hotfix for user

.claude/settings.local.json

@@ -0,0 +1,26 @@
+{
+  "permissions": {
+    "allow": [
+      "Read(//d/tmp/**)",
+      "Bash(D:\\Payara\\bin\\asadmin.bat list-connection-pools:*)",
+      "Bash(D:\\Payara\\bin\\asadmin.bat list-jdbc-resources:*)",
+      "Read(//d/Payara/bin/**)",
+      "Read(//d/Payara/glassfish/bin/**)",
+      "Bash(asadmin.bat list-jdbc-resources:*)",
+      "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" list-connection-pools)",
+      "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" list-jdbc-resources)",
+      "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" list-jdbc-connection-pools)",
+      "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" ping-connection-pool mysql_drawer_rootPool)",
+      "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" ping-connection-pool coopAzure)",
+      "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" get-property domain1.resources.jdbc-connection-pool.coopAzure.datasource-classname)",
+      "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" get domain1.resources.jdbc-connection-pool.coopAzure.datasource-classname)",
+      "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" get domain1.resources.jdbc-connection-pool.mysql_drawer_rootPool.datasource-classname)",
+      "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" get domain1.resources.jdbc-connection-pool.coopAzure.property.driverClass)",
+      "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" create-jdbc-connection-pool --datasourceclassname com.mysql.cj.jdbc.MysqlDataSource --restype javax.sql.DataSource --property user=hmis_admin:password=DHyMGgy7RRl8EPe:databaseName=rhdrawer:serverName=localhost:port=3336:useSSL=false:allowPublicKeyRetrieval=true:zeroDateTimeBehavior=CONVERT_TO_NULL rhdrawerPool)",
+      "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" create-jdbc-resource --connectionpoolid rhdrawerPool jdbc/rhdrawer)",
+      "Bash(\"D:\\Payara\\glassfish\\bin\\asadmin.bat\" ping-connection-pool rhdrawerPool)"
+    ],
+    "deny": [],
+    "ask": []
+  }
+}

