Java tutorial
/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ package com.rr.familyPlanning.ui.aggregate; import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.net.URLDecoder; import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Date; import java.util.HashMap; import java.util.List; import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.mvc.support.RedirectAttributes; import org.springframework.web.servlet.view.RedirectView; import com.registryKit.aggregate.aggregateRequestData; import com.registryKit.aggregate.aggregateRequestReports; import com.registryKit.aggregate.aggregateRequests; import com.registryKit.aggregate.aggregateView; import com.registryKit.aggregate.aggregateManager; import com.registryKit.aggregate.aggregateReportTypes; import com.registryKit.aggregate.aggregateReports; import com.registryKit.hierarchy.hierarchyManager; import com.registryKit.hierarchy.programHierarchyDetails; import com.registryKit.hierarchy.programOrgHierarchy; import com.registryKit.user.User; import com.registryKit.user.userActivityLog; import com.registryKit.user.userManager; import com.registryKit.user.userProgramModules; import com.rr.familyPlanning.ui.security.decryptObject; import com.rr.familyPlanning.ui.security.encryptObject; /** * * @author gchan */ @Controller @RequestMapping("/aggregate") public class aggregateController { private static Integer moduleId = 23; @Autowired private userManager usermanager; @Autowired private hierarchyManager hierarchymanager; @Autowired private aggregateManager aggregatemanager; @Value("${programId}") private Integer programId; @Value("${topSecret}") private String topSecret; private static boolean allowCreate = false; private static boolean allowEdit = false; private static boolean allowDelete = false; /** * The '' request will display the list of partners. * * @param request * @param response * @return the profile list view * @throws Exception */ @RequestMapping(value = { "", "/list" }, method = RequestMethod.GET) public ModelAndView listReports(HttpServletRequest request, HttpServletResponse response, HttpSession session) throws Exception { ModelAndView mav = new ModelAndView(); mav.setViewName("/aggregateList"); /* Get a list of completed surveys the logged in user has access to */ User userDetails = (User) session.getAttribute("userDetails"); /* Get user permissions */ userProgramModules modulePermissions = usermanager.getUserModulePermissions(programId, userDetails.getId(), moduleId); int userId = userDetails.getId(); if (userDetails.getRoleId() == 2) { allowCreate = true; allowEdit = true; allowDelete = true; userId = 0; } else { if (modulePermissions == null) { //log user for invalid permission aggregateView view = new aggregateView(); view.setAggregateRequestId(0); view.setAggregateAction("/list| Invalid Access for aggregate request list, program " + programId); view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); } else { //log user for page access aggregateView view = new aggregateView(); view.setAggregateRequestId(0); view.setAggregateAction("/list| Accessed for aggregate request list, program " + programId); view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); allowCreate = modulePermissions.isAllowCreate(); allowDelete = modulePermissions.isAllowDelete(); allowEdit = modulePermissions.isAllowEdit(); } } mav.addObject("allowCreate", allowCreate); mav.addObject("allowDelete", allowDelete); mav.addObject("allowEdit", allowEdit); List<programOrgHierarchy> orgHierarchyList = hierarchymanager.getProgramOrgHierarchy(programId); List<aggregateRequests> requests = aggregatemanager.getAggregateRequests(programId, userId, 2, orgHierarchyList.get(1).getId(), 0); String aggregateRequestIds = ""; if (requests != null) { for (aggregateRequests aggregateRequest : requests) { aggregateRequestIds = aggregateRequestIds + aggregateRequest.getId() + " "; encryptObject encrypt = new encryptObject(); Map<String, String> map; //Encrypt the use id to pass in the url map = new HashMap<String, String>(); map.put("id", Integer.toString(aggregateRequest.getId())); map.put("topSecret", topSecret); String[] encrypted = encrypt.encryptObject(map); aggregateRequest.setEncryptedId(encrypted[0]); aggregateRequest.setEncryptedSecret(encrypted[1]); aggregateRequest.setAllowDelete(aggregatemanager.allowRequestDelete(aggregateRequest.getId())); } } mav.addObject("requests", requests); mav.addObject("orgHierarchyList", orgHierarchyList); userActivityLog ual = new userActivityLog(); ual.setSystemUserId(userDetails.getId()); ual.setMapping("/list"); ual.setRequestMethod("GET"); ual.setMethodAccessed("listReports"); ual.setModuleId(moduleId); ual.setProgramId(programId); ual.setMiscNotes("aggregateRequestIds:" + aggregateRequestIds); usermanager.saveUserActivityLog(ual); return mav; } @RequestMapping(value = { "/request" }, method = RequestMethod.GET) public ModelAndView reportRequestForm(HttpSession session) throws Exception { ModelAndView mav = new ModelAndView(); mav.setViewName("/aggregateRequest"); User userDetails = (User) session.getAttribute("userDetails"); /* Get user permissions */ userProgramModules modulePermissions = usermanager.getUserModulePermissions(programId, userDetails.getId(), moduleId); if (userDetails.getRoleId() == 2) { allowCreate = true; allowEdit = true; allowDelete = true; } else { if (modulePermissions == null) { //log user for invalid permission aggregateView view = new aggregateView(); view.setAggregateRequestId(0); view.setAggregateAction( "/request| Invalid Access for aggregate