diff --git a/.claude/settings.local.json b/.claude/settings.local.json new file mode 100644 index 0000000..e40e6ce --- /dev/null +++ b/.claude/settings.local.json @@ -0,0 +1,26 @@ +{ + "permissions": { + "allow": [ + "Read(//d/tmp/**)", + "Bash(D:\\Payara\\bin\\asadmin.bat list-connection-pools:*)", + "Bash(D:\\Payara\\bin\\asadmin.bat list-jdbc-resources:*)", + "Read(//d/Payara/bin/**)", + "Read(//d/Payara/glassfish/bin/**)", + "Bash(asadmin.bat list-jdbc-resources:*)", + "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" list-connection-pools)", + "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" list-jdbc-resources)", + "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" list-jdbc-connection-pools)", + "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" ping-connection-pool mysql_drawer_rootPool)", + "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" ping-connection-pool coopAzure)", + "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" get-property domain1.resources.jdbc-connection-pool.coopAzure.datasource-classname)", + "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" get domain1.resources.jdbc-connection-pool.coopAzure.datasource-classname)", + "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" get domain1.resources.jdbc-connection-pool.mysql_drawer_rootPool.datasource-classname)", + "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" get domain1.resources.jdbc-connection-pool.coopAzure.property.driverClass)", + "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" create-jdbc-connection-pool --datasourceclassname com.mysql.cj.jdbc.MysqlDataSource --restype javax.sql.DataSource --property user=hmis_admin:password=DHyMGgy7RRl8EPe:databaseName=rhdrawer:serverName=localhost:port=3336:useSSL=false:allowPublicKeyRetrieval=true:zeroDateTimeBehavior=CONVERT_TO_NULL rhdrawerPool)", + "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" create-jdbc-resource --connectionpoolid rhdrawerPool jdbc/rhdrawer)", + "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" ping-connection-pool rhdrawerPool)" + ], + "deny": [], + "ask": [] + } +} \ No newline at end of file diff --git a/.github/workflows/drawer_prod_ci_cd.yml b/.github/workflows/drawer_prod_ci_cd.yml index 8c4b4ba..47f7157 100644 --- a/.github/workflows/drawer_prod_ci_cd.yml +++ b/.github/workflows/drawer_prod_ci_cd.yml @@ -49,93 +49,93 @@ jobs: # - name: Run Tests # run: mvn test - # deploy: - # needs: build - # runs-on: ubuntu-latest - - # steps: - # - name: Checkout Code - # uses: actions/checkout@v4 - - # - name: Download Build Artifact - # uses: actions/download-artifact@v4 - # with: - # name: build-artifacts - # path: ./ - - # - name: Deploy to Payara - # env: - # SERVER_IP: ${{ secrets.RUHUNU_DRAWER_IP }} - # SERVER_USER: ${{ secrets.RUHUNU_DRAWER_USER }} - # SSH_PRIVATE_KEY: ${{ secrets.RUHUNU_DRAWER_SSH_PRIVATE_KEY }} - # PAYARA_ADMIN_PASS: ${{ secrets.RUHUNU_DRAWER_PAYARA_ADMIN_PASSWORD }} - # run: | - # # Add SSH private key to the SSH agent - # echo "$SSH_PRIVATE_KEY" > private_key.pem - # chmod 600 private_key.pem - - # # Variables - # WAR_NAME="drawer.war" - # WAR_DIR="/home/appuser/app/latest" - # APP_NAME="drawer" - # SUBDOMAIN="rhdrawer" - - # # Ensure deployment directory exists - # ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP " - # mkdir -p $WAR_DIR - # chown -R appuser:appuser $WAR_DIR - # cd $WAR_DIR - - # # Remove old backup if it exists - # if [ -f $WAR_NAME.old ]; then - # rm $WAR_NAME.old - # fi - - # # If the current WAR file exists, back it up - # if [ -f $WAR_NAME ]; then - # mv $WAR_NAME $WAR_NAME.old - # fi - # " - - # # Copy new WAR file to the server - # rsync -aL --progress -e "ssh -i private_key.pem" ./*.war $SERVER_USER@$SERVER_IP:$WAR_DIR/$WAR_NAME - - # # Set the WAR file permission - # ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP " - # chown appuser:appuser $WAR_DIR/$WAR_NAME - # " - - # # Deploy the WAR using asadmin - # ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP " - # echo 'AS_ADMIN_PASSWORD=$PAYARA_ADMIN_PASS' > /tmp/payara-admin-pass.txt - # /opt/payara5/bin/asadmin --user admin --passwordfile /tmp/payara-admin-pass.txt undeploy $APP_NAME || true - # /opt/payara5/bin/asadmin --user admin --passwordfile /tmp/payara-admin-pass.txt deploy --force=true --contextroot $APP_NAME $WAR_DIR/$WAR_NAME - # rm /tmp/payara-admin-pass.txt - # " - - # # Validate if the application is running - # ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP " - # echo 'AS_ADMIN_PASSWORD=$PAYARA_ADMIN_PASS' > /tmp/payara-admin-pass.txt - # if /opt/payara5/bin/asadmin --user admin --passwordfile /tmp/payara-admin-pass.txt list-applications | grep -q '$APP_NAME'; then - # echo 'Application is running.' - # else - # echo 'Application failed to start.' - # fi - # rm /tmp/payara-admin-pass.txt - # " - - # # Check if the application is reachable - # for i in {1..5}; do - # RESPONSE_CODE=$(curl -s -o /dev/null -w "%{http_code}" https://$SUBDOMAIN.carecode.org/$APP_NAME/) - # if [ "$RESPONSE_CODE" == "200" ]; then - # echo "Application is reachable and healthy." - # break - # elif [ "$i" == "5" ]; then - # echo "Application is not reachable or unhealthy at https://$SUBDOMAIN.carecode.org/$APP_NAME (HTTP $RESPONSE_CODE)" - # break - # fi - # sleep 10 - # done - - # # Cleanup - # rm -f private_key.pem + deploy: + needs: build + runs-on: ubuntu-latest + + steps: + - name: Checkout Code + uses: actions/checkout@v4 + + - name: Download Build Artifact + uses: actions/download-artifact@v4 + with: + name: build-artifacts + path: ./ + + - name: Deploy to Payara + env: + SERVER_IP: ${{ secrets.RUHUNU_DRAWER_IP }} + SERVER_USER: ${{ secrets.RUHUNU_DRAWER_USER }} + SSH_PRIVATE_KEY: ${{ secrets.RUHUNU_DRAWER_SSH_PRIVATE_KEY }} + PAYARA_ADMIN_PASS: ${{ secrets.RUHUNU_DRAWER_PAYARA_ADMIN_PASSWORD }} + run: | + # Add SSH private key to the SSH agent + echo "$SSH_PRIVATE_KEY" > private_key.pem + chmod 600 private_key.pem + + # Variables + WAR_NAME="drawer.war" + WAR_DIR="/home/appuser/app/latest" + APP_NAME="drawer" + SUBDOMAIN="rhdrawer" + + # Ensure deployment directory exists + ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP " + mkdir -p $WAR_DIR + chown -R appuser:appuser $WAR_DIR + cd $WAR_DIR + + # Remove old backup if it exists + if [ -f $WAR_NAME.old ]; then + rm $WAR_NAME.old + fi + + # If the current WAR file exists, back it up + if [ -f $WAR_NAME ]; then + mv $WAR_NAME $WAR_NAME.old + fi + " + + # Copy new WAR file to the server + rsync -aL --progress -e "ssh -i private_key.pem" ./*.war $SERVER_USER@$SERVER_IP:$WAR_DIR/$WAR_NAME + + # Set the WAR file permission + ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP " + chown appuser:appuser $WAR_DIR/$WAR_NAME + " + + # Deploy the WAR using asadmin + ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP " + echo 'AS_ADMIN_PASSWORD=$PAYARA_ADMIN_PASS' > /tmp/payara-admin-pass.txt + /opt/payara5/bin/asadmin --user admin --passwordfile /tmp/payara-admin-pass.txt undeploy $APP_NAME || true + /opt/payara5/bin/asadmin --user admin --passwordfile /tmp/payara-admin-pass.txt deploy --force=true --contextroot $APP_NAME $WAR_DIR/$WAR_NAME + rm /tmp/payara-admin-pass.txt + " + + # Validate if the application is running + ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP " + echo 'AS_ADMIN_PASSWORD=$PAYARA_ADMIN_PASS' > /tmp/payara-admin-pass.txt + if /opt/payara5/bin/asadmin --user admin --passwordfile /tmp/payara-admin-pass.txt list-applications | grep -q '$APP_NAME'; then + echo 'Application is running.' + else + echo 'Application failed to start.' + fi + rm /tmp/payara-admin-pass.txt + " + + # Check if the application is reachable + for i in {1..5}; do + RESPONSE_CODE=$(curl -s -o /dev/null -w "%{http_code}" https://$SUBDOMAIN.carecode.org/$APP_NAME/) + if [ "$RESPONSE_CODE" == "200" ]; then + echo "Application is reachable and healthy." + break + elif [ "$i" == "5" ]; then + echo "Application is not reachable or unhealthy at https://$SUBDOMAIN.carecode.org/$APP_NAME (HTTP $RESPONSE_CODE)" + break + fi + sleep 10 + done + + # Cleanup + rm -f private_key.pem diff --git a/src/main/java/com/divudi/bean/SecurityController.java b/src/main/java/com/divudi/bean/SecurityController.java index