Release 3.6.0 into main

pom.xml

@@ -5,7 +5,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>com.iemr.inventory</groupId>
 	<artifactId>inventory-api</artifactId>
-	<version>3.4.0</version>
+	<version>3.6.0</version>
 	<packaging>war</packaging>
 	<name>Inventory-API</name>
 	<description>Inventory Page</description>
@@ -111,11 +111,11 @@
 			<artifactId>jersey-media-multipart</artifactId>
 			<version>2.0-m11</version>
 		</dependency>
-		<dependency>
+		<!-- <dependency>
 			<groupId>org.slf4j</groupId>
 			<artifactId>slf4j-api</artifactId>
 			<version>2.0.7</version>
-		</dependency>
+		</dependency> -->
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-test</artifactId>
@@ -215,14 +215,26 @@
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter</artifactId>
-			<exclusions>
+			<!-- <exclusions>
 				<exclusion>
 					<groupId>org.springframework.boot</groupId>
 					<artifactId>spring-boot-starter-logging</artifactId>
 				</exclusion>
-			</exclusions>
+			</exclusions> -->
 			<!-- <version>2.5.5</version> Use the latest stable version -->
 		</dependency>
+		<dependency>
+			<groupId>org.slf4j</groupId>
+			<artifactId>slf4j-api</artifactId>
+			<version>${slf4j.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>org.slf4j</groupId>
+			<artifactId>slf4j-simple</artifactId>
+			<version>${slf4j.version}</version>
+			</dependency>
+
+
 		<dependency>
 			<groupId>org.springframework.plugin</groupId>
 			<artifactId>spring-plugin-core</artifactId>

src/main/java/com/iemr/inventory/controller/report/CRMReportController.java

@@ -211,7 +211,7 @@ public String getShortExpiryReport(@RequestBody String request) {
 			ItemStockEntryReport report = InputMapper.gson().fromJson(request, ItemStockEntryReport.class);
 			String res = crmReportService.getShortExpiryReport(report);
 			response.setResponse(res);
-			logger.info("getShortExpiryReport response " + response.toString());
+			logger.info("Short Expiry Report response:" + response.toString());
 		} catch (Exception e) {
 			logger.error(e.getMessage());
 			response.setError(e);

src/main/java/com/iemr/inventory/mapper/report/InventoryReportMapper.java

@@ -53,6 +53,7 @@ public interface InventoryReportMapper {
 	@Mappings({ @Mapping(target = "facilityName", expression = "java(entryReport.getFacilityName())"),
 		@Mapping(target = "itemName", expression = "java(entryReport.getItemName())"),
 		@Mapping(target = "itemCategory", expression = "java(entryReport.getItemCategoryName())"),
+		@Mapping(target = "strength", expression = "java(entryReport.getStrength())"),
 		@Mapping(target = "batchNo", expression = "java(entryReport.getBatchNo())"),
 		@Mapping(target = "unitCostPrice", expression = "java(entryReport.getUnitCostPrice())"),
 		@Mapping(target = "expiryDate", expression = "java(entryReport.getExpiryDate())"),

src/main/java/com/iemr/inventory/model/report/ExpiryReport.java

@@ -40,6 +40,8 @@ public class ExpiryReport {
 
 	private String itemCategory;
 
+	private String strength;
+
 	private String batchNo;
 
 	private Double unitCostPrice;
@@ -52,12 +54,13 @@ public ExpiryReport() {
 
 	}
 
-	public ExpiryReport(String facilityName, String itemName, String itemCategory, String batchNo, Double unitCostPrice,
+	public ExpiryReport(String facilityName, String itemName, String itemCategory, String Strength, String batchNo, Double unitCostPrice,
 			Date expiryDate, Integer quantityInHand) {
 
 		this.facilityName = facilityName;
 		this.itemName = itemName;
 		this.itemCategory = itemCategory;
+		this.strength = Strength;
 		this.batchNo = batchNo;
 		this.unitCostPrice = unitCostPrice;
 		this.expiryDate = expiryDate;

src/main/java/com/iemr/inventory/repo/report/ItemStockReportRepo.java

@@ -48,11 +48,11 @@ List<ItemStockEntryReport> getItemStockEntryReport(@Param("startDate") Timestamp
 	List<ItemStockEntryReport> getItemStockEntryReportByFacilityID(@Param("startDate") Timestamp startDate,
 			@Param("endDate") Timestamp endDate, @Param("facilityID") Integer facilityID);
 