request report set, program " + programId); view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); } else { allowCreate = modulePermissions.isAllowCreate(); allowDelete = modulePermissions.isAllowDelete(); allowEdit = modulePermissions.isAllowEdit(); } } mav.addObject("allowCreate", allowCreate); mav.addObject("allowDelete", allowDelete); mav.addObject("allowEdit", allowEdit); List<programOrgHierarchy> orgHierarchyList = hierarchymanager.getProgramOrgHierarchy(programId); //entity 1 items for (programOrgHierarchy hierarchy : orgHierarchyList) { if (userDetails.getRoleId() != 3) { List<programHierarchyDetails> hierarchyItems = hierarchymanager .getProgramHierarchyItemsForStatus(hierarchy.getId(), 0, true); hierarchy.setProgramHierarchyDetails(hierarchyItems); } else { List<programHierarchyDetails> hierarchyItems = hierarchymanager .getProgramHierarchyItemsForStatus(hierarchy.getId(), userDetails.getId(), true); hierarchy.setProgramHierarchyDetails(hierarchyItems); } } mav.addObject("entity1List", orgHierarchyList.get(0).getProgramHierarchyDetails()); mav.addObject("entity2List", orgHierarchyList.get(1).getProgramHierarchyDetails()); mav.addObject("entity3List", orgHierarchyList.get(2).getProgramHierarchyDetails()); if (orgHierarchyList.get(0).getProgramHierarchyDetails().size() == 1) { mav.addObject("entityList", orgHierarchyList.get(1).getProgramHierarchyDetails()); mav.addObject("tier", 2); } List<programOrgHierarchy> programEntities = orgHierarchyList; mav.addObject("tier1Name", programEntities.get(0).getName()); mav.addObject("tier1Id", programEntities.get(0).getId()); mav.addObject("tier2Name", programEntities.get(1).getName()); mav.addObject("tier2Id", programEntities.get(1).getId()); mav.addObject("tier3Name", programEntities.get(2).getName()); Integer loggeduserId = 0; if (userDetails.getRoleId() != 2) { loggeduserId = userDetails.getId(); } /* Get a list of entity items for the selected entity */ List<programHierarchyDetails> entity1tems = hierarchymanager .getProgramHierarchyItemsActiveOnly(programEntities.get(0).getId(), loggeduserId); mav.addObject("entity1tems", entity1tems); List<programHierarchyDetails> entity2tems = hierarchymanager .getProgramHierarchyItemsActiveOnly(programEntities.get(1).getId(), loggeduserId); mav.addObject("entity2tems", entity2tems); List<programHierarchyDetails> entity3tems = hierarchymanager .getProgramHierarchyItemsActiveOnly(programEntities.get(2).getId(), loggeduserId); mav.addObject("entity3tems", entity3tems); mav.addObject("orgHierarchyList", orgHierarchyList); mav.addObject("entity1ListSize", orgHierarchyList.get(0).getProgramHierarchyDetails().size()); List<aggregateReportTypes> aggregateTypes = aggregatemanager.getAggregateReportTypes(programId); mav.addObject("aggregateTypes", aggregateTypes); if (aggregateTypes.size() > 0) { List<aggregateReports> reportList = aggregatemanager .getAggregateReportsForType(aggregateTypes.get(0).getId()); mav.addObject("reportList", reportList); } userActivityLog ual = new userActivityLog(); ual.setSystemUserId(userDetails.getId()); ual.setMapping("/request"); ual.setRequestMethod("GET"); ual.setMethodAccessed("reportRequestForm"); ual.setModuleId(moduleId); ual.setProgramId(programId); usermanager.saveUserActivityLog(ual); return mav; } @RequestMapping(value = "/checkDates.do", method = RequestMethod.POST) public @ResponseBody Integer checkDates(HttpSession session, @RequestParam(value = "aggregateReportTypeId", required = true) Integer aggregateReportTypeId, @RequestParam(value = "startDate", required = true) String startDate, @RequestParam(value = "endDate", required = true) String endDate, @RequestParam(value = "entity2Ids", required = true) String entity2Ids ) throws Exception { Integer returnval = aggregatemanager.checkDates(aggregateReportTypeId, programId, startDate, endDate, entity2Ids); userActivityLog ual = new userActivityLog(); User userDetails = (User) session.getAttribute("userDetails"); ual.setSystemUserId(userDetails.getId()); ual.setMapping("/checkDates.do"); ual.setRequestMethod("POST"); ual.setMethodAccessed("checkDates"); ual.setModuleId(moduleId); ual.setProgramId(programId); ual.setRelatedId(aggregateReportTypeId); ual.setRelatedIdCol("aggregateReportTypeId"); ual.setMiscNotes("startDate:" + startDate + "^^^^^endDate:" + endDate + "^^^^^entity2Ids:" + entity2Ids); usermanager.saveUserActivityLog(ual); return returnval; } @RequestMapping(value = "/saveReportRequest.do", method = { RequestMethod.POST }) public ModelAndView saveReportRequest(HttpSession session, @RequestParam(value = "reportTypeId", required = true) Integer reportTypeId, @RequestParam(value = "entity1Ids", required = true) String entity1Ids, @RequestParam(value = "entity2Ids", required = true) String entity2Ids, @RequestParam(value = "entity3Ids", required = true) String entity3Ids, @RequestParam(value = "startDate", required = true) String startDate, @RequestParam(value = "endDate", required = true) String endDate) throws Exception { User userDetails = (User) session.getAttribute("userDetails"); String reportFileExt = "pdf"; aggregateRequests ar = new aggregateRequests(); SimpleDateFormat dateformat = new SimpleDateFormat("MM/dd/yyyy"); Date sd = dateformat.parse(startDate); Date ed = dateformat.parse(endDate); ar.setAggregateReportTypeId(reportTypeId); ar.setProgramId(programId); ar.setSystemUserId(userDetails.getId()); ar.setStartDate(sd); ar.setEndDate(ed); ar.setStatusId(1); ar.setLastModifiedUserId(userDetails.getId()); ar.setLocked(false); ar.setReportFileExt(reportFileExt); Integer