Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -63,12 +63,8 @@ public String dataSyncToServer(@RequestBody String requestOBJ,
@RequestHeader(value = "Authorization") String Authorization, HttpServletRequest request) {
OutputResponse response = new OutputResponse();

logger.info("test: vanto server auth="+Authorization);
try {
String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
logger.info("test: vanto server token="+jwtToken);

String s = getDataFromVanAndSyncToDBImpl.syncDataToServer(requestOBJ, Authorization, jwtToken);
String s = getDataFromVanAndSyncToDBImpl.syncDataToServer(requestOBJ, Authorization);
if (s != null)
response.setResponse(s);
else
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,10 @@

import javax.sql.DataSource;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.annotation.CreatedDate;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.stereotype.Service;

Expand All @@ -50,6 +53,8 @@ public class DataSyncRepository {
@Autowired
private SyncUtilityClassRepo syncutilityClassRepo;

private Logger logger = LoggerFactory.getLogger(this.getClass().getSimpleName());

private JdbcTemplate getJdbcTemplate() {
return new JdbcTemplate(dataSource);

Expand Down Expand Up @@ -83,23 +88,28 @@ public List<Map<String, Object>> getDataForGivenSchemaAndTable(String schema, St
}

}

resultSetList = jdbcTemplate.queryForList(baseQuery);
return resultSetList;
}



public int updateProcessedFlagInVan(String schemaName, String tableName, StringBuilder vanSerialNos,
String autoIncreamentColumn, String user) throws Exception {
jdbcTemplate = getJdbcTemplate();
String query = " UPDATE " + schemaName + "." + tableName
+ " SET processed = 'P' , SyncedDate = ?, Syncedby = ? WHERE " + autoIncreamentColumn
+ " IN (" + vanSerialNos + ")";
String query = "";

Timestamp syncedDate = new Timestamp(System.currentTimeMillis());
int updatedRows = jdbcTemplate.update(query, syncedDate, user);
if (tableName != null && tableName.toLowerCase().equals("i_ben_flow_outreach")) {
query = "UPDATE " + schemaName + "." + tableName
+ " SET created_date = ? , processed = 'P', SyncedDate = ?, Syncedby = ? "
+ "WHERE " + autoIncreamentColumn + " IN (" + vanSerialNos + ")";
} else {
query = "UPDATE " + schemaName + "." + tableName
+ " SET CreatedDate = ? , processed = 'P', SyncedDate = ?, Syncedby = ? "
+ "WHERE " + autoIncreamentColumn + " IN (" + vanSerialNos + ")";
}

Timestamp syncedDate = new Timestamp(System.currentTimeMillis());
int updatedRows = jdbcTemplate.update(query, syncedDate, syncedDate, user);
return updatedRows;

}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -243,32 +243,8 @@ private void setResponseStatus(Map<String, String> groupIdStatus, int groupId, S
groupIdStatus.put("groupId", String.valueOf(groupId));
groupIdStatus.put("status", serverAcknowledgement);
responseStatus.add(groupIdStatus);
logger.info("Response from data sync: {}", responseStatus);
}

// private boolean setResponseStatus(Map<String, String> groupIdStatus, int groupId, String serverAcknowledgement,
// List<Map<String, String>> responseStatus, boolean isProgress) {
// if (serverAcknowledgement != null) {
// groupIdStatus.put("groupId", String.valueOf(groupId));
// groupIdStatus.put("status", serverAcknowledgement);
// responseStatus.add(groupIdStatus);
// logger.info("Response from data sync", responseStatus);
// } else if (isProgress) {
// groupIdStatus.put("groupId", String.valueOf(groupId));
// groupIdStatus.put("status", "pending");
// responseStatus.add(groupIdStatus);
// logger.info("Response from data sync", responseStatus);
// } else {
// isProgress = true;
// groupIdStatus.put("groupId", String.valueOf(groupId));
// groupIdStatus.put("status", "failed");
// responseStatus.add(groupIdStatus);
// logger.info("Response from data sync", responseStatus);
// }
// return isProgress;
//
// }

/**
*
* @param syncTableDetailsIDs
Expand Down Expand Up @@ -342,14 +318,11 @@ private List<Map<String, Object>> getBatchOfAskedSizeDataToSync(List<Map<String,
public String syncDataToServer(int vanID, String schemaName, String tableName, String vanAutoIncColumnName,
String serverColumns, List<Map<String, Object>> dataToBesync, String user, String Authorization, String token)
throws Exception {
logger.debug(
"Entering syncDataToServer with vanID: {}, schemaName: '{}', tableName: '{}', vanAutoIncColumnName: '{}', serverColumns: '{}', user: '{}'",
vanID, schemaName, tableName, vanAutoIncColumnName, serverColumns, user);