-	@Query(value = "Select distinct FacilityName, ItemName, ItemCategoryName, BatchNo, UnitCostPrice, ExpiryDate, QuantityInHand  from db_reporting.fact_itemstockentry "
+	@Query(value = "Select distinct FacilityName, ItemName, ItemCategoryName, Strength, BatchNo, UnitCostPrice, ExpiryDate, QuantityInHand  from db_reporting.fact_itemstockentry "
 			+ "where ExpiryDate >= :startDate and ExpiryDate <= :endDate order by ExpiryDate asc",nativeQuery = true)
 	List<Object[]> getExpiryReport(@Param("startDate") Date startDate, @Param("endDate") Date endDate);
 
-	@Query(value = "Select distinct FacilityName, ItemName, ItemCategoryName, BatchNo, UnitCostPrice, ExpiryDate, QuantityInHand from db_reporting.fact_itemstockentry "
+	@Query(value = "Select distinct FacilityName, ItemName, ItemCategoryName, Strength, BatchNo, UnitCostPrice, ExpiryDate, QuantityInHand from db_reporting.fact_itemstockentry "
 			+ "where ExpiryDate >= :startDate and ExpiryDate <= :endDate and FacilityID = :facilityID order by ExpiryDate asc",nativeQuery = true)
 	List<Object[]> getExpiryReportByFacilityID(@Param("startDate") Date startDate,
 			@Param("endDate") Date endDate, @Param("facilityID") Integer facilityID);
@@ -99,11 +99,11 @@ List<Object[]> getDailyStockDetailReportByFacilityID(@Param("startDate") Date st
 	List<Object[]> getDailyStockSummaryReportByFacilityID(@Param("startDate") Date startDate,
 			@Param("endDate") Date endDate, @Param("facilityID") Integer facilityID);
 
-	@Query(value="Select distinct FacilityName, ItemName, ItemCategoryName, BatchNo, UnitCostPrice, ExpiryDate, QuantityInHand from db_reporting.fact_itemstockentry "
+	@Query(value="Select distinct FacilityName, ItemName, ItemCategoryName, Strength, BatchNo, UnitCostPrice, ExpiryDate, QuantityInHand from db_reporting.fact_itemstockentry "
 			+ "where ExpiryDate >= :startDate and ExpiryDate <= adddate(:startDate,AlertBeforeDays) and Deleted=false order by ExpiryDate asc",nativeQuery=true)
 	List<Object[]> getShortExpiryReport(@Param("startDate") Date startDate);
 
-	@Query(value="Select distinct FacilityName, ItemName, ItemCategoryName, BatchNo, UnitCostPrice, ExpiryDate, QuantityInHand from db_reporting.fact_itemstockentry "
+	@Query(value="Select distinct FacilityName, ItemName, ItemCategoryName, Strength, BatchNo, UnitCostPrice, ExpiryDate, QuantityInHand from db_reporting.fact_itemstockentry "
 			+ "where ExpiryDate >= :startDate and ExpiryDate <= adddate(:startDate,AlertBeforeDays) and FacilityID = :facilityID and Deleted=false order by ExpiryDate asc",nativeQuery=true)
 	List<Object[]> getShortExpiryReportByFacilityID(@Param("startDate") Date startDate,
 			@Param("facilityID") Integer facilityID);

src/main/java/com/iemr/inventory/service/report/CRMReportServiceImpl.java

@@ -27,6 +27,8 @@
 import java.util.Calendar;
 import java.util.List;
 import java.util.Objects;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@@ -57,6 +59,8 @@ public class CRMReportServiceImpl implements CRMReportService {
 	@Autowired(required=false)
 	InventoryReportMapper mapper;
 
+	private Logger logger = LoggerFactory.getLogger(this.getClass().getSimpleName());
+
 	@Override
 	public String getInwardStockReport(ItemStockEntryReport entryReport) {
 
@@ -98,9 +102,10 @@ public String getExpiryReport(ItemStockEntryReport entryReport) {
 						object[1] != null ? object[1].toString() : null,
 						object[2] != null ? object[2].toString() : null,
 						object[3] != null ? object[3].toString() : null,
-						object[4] != null ? Double.valueOf(object[4].toString()) : null,
-						(Date) (object[5] != null ? object[5] : null),
-						(Integer) (object[6] != null ? object[6] : null));
+						object[4] != null ? object[4].toString() : null,
+						object[5] != null ? Double.valueOf(object[5].toString()) : null,
+						(Date) (object[6] != null ? object[6] : null),
+						(Integer) (object[7] != null ? object[7] : null));
 
 				report.setSlNo(slNo++);
 				reportList.add(report);
@@ -618,6 +623,10 @@ public String getShortExpiryReport(ItemStockEntryReport entryReport) {
 			list = itemStockReportRepo.getShortExpiryReport(startExpiry);
 		}
 
