List of usage examples for org.springframework.web.context.request WebRequest getParameterValues
@Nullable String[] getParameterValues(String paramName);
From source file:org.openmrs.module.personalhr.web.controller.PhrUserFormController.java
/** * @should work for an example//w w w . j av a 2 s. c om */ @RequestMapping(value = "/phr/user.form", method = RequestMethod.POST) public String handleSubmission(final WebRequest request, final HttpSession httpSession, final ModelMap model, @RequestParam(required = false, value = "action") final String action, @RequestParam(required = false, value = "userFormPassword") String password, @RequestParam(required = false, value = "secretQuestion") final String secretQuestion, @RequestParam(required = false, value = "secretAnswer") final String secretAnswer, @RequestParam(required = false, value = "confirm") String confirm, @RequestParam(required = false, value = "forcePassword") final Boolean forcePassword, @RequestParam(required = false, value = "roleStrings") final String[] roles, @RequestParam(required = false, value = "createNewPerson") final String createNewPerson, @RequestParam(required = false, value = "sharingToken") String sharingToken, @ModelAttribute("user") final User user, final BindingResult errors) { if (sharingToken == null) { sharingToken = (String) model.get("sharingToken"); } log.debug("Entering PhrUserFormController:handleSubmission..." + sharingToken); //add temporary privileges boolean isTemporary = false; boolean isAdministrator = false; if (!Context.isAuthenticated()) { Context.authenticate("temporary", "Temporary8"); Context.addProxyPrivilege(OpenmrsConstants.PRIV_ADD_USERS); Context.addProxyPrivilege(OpenmrsConstants.PRIV_EDIT_USERS); Context.addProxyPrivilege(OpenmrsConstants.PRIV_EDIT_PERSONS); Context.addProxyPrivilege(OpenmrsConstants.PRIV_VIEW_USERS); Context.addProxyPrivilege(OpenmrsConstants.PRIV_EDIT_USER_PASSWORDS); Context.addProxyPrivilege("PHR Restricted Patient Access"); isTemporary = true; log.debug("Added proxy privileges!"); } else { if (PhrService.PhrBasicRole.PHR_ADMINISTRATOR.getValue() .equals(PersonalhrUtil.getService().getPhrRole(Context.getAuthenticatedUser()))) { isAdministrator = true; Context.addProxyPrivilege(OpenmrsConstants.PRIV_ADD_USERS); Context.addProxyPrivilege(OpenmrsConstants.PRIV_EDIT_USERS); Context.addProxyPrivilege(OpenmrsConstants.PRIV_DELETE_USERS); Context.addProxyPrivilege(OpenmrsConstants.PRIV_PURGE_USERS); Context.addProxyPrivilege(OpenmrsConstants.PRIV_EDIT_PERSONS); Context.addProxyPrivilege(OpenmrsConstants.PRIV_EDIT_USER_PASSWORDS); } } try { final UserService us = Context.getUserService(); final MessageSourceService mss = Context.getMessageSourceService(); if (mss.getMessage("User.assumeIdentity").equals(action)) { Context.becomeUser(user.getSystemId()); httpSession.setAttribute(WebConstants.OPENMRS_MSG_ATTR, "User.assumeIdentity.success"); httpSession.setAttribute(WebConstants.OPENMRS_MSG_ARGS, user.getPersonName()); return "redirect:/phr/index.htm"; } else if (mss.getMessage("User.delete").equals(action)) { try { Context.getUserService().purgeUser(user); httpSession.setAttribute(WebConstants.OPENMRS_MSG_ATTR, "User.delete.success"); return "redirect:/phr/user.list"; } catch (final Exception ex) { httpSession.setAttribute(WebConstants.OPENMRS_ERROR_ATTR, "User.delete.failure"); log.error("Failed to delete user", ex); return "redirect:/phr/user.form?userId=" + request.getParameter("userId"); } } else if (mss.getMessage("User.retire").equals(action)) { final String retireReason = request.getParameter("retireReason"); if (!(StringUtils.hasText(retireReason))) { errors.rejectValue("retireReason", "User.disableReason.empty"); return showForm(user.getUserId(), createNewPerson, sharingToken, user, model, httpSession); } else { us.retireUser(user, retireReason); httpSession.setAttribute(WebConstants.OPENMRS_MSG_ATTR, "User.retiredMessage"); } } else if (mss.getMessage("User.unRetire").equals(action)) { us.unretireUser(user); httpSession.setAttribute(WebConstants.OPENMRS_MSG_ATTR, "User.unRetiredMessage"); } else { // check if username is already in the database if (us.hasDuplicateUsername(user)) { errors.rejectValue("username", "error.username.taken"); } // check if password and password confirm are identical if ((password == null) || password.equals("XXXXXXXXXXXXXXX")) { password = ""; } if ((confirm == null) || confirm.equals("XXXXXXXXXXXXXXX")) { confirm = ""; } if (!password.equals(confirm)) { errors.reject("error.password.match"); } if ((password.length() == 0) && isNewUser(user)) { errors.reject("error.password.weak"); } //check password strength if (password.length() > 0) { try { OpenmrsUtil.validatePassword(user.getUsername(), password, user.getSystemId()); } catch (final PasswordException e) { errors.reject(e.getMessage()); } } final Set<Role> newRoles = new HashSet<Role>(); if (roles != null) { for (final String r : roles) { // Make sure that if we already have a detached instance of this role in the // user's roles, that we don't fetch a second copy of that same role from // the database, or else hibernate will throw a NonUniqueObjectException. Role role = null; if (user.getRoles() != null) { for (final Role test : user.getRoles()) { if (test.getRole().equals(r)) { role = test; } } } if (role == null) { role = us.getRole(r); user.addRole(role); } newRoles.add(role); } } else { final Role role = us.getRole("PHR Restricted User"); newRoles.add(role); user.addRole(role); log.debug("Added PHR Restricted User role only: " + role); } if (user.getRoles() == null) { newRoles.clear(); } else { user.getRoles().retainAll(newRoles); } final String[] keys = request.getParameterValues("property"); final String[] values = request.getParameterValues("value"); if ((keys != null) && (values != null)) { for (int x = 0; x < keys.length; x++) { final String key = keys[x]; final String val = values[x]; user.setUserProperty(key, val); } } new UserProperties(user.getUserProperties()).setSupposedToChangePassword(forcePassword); final UserValidator uv = new UserValidator(); uv.validate(user, errors); if (errors.hasErrors()) { log.debug("errors validating user: " + errors.getErrorCount() + errors.toString()); return showForm(user.getUserId(), createNewPerson, sharingToken, user, model, httpSession); } String emailEntered = request.getParameter("9"); if (isNewUser(user) && !isAdministrator) { log.debug("Saving new user " + user.getUsername() + ", sharingToken=" + sharingToken); final PhrSharingToken token = Context.getService(PhrSharingTokenService.class) .getSharingToken(sharingToken); //check token existence and name matching if (token == null || token.getExpireDate().before(new Date())) { httpSession.setAttribute(WebConstants.OPENMRS_ERROR_ATTR, "Failed to register without a valid sharing token"); log.error("Failed to register without a valid sharing token"); PersonalhrUtil.getService().logEvent(PhrLogEvent.USER_SIGN_UP, new Date(), null, httpSession.getId(), null, "error=Failed to register without a valid sharing token; user_name=" + user.getName()); if (isTemporary) { Context.removeProxyPrivilege(OpenmrsConstants.PRIV_ADD_USERS); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_EDIT_USERS); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_VIEW_USERS); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_EDIT_PERSONS); Context.removeProxyPrivilege("PHR Restricted Patient Access"); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_EDIT_USER_PASSWORDS); Context.logout(); log.debug("Removed proxy privileges!"); } return "redirect:/phr/index.htm?noredirect=true"; } else if ((token != null) && (token.getRelatedPerson() != null)) { httpSession.setAttribute(WebConstants.OPENMRS_ERROR_ATTR, "Failed to register with a used sharing token"); log.error("Failed to register with a used sharing token"); PersonalhrUtil.getService().logEvent(PhrLogEvent.USER_SIGN_UP, new Date(), null, httpSession.getId(), null, "error=Failed to register with a used sharing token; user_name=" + user.getName() + "; sharingToken=" + token); if (isTemporary) { Context.removeProxyPrivilege(OpenmrsConstants.PRIV_ADD_USERS); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_EDIT_USERS); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_VIEW_USERS); Context.removeProxyPrivilege("PHR Restricted Patient Access"); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_EDIT_PERSONS); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_EDIT_USER_PASSWORDS); Context.logout(); log.debug("Removed proxy privileges!"); } return "redirect:/phr/index.htm?noredirect=true"; } else if (emailEntered != null && token.getRelatedPersonEmail().equalsIgnoreCase(emailEntered)) { // look for person attributes (including email entered) in the request and save to user for (final PersonAttributeType type : Context.getPersonService() .getPersonAttributeTypes(PERSON_TYPE.PATIENT, ATTR_VIEW_TYPE.VIEWING)) { final