup.getEditFlag()) ? true : false; for (DisplayItemBean displayItem : items) { ItemBean ib = displayItem.getItem(); String itemName = ib.getName(); int itemId = ib.getId(); if (first) { maxOrdinals.put(itemId, iddao.getMaxOrdinalForGroup(ecb, sb, displayGroup.getItemGroupBean())); } ItemDataBean idb = displayItem.getData(); String value = idb.getValue(); scoreItems.put(itemName, ib); int ordinal = displayItem.getData().getOrdinal(); if (isAdd && scoreItemdata.containsKey(itemId + "_" + ordinal)) { int formMax = 1; if (maxOrdinals.containsKey(itemId)) { formMax = maxOrdinals.get(itemId); } int dbMax = iddao.getMaxOrdinalForGroup(ecb, sb, displayGroup.getItemGroupBean()); ordinal = ordinal >= dbMax ? formMax + 1 : ordinal; maxOrdinals.put(itemId, ordinal); displayItem.getData().setOrdinal(ordinal); scoreItemdata.put(itemId + "_" + ordinal, value); } else { scoreItemdata.put(itemId + "_" + ordinal, value); } if (itemOrdinals.containsKey(itemId)) { itemOrdinals.get(itemId).add(ordinal); } else { TreeSet<Integer> ordinalSet = new TreeSet<Integer>(); ordinalSet.add(ordinal); itemOrdinals.put(itemId, ordinalSet); } if (isChanged(displayItem, oldItemdata, attachedFilePath)) { changedItems.add(itemName); changedItemsList.add(displayItem); String formName = displayItem.getItem().getName(); // logger.debug("SET: formName:" + formName); if (displayGroup.isAuto()) { formName = getGroupItemInputName(displayGroup, displayGroup.getFormInputOrdinal(), displayItem); LOGGER.debug("RESET: formName group-item-input:" + formName); } else { formName = getGroupItemManualInputName(displayGroup, displayGroup.getFormInputOrdinal(), displayItem); LOGGER.debug("RESET: formName group-item-input-manual:" + formName); } changedItemsMap.put(formName, displayGroup); LOGGER.debug("adding to changed items map: " + formName); } } first = false; } } else { DisplayItemBean dib = diwb.getSingleItem(); ItemBean ib = dib.getItem(); ItemDataBean idb = dib.getData(); int itemId = ib.getId(); String itemName = ib.getName(); String value = idb.getValue(); scoreItems.put(itemName, ib); // for items which are not in any group, their ordinal is // set as 1 TreeSet<Integer> ordinalset = new TreeSet<Integer>(); ordinalset.add(1); itemOrdinals.put(itemId, ordinalset); scoreItemdata.put(itemId + "_" + 1, value); if (isChanged(idb, oldItemdata, dib, attachedFilePath)) { changedItems.add(itemName); changedItemsList.add(dib); // changedItemsMap.put(dib.getItem().getName(), new // DisplayItemGroupBean()); } ArrayList children = dib.getChildren(); for (int j = 0; j < children.size(); j++) { DisplayItemBean child = (DisplayItemBean) children.get(j); ItemBean cib = child.getItem(); scoreItems.put(cib.getName(), cib); TreeSet<Integer> cordinalset = new TreeSet<Integer>(); cordinalset.add(1); itemOrdinals.put(itemId, cordinalset); scoreItemdata.put(cib.getId() + "_" + 1, child.getData().getValue()); if (isChanged(child.getData(), oldItemdata, child, attachedFilePath)) { changedItems.add(itemName); changedItemsList.add(child); // changedItemsMap.put(itemName, new // DisplayItemGroupBean()); } } } } logMe("allItems 2 Loop end " + System.currentTimeMillis()); // do calculation for 'calculation' and 'group-calculation' type // items // and write the result in DisplayItemBean's ItemDateBean - data ScoreItemValidator sv = new ScoreItemValidator(request, discNotes); // *** doing calc here, load it where? *** SessionManager sm = (SessionManager) request.getSession().getAttribute("sm"); ScoreCalculator sc = new ScoreCalculator(sm, ecb, ub); logMe("allItems 3 Loop begin " + System.currentTimeMillis()); for (int i = 0; i < allItems.size(); i++) { DisplayItemWithGroupBean diwb = allItems.get(i); if (diwb.isInGroup()) { List<DisplayItemGroupBean> dgbs = diwb.getItemGroups(); for (int j = 0; j < dgbs.size(); j++) { DisplayItemGroupBean displayGroup = dgbs.get(j); List<DisplayItemBean> items = displayGroup.getItems(); for (DisplayItemBean displayItem : items) { ItemFormMetadataBean ifmb = displayItem.getMetadata(); int responseTypeId = ifmb.getResponseSet().getResponseTypeId(); if (responseTypeId == 8 || responseTypeId == 9) { StringBuffer err = new StringBuffer(); ResponseOptionBean robBean = (ResponseOptionBean) ifmb.getResponseSet().getOptions() .get(0); String value = ""; String inputName = ""; // note that we have to use // getFormInputOrdinal() here, tbh 06/2009 if (displayGroup.isAuto()) { inputName = getGroupItemInputName(displayGroup, displayGroup.getFormInputOrdinal(), displayItem); LOGGER.debug("returning input name: " + inputName); } else { inputName = getGroupItemManualInputName(displayGroup, displayGroup.getFormInputOrdinal(), displayItem); LOGGER.debug("returning input name: " + inputName); } if (robBean.getValue().startsWith("func: getexternalvalue") || robBean.getValue().startsWith("func: getExternalValue")) { value = fp.getString(inputName); LOGGER.debug("*** just set " + fp.getString(inputName) + " for line 815 " + displayItem.getItem().getName() + " with input name " + inputName); } else { value = sc.doCalculation(displayItem, scoreItems, scoreItemdata, itemOrdinals, err, displayItem.getData().getOrdinal()); } displayItem.loadFormValue(value); if (isChanged(displayItem, oldItemdata, attachedFilePath)) { changedItems.add(displayItem.getItem().getName()); changedItemsList.add(displayItem); } request.setAttribute(inputName, value); if (validate) { displayItem = validateCalcTypeDisplayItemBean(sv, displayItem, inputName, request); if (err.length() > 0) { Validation validation = new Validation(Validator.CALCULATION_FAILED); validation.setErrorMessage(err.toString()); sv.addValidation(inputName, validation); } } } } } } else { DisplayItemBean dib = diwb.getSingleItem(); ItemFormMetadataBean ifmb = dib.getMetadata(); int responseTypeId = ifmb.getResponseSet().getResponseTypeId(); if (responseTypeId == 8 || responseTypeId == 9) { StringBuffer err = new StringBuffer(); ResponseOptionBean robBean = (ResponseOptionBean) ifmb.getResponseSet().getOptions().get(0); String value = ""; if (robBean.getValue().startsWith("func: getexternalvalue") || robBean.getValue().startsWith("func: getExternalValue")) { String itemName = getInputName(dib); value = fp.getString(itemName); LOGGER.debug("just set " + fp.getString(itemName) + " for " + dib.getItem().getName()); LOGGER.debug("found in fp: " + fp.getString(dib.getItem().getName())); // logger.debug("scoreitemdata: " + // scoreItemdata.toString()); } else { value = sc.doCalculation(dib, scoreItems, scoreItemdata, itemOrdinals, err, 1); } dib.loadFormValue(value); if (isChanged(dib.getData(), oldItemdata, dib, attachedFilePath)) { changedItems.add(dib.getItem().getName()); changedItemsList.add(dib); // changedItemsMap.put(dib.getItem().getName(), new // DisplayItemGroupBean()); } String inputName = getInputName(dib); request.setAttribute(inputName, value); if (validate) { dib = validateCalcTypeDisplayItemBean(sv, dib, "", request); if (err.length() > 0) { Validation validation = new Validation(Validator.CALCULATION_FAILED); validation.setErrorMessage(err.toString()); sv.addValidation(inputName, validation); } } } ArrayList children = dib.getChildren(); for (int j = 0; j < children.size(); j++) { DisplayItemBean child = (DisplayItemBean) children.get(j); ItemFormMetadataBean cifmb = child.getMetadata(); int resTypeId = cifmb.getResponseSet().getResponseTypeId(); if (resTypeId == 8 || resTypeId == 9) { StringBuffer cerr = new StringBuffer(); child.getDbData().setValue(child.getData().getValue()); ResponseOptionBean crobBean = (ResponseOptionBean) cifmb.getResponseSet().getOptions() .get(0); String cvalue = ""; if (crobBean.getValue().startsWith("func: getexternalvalue") || crobBean.getValue().startsWith("func: getExternalValue")) { String itemName = getInputName(child); cvalue = fp.getString(itemName); LOGGER.debug( "just set " + fp.getString(itemName) + " for " + child.getItem().getName()); } else { cvalue = sc.doCalculation(child, scoreItems, scoreItemdata, itemOrdinals, cerr, 1); } child.loadFormValue(cvalue); if (isChanged(child.getData(), oldItemdata, child, attachedFilePath)) { changedItems.add(child.getItem().getName()); changedItemsList.add(child); // changedItemsMap.put(child.getItem().getName(), // new DisplayItemGroupBean()); } String cinputName = getInputName(child); request.setAttribute(cinputName, cvalue); if (validate) { child = validateCalcTypeDisplayItemBean(sv, child, "", request); if (cerr.length() > 0) { Validation cvalidation = new Validation(Validator.CALCULATION_FAILED); cvalidation.setErrorMessage(cerr.toString()); sv.addValidation(cinputName, cvalidation); } } } children.set(j, child); } } } logMe("allItems 3 Loop end " + System.currentTimeMillis()); // YW >> // we have to do this since we loaded all the form values into the // display // item beans above // section.setItems(items); // setting this AFTER we populate notes - will that make a difference? section.setDisplayItemGroups(allItems); // logger.debug("+++ try to populate notes"); section = populateNotesWithDBNoteCounts(discNotes, section, request); populateInstantOnChange(request.getSession(), ecb, section); // logger.debug("+++ try to populate notes, got count of field notes: " + discNotes.getFieldNotes().toString()); if (currentStudy.getStudyParameterConfig().getInterviewerNameRequired().equals("yes")) { v.addValidation(INPUT_INTERVIEWER, Validator.NO_BLANKS); } if (currentStudy.getStudyParameterConfig().getInterviewDateRequired().equals("yes")) { v.addValidation(INPUT_INTERVIEW_DATE, Validator.NO_BLANKS); } if (!StringUtil.isBlank(fp.getString(INPUT_INTERVIEW_DATE))) { v.addValidation(INPUT_INTERVIEW_DATE, Validator.IS_A_DATE); v.alwaysExecuteLastValidation(INPUT_INTERVIEW_DATE); } if (section.getSection().hasSCDItem()) { section = SCDItemDisplayInfo.generateSCDDisplayInfo(section, this.getServletPage(request).equals(Page.INITIAL_DATA_ENTRY) || this.getServletPage(request).equals(Page.ADMIN_EDIT_SERVLET) && !this.isAdminForcedReasonForChange(request)); } // logger.debug("about to validate: " + v.getKeySet()); errors = v.validate(); // tbh >> if (this.isAdminForcedReasonForChange(request) && this.isAdministrativeEditing() && errors.isEmpty()) { // "You have changed data after this CRF was marked complete. " // + // "You must provide a Reason For Change discrepancy note for this item before you can save this updated information." String error = respage.getString("reason_for_change_error"); // "Please enter a reason for change discrepancy note before saving." // ; int nonforcedChanges = 0; // change everything here from changed items list to changed // items map if (changedItemsList.size() > 0) { LOGGER.debug("found admin force reason for change: changed items " + changedItems.toString() + " and changed items list: " + changedItemsList.toString() + " changed items map: " + changedItemsMap.toString()); logMe("DisplayItemBean Loop begin " + System.currentTimeMillis()); for (DisplayItemBean displayItem : changedItemsList) { String formName = getInputName(displayItem); ItemDataBean idb = displayItem.getData(); ItemBean item_bean = displayItem.getItem(); ItemFormMetadataBean ifmb = displayItem.getMetadata(); LOGGER.debug("-- found group label " + ifmb.getGroupLabel()); if (!ifmb.getGroupLabel().equalsIgnoreCase("Ungrouped") && !ifmb.getGroupLabel().equalsIgnoreCase("")) { // << tbh 11/2009 sometimes the group label is blank instead of ungrouped??? Iterator iter = changedItemsMap.entrySet().iterator(); while (iter.hasNext()) { Map.Entry<String, DisplayItemGroupBean> pairs = (Map.Entry) iter.next(); String formName2 = pairs.getKey(); DisplayItemGroupBean dgb = pairs.getValue(); // logger.debug("found auto: " + // dgb.isAuto()); String testFormName = ""; if (dgb.isAuto()) { // testFormName = getGroupItemInputName(dgb, dgb.getFormInputOrdinal(), getManualRows(dgbs), displayItem); testFormName = getGroupItemInputName(dgb, dgb.getFormInputOrdinal(), displayItem); } else { testFormName = getGroupItemManualInputName(dgb, dgb.getFormInputOrdinal(), displayItem); } LOGGER.debug("found test form name: " + testFormName); // if our test is the same with both the display // item and the display group ... // logger.debug("comparing " + // testFormName + " and " + formName2); int existingNotes = dndao.findNumExistingNotesForItem(idb.getId()); if (testFormName.equals(formName2)) { formName = formName2; this.setReasonForChangeError(ecb, item_bean, idb, formName, error, request); changedItemsMap.remove(formName2); LOGGER.debug("form name changed: " + formName); break; // .., send it as the form name } // ... otherwise, don't touch it // how to tell vs. manual and just plain input? } } else { this.setReasonForChangeError(ecb, item_bean, idb, formName, error, request); LOGGER.debug("form name added: " + formName); } } logMe("DisplayItemBean Loop end " + System.currentTimeMillis()); } if (nonforcedChanges > 0) { // do smething here? } } LOGGER.debug("errors here: " + errors.toString()); // << logMe("error check Loop begin " + System.currentTimeMillis()); if (errors.isEmpty() && shouldRunRules) { LOGGER.debug("Errors was empty"); if (session.getAttribute("rulesErrors") != null) { // rules have already generated errors, Let's compare old // error list with new // error list, if lists not same show errors. HashMap h = ruleValidator.validate(); Set<String> a = (Set<String>) session.getAttribute("rulesErrors"); Set<String> ba = h.keySet(); Boolean showErrors = false; for (Object key : ba) { if (!a.contains(key)) { showErrors = true; } } if (showErrors) { errors = h; if (errors.size() > 0) { session.setAttribute("shouldRunValidation", "1"); session.setAttribute("rulesErrors", errors.keySet()); } else { session.setAttribute("shouldRunValidation", null); session.setAttribute("rulesErrors", null); } } else { session.setAttribute("shouldRunValidation", null); session.setAttribute("rulesErrors", null); } } else if (session.getAttribute("shouldRunValidation") != null && session.getAttribute("shouldRunValidation").toString().equals("1")) { session.setAttribute("shouldRunValidation", null); session.setAttribute("rulesErrors", null); } else { errors = ruleValidator.validate(); if (errors.size() > 0) { session.setAttribute("shouldRunValidation", "1"); session.setAttribute("rulesErrors", errors.keySet()); } } } if (!errors.isEmpty()) { LOGGER.debug("threw an error with data entry..."); // copying below three lines, tbh 03/2010 String[] textFields = { INPUT_INTERVIEWER, INPUT_INTERVIEW_DATE }; fp.setCurrentStringValuesAsPreset(textFields); setPresetValues(fp.getPresetValues(), request); // YW, 2-4-2008 << logMe("!errors if Loop begin " + System.currentTimeMillis()); HashMap<String, ArrayList<String>> siErrors = sv.validate(); if (siErrors != null && !siErrors.isEmpty()) { Iterator iter = siErrors.keySet().iterator(); while (iter.hasNext()) { String fieldName = iter.next().toString(); errors.put(fieldName, siErrors.get(fieldName)); } } // we should 'shift' the names here, tbh 02/2010 // need: total number of rows, manual rows, all row names // plus: error names Iterator iter2 = errors.keySet().iterator(); while (iter2.hasNext()) { String fieldName = iter2.next().toString(); LOGGER.debug("found error " + fieldName); } // for (int i = 0; i < allItems.size(); i++) { // DisplayItemWithGroupBean diwb = allItems.get(i); // // if (diwb.isInGroup()) { // List<DisplayItemGroupBean> dgbs = diwb.getItemGroups(); // logger.debug("found manual rows " + getManualRows(dgbs) + " and total rows " + dgbs.size() + " from ordinal " + diwb.getOrdinal()); // } // } errors = reshuffleErrorGroupNamesKK(errors, allItems, request); reshuffleReasonForChangeHashAndDiscrepancyNotes(allItems, request, ecb); // reset manual rows, so that we can catch errors correctly // but it needs to be set per block of repeating