aggregateRequestId = aggregatemanager.saveRequest(ar); //we set up and insert entities String tablePrefix = "aggregate"; aggregatemanager.saveEntities(entity3Ids, aggregateRequestId, 3, tablePrefix); aggregatemanager.saveEntities(entity2Ids, aggregateRequestId, 2, tablePrefix); aggregatemanager.saveEntities(entity1Ids, aggregateRequestId, 1, tablePrefix); //insert report set aggregatemanager.saveReportRequestReportIds(reportTypeId, aggregateRequestId, userDetails.getId()); //insert field values aggregatemanager.insertReportRequestFieldSet(aggregateRequestId); //logged aggregateView view = new aggregateView(); view.setAggregateRequestId(aggregateRequestId); view.setAggregateAction("/saveReportRequest.do| Saved report request, program " + programId); view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); encryptObject encrypt = new encryptObject(); Map<String, String> map; //Encrypt the use id to pass in the url map = new HashMap<String, String>(); map.put("id", Integer.toString(aggregateRequestId)); map.put("topSecret", topSecret); String[] encrypted = encrypt.encryptObject(map); String viewLink = "/aggregate/view?i=" + encrypted[0] + "&id=" + 0 + "&v=" + encrypted[1]; ModelAndView mav = new ModelAndView(new RedirectView(viewLink)); userActivityLog ual = new userActivityLog(); ual.setSystemUserId(userDetails.getId()); ual.setMapping("/saveReportRequest.do"); ual.setRequestMethod("POST"); ual.setMethodAccessed("saveReportRequest"); ual.setModuleId(moduleId); ual.setProgramId(programId); ual.setRelatedId(aggregateRequestId); ual.setRelatedIdCol("aggregateRequestId"); usermanager.saveUserActivityLog(ual); return mav; } @RequestMapping(value = "/view", method = { RequestMethod.GET }) public ModelAndView viewAndModify(@RequestParam String i, @RequestParam String v, @RequestParam int id, HttpSession session, HttpServletResponse response) throws Exception { Integer reportRequestId = 0; Integer logUserId = 0; boolean canViewReport = false; ModelAndView mav = new ModelAndView(); mav.setViewName("/view"); List<aggregateRequestReports> reportList = new ArrayList<aggregateRequestReports>(); aggregateRequestReports reportRequestReportInfo = new aggregateRequestReports(); List<aggregateRequestData> dataList = new ArrayList<aggregateRequestData>(); List<aggregateRequestData> dataListRow1 = new ArrayList<aggregateRequestData>(); List<programOrgHierarchy> orgHierarchyList = hierarchymanager.getProgramOrgHierarchy(programId); if (session.getAttribute("userDetails") != null) { User userDetails = (User) session.getAttribute("userDetails"); logUserId = userDetails.getId(); //1 decrpt and get the reportId decryptObject decrypt = new decryptObject(); Object obj = decrypt.decryptObject(i, v); String[] result = obj.toString().split((",")); reportRequestId = Integer.parseInt(result[0].substring(4)); //now we get the report details aggregateRequests request = aggregatemanager.getAggregateRequestDetailsById(reportRequestId, orgHierarchyList); mav.addObject("requestInfo", request); //if use has permission to entity2 and user has edit function, user can view report if (request != null) { //we check permission and program if (userDetails.getRoleId() == 2) { canViewReport = true; } else { userProgramModules modulePermissions = usermanager.getUserModulePermissions(programId, userDetails.getId(), moduleId); if (modulePermissions.isAllowEdit()) { List<aggregateRequests> requests = aggregatemanager.getAggregateRequests(programId, userDetails.getId(), 2, orgHierarchyList.get(1).getId(), request.getId()); if (requests.size() > 0) { canViewReport = true; } } } reportList = aggregatemanager.getReportSetForRequest(reportRequestId); if (id == 0) { id = reportList.get(0).getId(); } reportRequestReportInfo = aggregatemanager.getAggregateRequestReportById(id); dataListRow1 = aggregatemanager.getReportDataForRequestReport(id, 1, reportRequestReportInfo.getAggregateReportId(), -1, -1, 1, "="); dataList = aggregatemanager.getReportDataForRequestReport(id, 1, reportRequestReportInfo.getAggregateReportId(), -1, -1, 1, ">"); } } if (canViewReport) { //log aggregateView view = new aggregateView(); view.setAggregateRequestId(reportRequestId); view.setAggregateAction("/view| View report set, program " + programId); view.setSystemUserId(logUserId); view.setAggregateRequestReportId(id); aggregatemanager.saveAggregateView(view); //set reportList for drop down mav.addObject("reportList", reportList); mav.addObject("reportRequestId", reportRequestId); mav.addObject("reportRequestReportId", id); mav.addObject("reportRequestReportInfo", reportRequestReportInfo); mav.addObject("dataListRow1", dataListRow1); mav.addObject("dataList", dataList); mav.addObject("orgHierarchyList", orgHierarchyList); userActivityLog ual = new userActivityLog(); ual.setSystemUserId(logUserId); ual.setMapping("/view"); ual.setRequestMethod("GET"); ual.setMethodAccessed("viewAndModify"); ual.setModuleId(moduleId); ual.setProgramId(programId); ual.setRelatedId(reportRequestReportInfo.getId()); ual.setRelatedIdCol("reportRequestReportId"); usermanager.saveUserActivityLog(ual); return mav; } else { aggregateView view = new aggregateView(); view.setAggregateRequestId(reportRequestId); view.setAggregateAction("/view| Does not have permission to view report set, program " + programId); view.setSystemUserId(logUserId); aggregatemanager.saveAggregateView(view); mav = new ModelAndView(new RedirectView("/aggregate/")); userActivityLog ual = new