.github/workflows/drawer_prod_ci_cd.yml

@@ -49,93 +49,93 @@ jobs:
       # - name: Run Tests
       #   run: mvn test
 
-  # deploy:
-  #   needs: build
-  #   runs-on: ubuntu-latest
-
-  #   steps:
-  #     - name: Checkout Code
-  #       uses: actions/checkout@v4
-
-  #     - name: Download Build Artifact
-  #       uses: actions/download-artifact@v4
-  #       with:
-  #         name: build-artifacts
-  #         path: ./
-
-  #     - name: Deploy to Payara
-  #       env:
-  #         SERVER_IP: ${{ secrets.RUHUNU_DRAWER_IP }}
-  #         SERVER_USER: ${{ secrets.RUHUNU_DRAWER_USER }}
-  #         SSH_PRIVATE_KEY: ${{ secrets.RUHUNU_DRAWER_SSH_PRIVATE_KEY }}
-  #         PAYARA_ADMIN_PASS: ${{ secrets.RUHUNU_DRAWER_PAYARA_ADMIN_PASSWORD }}
-  #       run: |
-  #         # Add SSH private key to the SSH agent
-  #         echo "$SSH_PRIVATE_KEY" > private_key.pem
-  #         chmod 600 private_key.pem
-
-  #         # Variables
-  #         WAR_NAME="drawer.war"
-  #         WAR_DIR="/home/appuser/app/latest"
-  #         APP_NAME="drawer"
-  #         SUBDOMAIN="rhdrawer"
-
-  #         # Ensure deployment directory exists
-  #         ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP "
-  #           mkdir -p $WAR_DIR
-  #           chown -R appuser:appuser $WAR_DIR
-  #           cd $WAR_DIR
-
-  #           # Remove old backup if it exists
-  #           if [ -f $WAR_NAME.old ]; then
-  #             rm $WAR_NAME.old
-  #           fi
-
-  #           # If the current WAR file exists, back it up
-  #           if [ -f $WAR_NAME ]; then
-  #             mv $WAR_NAME $WAR_NAME.old
-  #           fi
-  #         "
-
-  #         # Copy new WAR file to the server
-  #         rsync -aL --progress -e "ssh -i private_key.pem" ./*.war $SERVER_USER@$SERVER_IP:$WAR_DIR/$WAR_NAME
-
-  #         # Set the WAR file permission
-  #         ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP "
-  #           chown appuser:appuser $WAR_DIR/$WAR_NAME
-  #         "
-
-  #         # Deploy the WAR using asadmin
-  #         ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP "
-  #           echo 'AS_ADMIN_PASSWORD=$PAYARA_ADMIN_PASS' > /tmp/payara-admin-pass.txt
-  #           /opt/payara5/bin/asadmin --user admin --passwordfile /tmp/payara-admin-pass.txt undeploy $APP_NAME || true
-  #           /opt/payara5/bin/asadmin --user admin --passwordfile /tmp/payara-admin-pass.txt deploy --force=true --contextroot $APP_NAME $WAR_DIR/$WAR_NAME
-  #           rm /tmp/payara-admin-pass.txt
-  #         "
-
-  #         # Validate if the application is running
-  #         ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP "
-  #           echo 'AS_ADMIN_PASSWORD=$PAYARA_ADMIN_PASS' > /tmp/payara-admin-pass.txt
-  #           if /opt/payara5/bin/asadmin --user admin --passwordfile /tmp/payara-admin-pass.txt list-applications | grep -q '$APP_NAME'; then
-  #             echo 'Application is running.'
-  #           else
-  #             echo 'Application failed to start.'
-  #           fi
-  #           rm /tmp/payara-admin-pass.txt
-  #         "
-
-  #         # Check if the application is reachable
-  #         for i in {1..5}; do
-  #           RESPONSE_CODE=$(curl -s -o /dev/null -w "%{http_code}" https://$SUBDOMAIN.carecode.org/$APP_NAME/)
-  #           if [ "$RESPONSE_CODE" == "200" ]; then
-  #             echo "Application is reachable and healthy."
-  #             break
-  #           elif [ "$i" == "5" ]; then
-  #             echo "Application is not reachable or unhealthy at https://$SUBDOMAIN.carecode.org/$APP_NAME (HTTP $RESPONSE_CODE)"
-  #             break
-  #           fi
-  #           sleep 10
-  #         done
-
-  #         # Cleanup
-  #         rm -f private_key.pem
+  deploy:
+    needs: build
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Download Build Artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: build-artifacts
+          path: ./
+
+      - name: Deploy to Payara
+        env:
+          SERVER_IP: ${{ secrets.RUHUNU_DRAWER_IP }}
+          SERVER_USER: ${{ secrets.RUHUNU_DRAWER_USER }}
+          SSH_PRIVATE_KEY: ${{ secrets.RUHUNU_DRAWER_SSH_PRIVATE_KEY }}
+          PAYARA_ADMIN_PASS: ${{ secrets.RUHUNU_DRAWER_PAYARA_ADMIN_PASSWORD }}
+        run: |
+          # Add SSH private key to the SSH agent
+          echo "$SSH_PRIVATE_KEY" > private_key.pem
+          chmod 600 private_key.pem
+
+          # Variables
+          WAR_NAME="drawer.war"
+          WAR_DIR="/home/appuser/app/latest"
+          APP_NAME="drawer"
+          SUBDOMAIN="rhdrawer"
+
+          # Ensure deployment directory exists
+          ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP "
+            mkdir -p $WAR_DIR
+            chown -R appuser:appuser $WAR_DIR
+            cd $WAR_DIR
+
+            # Remove old backup if it exists
+            if [ -f $WAR_NAME.old ]; then
+              rm $WAR_NAME.old
+            fi
+
+            # If the current WAR file exists, back it up
+            if [ -f $WAR_NAME ]; then
+              mv $WAR_NAME $WAR_NAME.old
+            fi
+          "
+
+          # Copy new WAR file to the server
+          rsync -aL --progress -e "ssh -i private_key.pem" ./*.war $SERVER_USER@$SERVER_IP:$WAR_DIR/$WAR_NAME
+
+          # Set the WAR file permission
+          ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP "
+            chown appuser:appuser $WAR_DIR/$WAR_NAME
+          "
+
+          # Deploy the WAR using asadmin
+          ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP "
+            echo 'AS_ADMIN_PASSWORD=$PAYARA_ADMIN_PASS' > /tmp/payara-admin-pass.txt
+            /opt/payara5/bin/asadmin --user admin --passwordfile /tmp/payara-admin-pass.txt undeploy $APP_NAME || true
+            /opt/payara5/bin/asadmin --user admin --passwordfile /tmp/payara-admin-pass.txt deploy --force=true --contextroot $APP_NAME $WAR_DIR/$WAR_NAME
+            rm /tmp/payara-admin-pass.txt
+          "
+
+          # Validate if the application is running
+          ssh -i private_key.pem -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP "
+            echo 'AS_ADMIN_PASSWORD=$PAYARA_ADMIN_PASS' > /tmp/payara-admin-pass.txt
+            if /opt/payara5/bin/asadmin --user admin --passwordfile /tmp/payara-admin-pass.txt list-applications | grep -q '$APP_NAME'; then
+              echo 'Application is running.'
+            else
+              echo 'Application failed to start.'
+            fi
+            rm /tmp/payara-admin-pass.txt
+          "
+
+          # Check if the application is reachable
+          for i in {1..5}; do
+            RESPONSE_CODE=$(curl -s -o /dev/null -w "%{http_code}" https://$SUBDOMAIN.carecode.org/$APP_NAME/)
+            if [ "$RESPONSE_CODE" == "200" ]; then
+              echo "Application is reachable and healthy."
+              break
+            elif [ "$i" == "5" ]; then
+              echo "Application is not reachable or unhealthy at https://$SUBDOMAIN.carecode.org/$APP_NAME (HTTP $RESPONSE_CODE)"
+              break
+            fi
+            sleep 10
+          done
+
+          # Cleanup
+          rm -f private_key.pem