items? what if there are two or more? /* int manualRows = 0; // getManualRows(formGroups); for (int i = 0; i < allItems.size(); i++) { DisplayItemWithGroupBean diwb = allItems.get(i); if (diwb.isInGroup()) { List<DisplayItemGroupBean> dgbs = diwb.getItemGroups(); manualRows = getManualRows(dgbs); } } */ //request.setAttribute("manualRows", new Integer(manualRows)); Iterator iter3 = errors.keySet().iterator(); while (iter3.hasNext()) { String fieldName = iter3.next().toString(); LOGGER.debug("found error after shuffle " + fieldName); } //Mantis Issue: 8116. Parsist the markComplete chebox on error request.setAttribute("markComplete", fp.getString(INPUT_MARK_COMPLETE)); // << tbh, 02/2010 // YW >> // copied request.setAttribute(BEAN_DISPLAY, section); request.setAttribute(BEAN_ANNOTATIONS, fp.getString(INPUT_ANNOTATIONS)); setInputMessages(errors, request); addPageMessage(respage.getString("errors_in_submission_see_below"), request); request.setAttribute("hasError", "true"); // addPageMessage("To override these errors and keep the data as // you // entered it, click one of the \"Confirm\" buttons. "); // if (section.isCheckInputs()) { // addPageMessage("Please notice that you must enter data for // the // <b>required</b> entries."); // } // we do not save any DNs if we get here, so we have to set it back into session... session.setAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME, discNotes); // << tbh 01/2010 setUpPanel(section); forwardPage(getJSPPage(), request, response); } else { //reshuffleReasonForChangeHashAndDiscrepancyNotes( allItems, request, ecb); LOGGER.debug("Do we hit this in save ?????"); logMe("Do we hit this in save ???? " + System.currentTimeMillis()); boolean success = true; boolean temp = true; // save interviewer name and date into DB ecb.setInterviewerName(fp.getString(INPUT_INTERVIEWER)); if (!StringUtil.isBlank(fp.getString(INPUT_INTERVIEW_DATE))) { ecb.setDateInterviewed(fp.getDate(INPUT_INTERVIEW_DATE)); } else { ecb.setDateInterviewed(null); } if (ecdao == null) { ecdao = new EventCRFDAO(getDataSource()); } // set validator id for DDE DataEntryStage stage = ecb.getStage(); if (stage.equals(DataEntryStage.INITIAL_DATA_ENTRY_COMPLETE) || stage.equals(DataEntryStage.DOUBLE_DATA_ENTRY)) { ecb.setValidatorId(ub.getId()); } /* * if(studyEventBean.getSubjectEventStatus().equals(SubjectEventStatus .SIGNED)){ if(edcBean.isDoubleEntry()){ * ecb.setStage(DataEntryStage.DOUBLE_DATA_ENTRY_COMPLETE); }else{ ecb.setStage(DataEntryStage.INITIAL_DATA_ENTRY_COMPLETE); } } */ // for Administrative editing if (studyEventBean.getSubjectEventStatus().equals(SubjectEventStatus.SIGNED) && changedItemsList.size() > 0) { studyEventBean.setSubjectEventStatus(SubjectEventStatus.COMPLETED); studyEventBean.setUpdater(ub); studyEventBean.setUpdatedDate(new Date()); seDao.update(studyEventBean); } // If the Study Subject's Satus is signed and we save a section // , change status to available LOGGER.debug("Status of Study Subject {}", ssb.getStatus().getName()); if (ssb.getStatus() == Status.SIGNED && changedItemsList.size() > 0) { LOGGER.debug("Status of Study Subject is Signed we are updating"); StudySubjectDAO studySubjectDao = new StudySubjectDAO(getDataSource()); ssb.setStatus(Status.AVAILABLE); ssb.setUpdater(ub); ssb.setUpdatedDate(new Date()); studySubjectDao.update(ssb); } if (ecb.isSdvStatus() && changedItemsList.size() > 0) { LOGGER.debug("Status of Study Subject is SDV we are updating"); StudySubjectDAO studySubjectDao = new StudySubjectDAO(getDataSource()); ssb.setStatus(Status.AVAILABLE); ssb.setUpdater(ub); ssb.setUpdatedDate(new Date()); studySubjectDao.update(ssb); ecb.setSdvStatus(false); ecb.setSdvUpdateId(ub.getId()); } ecb = (EventCRFBean) ecdao.update(ecb); // save discrepancy notes into DB FormDiscrepancyNotes fdn = (FormDiscrepancyNotes) session .getAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME); dndao = new DiscrepancyNoteDAO(getDataSource()); AddNewSubjectServlet.saveFieldNotes(INPUT_INTERVIEWER, fdn, dndao, ecb.getId(), "EventCRF", currentStudy); AddNewSubjectServlet.saveFieldNotes(INPUT_INTERVIEW_DATE, fdn, dndao, ecb.getId(), "EventCRF", currentStudy); // items = section.getItems(); allItems = section.getDisplayItemGroups(); int nextOrdinal = 0; LOGGER.debug("all items before saving into DB" + allItems.size()); this.output(allItems); //TODO:Seems longer here, check this logMe("DisplayItemWithGroupBean allitems4 " + System.currentTimeMillis()); for (int i = 0; i < allItems.size(); i++) { DisplayItemWithGroupBean diwb = allItems.get(i); // we don't write success = success && writeToDB here // since the short-circuit mechanism may prevent Java // from executing writeToDB. if (diwb.isInGroup()) { List<DisplayItemGroupBean> dgbs = diwb.getItemGroups(); // using the above gets us the correct number of manual groups, tbh 01/2010 List<DisplayItemGroupBean> dbGroups = diwb.getDbItemGroups(); LOGGER.debug("item group size: " + dgbs.size()); LOGGER.debug("item db-group size: " + dbGroups.size()); for (int j = 0; j < dgbs.size(); j++) { DisplayItemGroupBean displayGroup = dgbs.get(j); List<DisplayItemBean> items = displayGroup.getItems(); // this ordinal will only useful to create a new // item data // update an item data won't touch its ordinal // int nextOrdinal = iddao.getMaxOrdinalForGroup(ecb, sb, displayGroup.getItemGroupBean()) + 1; // Determine if any items in this group have data. If so we need to undelete and previously deleted items. boolean undelete = false; for (DisplayItemBean displayItem : items) { String currItemVal = displayItem.getData().getValue(); if (currItemVal != null && !currItemVal.equals("")) { undelete = true; break; } } for (DisplayItemBean displayItem : items) { String fileName = this.addAttachedFilePath(displayItem, attachedFilePath); boolean writeDN = true; displayItem.setEditFlag(displayGroup.getEditFlag()); LOGGER.debug("group item value: " + displayItem.getData().getValue()); // if ("add".equalsIgnoreCase(displayItem.getEditFlag()) && fileName.length() > 0 && !newUploadedFiles.containsKey(fileName)) { // displayItem.getData().setValue(""); // } //15350, this particular logic, takes into consideration that a DN is created properly as long as the item data record exists and it fails to get created when it doesnt. //so, we are expanding the logic from writeToDb method to avoid creating duplicate records. writeDN = writeDN(displayItem); //pulling from dataset instead of database and correcting the flawed logic of using the database ordinals as max ordinal... nextOrdinal = displayItem.getData().getOrdinal(); temp = writeToDB(displayItem, iddao, nextOrdinal, request); LOGGER.debug("just executed writeToDB - 1"); LOGGER.debug("next ordinal: " + nextOrdinal); // Undelete item if any item in the repeating group has data. if (undelete && displayItem.getDbData() != null && displayItem.getDbData().isDeleted()) { iddao.undelete(displayItem.getDbData().getId(), ub.getId()); } if (temp && newUploadedFiles.containsKey(fileName)) { newUploadedFiles.remove(fileName); } // maybe put ordinal in the place of j? maybe subtract max rows from next ordinal if j is gt // next ordinal? String inputName = getGroupItemInputName(displayGroup, j, displayItem); // String inputName2 = getGroupItemManualInputName(displayGroup, j, displayItem); if (!displayGroup.isAuto()) { LOGGER.trace("not auto"); inputName = this.getGroupItemManualInputName(displayGroup, j, displayItem); } //htaycher last DN is not stored for new rows // if (j == dgbs.size() - 1) { // // LAST ONE // logger.trace("last one"); // int ordinal = j - this.getManualRows(dgbs); // logger.debug("+++ found manual rows from line 1326: " + ordinal); // inputName = getGroupItemInputName(displayGroup, ordinal, displayItem); // } // logger.trace("&&& we get previous looking at input name: " + inputName + " " + inputName2); LOGGER.trace("&&& we get previous looking at input name: " + inputName); // input name 2 removed from below inputName = displayItem.getFieldName(); if (writeDN) { AddNewSubjectServlet.saveFieldNotes(inputName, fdn, dndao, displayItem.getData().getId(), "itemData", currentStudy, ecb.getId()); } success = success && temp; } } for (int j = 0; j < dbGroups.size(); j++) { DisplayItemGroupBean displayGroup = dbGroups.get(j); //JN: Since remove button is gone, the following code can be commented out, however it needs to be tested? Can be tackled when handling discrepancy note w/repeating groups issues. if ("remove".equalsIgnoreCase(displayGroup.getEditFlag())) { List<DisplayItemBean> items = displayGroup.getItems(); for (DisplayItemBean displayItem : items) { String fileName = this.addAttachedFilePath(displayItem, attachedFilePath); displayItem.setEditFlag(displayGroup.getEditFlag()); LOGGER.debug("group item value: " + displayItem.getData().getValue()); // if ("add".equalsIgnoreCase(displayItem.getEditFlag()) && fileName.length() > 0 && !newUploadedFiles.containsKey(fileName)) { // displayItem.getData().setValue(""); // } temp = writeToDB(displayItem, iddao, 0, request); LOGGER.debug("just executed writeToDB - 2"); if (temp && newUploadedFiles.containsKey(fileName)) { newUploadedFiles.remove(fileName); } // just use 0 here since update doesn't // touch ordinal success = success && temp; } } } } else { DisplayItemBean dib = diwb.getSingleItem(); // TODO work on this line // this.addAttachedFilePath(dib, attachedFilePath); String fileName = addAttachedFilePath(dib, attachedFilePath); boolean writeDN = writeDN(dib); temp = writeToDB(dib, iddao, 1, request); LOGGER.debug("just executed writeToDB - 3"); if (temp && (newUploadedFiles.containsKey(dib.getItem().getId() + "") || newUploadedFiles.containsKey(fileName))) { // so newUploadedFiles will contain only failed file // items; newUploadedFiles.remove(dib.getItem().getId() + ""); newUploadedFiles.remove(fileName); } String inputName = getInputName(dib); LOGGER.trace("3 - found input name: " + inputName); if (writeDN) AddNewSubjectServlet.saveFieldNotes(inputName, fdn, dndao, dib.getData().getId(), "itemData", currentStudy, ecb.getId()); success = success && temp; ArrayList childItems = dib.getChildren(); for (int j = 0; j < childItems.size(); j++) { DisplayItemBean child = (DisplayItemBean) childItems.get(j); this.addAttachedFilePath(child, attachedFilePath); writeDN = writeDN(child); temp = writeToDB(child, iddao, 1, request); LOGGER.debug("just executed writeToDB - 4"); if (temp && newUploadedFiles.containsKey(child.getItem().getId() + "")) { // so newUploadedFiles will contain only failed // file items; newUploadedFiles.remove(child.getItem().getId() + ""); } inputName = getInputName(child); if (writeDN) AddNewSubjectServlet.saveFieldNotes(inputName, fdn, dndao, child.getData().getId(), "itemData", currentStudy, ecb.getId()); success = success && temp; } } } logMe("DisplayItemWithGroupBean allitems4 end " + System.currentTimeMillis()); LOGGER.debug("running rules: " + phase2.name()); List<Integer> prevShownDynItemDataIds = shouldRunRules ? this.getItemMetadataService().getDynamicsItemFormMetadataDao() .findShowItemDataIdsInSection(section.getSection().getId(), ecb.getCRFVersionId(), ecb.getId()) : new ArrayList<Integer>(); logMe("DisplayItemWithGroupBean dryrun start" + System.currentTimeMillis()); HashMap<String, ArrayList<String>> rulesPostDryRun = runRules(allItems, ruleSets, false, shouldRunRules, MessageType.WARNING, phase2, ecb, request); HashMap<String, ArrayList<String>> errorsPostDryRun = new HashMap<String, ArrayList<String>>(); // additional step needed, run rules and see if any items are 'shown' AFTER saving data logMe("DisplayItemWithGroupBean dryrun end" + System.currentTimeMillis()); boolean inSameSection = false; logMe("DisplayItemWithGroupBean allitems4 " + System.currentTimeMillis()); if (!rulesPostDryRun.isEmpty()) { // in same section? // iterate through the OIDs and see if any of them belong to this section Iterator iter3 = rulesPostDryRun.keySet().iterator(); while (iter3.hasNext()) { String fieldName = iter3.next().toString(); LOGGER.debug("found oid after post dry run " + fieldName); // set up a listing of OIDs in the section // BUT: Oids can have the group name in them. int ordinal = -1; String newFieldName = fieldName; String[] fieldNames = fieldName.split("\\."); if (fieldNames.length == 2) { newFieldName = fieldNames[1]; // check items in item groups here? if (fieldNames[0].contains("[")) { int p1 = fieldNames[0].indexOf("["); int p2 = fieldNames[0].indexOf("]"); try { ordinal = Integer.valueOf(fieldNames[0].substring(p1 + 1, p2)); } catch (NumberFormatException e) { ordinal = -1; } fieldNames[0] = fieldNames[0].substring(0, p1); } } List<DisplayItemWithGroupBean> displayGroupsWithItems = section.getDisplayItemGroups(); //ArrayList<DisplayItemBean> displayItems = section.getItems(); for (int i = 0; i < displayGroupsWithItems.size(); i++) { DisplayItemWithGroupBean itemWithGroup = displayGroupsWithItems.get(i); if (itemWithGroup.isInGroup()) { LOGGER.debug("found group: " + fieldNames[0]); // do something there List<DisplayItemGroupBean> digbs = itemWithGroup.getItemGroups(); LOGGER.debug("digbs size: " + digbs.size()); for (int j = 0; j < digbs.size(); j++) { DisplayItemGroupBean displayGroup = digbs.get(j); if (displayGroup.getItemGroupBean().getOid().equals(fieldNames[0]) && displayGroup.getOrdinal() == ordinal - 1) { List<DisplayItemBean> items = displayGroup.getItems(); for (int k = 0; k < items.size(); k++) { DisplayItemBean dib = items.get(k); if (dib.getItem().getOid().equals(newFieldName)) { //inSameSection = true; if (!dib.getMetadata().isShowItem()) { LOGGER.debug("found item in group " + this.getGroupItemInputName(displayGroup, j, dib) + " vs. " + fieldName + " and is show item: " + dib.getMetadata().isShowItem()); dib.getMetadata().setShowItem(true); } if (prevShownDynItemDataIds == null || !prevShownDynItemDataIds .contains(dib.getData().getId())) { inSameSection = true; errorsPostDryRun.put( this.getGroupItemInputName(displayGroup, j, dib), rulesPostDryRun.get(fieldName)); } } items.set(k, dib); } displayGroup.setItems(items); digbs.set(j, displayGroup); } } itemWithGroup.setItemGroups(digbs); } else { DisplayItemBean displayItemBean = itemWithGroup.getSingleItem(); ItemBean itemBean = displayItemBean.getItem(); if (newFieldName.equals(itemBean.getOid())) { //System.out.println("is show item for " + displayItemBean.getItem().getId() + ": " + displayItemBean.getMetadata().isShowItem()); //System.out.println("check run dynamics item check " + runDynamicsItemCheck(displayItemBean).getMetadata().isShowItem()); if (!displayItemBean.getMetadata().isShowItem()) { // double check there? LOGGER.debug("found item " + this.getInputName(displayItemBean) + " vs. " + fieldName + " and is show item: " + displayItemBean.getMetadata().isShowItem()); // if is repeating, use the other input name? no displayItemBean.getMetadata().setShowItem(true); if (prevShownDynItemDataIds == null || !prevShownDynItemDataIds .contains(displayItemBean.getData().getId())) { inSameSection = true; errorsPostDryRun.put(this.getInputName(displayItemBean), rulesPostDryRun.get(fieldName)); } } } itemWithGroup.setSingleItem(displayItemBean); } displayGroupsWithItems.set(i, itemWithGroup); } logMe("DisplayItemWithGroupBean allitems4 end,begin" + System.currentTimeMillis()); // check groups //List<DisplayItemGroupBean> itemGroups = new ArrayList<DisplayItemGroupBean>(); //itemGroups = section.getDisplayFormGroups(); // But in jsp: section.displayItemGroups.itemGroup.groupMetaBean.showGroup List<DisplayItemWithGroupBean> itemGroups = section.getDisplayItemGroups(); // List<DisplayItemGroupBean> newItemGroups = new ArrayList<DisplayItemGroupBean>(); for (DisplayItemWithGroupBean itemGroup : itemGroups) { DisplayItemGroupBean displayGroup = itemGroup.getItemGroup(); if (newFieldName.equals(displayGroup.getItemGroupBean().getOid())) { if (!displayGroup.getGroupMetaBean().isShowGroup()) { inSameSection = true; LOGGER.debug("found itemgroup " + displayGroup.getItemGroupBean().getOid() + " vs. " + fieldName + " and is show item: " + displayGroup.getGroupMetaBean().isShowGroup()); // hmmm how to set highlighting for a group? errorsPostDryRun.put(displayGroup.getItemGroupBean().getOid(), rulesPostDryRun.get(fieldName)); displayGroup.getGroupMetaBean().setShowGroup(true); // add necessary rows to the display group here???? // we have to set the items in the itemGroup for the displayGroup loadItemsWithGroupRows(itemGroup, sb, edcb, ecb, request); } } // newItemGroups.add(displayGroup); } logMe("DisplayItemWithGroupBean allitems4 end,end" + System.currentTimeMillis()); // trying to reset the display form groups here, tbh // section.setItems(displayItems); section.setDisplayItemGroups(displayGroupsWithItems); populateInstantOnChange(request.getSession(), ecb, section); // section.setDisplayFormGroups(newDisplayBean.getDisplayFormGroups()); } // this.getItemMetadataService().updateGroupDynamicsInSection(displayItemWithGroups, section.getSection().getId(), ecb); toc = TableOfContentsServlet.getDisplayBeanWithShownSections(getDataSource(), (DisplayTableOfContentsBean) request.getAttribute(TOC_DISPLAY), (DynamicsMetadataService) SpringServletAccess.getApplicationContext(getServletContext()) .getBean("dynamicsMetadataService")); request.setAttribute(TOC_DISPLAY, toc); sectionIdsInToc = TableOfContentsServlet.sectionIdsInToc(toc); sIndex = TableOfContentsServlet.sectionIndexInToc(section.getSection(), toc, sectionIdsInToc); previousSec = this.prevSection(section.getSection(), ecb, toc, sIndex); nextSec = this.nextSection(section.getSection(), ecb, toc, sIndex); section.setFirstSection(!previousSec.isActive()); section.setLastSection(!nextSec.isActive()); // // we need the following for repeating groups, tbh // >> tbh 06/2010 // List<DisplayItemWithGroupBean> displayItemWithGroups2 = createItemWithGroups(section, hasGroup, eventDefinitionCRFId); // section.setDisplayItemGroups(displayItemWithGroups2); // if so, stay at this section LOGGER.debug(" in same section: " + inSameSection); if (inSameSection) { // copy of one line from early on around line 400, forcing a re-show of the items // section = getDisplayBean(hasGroup, true);// include all items, tbh // below a copy of three lines from the if errors = true line, tbh 03/2010 String[] textFields = { INPUT_INTERVIEWER, INPUT_INTERVIEW_DATE }; fp.setCurrentStringValuesAsPreset(textFields); setPresetValues(fp.getPresetValues(), request); // below essetially a copy except for rulesPostDryRun request.setAttribute(BEAN_DISPLAY, section); request.setAttribute(BEAN_ANNOTATIONS, fp.getString(INPUT_ANNOTATIONS)); setInputMessages(errorsPostDryRun, request); addPageMessage(respage.getString("your_answers_activated_hidden_items"), request); request.setAttribute("hasError", "true"); request.setAttribute("hasShown", "true"); session.setAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME, discNotes); setUpPanel(section); forwardPage(getJSPPage(), request, response); } } if (!inSameSection) {// else if not in same section, progress as usual /* toc = TableOfContentsServlet.getDisplayBeanWithShownSections(getDataSource(), (DisplayTableOfContentsBean) request.getAttribute(TOC_DISPLAY), (DynamicsMetadataService) SpringServletAccess.getApplicationContext(getServletContext()).getBean("dynamicsMetadataService")); request.setAttribute(TOC_DISPLAY, toc); sectionIdsInToc = TableOfContentsServlet.sectionIdsInToc(toc); sIndex = TableOfContentsServlet.sectionIndexInToc(section.getSection(), toc, sectionIdsInToc); previousSec = this.prevSection(section.getSection(), ecb, toc, sIndex); nextSec = this.nextSection(section.getSection(), ecb, toc, sIndex); section.setFirstSection(!previousSec.isActive()); section.setLastSection(!nextSec.isActive()); */ // can we just forward page or do we actually need an ELSE here? // yes, we do. tbh 05/03/2010 ArrayList<String> updateFailedItems = sc.redoCalculations(scoreItems, scoreItemdata, changedItems, itemOrdinals, sb.getId()); success = updateFailedItems.size() > 0 ? false : true; // now check if CRF is marked complete boolean markComplete = fp.getString(INPUT_MARK_COMPLETE).equals(VALUE_YES); boolean markSuccessfully = false; // if the CRF was marked // complete // successfully if (markComplete && section.isLastSection()) { LOGGER.debug("need to mark CRF as complete"); markSuccessfully = markCRFComplete(request); LOGGER.debug("...marked CRF as complete: " + markSuccessfully); if (!markSuccessfully) { request.setAttribute(BEAN_DISPLAY, section); request.setAttribute(BEAN_ANNOTATIONS, fp.getString(INPUT_ANNOTATIONS)); setUpPanel(section); forwardPage(getJSPPage(), request, response); return; } } // now write the event crf bean to the database String annotations = fp.getString(INPUT_ANNOTATIONS); setEventCRFAnnotations(annotations, request); Date now = new Date(); ecb.setUpdatedDate(now); ecb.setUpdater(ub); ecb = (EventCRFBean) ecdao.update(ecb); success = success && ecb.isActive(); StudyEventDAO sedao = new StudyEventDAO(getDataSource()); StudyEventBean seb = (StudyEventBean) sedao.findByPK(ecb.getStudyEventId()); seb.setUpdatedDate(now); seb.setUpdater(ub); seb = (StudyEventBean) sedao.update(seb); success = success && seb.isActive(); request.setAttribute(INPUT_IGNORE_PARAMETERS, Boolean.TRUE); if (newUploadedFiles.size() > 0) { if (this.unloadFiles(newUploadedFiles)) { } else { String missed = ""; Iterator iter = newUploadedFiles.keySet().iterator(); while (iter.hasNext()) { missed += " " + newUploadedFiles.get(iter.next()); } addPageMessage( respage.getString("uploaded_files_not_deleted_or_not_exist") + ": " + missed, request); } } if (!success) { // YW, 3-6-2008 << if (updateFailedItems.size() > 0) { String mess = ""; for (String ss : updateFailedItems) { mess += ss + ", "; } mess = mess.substring(0, mess.length() - 2); addPageMessage(resexception.getString("item_save_failed_because_database_error") + mess, request); } else { // YW>> addPageMessage(resexception.getString("database_error"), request); } request.setAttribute(BEAN_DISPLAY, section); session.removeAttribute(GROUP_HAS_DATA); session.removeAttribute(HAS_DATA_FLAG); session.removeAttribute(DDE_PROGESS); session.removeAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME); LOGGER.debug("try to remove to_create_crf"); session.removeAttribute("to_create_crf"); session.removeAttribute(instantAtt); // forwardPage(Page.SUBMIT_DATA_SERVLET); forwardPage(Page.LIST_STUDY_SUBJECTS_SERVLET, request, response); // >> changed tbh, 06/2009 } else { boolean forwardingSucceeded = false; if (!fp.getString(GO_PREVIOUS).equals("")) { if (previousSec.isActive()) { forwardingSucceeded = true; request.setAttribute(INPUT_EVENT_CRF, ecb); request.setAttribute(INPUT_SECTION, previousSec); int tabNum = 0; if (fp.getString("tab") == null) { tabNum = 1; } else { tabNum = fp.getInt("tab"); } request.setAttribute("tab", new Integer(tabNum - 1).toString()); // forwardPage(getServletPage(request), request, response); getServletContext().getRequestDispatcher(getServletPage(request)).forward(request, response); } } else if (!fp.getString(GO_NEXT).equals("")) { if (nextSec.isActive()) { forwardingSucceeded = true; request.setAttribute(INPUT_EVENT_CRF, ecb); request.setAttribute(INPUT_SECTION, nextSec); int tabNum = 0; if (fp.getString("tab") == null) { tabNum = 1; } else { tabNum = fp.getInt("tab"); } request.setAttribute("tab", new Integer(tabNum + 1).toString()); getServletContext().getRequestDispatcher(getServletPage(request)).forward(request, response); //forwardPage(getServletPage(request), request, response); } } if (!forwardingSucceeded) { // request.setAttribute(TableOfContentsServlet. // INPUT_EVENT_CRF_BEAN, // ecb); if (markSuccessfully) { addPageMessage(respage.getString("data_saved_CRF_marked_complete"), request); session.removeAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME); session.removeAttribute(GROUP_HAS_DATA); session.removeAttribute(HAS_DATA_FLAG); session.removeAttribute(DDE_PROGESS); session.removeAttribute("to_create_crf"); request.setAttribute("eventId", new Integer(ecb.getStudyEventId()).toString()); forwardPage(Page.ENTER_DATA_FOR_STUDY_EVENT_SERVLET, request, response); } else { // use clicked 'save' addPageMessage(respage.getString("data_saved_continue_entering_edit_later"), request); request.setAttribute(INPUT_EVENT_CRF, ecb); request.setAttribute(INPUT_EVENT_CRF_ID, new Integer(ecb.getId()).toString()); // forward to the next section if the previous one // is not the last section if (!section.isLastSection()) { request.setAttribute(INPUT_SECTION, nextSec); request.setAttribute(INPUT_SECTION_ID, new Integer(nextSec.getId()).toString()); session.removeAttribute("mayProcessUploading"); } else if (section.isLastSection()) { //JN ADDED TO avoid return down // already the last section, should go back to // view event page session.removeAttribute(GROUP_HAS_DATA); session.removeAttribute(HAS_DATA_FLAG); session.removeAttribute(DDE_PROGESS); session.removeAttribute("to_create_crf"); session.removeAttribute("mayProcessUploading"); request.setAttribute("eventId", new Integer(ecb.getStudyEventId()).toString()); if (fromViewNotes != null && "1".equals(fromViewNotes)) { String viewNotesPageFileName = (String) session .getAttribute("viewNotesPageFileName"); session.removeAttribute("viewNotesPageFileName"); session.removeAttribute("viewNotesURL"); if (viewNotesPageFileName != null && viewNotesPageFileName.length() > 0) { // forwardPage(Page.setNewPage(viewNotesPageFileName, "View Notes"), request, response); getServletContext().getRequestDispatcher(viewNotesPageFileName) .forward(request, response); } } session.removeAttribute(instantAtt); forwardPage(Page.ENTER_DATA_FOR_STUDY_EVENT_SERVLET, request, response); return; } int tabNum = 0; if (fp.getString("tab") == null) { tabNum = 1; } else { tabNum = fp.getInt("tab"); } if (!section.isLastSection()) { request.setAttribute("tab", new Integer(tabNum + 1).toString()); } // forwardPage(getServletPage(request), request, response); getServletContext().getRequestDispatcher(getServletPage(request)).forward(request, response); } // session.removeAttribute(AddNewSubjectServlet. // FORM_DISCREPANCY_NOTES_NAME); // forwardPage(Page.SUBMIT_DATA_SERVLET); } } } // end of if-block for dynamic rules not in same section, tbh 05/2010 } // end of save } }