userActivityLog(); ual.setSystemUserId(logUserId); ual.setMapping("/view"); ual.setRequestMethod("GET"); ual.setMethodAccessed("viewAndModify"); ual.setModuleId(moduleId); ual.setProgramId(programId); ual.setRelatedId(reportRequestId); ual.setRelatedIdCol("reportRequestId"); ual.setMiscNotes("Does not have permission to view report set"); usermanager.saveUserActivityLog(ual); return mav; } } @RequestMapping(value = "/change.do", method = { RequestMethod.POST }) public ModelAndView changeReport(@RequestParam int reportReuqeustReportId, RedirectAttributes redirectAttr, HttpSession session, HttpServletResponse response) throws Exception { User userDetails = (User) session.getAttribute("userDetails"); ModelAndView mav = new ModelAndView(); aggregateRequestReports report = aggregatemanager.getAggregateRequestReportById(reportReuqeustReportId); encryptObject encrypt = new encryptObject(); Map<String, String> map; //Encrypt the use id to pass in the url map = new HashMap<String, String>(); map.put("id", Integer.toString(report.getAggregateRequestId())); map.put("topSecret", topSecret); String[] encrypted = encrypt.encryptObject(map); aggregateView view = new aggregateView(); view.setAggregateRequestId(report.getAggregateRequestId()); view.setAggregateRequestReportId(reportReuqeustReportId); view.setAggregateAction("/change.do| Changed to view this report, program " + programId); view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); String viewLink = "/aggregate/view?i=" + encrypted[0] + "&id=" + reportReuqeustReportId + "&v=" + encrypted[1]; mav = new ModelAndView(new RedirectView(viewLink)); userActivityLog ual = new userActivityLog(); ual.setSystemUserId(userDetails.getId()); ual.setMapping("/change.do"); ual.setRequestMethod("POST"); ual.setMethodAccessed("changeReport"); ual.setModuleId(moduleId); ual.setProgramId(programId); ual.setRelatedId(reportReuqeustReportId); ual.setRelatedIdCol("reportReuqeustReportId"); usermanager.saveUserActivityLog(ual); return mav; } //this returns available reports for selected type @RequestMapping(value = "/deleteReportRequest.do", method = RequestMethod.POST) public @ResponseBody Integer deleteRequest(HttpSession session, RedirectAttributes redirectAttr, @RequestParam String reli, @RequestParam String relv) throws Exception { String i = URLDecoder.decode(reli, "UTF-8"); String v = URLDecoder.decode(relv, "UTF-8"); decryptObject decrypt = new decryptObject(); Object obj = decrypt.decryptObject(i, v); String[] result = obj.toString().split((",")); Integer reportRequestId = Integer.parseInt(result[0].substring(4)); User userDetails = (User) session.getAttribute("userDetails"); aggregateRequests ahr = aggregatemanager.getAggregateRequestById(reportRequestId); userProgramModules modulePermissions = usermanager.getUserModulePermissions(programId, userDetails.getId(), moduleId); if (userDetails.getRoleId() == 2) { allowDelete = true; } else { if (modulePermissions.isAllowDelete()) { //check permission List<programOrgHierarchy> orgHierarchyList = hierarchymanager.getProgramOrgHierarchy(programId); List<aggregateRequests> requests = aggregatemanager.getAggregateRequests(programId, userDetails.getId(), 2, orgHierarchyList.get(1).getId(), ahr.getId()); if (requests.size() > 0) { allowDelete = true; } } } String miscNotes = "Deleted aggregate request set"; if (allowDelete) { aggregateView view = new aggregateView(); view.setAggregateRequestId(reportRequestId); view.setAggregateAction("/deleteReportRequest.do| Deleted aggregate request set, program " + programId); view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); ahr.setStatusId(6); ahr.setLastModifiedUserId(userDetails.getId()); ahr.setDateModified(new Date()); aggregatemanager.updateAggregateRequest(ahr); aggregatemanager.deleteRequest(ahr); redirectAttr.addFlashAttribute("msg", "Deleted"); } else { miscNotes = "No Permission to delete aggregate request set"; aggregateView view = new aggregateView(); view.setAggregateRequestId(reportRequestId); view.setAggregateAction( "/deleteReportRequest.do| No Permission to delete aggregate request set, program " + programId); view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); } userActivityLog ual = new userActivityLog(); ual.setSystemUserId(userDetails.getId()); ual.setMapping("/deleteRequest.do"); ual.setRequestMethod("POST"); ual.setMethodAccessed("deleteRequest"); ual.setModuleId(moduleId); ual.setProgramId(programId); ual.setRelatedId(reportRequestId); ual.setRelatedIdCol("reportRequestId"); ual.setMiscNotes(miscNotes); usermanager.saveUserActivityLog(ual); return 1; } @RequestMapping(value = "/DLReport", method = { RequestMethod.GET }) public void DLReport(@RequestParam String i, @RequestParam String v, HttpSession session, HttpServletResponse response) throws Exception { Integer reportRequestId = 0; aggregateView view = new aggregateView(); boolean canViewReport = false; userActivityLog ual = new userActivityLog(); ual.setMapping("/DLReport"); ual.setRequestMethod("GET"); ual.setMethodAccessed("/DLReport"); ual.setModuleId(moduleId); ual.setProgramId(programId); if (session.getAttribute("userDetails") != null) { User userDetails = (User) session.getAttribute("userDetails"); //1 decrpt and get the reportId decryptObject decrypt = new decryptObject(); Object obj = decrypt.decryptObject(i, v); String[] result = obj.toString().split((",")); reportRequestId = Integer.parseInt(result[0].substring(4)); view.setAggregateRequestId(reportRequestId); view.setAggregateAction("/DLReport| Accessed Aggregate Report DL link"); view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); //now we get the report details