Merge remote-tracking branch 'origin/feature-3488-LabMessage_UI' into feature-3488-LabMessage_UI

# Conflicts:
#	sormas-backend/src/main/resources/sql/sormas_schema.sql

Author: ChristopherRiedel

.github/workflows/ci.yml

@@ -0,0 +1,40 @@
+# This workflow will build a Java project with Maven
+# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
+
+name: Java CI with Maven
+
+env:
+  java: 11
+
+on:
+  push:
+    branches: [ development, master ]
+  pull_request:
+    branches: [ development ]
+
+jobs:
+  test:
+    name: mvn verify
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Set up JDK ${{ env.java }}
+        uses: actions/setup-java@v1
+        with:
+          java-version: ${{ env.java }}
+
+      - name: Cache Maven packages
+        # FIXME(@JonasCir) #3733 remove '**/*.pom' once serverlib pom is renamed
+        uses: actions/cache@v2
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-java-${{ env.java }}-m2-${{ hashFiles('**/pom.xml', '**/*.pom') }}
+          restore-keys: ${{ runner.os }}-java-${{ env.java }}-m2
+
+      - name: Run mvn verify
+        # FIXME(@JonasCir) see https://github.com/hzi-braunschweig/SORMAS-Project/issues/3730#issuecomment-745165678
+        working-directory: ./sormas-base
+        run: mvn verify -B -ntp

.travis.yml

@@ -22,7 +22,7 @@
   - **Windows**: For testing and development environments we suggest to download and run the installer of the Java 11 **JDK** for 32 or 64 bit client systems (depending on your system).
 
 ## Eclipse
-- Install the latest Eclipse version
+- Install the latest Eclipse version, best fit is [Eclipse IDE for Enterprise Java Developers](https://www.eclipse.org/downloads/packages).
 - Set the default JRE of Eclipse to the installed Zulu Java SDK: [Assigning the default JRE for the workbench ](https://help.eclipse.org/kepler/index.jsp?topic=%2Forg.eclipse.jdt.doc.user%2Ftasks%2Ftask-assign_default_jre.htm)
 - Clone the SORMAS-Open repository and import the projects to Eclipse
 	- If you're using Eclipse to clone, choose "File -> Import -> Git -> Projects from Git" and continue until you're asked to create a new project from the cloned repository; click cancel instead and use "File -> Import -> Maven -> Existing Maven Projects" to import the separate projects into your workspace

DEVELOPMENT_ENVIRONMENT.md

@@ -7,7 +7,7 @@
     />
   </a>
   <br/>
-  <a href="https://github.com/hzi-braunschweig/SORMAS-Project/blob/development/LICENSE"><img alt="License" src="https://img.shields.io/badge/license-GPL%20v3-blue"/></a> <a href="https://github.com/hzi-braunschweig/SORMAS-Project/releases/latest"><img alt="Latest Release" src="https://img.shields.io/github/v/release/hzi-braunschweig/SORMAS-Project"/></a> <img alt="Development Build Status" src="https://travis-ci.com/hzi-braunschweig/SORMAS-Project.svg?branch=development"/> <a href="https://gitter.im/SORMAS-Project"><img alt="Gitter" src="https://badges.gitter.im/SORMAS-Project/dev-support.svg"/></a>
+  <a href="https://github.com/hzi-braunschweig/SORMAS-Project/blob/development/LICENSE"><img alt="License" src="https://img.shields.io/badge/license-GPL%20v3-blue"/></a> <a href="https://github.com/hzi-braunschweig/SORMAS-Project/releases/latest"><img alt="Latest Release" src="https://img.shields.io/github/v/release/hzi-braunschweig/SORMAS-Project"/></a> <img alt="Development Build Status" src="https://github.com/hzi-braunschweig/SORMAS-Project/workflows/Java%20CI%20with%20Maven/badge.svg?branch=development"/> <a href="https://gitter.im/SORMAS-Project"><img alt="Gitter" src="https://badges.gitter.im/SORMAS-Project/dev-support.svg"/></a>
 </p>
 <br/>
 

