Merge Release-3.8.0 (3.6.1) to Main

.vscode/settings.json

@@ -0,0 +1,3 @@
+{
+    "java.compile.nullAnalysis.mode": "automatic"
+}

pom.xml

@@ -6,7 +6,7 @@
 
 	<groupId>com.iemr.common-API</groupId>
 	<artifactId>common-api</artifactId>
-	<version>3.6.0</version>
+	<version>3.8.0</version>
 	<packaging>war</packaging>
 
 	<name>Common-API</name>

src/main/environment/common_ci.properties

@@ -19,6 +19,7 @@ km-base-path=@env.KM_API_BASE_PATH@
 km-root-path=/okm:personal/users/
 km-guest-user=@env.KM_GUEST_USER@
 km-guest-password=@env.KM_GUEST_PASSWORD@
+tempFilePath=@env.TEMP_FILE_PATH@
 
 # CTI Config
 cti-server-ip=@env.CTI_SERVER_IP@
@@ -202,5 +203,9 @@ platform.feedback.ratelimit.day-limit=@env.PLATFORM_FEEDBACK_RATELIMIT_DAY_LIMIT
 platform.feedback.ratelimit.user-day-limit=@env.PLATFORM_FEEDBACK_RATELIMIT_USER_DAY_LIMIT@
 platform.feedback.ratelimit.fail-window-minutes=@env.PLATFORM_FEEDBACK_RATELIMIT_FAIL_WINDOW_MINUTES@
 platform.feedback.ratelimit.backoff-minutes=@env.PLATFORM_FEEDBACK_RATELIMIT_BACKOFF_MINUTES@
+otp.ratelimit.enabled=@env.OTP_RATELIMIT_ENABLED@
+otp.ratelimit.minute-limit=@env.OTP_RATELIMIT_MINUTE_LIMIT@
+otp.ratelimit.hour-limit=@env.OTP_RATELIMIT_HOUR_LIMIT@
+otp.ratelimit.day-limit=@env.OTP_RATELIMIT_DAY_LIMIT@
 generateBeneficiaryIDs-api-url=@env.GEN_BENEFICIARY_IDS_API_URL@
 

src/main/environment/common_docker.properties

@@ -126,7 +126,7 @@ everwellRegisterBenficiary = ${COMMON_API_BASE_URL}/beneficiary/create
 ## LungAssessment credentials
 lungAssessmentEmail = ${SWAASA_EMAIL}
 lungAssessmentPassword =${SWAASA_PASSWORD}
-
+tempFilePath=${TEMP_FILE_PATH}
 
 ## SWASSA APIs
 lungAssessmentAdminLogin = ${SWAASA_BASE_URL}/api/adminLogin
@@ -206,4 +206,8 @@ platform.feedback.ratelimit.day-limit=${PLATFORM_FEEDBACK_RATELIMIT_DAY_LIMIT}
 platform.feedback.ratelimit.user-day-limit=${PLATFORM_FEEDBACK_RATELIMIT_USER_DAY_LIMIT}
 platform.feedback.ratelimit.fail-window-minutes=${PLATFORM_FEEDBACK_RATELIMIT_FAIL_WINDOW_MINUTES}
 platform.feedback.ratelimit.backoff-minutes=${PLATFORM_FEEDBACK_RATELIMIT_BACKOFF_MINUTES}
+otp.ratelimit.enabled=${OTP_RATELIMIT_ENABLED}
+otp.ratelimit.minute-limit=${OTP_RATELIMIT_MINUTE_LIMIT}
+otp.ratelimit.hour-limit=${OTP_RATELIMIT_HOUR_LIMIT}
+otp.ratelimit.day-limit=${OTP_RATELIMIT_DAY_LIMIT}
 generateBeneficiaryIDs-api-url={GEN_BENEFICIARY_IDS_API_URL}

src/main/environment/common_example.properties

@@ -25,6 +25,8 @@ km-root-path=/okm:personal/users/
 km-guest-user=guest
 km-guest-password=guest
 