+		logger.info("Short Expiry Report Start Date: " + startExpiry + " End Date: " + endExpiry);
+
+		logger.info("Short Expiry Report List Size: " + list.size());
+
 		Long slNo = 1L;
 
 		for (Object[] object : list) {
@@ -627,9 +636,10 @@ public String getShortExpiryReport(ItemStockEntryReport entryReport) {
 						object[1] != null ? object[1].toString() : null,
 						object[2] != null ? object[2].toString() : null,
 						object[3] != null ? object[3].toString() : null,
-						object[4] != null ? ((BigDecimal) object[4]).doubleValue() : null,
-						(Date) (object[5] != null ? object[5] : null),
-						(Integer) (object[6] != null ? object[6] : null));
+						object[4] != null ? object[4].toString() : null,
+						object[5] != null ? ((BigDecimal) object[5]).doubleValue() : null,
+						(Date) (object[6] != null ? object[6] : null),
+						(Integer) (object[7] != null ? object[7] : null));
 
 				report.setSlNo(slNo++);
 				reportList.add(report);

src/main/java/com/iemr/inventory/service/stockEntry/StockEntryServiceImpl.java

@@ -148,22 +148,13 @@ public List<AllocateItemMap> getItemStockFromItemID(Integer facilityID, List<Ite
 			throws InventoryException {
 
 		List<AllocateItemMap> allocateItemMapList = new ArrayList<AllocateItemMap>();
-
+		logger.info("ItemStockExitList Size:" + itemStockExitList.size());
 		for (ItemStockExit itemStockExit : itemStockExitList) {
 			AllocateItemMap allocateItemMap = new AllocateItemMap();
 			List<ItemStockEntry> itemStockList = new ArrayList<ItemStockEntry>();
 
 			ItemMaster item = itemService.getItemMasterCatByID(itemStockExit.getItemID());
 
-
-System.out.println("Test Item: " + item.toString());
-System.out.println("Test item category: "+ item.getItemCategory());
-System.out.println("Test item issuetype: "+ item.getItemCategory().getIssueType());
-System.out.println("Test facilityID: "+ item.getFacilityID());
-System.out.println("Test itemStockExit: "+ itemStockExit.toString());
-System.out.println("Test itemStockExit.getDuration(): "+ itemStockExit.getDuration());
-
-
 			allocateItemMap.setFacilityID(item.getFacilityID());
 			allocateItemMap.setItemID(item.getItemID());
 			allocateItemMap.setItemName(item.getItemName());

src/main/java/com/iemr/inventory/utils/JwtUserIdValidationFilter.java

@@ -38,27 +38,56 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
 
 		String origin = request.getHeader("Origin");
 
+		String method = request.getMethod();
+		String uri = request.getRequestURI();
+
 		logger.debug("Incoming Origin: {}", origin);
+		logger.debug("Request Method: {}", method);
+		logger.debug("Request URI: {}", uri);
 		logger.debug("Allowed Origins Configured: {}", allowedOrigins);
 
-		if (origin != null && isOriginAllowed(origin)) {
-			response.setHeader("Access-Control-Allow-Origin", origin);
-			response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
-			response.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type, Accept, Jwttoken");
-			response.setHeader("Vary", "Origin");
-			response.setHeader("Access-Control-Allow-Credentials", "true");
+		if ("OPTIONS".equalsIgnoreCase(method)) {
+			if (origin == null) {
+				logger.warn("BLOCKED - OPTIONS request without Origin header | Method: {} | URI: {}", method, uri);
+				response.sendError(HttpServletResponse.SC_FORBIDDEN, "OPTIONS request requires Origin header");
+				return;
+			}
+			if (!isOriginAllowed(origin)) {
+				logger.warn("BLOCKED - Unauthorized Origin | Origin: {} | Method: {} | URI: {}", origin, method, uri);
+				response.sendError(HttpServletResponse.SC_FORBIDDEN, "Origin not allowed");
+				return;
+			}
 		} else {
-			logger.warn("Origin [{}] is NOT allowed. CORS headers NOT added.", origin);
-		}
-
-		if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
-			logger.info("OPTIONS request - skipping JWT validation");
-			response.setStatus(HttpServletResponse.SC_OK);
-			return;
+			// For non-OPTIONS requests, validate origin if present
+			if (origin != null && !isOriginAllowed(origin)) {
+				logger.warn("BLOCKED - Unauthorized Origin | Origin: {} | Method: {} | URI: {}", origin, method, uri);
+				response.sendError(HttpServletResponse.SC_FORBIDDEN, "Origin not allowed");
+				return;
+			}
 		}
 