src/main/java/com/divudi/bean/SecurityController.java

@@ -30,6 +30,9 @@ public SecurityController() {
     }
 
     public String encrypt(String word) {
+        if (word == null) {
+            return null;
+        }
         BasicTextEncryptor en = new BasicTextEncryptor();
         en.setPassword("health");
         try {
@@ -40,6 +43,9 @@ public String encrypt(String word) {
     }
 
     public String hash(String word) {
+        if (word == null) {
+            return null;
+        }
         try {
             BasicPasswordEncryptor en = new BasicPasswordEncryptor();
             return en.encryptPassword(word);
@@ -49,11 +55,21 @@ public String hash(String word) {
     }
 
     public boolean matchPassword(String planePassword, String encryptedPassword) {
-        BasicPasswordEncryptor en = new BasicPasswordEncryptor();
-        return en.checkPassword(planePassword, encryptedPassword);
+        if (planePassword == null || encryptedPassword == null) {
+            return false;
+        }
+        try {
+            BasicPasswordEncryptor en = new BasicPasswordEncryptor();
+            return en.checkPassword(planePassword, encryptedPassword);
+        } catch (Exception e) {
+            return false;
+        }
     }
 
     public String decrypt(String word) {
+        if (word == null) {
+            return null;
+        }
         BasicTextEncryptor en = new BasicTextEncryptor();
         en.setPassword("health");
         try {