+tempFilePath=/opt/openkm
+
 # CTI Config
 cti-server-ip=10.208.122.99
 cti-logger_base_url=http://10.208.122.99/logger
@@ -224,5 +226,10 @@ platform.feedback.ratelimit.user-day-limit=50
 platform.feedback.ratelimit.fail-window-minutes=5
 platform.feedback.ratelimit.backoff-minutes=15
 
+# --- OTP Rate Limiting (per mobile number) ---
+otp.ratelimit.minute-limit=3
+otp.ratelimit.hour-limit=10
+otp.ratelimit.day-limit=20
+
 ### generate Beneficiary IDs URL
 generateBeneficiaryIDs-api-url=/generateBeneficiaryController/generateBeneficiaryIDs

src/main/java/com/iemr/common/controller/beneficiary/BeneficiaryRegistrationController.java

@@ -36,6 +36,7 @@
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
@@ -71,6 +72,8 @@
 import com.iemr.common.service.userbeneficiarydata.MaritalStatusService;
 import com.iemr.common.service.userbeneficiarydata.StatusService;
 import com.iemr.common.service.userbeneficiarydata.TitleService;
+import com.iemr.common.utils.CookieUtil;
+import com.iemr.common.utils.JwtUtil;
 import com.iemr.common.utils.mapper.InputMapper;
 import com.iemr.common.utils.mapper.OutputMapper;
 import com.iemr.common.utils.response.OutputResponse;
@@ -105,6 +108,8 @@
 	private BeneficiaryOccupationService beneficiaryOccupationService;
 	private GovtIdentityTypeService govtIdentityTypeService;
 
+	@Autowired
+	private JwtUtil jwtUtil;
 
 	@Autowired
 	public void setBenRelationshipTypeService(BenRelationshipTypeService benRelationshipTypeService) {
@@ -326,7 +331,7 @@
 			BenPhoneMap benPhoneMap = OutputMapper.gson().fromJson(request, BenPhoneMap.class);
 			int pageNumber = requestObj.has("pageNo") ? (requestObj.getInt("pageNo") - 1) : 0;
 			int rows = requestObj.has("rowsPerPage") ? requestObj.getInt("rowsPerPage") : 1000;
 			if (requestObj.has("is1097") && requestObj.getBoolean("is1097") == true) {
 				benPhoneMap.setIs1097(true);
 			}
 
@@ -344,6 +349,54 @@
 		return response.toString();
 	}
 
+	@Operation(summary = "Provide the list of beneficiaries using Elasticsearch")
+	@RequestMapping(value = "/searchUser", method = RequestMethod.POST, headers = "Authorization")
+	public String searchUser(@RequestBody String request, HttpServletRequest httpRequest) {
+		OutputResponse response = new OutputResponse();
+		try {
+			logger.info("Universal search request received");
+
+			JsonParser parser = new JsonParser();
+			JsonObject requestObj = parser.parse(request).getAsJsonObject();
+
+			String searchQuery = null;
+			if (requestObj.has("search") && !requestObj.get("search").isJsonNull()) {
+				searchQuery = requestObj.get("search").getAsString();
+			}
+
+			if (searchQuery == null || searchQuery.trim().isEmpty()) {
+				response.setError(400, "Search query is required");
+				return response.toString();
+			}
+
+			String auth = httpRequest.getHeader("Authorization");
+
+			Integer userID = jwtUtil.getUserIdFromRequest(httpRequest);
+
+			logger.info("ES search for userId: {}", userID);
+
+			Boolean is1097 = false;
+			if (requestObj.has("is1097") && !requestObj.get("is1097").isJsonNull()) {
+				is1097 = requestObj.get("is1097").getAsBoolean();
+			}
+
+			logger.info("Searching with query: {}, userId: {}, is1097: {}", searchQuery, userID, is1097);
+			String result = iemrSearchUserService.searchUser(searchQuery, userID, auth, is1097);
+
+			if (result == null || result.trim().isEmpty()) {
+				response.setError(200, "No beneficiaries found");
+				return response.toString();
+			}
+
+			return result;
+
+		} catch (Exception e) {
+			logger.error("Error in universal search: {}", e.getMessage(), e);
+			response.setError(400, "Error searching beneficiaries: " + e.getMessage());
+			return response.toString();
+		}
+	}
+
 	@Operation(summary = "Provide the list of beneficiaries based on search criteria")
 	@RequestMapping(value = "/searchBeneficiary", method = RequestMethod.POST, headers = "Authorization")
 	public String searchBeneficiary(
@@ -366,6 +419,41 @@
 		return output.toString();
 	}
 