aggregateRequests request = aggregatemanager.getAggregateRequestById(reportRequestId); if (request != null) { if (userDetails.getRoleId() == 2) { canViewReport = true; } else { //check permission List<programOrgHierarchy> orgHierarchyList = hierarchymanager.getProgramOrgHierarchy(programId); List<aggregateRequests> requests = aggregatemanager.getAggregateRequests(programId, userDetails.getId(), 2, orgHierarchyList.get(1).getId(), request.getId()); if (requests.size() > 0) { canViewReport = true; } } //we log them, grab report for them to download //if report doesn't exist we send them back to list with a message if (!canViewReport) { view = new aggregateView(); view.setAggregateRequestId(reportRequestId); view.setSystemUserId(userDetails.getId()); view.setAggregateAction("/DLReport| User does not have permission to view aggregate report"); aggregatemanager.saveAggregateView(view); ual.setRelatedId(reportRequestId); ual.setRelatedIdCol("reportRequestId"); ual.setSystemUserId(userDetails.getId()); ual.setMiscNotes("User does not have permission to view aggregate report"); usermanager.saveUserActivityLog(ual); } else { //generate the report for user to download //need to get report path String filePath = aggregatemanager.getReportPath(programId); String fileName = request.getReportFileName(); try { File f = new File(filePath + fileName); if (!f.exists()) { ual.setRelatedId(reportRequestId); ual.setRelatedIdCol("reportRequestId"); ual.setSystemUserId(userDetails.getId()); ual.setMiscNotes("Error with File " + filePath + fileName); usermanager.saveUserActivityLog(ual); throw new Exception("Error with File " + filePath + fileName); } } catch (Exception e) { ual.setRelatedId(reportRequestId); ual.setRelatedIdCol("reportRequestId"); ual.setSystemUserId(userDetails.getId()); ual.setMiscNotes("File does not exists " + filePath + fileName); usermanager.saveUserActivityLog(ual); throw new Exception("File does not exists " + filePath + fileName); } try { // get your file as InputStream InputStream is = new FileInputStream(filePath + fileName); // copy it to response's OutputStream String mimeType = "application/octet-stream"; response.setContentType(mimeType); response.setHeader("Content-Transfer-Encoding", "binary"); response.setHeader("Content-Disposition", "attachment;filename=\"" + fileName + "\""); org.apache.commons.io.IOUtils.copy(is, response.getOutputStream()); response.flushBuffer(); is.close(); view = new aggregateView(); view.setSystemUserId(userDetails.getId()); view.setAggregateRequestId(reportRequestId); view.setAggregateAction("/DLReport| Download Report Set"); aggregatemanager.saveAggregateView(view); //update status request.setStatusId(4); aggregatemanager.updateAggregateRequest(request); ual.setRelatedId(reportRequestId); ual.setRelatedIdCol("reportRequestId"); ual.setSystemUserId(userDetails.getId()); ual.setMiscNotes("Downloaded Report Set"); usermanager.saveUserActivityLog(ual); } catch (IOException ex) { ual.setRelatedId(reportRequestId); ual.setRelatedIdCol("reportRequestId"); ual.setSystemUserId(userDetails.getId()); ual.setMiscNotes("Error with File " + filePath + fileName); usermanager.saveUserActivityLog(ual); ex.printStackTrace(); throw new Exception("Error with File " + filePath + fileName + ex); } } } else { //someone somehow got to this link, we just log //we log who is accessing //now we have report id, we check to see which program it belongs to and if the user has permission view.setAggregateRequestId(reportRequestId); view.setAggregateAction("/DLReport| Accessed aggregate report link - no user session found"); aggregatemanager.saveAggregateView(view); ual.setRelatedId(reportRequestId); ual.setRelatedIdCol("reportRequestId"); ual.setMiscNotes("Accessed aggregate report link - no user session found"); usermanager.saveUserActivityLog(ual); throw new Exception("invalid aggregate report download - " + reportRequestId); } } } @RequestMapping(value = "/unlockReportSet", method = { RequestMethod.GET }) public ModelAndView unlockReportSet(@RequestParam String i, @RequestParam String v, HttpSession session, HttpServletResponse response) throws Exception { Integer reportRequestId = 0; String miscNotes = ""; int logUserId = 0; if (session.getAttribute("userDetails") != null) { User userDetails = (User) session.getAttribute("userDetails"); logUserId = userDetails.getId(); decryptObject decrypt = new decryptObject(); Object obj = decrypt.decryptObject(i, v); String[] result = obj.toString().split((",")); reportRequestId = Integer.parseInt(result[0].substring(4)); if (userDetails.getRoleId() == 2) { //now we get the report details aggregateRequests ar = aggregatemanager.getAggregateRequestById(reportRequestId); if (ar != null) { aggregatemanager.deleteReportFile(ar); //we unlock report ar.setStatusId(1); ar.setReportFileName(""); ar.setLastModifiedUserId(userDetails.getId()); ar.setLocked(false); aggregatemanager.updateAggregateRequest(ar); //unlock report set aggregatemanager.updateReportSet(ar.getId(), false); // we log user aggregateView view = new aggregateView(); view.setAggregateRequestId(reportRequestId); view.setAggregateAction("/unlockReportSet| Unlocked Aggregate Report Set"); view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); miscNotes = "Unlocked Aggregate Report Set"; } } else { // we log user aggregateView view = new aggregateView(); view.setAggregateRequestId(reportRequestId); view.setAggregateAction( "/unlockReportSet| Does not have permission to unlocked Aggregate Report Set"); view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); miscNotes = "Does not have permission to unlocked Aggregate Report Set"; } } else { aggregateView view = new aggregateView(); view.setAggregateRequestId(reportRequestId); view.setAggregateAction( "/unlockReportSet| No session detected - Do not have permission to unlocked Aggregate Report"); view.setSystemUserId(0); aggregatemanager.saveAggregateView(view); miscNotes = "No session detected - Do not have permission to unlocked Aggregate Report"; } encryptObject encrypt = new encryptObject(); Map<String, String> map; //Encrypt the use id to pass in the url map = new HashMap<String, String>(); map.put("id", Integer.toString(reportRequestId)); map.put("topSecret", topSecret); String[] encrypted = encrypt.encryptObject(map); String viewLink = "/aggregate/view?i=" + encrypted[0] + "&id=0&v=" + encrypted[1]; ModelAndView mav = new ModelAndView(new RedirectView(viewLink)); /** Log Here **/ userActivityLog ual = new userActivityLog(); ual.setSystemUserId(logUserId); ual.setMapping("/unlockReportSet"); ual.setRequestMethod("GET"); ual.setMethodAccessed("unlockReportSet"); ual.setModuleId(moduleId); ual.setRelatedId(reportRequestId); ual.setRelatedIdCol("reportRequestId"); ual.setProgramId(programId); ual.setMiscNotes(miscNotes); usermanager.saveUserActivityLog(ual); return mav; } @RequestMapping(value = "/lockReport", method = { RequestMethod.GET }) public ModelAndView lockReportSet(@RequestParam String i, @RequestParam String v, HttpSession session, HttpServletResponse response) throws Exception { Integer reportRequestId = 0; boolean canLockReport = false; Integer lockUserId = 0; String miscNotes = ""; if (session.getAttribute("userDetails") != null) { User userDetails = (User) session.getAttribute("userDetails"); lockUserId = userDetails.getId(); decryptObject decrypt = new decryptObject(); Object obj = decrypt.decryptObject(i, v); String[] result = obj.toString().split((",")); reportRequestId = Integer.parseInt(result[0].substring(4)); List<programOrgHierarchy> orgHierarchyList = hierarchymanager.getProgramOrgHierarchy(programId); aggregateRequests request = aggregatemanager.getAggregateRequestDetailsById(reportRequestId, orgHierarchyList); if (request != null) { if (userDetails.getRoleId() == 2) { canLockReport = true; } else { userProgramModules modulePermissions = usermanager.getUserModulePermissions(programId, userDetails.getId(), moduleId); if (modulePermissions.isAllowEdit()) { List<aggregateRequests> requests = aggregatemanager.getAggregateRequests(programId, userDetails.getId(), 2, orgHierarchyList.get(1).getId(), request.getId()); if (requests.size() > 0) { canLockReport = true; } } } } if (canLockReport) { //we lock report request.setStatusId(3); request.setReportFileName(""); request.setLastModifiedUserId(userDetails.getId()); request.setLocked(true); aggregatemanager.updateAggregateRequest(request); //lock report set aggregatemanager.updateReportSet(request.getId(), true); //generate PDF here aggregatemanager.generateReportPDF(request, userDetails); // we log user aggregateView view = new aggregateView(); view.setAggregateRequestId(reportRequestId); view.setAggregateAction("/lockReport| Locked Aggregate Report Set"); miscNotes = "Locked Aggregate Report Set"; view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); } } if (!canLockReport) { aggregateView view = new aggregateView(); view.setAggregateRequestId(reportRequestId); view.setAggregateAction( "/lockReport| No session detected - Does not have permission to locked Aggregate Report"); view.setSystemUserId(lockUserId); aggregatemanager.saveAggregateView(view); miscNotes = "No session detected - Does not have permission to locked Aggregate Report"; } ModelAndView mav = new ModelAndView(new RedirectView("/aggregate/")); /** Log Here **/ userActivityLog ual = new userActivityLog(); ual.setSystemUserId(lockUserId); ual.setMapping("/lockReport"); ual.setRequestMethod("GET"); ual.setMethodAccessed("lockReportSet"); ual.setModuleId(moduleId); ual.setRelatedId(reportRequestId); ual.setRelatedIdCol("reportRequestId"); ual.setProgramId(programId); ual.setMiscNotes(miscNotes); usermanager.saveUserActivityLog(ual); return mav; } @RequestMapping(value = "/pageReport.do", method = { RequestMethod.POST }) public ModelAndView pageReport(@RequestParam int reportRequestDspPosForForm, @RequestParam int reportRequestIdForForm, @RequestParam Map<String, String> params, @RequestParam(value = "reportRequestReportIdForForm", required = true) Integer reportRequestReportId, RedirectAttributes redirectAttr, HttpSession session, HttpServletResponse response) throws Exception { User userDetails = (User) session.getAttribute("userDetails"); List<programOrgHierarchy> orgHierarchyList = hierarchymanager.getProgramOrgHierarchy(programId); aggregateRequestReports arr = aggregatemanager.getAggregateRequestReportById(reportRequestReportId); boolean canEditReport = false; String miscNotes = ""; //check permission + save data if (userDetails.getRoleId() == 2) { canEditReport = true; } else { userProgramModules modulePermissions = usermanager.getUserModulePermissions(programId, userDetails.getId(), moduleId); if (modulePermissions.isAllowEdit()) { List<aggregateRequests> requests = aggregatemanager.getAggregateRequests(programId, userDetails.getId(), 2, orgHierarchyList.get(1).getId(), arr.getAggregateRequestId()); if (requests.size() > 0) { canEditReport = true; } } } if (canEditReport) { aggregatemanager.saveReportData(params); //log user aggregateView view = new