RestTemplate restTemplate = new RestTemplate();


Integer facilityID = masterVanRepo.getFacilityID(vanID);
logger.debug("Fetched facilityID for vanID {}: {}", vanID, facilityID);

// serialize null
GsonBuilder gsonBuilder = new GsonBuilder();
Expand All @@ -367,33 +340,19 @@ public String syncDataToServer(int vanID, String schemaName, String tableName, S
dataMap.put("facilityID", facilityID);

String requestOBJ = gson.toJson(dataMap);

HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(requestOBJ, Authorization,token);
logger.info("Before Data sync upload Url" + dataSyncUploadUrl);
HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(requestOBJ, Authorization,"");
ResponseEntity<String> response = restTemplate.exchange(dataSyncUploadUrl, HttpMethod.POST, request,
String.class);
logger.info("Received response from data sync URL: {}", response);
logger.info("Received response from data sync URL: {}", dataSyncUploadUrl);

logger.info("After Data sync upload Url" + dataSyncUploadUrl);
/**
* if data successfully synced then getVanSerialNo of synced data to update
* processed flag
*/

int i = 0;
if (response != null && response.hasBody()) {
JSONObject obj = new JSONObject(response.getBody());
logger.info("Response = "+obj);
if (obj != null && obj.has("statusCode") && obj.getInt("statusCode") == 200) {
StringBuilder vanSerialNos = getVanSerialNoListForSyncedData(vanAutoIncColumnName, dataToBesync);
logger.info(
"Updating processed flag for schemaName: {}, tableName: {}, vanSerialNos: {}, vanAutoIncColumnName: {}, user: {}",
schemaName, tableName, vanSerialNos.toString(), vanAutoIncColumnName, user);
// update table for processed flag = "P"
logger.info(schemaName + "|" + tableName + "|" + vanSerialNos.toString() + "|" + vanAutoIncColumnName
+ "|" + user);

i = dataSyncRepository.updateProcessedFlagInVan(schemaName, tableName, vanSerialNos,
vanAutoIncColumnName, user);
logger.debug("Updated processed flag in database. Records affected: {}", i);
}
}
if (i > 0)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ private JdbcTemplate getJdbcTemplate() {

private final Logger logger = LoggerFactory.getLogger(this.getClass().getSimpleName());

private static final Set<String> VALID_SCHEMAS = Set.of("public", "db_iemr");
private static final Set<String> VALID_SCHEMAS = Set.of("public", "db_iemr", "db_identity","apl_db_iemr","apl_db_identity","db_iemr_sync","db_identity_sync");

private static final Set<String> VALID_TABLES = Set.of(
"m_beneficiaryregidmapping", "i_beneficiaryaccount", "i_beneficiaryaddress", "i_beneficiarycontacts",
Expand All @@ -73,8 +73,7 @@ private JdbcTemplate getJdbcTemplate() {
"t_cancervitals", "t_cancersignandsymptoms", "t_cancerlymphnode", "t_canceroralexamination",
"t_cancerbreastexamination", "t_cancerabdominalexamination", "t_cancergynecologicalexamination",
"t_cancerdiagnosis", "t_cancerimageannotation", "i_beneficiaryimage", "t_stockadjustment",
"t_stocktransfer", "t_patientreturn", "t_indent", "t_indentissue", "t_indentorder", "t_saitemmapping"
);
"t_stocktransfer", "t_patientreturn", "t_indent", "t_indentissue", "t_indentorder", "t_saitemmapping");

private boolean isValidDatabaseIdentifierCharacter(String identifier) {
return identifier != null && identifier.matches("^[a-zA-Z_][a-zA-Z0-9_]*$");
Expand All @@ -101,13 +100,14 @@ private boolean isValidColumnNamesList(String columnNames) {
}

public int checkRecordIsAlreadyPresentOrNot(String schemaName, String tableName, String vanSerialNo, String vanID,
String vanAutoIncColumnName, int syncFacilityID) {
String vanAutoIncColumnName, int syncFacilityID) {
jdbcTemplate = getJdbcTemplate();
List<Object> params = new ArrayList<>();

if (!isValidSchemaName(schemaName) || !isValidTableName(tableName) ||
!isValidDatabaseIdentifierCharacter(vanAutoIncColumnName)) {
logger.error("Invalid identifiers: schema={}, table={}, column={}", schemaName, tableName, vanAutoIncColumnName);
logger.error("Invalid identifiers: schema={}, table={}, column={}", schemaName, tableName,
vanAutoIncColumnName);
throw new IllegalArgumentException("Invalid identifiers provided.");
}