a80b231..aff06e9 100644 --- a/src/main/java/com/divudi/bean/SecurityController.java +++ b/src/main/java/com/divudi/bean/SecurityController.java @@ -30,6 +30,9 @@ public SecurityController() { } public String encrypt(String word) { + if (word == null) { + return null; + } BasicTextEncryptor en = new BasicTextEncryptor(); en.setPassword("health"); try { @@ -40,6 +43,9 @@ public String encrypt(String word) { } public String hash(String word) { + if (word == null) { + return null; + } try { BasicPasswordEncryptor en = new BasicPasswordEncryptor(); return en.encryptPassword(word); @@ -49,11 +55,21 @@ public String hash(String word) { } public boolean matchPassword(String planePassword, String encryptedPassword) { - BasicPasswordEncryptor en = new BasicPasswordEncryptor(); - return en.checkPassword(planePassword, encryptedPassword); + if (planePassword == null || encryptedPassword == null) { + return false; + } + try { + BasicPasswordEncryptor en = new BasicPasswordEncryptor(); + return en.checkPassword(planePassword, encryptedPassword); + } catch (Exception e) { + return false; + } } public String decrypt(String word) { + if (word == null) { + return null; + } BasicTextEncryptor en = new BasicTextEncryptor(); en.setPassword("health"); try { diff --git a/src/main/java/com/divudi/bean/SessionController.java b/src/main/java/com/divudi/bean/SessionController.java index a8d92dd..72b2eed 100644 --- a/src/main/java/com/divudi/bean/SessionController.java +++ b/src/main/java/com/divudi/bean/SessionController.java @@ -304,12 +304,23 @@ public void changeCurrentUserPassword() { public Boolean userNameAvailable(String userName) { Boolean available = true; List allUsers = getFacede().findAll(); + + if (getSecurityController() == null || userName == null) { + return available; + } + for (WebUser w : allUsers) { - if (w.getName() != null && userName != null) { - String decryptedName = getSecurityController().decrypt(w.getName()); - if (decryptedName != null && userName.toLowerCase().equals(decryptedName.toLowerCase())) { - available = false; - } + if (w.getName() == null) { + continue; + } + + String decryptedName = getSecurityController().decrypt(w.getName()); + if (decryptedName == null) { + continue; + } + + if (userName.toLowerCase().equals(decryptedName.toLowerCase())) { + available = false; } } return available; @@ -339,48 +350,58 @@ private boolean checkUsers() { String temSQL; temSQL = "SELECT u FROM WebUser u WHERE u.retired = false"; List allUsers = getFacede().findBySQL(temSQL); + + if (getSecurityController() == null) { + UtilityController.addErrorMessage("Security controller not initialized"); + return false; + } + for (WebUser u : allUsers) { // System.out.println("u = " + u); // System.out.println("u.getId() = " + u.getId()); // System.out.println("u.getId() = " + u.getCode()); // System.out.println("u.getName() = " + u.getName()); // System.out.println("userName = " + userName); - if (u.getName() != null && userName != null) { - String decryptedName = getSecurityController().decrypt(u.getName()); - if (decryptedName != null && decryptedName.equalsIgnoreCase(userName)) { - boolean passwordMatch = false; - if (passord != null && u.getWebUserPassword() != null) { - passwordMatch = getSecurityController().matchPassword(passord, u.getWebUserPassword()); - } + if (u.getName() == null) { + continue; + } - boolean usedForTesting = false; + String decryptedName = getSecurityController().decrypt(u.getName()); + if (decryptedName == null) { + continue; + } - if (passwordMatch || usedForTesting) { - if (!canLogToDept(u, department)) { - UtilityController.addErrorMessage("No privilage to Login This Department"); - return false; - } - if (getApplicationController().isLogged(u) != null) { - UtilityController.addErrorMessage("This user already logged. Other instances will be logged out now."); - } + if (decryptedName.equalsIgnoreCase(userName)) { - u.setDepartment(department); - u.setInstitution(institution); + boolean passwordMatch = getSecurityController().matchPassword(passord, u.getWebUserPassword()); - getFacede().edit(u); + boolean usedForTesting = false; - setLoggedUser(u); - setLogged(Boolean.TRUE); - setActivated(u.isActivated()); - setRole(u.getRole()); - getWebUserBean().setLoggedUser(u); + if (passwordMatch || usedForTesting) { + if (!canLogToDept(u, department)) { + UtilityController.addErrorMessage("No privilage to Login This Department"); + return false; + } + if (getApplicationController().isLogged(u) != null) { + UtilityController.addErrorMessage("This user already logged. Other instances will be logged out now."); + } - recordLogin(); + u.setDepartment(department); + u.setInstitution(institution); - UtilityController.addSuccessMessage("Logged successfully"); - return true; - } + getFacede().edit(u); + + setLoggedUser(u); + setLogged(Boolean.TRUE); + setActivated(u.isActivated()); + setRole(u.getRole()); + getWebUserBean().setLoggedUser(u); + + recordLogin(); + + UtilityController.addSuccessMessage("Logged successfully"); + return true; } } } @@ -565,10 +586,11 @@ public void setrFacade(WebUserRoleFacade rFacade) { } public String getDisplayName() { - if (getLoggedUser() != null && getLoggedUser().getName() != null) { - return getSecurityController().decrypt(getLoggedUser().getName()); + if (getSecurityController() == null || getLoggedUser() == null || getLoggedUser().getName() == null) { + return ""; } - return ""; + String decryptedName = getSecurityController().decrypt(getLoggedUser().getName()); + return decryptedName != null ? decryptedName : ""; } /** diff --git a/src/main/java/com/divudi/bean/WebUserController.java b/src/main/java/com/divudi/bean/WebUserController.java index b4a9ab0..7defa9d 100644 --- a/src/main/java/com/divudi/bean/WebUserController.java +++ b/src/main/java/com/divudi/bean/WebUserController.java @@ -143,8 +143,18 @@ public void removeUser() { } public void updateUser(WebUser wu) { + if (wu == null) { + UtilityController.addErrorMessage("No user to update"); + return; + } + System.out.println("wu.getName() = " + wu.getName()); - wu.setName(getSecurityController().encrypt(wu.getName())); + if (getSecurityController() != null && wu.getName() != null) { + String encryptedName = getSecurityController().encrypt(wu.getName()); + if (encryptedName != null) { + wu.setName(encryptedName); + } + } System.out.println("wu.getName() = " + wu.getName()); getPersonFacade().edit(wu.getWebUserPerson()); getFacade().edit(wu); @@ -301,10 +311,19 @@ public List getItems() { private void dycryptName() { List temp = items; + if (getSecurityController() == null) { + return; + } + for (int i = 0; i < temp.size(); i++) { WebUser w = temp.get(i); - w.setName(getSecurityController().decrypt(w.getName()).toLowerCase()); - temp.set(i, w); + if (w != null && w.getName() != null) { + String decryptedName = getSecurityController().decrypt(w.getName()); + if (decryptedName != null) { + w.setName(decryptedName.toLowerCase()); + temp.set(i, w); + } + } } items = temp; @@ -379,10 +398,15 @@ public Boolean userNameAvailable(String userName) { if (allUsers == null) { return false; } - for (WebUser w : allUsers) { - if (userName != null && w != null && w.getName() != null) { - if (userName.toLowerCase().equals(getSecurityController().decrypt(w.getName()).toLowerCase())) { + if (getSecurityController() == null || userName == null) { + return false; + } + + for (WebUser w : allUsers) { + if (w != null && w.getName() != null) { + String decryptedName = getSecurityController().decrypt(w.getName()); + if (decryptedName != null && userName.toLowerCase().equals(decryptedName.toLowerCase())) { //////System.out.println("Ift"); available = true; return available;// ok. that is may be the issue. we will try with it ok diff --git a/src/main/setup/glassfish-resources.xml b/src/main/setup/glassfish-resources.xml index 740fbe0..1a18610 100644 --- a/src/main/setup/glassfish-resources.xml +++ b/src/main/setup/glassfish-resources.xml @@ -1,14 +1,16 @@ - + - - - - - - + + + + + + + + diff --git a/src/main/webapp/admin_manage_users.xhtml b/src/main/webapp/admin_manage_users.xhtml index 38eed71..8126ad5 100644 --- a/src/main/webapp/admin_manage_users.xhtml +++ b/src/main/webapp/admin_manage_users.xhtml @@ -10,7 +10,7 @@ - +