 		String path = request.getRequestURI();
 		String contextPath = request.getContextPath();
+
+		// Set CORS headers and handle OPTIONS request only if origin is valid and
+		// allowed
+		if (origin != null && isOriginAllowed(origin)) {
+			addCorsHeaders(response, origin);
+			logger.info("Origin Validated | Origin: {} | Method: {} | URI: {}", origin, method, uri);
+
+			if ("OPTIONS".equalsIgnoreCase(method)) {
+				// OPTIONS (preflight) - respond with full allowed methods
+				response.setStatus(HttpServletResponse.SC_OK);
+				return;
+			}
+		} else {
+			logger.warn("Origin [{}] is NOT allowed. CORS headers NOT added.", origin);
+
+			if ("OPTIONS".equalsIgnoreCase(method)) {
+				response.sendError(HttpServletResponse.SC_FORBIDDEN, "Origin not allowed for OPTIONS request");
+				return;
+			}
+		}
 		logger.info("JwtUserIdValidationFilter invoked for path: " + path);
 
 		// Log cookies for debugging
@@ -145,8 +174,7 @@ private boolean isOriginAllowed(String origin) {
 				.anyMatch(pattern -> {
 					String regex = pattern
 							.replace(".", "\\.")
-							.replace("*", ".*")
-							.replace("http://localhost:.*", "http://localhost:\\d+"); // special case for wildcard port
+							.replace("*", ".*");
 
 					boolean matched = origin.matches(regex);
 					return matched;
@@ -180,4 +208,13 @@ private void clearUserIdCookie(HttpServletResponse response) {
 		cookie.setMaxAge(0); // Invalidate the cookie
 		response.addCookie(cookie);
 	}
+
+	private void addCorsHeaders(HttpServletResponse response, String origin) {
+		response.setHeader("Access-Control-Allow-Origin", origin); // Never use wildcard
+		response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE, OPTIONS");
+		response.setHeader("Access-Control-Allow-Headers",
+				"Authorization, Content-Type, Accept, Jwttoken, serverAuthorization, ServerAuthorization, serverauthorization, Serverauthorization");
+		response.setHeader("Access-Control-Allow-Credentials", "true");
+		response.setHeader("Access-Control-Max-Age", "3600");
+	}
 }

src/main/java/com/iemr/inventory/utils/http/HTTPRequestInterceptor.java

@@ -24,6 +24,7 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 import org.springframework.web.servlet.HandlerInterceptor;
 import org.springframework.web.servlet.ModelAndView;
@@ -36,11 +37,16 @@
 import jakarta.ws.rs.core.MediaType;
 import java.io.OutputStream;
 import java.io.PrintStream;
+import java.util.Arrays;
 
 @Component
 public class HTTPRequestInterceptor implements HandlerInterceptor {
 
 	Logger logger = LoggerFactory.getLogger(this.getClass().getName());
+
+	@Value("${cors.allowed-origins}")
+	private String allowedOrigins;
+
 	@Autowired
 	private RedisStorage redisStorage;
 
@@ -105,7 +111,13 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons
 
 				response.setContentType(MediaType.APPLICATION_JSON);
 
-				response.setHeader("Access-Control-Allow-Origin", "*");
+				String origin = request.getHeader("Origin");
+				if (origin != null && isOriginAllowed(origin)) {
+					response.setHeader("Access-Control-Allow-Origin", origin);
+					response.setHeader("Access-Control-Allow-Credentials", "true");
+				} else if (origin != null) {
+					logger.warn("CORS headers NOT added for error response | Unauthorized origin: {}", origin);
+				}
 				status = false;
 			}
 		}
@@ -144,4 +156,19 @@ public void afterCompletion(HttpServletRequest request, HttpServletResponse resp
 
 	}
 
+		private boolean isOriginAllowed(String origin) {
+		if (origin == null || allowedOrigins == null || allowedOrigins.trim().isEmpty()) {
+			return false;
+		}
+
+		return Arrays.stream(allowedOrigins.split(","))
+				.map(String::trim)
+				.anyMatch(pattern -> {
+					String regex = pattern
+							.replace(".", "\\.")
+							.replace("*", ".*");
+					return origin.matches(regex);
+				});
+	}
+
 }