+	/**
+	 * Elasticsearch-based advanced search endpoint
+	 */
+	@Operation(summary = "Advanced search beneficiaries using Elasticsearch")
+	@RequestMapping(value = "/searchBeneficiaryES", method = RequestMethod.POST, headers = "Authorization")
+	public String searchBeneficiaryES(
+			@RequestBody BeneficiaryModel request,
+			HttpServletRequest httpRequest) {
+
+		logger.info("searchBeneficiaryES request: {}", request);
+		OutputResponse output = new OutputResponse();
+
+		try {
+
+			String auth = httpRequest.getHeader("Authorization");
+
+			Integer userID = jwtUtil.getUserIdFromRequest(httpRequest);
+
+			logger.info("ES Advanced search for userId: {}", userID);
+
+			String result = iemrSearchUserService.findBeneficiaryES(request, userID, auth);
+
+			return result;
+
+		} catch (NumberFormatException ne) {
+			logger.error("searchBeneficiaryES failed with number format error: {}", ne.getMessage(), ne);
+			output.setError(400, "Invalid number format in search criteria");
+			return output.toString();
+		} catch (Exception e) {
+			logger.error("searchBeneficiaryES failed with error: {}", e.getMessage(), e);
+			output.setError(500, "Error searching beneficiaries: " + e.getMessage());
+			return output.toString();
+		}
+	}
+
 	@Operation(summary = "Provide all common data list needed for beneficiary registration")
 	@RequestMapping(value = "/getRegistrationData", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON, headers = "Authorization")
 	public String getRegistrationData() {

src/main/java/com/iemr/common/controller/beneficiaryConsent/BeneficiaryConsentController.java

@@ -22,6 +22,7 @@
 package com.iemr.common.controller.beneficiaryConsent;
 
 import com.iemr.common.data.beneficiaryConsent.BeneficiaryConsentRequest;
+import com.iemr.common.exception.OtpRateLimitException;
 import com.iemr.common.service.beneficiaryOTPHandler.BeneficiaryOTPHandler;
 import com.iemr.common.utils.mapper.InputMapper;
 import com.iemr.common.utils.response.OutputResponse;
@@ -58,7 +59,9 @@
             logger.info(success.toString());
             response.setResponse(success);
 
-
+        } catch (OtpRateLimitException e) {
+            logger.warn("OTP rate limit hit for sendConsent: " + e.getMessage());
+            response.setError(429, e.getMessage());
         } catch (Exception e) {
             response.setError(500, "error : " + e);
         }
@@ -105,6 +108,9 @@
             else
                 response.setError(500, "failure");
 
+        } catch (OtpRateLimitException e) {
+            logger.warn("OTP rate limit hit for resendConsent: " + e.getMessage());
+            response.setError(429, e.getMessage());
         } catch (Exception e) {
             logger.error("error in re-sending Consent : " + e);
             response.setError(500, "error : " + e);

src/main/java/com/iemr/common/controller/dynamicForm/DynamicFormController.java

@@ -84,9 +84,9 @@ public ResponseEntity<ApiResponse<?>> deleteField(@PathVariable Long fieldId) {
     }
 