README.md

@@ -30,12 +30,12 @@ The following properties are currently configurable:
 * **Archiving thresholds** `daysAfterCaseGetsArchived` and `daysAfterEventGetsArchived`: The number of days without any changes after which cases/events are automatically archived (i.e. they will no longer be displayed in the normal directories, but still count towards statistics or counts on the dashboard and can still be viewed by users with the respective user right). If set to 0, automatic archiving is disabled.
 * **Rscript executable** `rscript.executable`: The location of the Rscript executable. If you've installed Rscript on your server and specify the path here (the default should work for Linux systems as long as you've used the default install path), network diagrams for transmission chains will be shown in the web app.
 * **Symptom journal interface**: Properties used to connect to an external symptom journal service. `interface.symptomjournal.url` is the URL to the website that SORMAS should connect to; `interface.symptomjournal.authurl` is the URL used to authenticate SORMAS at the external service; `interface.symptomjournal.clientid` and `interface.symptomjournal.secret` are the credentials used for the authentication process. A default user can be created automatically at startup by using `interface.symptomjournal.defaultuser.username` and `interface.symptomjournal.defaultuser.password`. This user can be used by the Symptom Journal system to connect to SORMAS.
-* **Patient diary interface** Properties used to connect to an external patient diary service. `interface.patientdiary.url` is the URL to the website that SORMAS should connect to; `interface.patientdiary.externaldataurl` is the URL to the website that SORMAS can send notifications; `interface.patientdiary.authurl` is the URL trough which SORMAS can obtain an authorization to the external patient diary; `interface.patientdiary.email` and `interface.patientdiary.password` are the credentials used by SORMAS to authenticate in the external patient diary; A default user can be created automatically at startup by using `interface.patientdiary.defaultuser.username` and `interface.patientdiary.defaultuser.password`. This user can be used by the Patient Diary system to connect to SORMAS.
+* **Patient diary interface** Properties used to connect to an external patient diary service. `interface.patientdiary.url` is the URL to the website that SORMAS should connect to; `interface.patientdiary.probandsurl` is the URL to the website that SORMAS can send notifications; `interface.patientdiary.authurl` is the URL trough which SORMAS can obtain an authorization to the external patient diary; `interface.patientdiary.email` and `interface.patientdiary.password` are the credentials used by SORMAS to authenticate in the external patient diary; A default user can be created automatically at startup by using `interface.patientdiary.defaultuser.username` and `interface.patientdiary.defaultuser.password`. This user can be used by the Patient Diary system to connect to SORMAS.
 * **Custom branding**: Properties used to apply a custom branding to SORMAS that overrides its name and default logo. Using these properties also alters the sidebar and adds another customizable area to it. If you want to use this feature, set `custombranding` to true. `custombranding.name` is the name that you want to use, `custombranding.logo.path` is the path to the logo that should be used.
 * **Geocoding** Properties used to integrate an external geocoding service for obtaining the geo coordinates of addresses.
-*geocodingServiceUrlTemplate* is the url for searching for address details, *${street}*, *${houseNumber}*, *${postalCode}*, and *${city}* placeholders will be replaced with the actual address fields when searching;
-*geocodingLongitudeJsonPath* and *geocodingLatitudeJsonPath* are used to obtain the longitude and latitude of the address in the result of the geocoding service request
-
+  * `geocodingServiceUrlTemplate` is the url for searching for address details, `${street}`, `${houseNumber}`, `${postalCode}`, and `${city}` placeholders will be replaced with the actual address fields when searching;
+  * `geocodingLongitudeJsonPath` and `geocodingLatitudeJsonPath` are used to obtain the longitude and latitude of the address in the result of the geocoding service request
+* **Authentication Provider**: Allows the user to choose the way of authentication for SORMAS and all it's third party clients. Supported values `SORMAS` (default) and `KEYCLOAK`
 ## Importing Infrastructure Data
 When you start a SORMAS server for the first time, some default infrastructure data is generated to ensure that the server is usable and the default users can be created. It is recommended (and, unless you're working on a demo server, necessary) to archive this default data and import the official infrastructure data of the country or part of the country that you intend to use SORMAS in instead.
 

SERVER_CUSTOMIZATION.md

@@ -75,9 +75,9 @@
 
 ## Keycloak Server
 
-By default Keycloak is run as a Docker container, which can be set up in two ways:
-* As a Docker container
-* As a Standalone installation
+Keycloak can be set up in two ways:
+* as a Docker container (for just using Keycloak approach)
+* as a Standalone installation (for doing development in Keycloak like themes, SPIs)
 
 ### Keycloak as a Docker container
 *To be done only in the situation when SORMAS is already installed on the machine as a standalone installation.*
@@ -88,7 +88,7 @@ By default Keycloak is run as a Docker container, which can be set up in two way
 * SORMAS Server is installed
 * PostgreSQL is installed
 * Docker is installed
-* Open and edit [keycloak-setup.sh](sormas-base/setup/keycloak/keycloak-setup.sh) with your system's actual values
+* Open and edit [keycloak-setup.sh](sormas-base/setup/keycloak/keycloak-setup.sh) with your system's actual values *(on Windows use Git Bash)*.
 