String paramName = type.getPersonAttributeTypeId().toString(); final String value = request.getParameter(paramName); this.log.debug("paramName=" + paramName); // if there is an error displaying the attribute, the value will be null if (value != null) { final PersonAttribute attribute = new PersonAttribute(type, value); try { final Object hydratedObject = attribute.getHydratedObject(); if ((hydratedObject == null) || "".equals(hydratedObject.toString())) { // if null is returned, the value should be blanked out attribute.setValue(""); } else if (hydratedObject instanceof Attributable) { attribute.setValue(((Attributable) hydratedObject).serialize()); } else if (!hydratedObject.getClass().getName().equals(type.getFormat())) { // if the classes doesn't match the format, the hydration failed somehow // TODO change the PersonAttribute.getHydratedObject() to not swallow all errors? throw new APIException(); } } catch (final APIException e) { errors.rejectValue("attributeMap[" + type.getName() + "]", "Invalid value for " + type.getName() + ": '" + value + "'"); this.log.warn("Got an invalid value: " + value + " while setting personAttributeType id #" + paramName, e); // setting the value to empty so that the user can reset the value to something else attribute.setValue(""); } user.getPerson().addAttribute(attribute); } } //create a new user by self registration us.saveUser(user, password); //update sharing token token.setRelatedPerson(user.getPerson()); token.setChangedBy(user); final Date date = new Date(); token.setDateChanged(date); token.setActivateDate(date); Context.getService(PhrSharingTokenService.class).savePhrSharingToken(token); httpSession.setAttribute(WebConstants.OPENMRS_MSG_ATTR, "personalhr.user.signed.up"); log.debug("New self-registered user created: " + user.getUsername()); PersonalhrUtil.getService().logEvent(PhrLogEvent.USER_SIGN_UP, new Date(), user, httpSession.getId(), null, "info=New self-registered user created; user_name=" + user.getName() + "; sharingToken=" + token); //save email to messaging service Integer addressId = saveEmail(user.getPerson(), emailEntered); //set default messaging alert address boolean shouldAlert = true; PersonalhrUtil.setMessagingAlertSettings(user.getPerson(), shouldAlert, addressId); //send email notification // TODO get the deployUrl from the request object; also bad to inject /openmrs/ ... final String deployUrl = Context.getRuntimeProperties().getProperty("deployment.url");//"https://65.111.248.164:8443/"; //"172.30.201.24"; final String url = deployUrl + "/openmrs/phr/index.htm"; final String passwordOption = Context.getAdministrationService() .getGlobalProperty("personalhr.show.password"); String notification = NOTIFICATION_TEMPLATE; notification = notification.replaceAll("OPENMRS_PHR_RELATED_PERSON", user.getPerson().getGivenName()); notification = notification.replaceAll("OPENMRS_USERNAME", user.getUsername()); notification = notification.replaceAll("OPENMRS_PASSWORD", showPassword(password, passwordOption)); notification = notification.replaceAll("OPENMRS_URL", url); PersonalhrUtil.sendEmail(emailEntered, notification); } else { httpSession.setAttribute(WebConstants.OPENMRS_MSG_ATTR, "Failed to create new user due to email mismatch: " + emailEntered); log.debug("Failed to create new user due to email mismatch: " + token.getRelatedPersonEmail() + " vs " + emailEntered); PersonalhrUtil.getService().logEvent(PhrLogEvent.USER_SIGN_UP, new Date(), null, httpSession.getId(), null, "info=Failed to create new user due to email mismatch: " + token.getRelatedPersonEmail() + "vs " + emailEntered + "; sharingToken=" + token); } } else if (isNewUser(user) && isAdministrator) { //create a new user by PHR Administrator us.saveUser(user, password); } else { //modify an exiting user us.saveUser(user, null); if (!password.equals("") && Context.hasPrivilege(OpenmrsConstants.PRIV_EDIT_USER_PASSWORDS)) { if (log.isDebugEnabled()) { log.debug("calling changePassword for user " + user + " by user " + Context.getAuthenticatedUser()); } us.changePassword(user, password); } log.debug("Existing user " + user.getUsername() + " changed by user " + Context.getAuthenticatedUser().getUsername()); PersonalhrUtil.getService().logEvent(PhrLogEvent.USER_UPDATE, new Date(), Context.getAuthenticatedUser(), httpSession.getId(), null, "info=Existing user updated; user_name=" + user.getName()); httpSession.setAttribute(WebConstants.OPENMRS_MSG_ATTR, "User.saved"); } if (StringUtils.hasLength(secretQuestion) && StringUtils.hasLength(secretAnswer)) { us.changeQuestionAnswer(user, secretQuestion, secretAnswer); httpSession.setAttribute(WebConstants.OPENMRS_MSG_ATTR, "User.saved"); } } } finally { //remove temporary privileges if (isTemporary) { Context.removeProxyPrivilege(OpenmrsConstants.PRIV_ADD_USERS); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_EDIT_USERS); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_VIEW_USERS); Context.removeProxyPrivilege("PHR Restricted Patient Access"); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_EDIT_PERSONS); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_EDIT_USER_PASSWORDS); Context.logout(); log.debug("Removed proxy privileges for self registration!"); } else if (isAdministrator) { Context.removeProxyPrivilege(OpenmrsConstants.PRIV_ADD_USERS); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_EDIT_USERS); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_DELETE_USERS); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_PURGE_USERS); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_EDIT_PERSONS); Context.removeProxyPrivilege(OpenmrsConstants.PRIV_EDIT_USER_PASSWORDS); log.debug("Removed proxy privileges for PHR Administrator!"); } } return "redirect:/phr/index.htm?noredirect=true"; }
From source file:org.openmrs.module.reporting.web.datasets.LogicDataSetEditor.java
@RequestMapping("/module/reporting/datasets/logicDataSetEditorSave") public String saveLogicDataset(ModelMap model, @RequestParam(required = false, value = "uuid") String uuid, @RequestParam(required = false, value = "name") String name, @RequestParam(required = false, value = "description") String description, WebRequest request) { DataSetDefinitionService svc = Context.getService(DataSetDefinitionService.class); LogicDataSetDefinition definition = uuid == null ? new LogicDataSetDefinition() : (LogicDataSetDefinition) svc.getDefinition(uuid, LogicDataSetDefinition.class); definition.setName(name);//w w w.j ava2 s. com definition.setDescription(description); definition.clearColumns(); int numColumns = request.getParameterValues("columnLogic").length; for (int i = 0; i < numColumns; ++i) { String columnName = request.getParameterValues("columnName")[i]; String columnLabel = request.getParameterValues("columnLabel")[i]; String columnLogic = request.getParameterValues("columnLogic")[i]; String columnFormat = request.getParameterValues("columnFormat")[i]; if (!StringUtils.isBlank(columnName) && !StringUtils.isBlank(columnLogic)) definition.addColumn(columnName, columnLabel, columnLogic, columnFormat); } try { boolean foundInvalidExpression = false; ArrayList<String> invalidTokens = null; //validate each logic expression for (Column col : definition.getColumns()) { if (!LogicUtil.isValidLogicExpression(col.getLogic())) { foundInvalidExpression = true; if (invalidTokens == null) invalidTokens = new ArrayList<String>(); invalidTokens.add(col.getLogic()); } } if (foundInvalidExpression) { String dynamicText = (invalidTokens.size() == 1) ? "value is" : "values are"; request.setAttribute(WebConstants.OPENMRS_ERROR_ATTR, "The following logic expression " + dynamicText + " invalid: " + StringUtils.join(invalidTokens, ", "), WebRequest.SCOPE_SESSION); } else svc.saveDefinition(definition); } catch (LogicException e) { request.setAttribute(WebConstants.OPENMRS_ERROR_ATTR, e.getMessage(), WebRequest.SCOPE_SESSION); log.error(e.getMessage(), e); } return "redirect:logicDataSetEditor.form?uuid=" + definition.getUuid(); }
From source file:org.openmrs.web.controller.user.UserFormController.java
/** * @should work for an example/*w ww .j a va 2s. c om*/ */ @RequestMapping(value = "/admin/users/user.form", method = RequestMethod.POST) public String handleSubmission(WebRequest request, HttpSession httpSession, ModelMap model, @RequestParam(required = false, value = "action") String action, @RequestParam(required = false, value = "userFormOldPassword") String oldPassword, @RequestParam(required = false, value = "userFormPassword") String password, @RequestParam(required = false, value = "secretQuestion") String secretQuestion, @RequestParam(required = false, value = "secretAnswer") String secretAnswer, @RequestParam(required = false, value = "confirm") String confirm, @RequestParam(required = false, value = "forcePassword") Boolean forcePassword, @RequestParam(required = false, value = "roleStrings") String[] roles, @RequestParam(required = false, value = "createNewPerson") String createNewPerson, @ModelAttribute("user") User user, BindingResult errors) { UserService us = Context.getUserService(); MessageSourceService mss = Context.getMessageSourceService(); if (!Context.isAuthenticated()) { errors.reject("auth.invalid"); } else if (mss.getMessage("User.assumeIdentity").equals(action)) { Context.becomeUser(user.getSystemId()); httpSession.setAttribute(WebConstants.OPENMRS_MSG_ATTR, "User.assumeIdentity.success"); httpSession.setAttribute(WebConstants.OPENMRS_MSG_ARGS, user.getPersonName()); return "redirect:/index.htm"; } else if (mss.getMessage("User.delete").equals(action)) { try { Context.getUserService().purgeUser(user); httpSession.setAttribute(WebConstants.OPENMRS_MSG_ATTR, "User.delete.success"); return "redirect:users.list"; } catch (Exception ex) { httpSession.setAttribute(WebConstants.OPENMRS_ERROR_ATTR, "User.delete.failure"); log.error("Failed to delete user", ex); return "redirect:/admin/users/user.form?userId=" + request.getParameter("userId"); } } else if (mss.getMessage("User.retire").equals(action)) { String retireReason = request.getParameter("retireReason"); if (!(StringUtils.hasText(retireReason))) { errors.rejectValue("retireReason", "User.disableReason.empty"); return showForm(user.getUserId(), createNewPerson, user, model); } else { us.retireUser(user, retireReason); httpSession.setAttribute(WebConstants.OPENMRS_MSG_ATTR, "User.retiredMessage"); } } else if (mss.getMessage("User.unRetire").equals(action)) { us.unretireUser(user); httpSession.setAttribute(WebConstants.OPENMRS_MSG_ATTR, "User.unRetiredMessage"); } else { // check if username is already in the database if (us.hasDuplicateUsername(user)) { errors.rejectValue("username", "error.username.taken"); } // check if password and password confirm are identical if (password == null || password.equals("XXXXXXXXXXXXXXX")) { password = ""; } if (confirm == null || confirm.equals("XXXXXXXXXXXXXXX")) { confirm = ""; } if (!password.equals(confirm)) { errors.reject("error.password.match"); } if (password.length() == 0 && isNewUser(user)) { errors.reject("options.login.password.null"); } //check password strength if (password.length() > 0) { try { OpenmrsUtil.validatePassword(user.getUsername(), password, user.getSystemId()); } catch (PasswordException e) { errors.reject(e.getMessage()); } } Set<Role> newRoles = new HashSet<Role>(); if (roles != null) { for (String r : roles) { // Make sure that if we already have a detached instance of this role in the // user's roles, that we don't fetch a second copy of that same role from // the database, or else hibernate will throw a NonUniqueObjectException. Role role = null; if (user.getRoles() != null) { for (Role test : user.getRoles()) { if (test.getRole().equals(r)) { role = test; } } } if (role == null) { role = us.getRole(r); user.addRole(role); } newRoles.add(role); } } if (user.getRoles() == null) { newRoles.clear(); } else { user.getRoles().retainAll(newRoles); } String[] keys = request.getParameterValues("property"); String[] values = request.getParameterValues("value"); if (keys != null && values != null) { for (int x = 0; x < keys.length; x++) { String key = keys[x]; String val = values[x]; user.setUserProperty(key, val); } } if (StringUtils.hasLength(secretQuestion) && !StringUtils.hasLength(secretAnswer)) { errors.reject("error.User.secretAnswer.empty"); } else if (!StringUtils.hasLength(secretQuestion) && StringUtils.hasLength(secretAnswer)) { errors.reject("error.User.secretQuestion.empty"); } new UserProperties(user.getUserProperties()).setSupposedToChangePassword(forcePassword); userValidator.validate(user, errors); if (errors.hasErrors()) { return showForm(user.getUserId(), createNewPerson, user, model); } if (isNewUser(user)) { us.createUser(user, password); } else { us.saveUser(user); if (!"".equals(password) && Context.hasPrivilege(PrivilegeConstants.EDIT_USER_PASSWORDS)) { if (log.isDebugEnabled()) { log.debug("calling changePassword for user " + user + " by user " + Context.getAuthenticatedUser()); } us.changePassword(user, oldPassword, password); } } if (StringUtils.hasLength(secretQuestion) && StringUtils.hasLength(secretAnswer)) { us.changeQuestionAnswer(user, secretQuestion, secretAnswer); } httpSession.setAttribute(WebConstants.OPENMRS_MSG_ATTR, "User.saved"); } return "redirect:users.list"; }