Expand All @@ -119,7 +119,8 @@ public int checkRecordIsAlreadyPresentOrNot(String schemaName, String tableName,

if (List.of("t_patientissue", "t_physicalstockentry", "t_stockadjustment", "t_saitemmapping",
"t_stocktransfer", "t_patientreturn", "t_facilityconsumption", "t_indent",
"t_indentorder", "t_indentissue", "t_itemstockentry", "t_itemstockexit").contains(tableName.toLowerCase()) && syncFacilityID > 0) {
"t_indentorder", "t_indentissue", "t_itemstockentry", "t_itemstockexit")
.contains(tableName.toLowerCase()) && syncFacilityID > 0) {
queryBuilder.append(" AND SyncFacilityID = ?");
params.add(syncFacilityID);
} else {
Expand All @@ -137,9 +138,10 @@ public int checkRecordIsAlreadyPresentOrNot(String schemaName, String tableName,
}

public int[] syncDataToCentralDB(String schema, String tableName, String serverColumns, String query,
List<Object[]> syncDataList) {
List<Object[]> syncDataList) {
jdbcTemplate = getJdbcTemplate();
try {

return jdbcTemplate.batchUpdate(query, syncDataList);
} catch (Exception e) {
logger.error("Batch sync failed for table {}: {}", tableName, e.getMessage(), e);
Expand All @@ -148,7 +150,7 @@ public int[] syncDataToCentralDB(String schema, String tableName, String serverC
}

public List<Map<String, Object>> getMasterDataFromTable(String schema, String table, String columnNames,
String masterType, Timestamp lastDownloadDate, Integer vanID, Integer psmID) {
String masterType, Timestamp lastDownloadDate, Integer vanID, Integer psmID) {
jdbcTemplate = getJdbcTemplate();
List<Object> params = new ArrayList<>();

Expand Down Expand Up @@ -184,33 +186,37 @@ public List<Map<String, Object>> getMasterDataFromTable(String schema, String ta
}

try {
// Safe dynamic SQL: All dynamic parts (table names, columns, etc.) are validated or hardcoded.
// Safe dynamic SQL: All dynamic parts (table names, columns, etc.) are
// validated or hardcoded.
// Parameter values are bound safely using prepared statement placeholders (?).

return jdbcTemplate.queryForList(queryBuilder.toString(), params.toArray());
} catch (Exception e) {
logger.error("Error fetching master data: {}", e.getMessage(), e);
throw new RuntimeException("Failed to fetch master data: " + e.getMessage(), e);
}
}

public List<Map<String, Object>> getBatchForBenDetails(SyncUploadDataDigester digester,
String whereClause, int limit, int offset) {
jdbcTemplate = getJdbcTemplate();

String schema = digester.getSchemaName();
String table = digester.getTableName();
String columnNames = digester.getServerColumns();
public List<Map<String, Object>> getBatchForBenDetails(SyncUploadDataDigester digester,
String whereClause, int limit, int offset) {
jdbcTemplate = getJdbcTemplate();

String schema = digester.getSchemaName();
String table = digester.getTableName();
String columnNames = digester.getServerColumns();

if (!isValidSchemaName(schema) || !isValidTableName(table) || !isValidColumnNamesList(columnNames)) {
throw new IllegalArgumentException("Invalid schema, table, or column names.");
}
// Safe dynamic SQL: Schema, table, and column names are validated against predefined whitelists.
// Only trusted values are used in the query string.
// limit and offset are passed as parameters to prevent SQL injection.
String query = String.format("SELECT %s FROM %s.%s %s LIMIT ? OFFSET ?", columnNames, schema, table, whereClause); //NOSONAR
if (!isValidSchemaName(schema) || !isValidTableName(table) || !isValidColumnNamesList(columnNames)) {
throw new IllegalArgumentException("Invalid schema, table, or column names.");
}
// Safe dynamic SQL: Schema, table, and column names are validated against
// predefined whitelists.
// Only trusted values are used in the query string.
// limit and offset are passed as parameters to prevent SQL injection.
String query = String.format("SELECT %s FROM %s.%s %s LIMIT ? OFFSET ?", columnNames, schema, table,
whereClause); // NOSONAR

try {

return jdbcTemplate.queryForList(query, limit, offset);
} catch (Exception e) {
logger.error("Error fetching batch details: {}", e.getMessage(), e);
Expand Down
Loading