src/main/java/com/divudi/bean/SessionController.java

@@ -304,12 +304,23 @@ public void changeCurrentUserPassword() {
     public Boolean userNameAvailable(String userName) {
         Boolean available = true;
         List<WebUser> allUsers = getFacede().findAll();
+
+        if (getSecurityController() == null || userName == null) {
+            return available;
+        }
+
         for (WebUser w : allUsers) {
-            if (w.getName() != null && userName != null) {
-                String decryptedName = getSecurityController().decrypt(w.getName());
-                if (decryptedName != null && userName.toLowerCase().equals(decryptedName.toLowerCase())) {
-                    available = false;
-                }
+            if (w.getName() == null) {
+                continue;
+            }
+
+            String decryptedName = getSecurityController().decrypt(w.getName());
+            if (decryptedName == null) {
+                continue;
+            }
+
+            if (userName.toLowerCase().equals(decryptedName.toLowerCase())) {
+                available = false;
             }
         }
         return available;
@@ -339,48 +350,58 @@ private boolean checkUsers() {
         String temSQL;
         temSQL = "SELECT u FROM WebUser u WHERE u.retired = false";
         List<WebUser> allUsers = getFacede().findBySQL(temSQL);
+
+        if (getSecurityController() == null) {
+            UtilityController.addErrorMessage("Security controller not initialized");
+            return false;
+        }
+
         for (WebUser u : allUsers) {
             // System.out.println("u = " + u);
             // System.out.println("u.getId() = " + u.getId());
             // System.out.println("u.getId() = " + u.getCode());
             // System.out.println("u.getName() = " + u.getName());
             // System.out.println("userName = " + userName);
-            if (u.getName() != null && userName != null) {
-                String decryptedName = getSecurityController().decrypt(u.getName());
-                if (decryptedName != null && decryptedName.equalsIgnoreCase(userName)) {
 
-                    boolean passwordMatch = false;
-                    if (passord != null && u.getWebUserPassword() != null) {
-                        passwordMatch = getSecurityController().matchPassword(passord, u.getWebUserPassword());
-                    }
+            if (u.getName() == null) {
+                continue;
+            }
 
-                    boolean usedForTesting = false;
+            String decryptedName = getSecurityController().decrypt(u.getName());
+            if (decryptedName == null) {
+                continue;
+            }
 
-                    if (passwordMatch || usedForTesting) {
-                        if (!canLogToDept(u, department)) {
-                            UtilityController.addErrorMessage("No privilage to Login This Department");
-                            return false;
-                        }
-                        if (getApplicationController().isLogged(u) != null) {
-                            UtilityController.addErrorMessage("This user already logged. Other instances will be logged out now.");
-                        }
+            if (decryptedName.equalsIgnoreCase(userName)) {
 
-                        u.setDepartment(department);
-                        u.setInstitution(institution);
+                boolean passwordMatch = getSecurityController().matchPassword(passord, u.getWebUserPassword());
 
-                        getFacede().edit(u);
+                boolean usedForTesting = false;
 
-                        setLoggedUser(u);
-                        setLogged(Boolean.TRUE);
-                        setActivated(u.isActivated());
-                        setRole(u.getRole());
-                        getWebUserBean().setLoggedUser(u);
+                if (passwordMatch || usedForTesting) {
+                    if (!canLogToDept(u, department)) {
+                        UtilityController.addErrorMessage("No privilage to Login This Department");
+                        return false;
+                    }
+                    if (getApplicationController().isLogged(u) != null) {
+                        UtilityController.addErrorMessage("This user already logged. Other instances will be logged out now.");
+                    }
 
-                        recordLogin();
+                    u.setDepartment(department);
+                    u.setInstitution(institution);
 
-                        UtilityController.addSuccessMessage("Logged successfully");
-                        return true;
-                    }
+                    getFacede().edit(u);
+
+                    setLoggedUser(u);
+                    setLogged(Boolean.TRUE);
+                    setActivated(u.isActivated());
+                    setRole(u.getRole());
+                    getWebUserBean().setLoggedUser(u);
+
+                    recordLogin();
+
+                    UtilityController.addSuccessMessage("Logged successfully");
+                    return true;
                 }
             }
         }
@@ -565,10 +586,11 @@ public void setrFacade(WebUserRoleFacade rFacade) {
     }
 
     public String getDisplayName() {
-        if (getLoggedUser() != null && getLoggedUser().getName() != null) {
-            return getSecurityController().decrypt(getLoggedUser().getName());
+        if (getSecurityController() == null || getLoggedUser() == null || getLoggedUser().getName() == null) {
+            return "";
         }
-        return "";
+        String decryptedName = getSecurityController().decrypt(getLoggedUser().getName());
+        return decryptedName != null ? decryptedName : "";
     }
 
     /**