aggregateView(); view.setAggregateRequestId(arr.getAggregateRequestId()); view.setAggregateRequestReportId(arr.getId()); view.setAggregateAction("/pageReport.do| Updated Aggregate Report"); miscNotes = miscNotes + " Updated Aggregate Report"; view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); //set last modified times arr.setLastModifiedUserId(userDetails.getId()); arr.setDateModified(new Date()); aggregatemanager.updateAggregateRequestReport(arr); aggregateRequests ar = aggregatemanager.getAggregateRequestById(arr.getAggregateRequestId()); ar.setLastModifiedUserId(userDetails.getId()); ar.setDateModified(new Date()); aggregatemanager.updateAggregateRequest(ar); } ModelAndView mav = new ModelAndView(); // find the request report Id for the request with that dspPos aggregateRequestReports reportRequested = aggregatemanager .getAggregateRequestIdAndDspPos(reportRequestIdForForm, reportRequestDspPosForForm); aggregateRequestReports report = aggregatemanager.getAggregateRequestReportById(reportRequested.getId()); encryptObject encrypt = new encryptObject(); Map<String, String> map; //Encrypt the use id to pass in the url map = new HashMap<String, String>(); map.put("id", Integer.toString(report.getAggregateRequestId())); map.put("topSecret", topSecret); String[] encrypted = encrypt.encryptObject(map); aggregateView view = new aggregateView(); view.setAggregateRequestId(report.getAggregateRequestId()); view.setAggregateRequestReportId(reportRequested.getId()); view.setAggregateAction("/pageReport.do| Changed to view this report, program " + programId); miscNotes = miscNotes + " Changed to view this report"; view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); String viewLink = "/aggregate/view?i=" + encrypted[0] + "&id=" + reportRequested.getId() + "&v=" + encrypted[1]; mav = new ModelAndView(new RedirectView(viewLink)); /** Log Here **/ userActivityLog ual = new userActivityLog(); ual.setSystemUserId(userDetails.getId()); ual.setMapping("/pageReport.do"); ual.setRequestMethod("POST"); ual.setMethodAccessed("pageReport"); ual.setModuleId(moduleId); ual.setRelatedId(reportRequestReportId); ual.setRelatedIdCol("reportRequestReportId"); ual.setProgramId(programId); ual.setMiscNotes("canEditReport:" + canEditReport + " " + miscNotes); usermanager.saveUserActivityLog(ual); return mav; } @RequestMapping(value = "/unlockOneReport", method = { RequestMethod.POST }) public ModelAndView unlockOneReport( @RequestParam(value = "reportRequestReportIdForForm", required = true) Integer reportRequestReportId, HttpSession session, RedirectAttributes redirectAttr) throws Exception { User userDetails = (User) session.getAttribute("userDetails"); aggregateRequestReports arr = aggregatemanager.getAggregateRequestReportById(reportRequestReportId); String miscNotes = ""; //make sure user is role 2 if (userDetails.getRoleId() == 2) { //now we get the report details arr.setLocked(false); aggregatemanager.updateAggregateRequestReport(arr); //change master request to unlock aggregatemanager.updateReportSet(arr.getAggregateRequestId(), false); //log user aggregateView view = new aggregateView(); view.setAggregateRequestId(arr.getAggregateRequestId()); view.setAggregateRequestReportId(reportRequestReportId); view.setAggregateAction("/unlockOneReport| Unlocked Aggregate Report"); miscNotes = "Unlocked Aggregate Report"; view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); } else {//no permission //log user aggregateView view = new aggregateView(); view.setAggregateRequestId(arr.getAggregateRequestId()); view.setAggregateRequestReportId(reportRequestReportId); view.setAggregateAction("/unlockOneReport| User does not have permission to unlock report"); miscNotes = "User does not have permission to unlock report"; view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); } encryptObject encrypt = new encryptObject(); Map<String, String> map; //Encrypt the use id to pass in the url map = new HashMap<String, String>(); map.put("id", Integer.toString(arr.getAggregateRequestId())); map.put("topSecret", topSecret); String[] encrypted = encrypt.encryptObject(map); String viewLink = "/aggregate/view?i=" + encrypted[0] + "&id=" + arr.getId() + "&v=" + encrypted[1]; ModelAndView mav = new ModelAndView(new RedirectView(viewLink)); /** Log Here **/ userActivityLog ual = new userActivityLog(); ual.setSystemUserId(userDetails.getId()); ual.setMapping("/unlockOneReport"); ual.setRequestMethod("POST"); ual.setMethodAccessed("unlockOneReport"); ual.setModuleId(moduleId); ual.setRelatedId(reportRequestReportId); ual.setRelatedIdCol("reportRequestReportId"); ual.setMiscNotes(miscNotes); ual.setProgramId(programId); usermanager.saveUserActivityLog(ual); return mav; } @RequestMapping(value = { "/saveAndContinue.do" }, method = { RequestMethod.POST }) public ModelAndView saveAndContinue( @RequestParam(value = "reportRequestReportIdForForm", required = true) Integer reportRequestReportId, @RequestParam Map<String, String> params, HttpSession session, RedirectAttributes redirectAttr) throws Exception { User userDetails = (User) session.getAttribute("userDetails"); List<programOrgHierarchy> orgHierarchyList = hierarchymanager.getProgramOrgHierarchy(programId); aggregateRequestReports arr = aggregatemanager.getAggregateRequestReportById(reportRequestReportId); String miscNotes = ""; boolean canEditReport = false; //check permission if (userDetails.getRoleId() == 2) { canEditReport = true; } else { userProgramModules modulePermissions = usermanager.getUserModulePermissions(programId, userDetails.getId(), moduleId); if (modulePermissions.isAllowEdit()) { List<aggregateRequests> requests = aggregatemanager.getAggregateRequests(programId, userDetails.getId(), 2, orgHierarchyList.get(1).getId(), arr.getAggregateRequestId()); if (requests.size() > 0) { canEditReport = true; } } } if (canEditReport) { aggregatemanager.saveReportData(params); //log user aggregateView view = new aggregateView(); view.setAggregateRequestId(arr.getAggregateRequestId()); view.setAggregateRequestReportId(arr.getId()); view.setAggregateAction("/saveAndContinue.do| Updated Aggregate Report"); miscNotes = "Updated Aggregate Report"; view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); //set last modified times arr.setLastModifiedUserId(userDetails.getId()); arr.setDateModified(new Date()); aggregatemanager.updateAggregateRequestReport(arr); aggregateRequests ar = aggregatemanager.getAggregateRequestById(arr.getAggregateRequestId()); ar.setLastModifiedUserId(userDetails.getId()); ar.setDateModified(new Date()); aggregatemanager.updateAggregateRequest(ar); } encryptObject encrypt = new encryptObject(); Map<String, String> map; //Encrypt the use id to pass in the url map = new HashMap<String, String>(); map.put("id", Integer.toString(arr.getAggregateRequestId())); map.put("topSecret", topSecret); String[] encrypted = encrypt.encryptObject(map); String viewLink = "/aggregate/view?i=" + encrypted[0] + "&id=" + arr.getId() + "&v=" + encrypted[1]; ModelAndView mav = new ModelAndView(new RedirectView(viewLink)); /** Log Here **/ userActivityLog ual = new userActivityLog(); ual.setSystemUserId(userDetails.getId()); ual.setMapping("/saveAndContinue.do"); ual.setRequestMethod("POST"); ual.setMethodAccessed("saveAndContinue"); ual.setModuleId(moduleId); ual.setRelatedId(reportRequestReportId); ual.setRelatedIdCol("reportRequestReportId"); ual.setMiscNotes("canEditReport:" + canEditReport + "^^^^^" + miscNotes); ual.setProgramId(programId); usermanager.saveUserActivityLog(ual); return mav; } @RequestMapping(value = { "/saveAndLock.do" }, method = { RequestMethod.POST }) public ModelAndView saveAndLock( @RequestParam(value = "reportRequestReportIdForForm", required = true) Integer reportRequestReportId, @RequestParam Map<String, String> params, HttpSession session, RedirectAttributes redirectAttr) throws Exception { User userDetails = (User) session.getAttribute("userDetails"); List<programOrgHierarchy> orgHierarchyList = hierarchymanager.getProgramOrgHierarchy(programId); aggregateRequestReports arr = aggregatemanager.getAggregateRequestReportById(reportRequestReportId); String miscNotes = ""; boolean canEditReport = false; //check permission if (userDetails.getRoleId() == 2) { canEditReport = true; } else { userProgramModules modulePermissions = usermanager.getUserModulePermissions(programId, userDetails.getId(), moduleId); if (modulePermissions.isAllowEdit()) { List<aggregateRequests> requests = aggregatemanager.getAggregateRequests(programId, userDetails.getId(), 2, orgHierarchyList.get(1).getId(), arr.getAggregateRequestId()); if (requests.size() > 0) { canEditReport = true; } } } if (canEditReport) { aggregatemanager.saveReportData(params); //we lock here //log user aggregateView view = new aggregateView(); view.setAggregateRequestId(arr.getAggregateRequestId()); view.setAggregateRequestReportId(arr.getId()); view.setAggregateAction("/saveAndLock.do| Updated and Locked Aggregate Report"); miscNotes = "Updated and Locked Aggregate Report"; view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); //set last modified times arr.setLastModifiedUserId(userDetails.getId()); arr.setDateModified(new Date()); arr.setLocked(true); aggregatemanager.updateAggregateRequestReport(arr); // check to see how many reports are locked, if all are then we set master lock too aggregateRequests ar = aggregatemanager.getAggregateRequestDetailsById(arr.getAggregateRequestId(), orgHierarchyList); if (aggregatemanager.getUnlockReportsForRequest(ar.getId(), false).size() == 0) { ar.setLocked(true); //generate pdf here aggregatemanager.generateReportPDF(ar, userDetails); } ar.setLastModifiedUserId(userDetails.getId()); ar.setDateModified(new Date()); aggregatemanager.updateAggregateRequest(ar); } else { //log user aggregateView view = new aggregateView(); view.setAggregateRequestId(arr.getAggregateRequestId()); view.setAggregateRequestReportId(arr.getId()); view.setAggregateAction("/saveAndLock.do| Does not have permission to save and lock Aggregate Report"); miscNotes = "Does not have permission to save and lock Aggregate Report"; view.setSystemUserId(userDetails.getId()); aggregatemanager.saveAggregateView(view); } encryptObject encrypt = new encryptObject(); Map<String, String> map; //Encrypt the use id to pass in the url map = new HashMap<String, String>(); map.put("id", Integer.toString(arr.getAggregateRequestId())); map.put("topSecret", topSecret); String[] encrypted = encrypt.encryptObject(map); String viewLink = "/aggregate/view?i=" + encrypted[0] + "&id=" + arr.getId() + "&v=" + encrypted[1]; ModelAndView mav = new ModelAndView(new RedirectView(viewLink)); /** Log Here **/ userActivityLog ual = new userActivityLog(); ual.setSystemUserId(userDetails.getId()); ual.setMapping("/saveAndLock.do"); ual.setRequestMethod("POST"); ual.setMethodAccessed("saveAndLock"); ual.setModuleId(moduleId); ual.setRelatedId(reportRequestReportId); ual.setRelatedIdCol("reportRequestReportId"); ual.setMiscNotes("canEditReport:" + canEditReport + "^^^^^" + miscNotes); ual.setProgramId(programId); usermanager.saveUserActivityLog(ual); return mav; } }