     @GetMapping(value = "form/{formId}/fields")
-    public ResponseEntity<ApiResponse<?>> getStructuredForm(@PathVariable String formId, @RequestParam(name = "lang", defaultValue = "en") String lang) {
+    public ResponseEntity<ApiResponse<?>> getStructuredForm(@PathVariable String formId, @RequestParam(name = "lang", defaultValue = "en") String lang,@RequestHeader(value = "jwttoken") String token) {
         try {
-            Object result = formMasterService.getStructuredFormByFormId(formId,lang);
+            Object result = formMasterService.getStructuredFormByFormId(formId,lang,token);
             return ResponseEntity.status(HttpStatus.OK)
                     .body(ApiResponse.success("Form structure fetched successfully", HttpStatus.OK.value(), result));
         } catch (Exception e) {

src/main/java/com/iemr/common/controller/users/IEMRAdminController.java

@@ -276,7 +276,7 @@
 
 			// Get user details
 			// Get user details
 			String userId = claims.get("userId", String.class);
 			User user = iemrAdminUserServiceImpl.getUserById(Long.parseLong(userId));
 
 			// Validate that the user still exists and is active
@@ -1221,10 +1221,28 @@
 		try {
 			List<User> users = iemrAdminUserServiceImpl.getUserIdbyUserName(userName);
 			if (users.isEmpty()) {
 				return new ResponseEntity<>(Map.of("error", "UserName Not Found"), HttpStatus.NOT_FOUND);
 			}
 			User user = users.get(0);
-			return new ResponseEntity<>(Map.of("userName", user.getUserName(), "userId", user.getUserID()), HttpStatus.OK);
+			return new ResponseEntity<>(Map.of("userName", user.getUserName(), "userId", user.getUserID()),
+					HttpStatus.OK);
+		} catch (Exception e) {
+			return new ResponseEntity<>(Map.of("error", "Internal server error"), HttpStatus.INTERNAL_SERVER_ERROR);
+		}
+
+	}
+
+	@Operation(summary = "Get UserId based on userName")
+	@GetMapping(value = "/checkUserName/{userName}", produces = MediaType.APPLICATION_JSON, headers = "Authorization")
+	public ResponseEntity<?> checkUserDetails(@PathVariable("userName") String userName) {
+		try {
+			List<User> users = iemrAdminUserServiceImpl.findUserIdByUserName(userName);
+			if (users.isEmpty()) {
+				return new ResponseEntity<>(Map.of("error", "UserName Not Found"), HttpStatus.NOT_FOUND);
+			}
+			User user = users.get(0);
+			return new ResponseEntity<>(Map.of("userName", user.getUserName(), "userId", user.getUserID()),
+					HttpStatus.OK);
 		} catch (Exception e) {
 			return new ResponseEntity<>(Map.of("error", "Internal server error"), HttpStatus.INTERNAL_SERVER_ERROR);
 		}

src/main/java/com/iemr/common/controller/version/VersionController.java

@@ -85,4 +85,4 @@ private Properties loadGitProperties() throws IOException {
 		}
 		return properties;
 	}
-}
+}

src/main/java/com/iemr/common/data/dynamic_from/FormField.java

@@ -53,7 +53,15 @@ public class FormField {
     @Column(name = "sequence")
     private Integer sequence;
 
+    @Column(name = "is_editable")
+    private Boolean isEditable;
+
+    @Column(name = "state_code")
+    private Integer stateCode;
+
     @Column(name = "created_at")
     private LocalDateTime createdAt = LocalDateTime.now();
 
+
+
 }

src/main/java/com/iemr/common/data/translation/Translation.java

@@ -18,6 +18,8 @@ public class Translation {
     private String english;
     @Column(name = "hindi_translation")
     private String hindiTranslation;
+    @Column(name = "assamese_translation")
+    private String assameseTranslation;
     @Column(name = "is_active")
     private Boolean isActive;
 }