 **Setup**
 * Run [keycloak-setup.sh](sormas-base/setup/keycloak/keycloak-setup.sh)
@@ -105,8 +105,10 @@ By default Keycloak is run as a Docker container, which can be set up in two way
 
 Setting Keycloak up as a standalone installation [Server Installation and Configuration Guide](https://www.keycloak.org/docs/11.0/server_installation/#installation)
 * Make sure to configure Keycloak with PostgreSQL Database [Relational Database Setup](https://www.keycloak.org/docs/11.0/server_installation/#_database)
-* Setup an Admin User
+* Set up an Admin User
 * Copy the `themes` folder content to `${KEYCLOAK_HOME}/themes` [Deploying Themes](https://www.keycloak.org/docs/11.0/server_development/#deploying-themes)
+* Deploy the `sormas-keycloak-service-provider` [Using Keycloak Deployer](https://www.keycloak.org/docs/11.0/server_development/#using-the-keycloak-deployer)
+* Update the [SORMAS.json](sormas-base/setup/keycloak/SORMAS.json) file by replacing the following placeholders: `${SORMAS_SERVER_URL}`, `${KEYCLOAK_SORMAS_UI_SECRET}`, `${KEYCLOAK_SORMAS_BACKEND_SECRET}`, `${KEYCLOAK_SORMAS_REST_SECRET}`
 * Create the SORMAS Realm by importing [SORMAS.json](sormas-base/setup/keycloak/SORMAS.json) see [Create a New Realm](https://www.keycloak.org/docs/11.0/server_admin/#_create-realm)
 * Update the `sormas-*` clients by generating new secrets for them
 * Update the realm's email settings to allow sending emails to users
@@ -124,11 +126,20 @@ where:
 * `${ASADMIN}` - represents the location to `${PAYARA_HOME}\bin\asadmin`
 * `${KEYCLOAK_PORT}` - the port on which keycloak will run
 * `${KEYCLOAK_SORMAS_UI_SECRET}` - is the secret generated in Keycloak for the `sormas-ui` client
-* `${KEYCLOAK_SORMAS_REST_SECRET}` - is the secret generated in Keycloack for the `sormas-rest` client
-* `${KEYCLOAK_SORMAS_BACKEND_SECRET}` - is the secret generated in Keycloack for the `sormas-backend` client
+* `${KEYCLOAK_SORMAS_REST_SECRET}` - is the secret generated in Keycloak for the `sormas-rest` client
+* `${KEYCLOAK_SORMAS_BACKEND_SECRET}` - is the secret generated in Keycloak for the `sormas-backend` client
 
 Then update `sormas.properties` file in the SORMAS domain with the property `authentication.provider=KEYCLOAK`
 
+### Connect Keycloak to an already running instance of SORMAS
+
+*after setting up Keycloak as one of the described options above*
+
+In case Keycloak is set up alongside an already running instance of SORMAS, these are the steps to follow to make sure already existing users can access the system:
+1. Manually create an admin user in Keycloak for the SORMAS realm [Creating a user](https://www.keycloak.org/docs/11.0/getting_started/index.html#creating-a-user) *(username has to be the same as admin's username in SORMAS)*
+2. Login to SORMAS and trigger the **Sync Users** button from the **Users** page
+3. This will sync users to Keycloak keeping their original password - see [SORMAS Keycloak Service Provider](sormas-keycloak-service-provider/README.md) for more information about this
+
 ## Web Server Setup
 
 ### Apache Web Server

SERVER_SETUP.md

@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>de.symeda.sormas</groupId>
 		<artifactId>sormas-base</artifactId>
-		<version>1.53.0-SNAPSHOT</version>
+		<version>1.54.0-SNAPSHOT</version>
 		<relativePath>../sormas-base</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>

sormas-api/pom.xml

@@ -39,15 +39,15 @@ public class AuthProvider {
 
     private final boolean isUsernameCaseSensitive;
 
-    private final boolean isEmailRequired;
-
     private final boolean isDefaultProvider;
 
+    private final boolean isUserSyncSupported;
+
     private AuthProvider() {
         String configuredProvider = FacadeProvider.getConfigFacade().getAuthenticationProvider();
         isUsernameCaseSensitive = SORMAS.equalsIgnoreCase(configuredProvider);
-        isEmailRequired = KEYCLOAK.equalsIgnoreCase(configuredProvider);
         isDefaultProvider = SORMAS.equalsIgnoreCase(configuredProvider);
+        isUserSyncSupported = KEYCLOAK.equalsIgnoreCase(configuredProvider);
     }
 
     public static AuthProvider getProvider() {
@@ -69,16 +69,17 @@ public boolean isUsernameCaseSensitive() {
     }
 
     /**
-     * Authentication Provider requires emails to be required or optional.
+     * Current Authentication Provider is the SORMAS default one.
      */
-    public boolean isEmailRequired() {
-        return isEmailRequired;
+    public boolean isDefaultProvider() {
+        return isDefaultProvider;
     }
 
     /**
-     * Current Authentication Provider is the SORMAS default one.
+     * Authentication Provider enables users to be synced from the default provider.
      */
-    public boolean isDefaultProvider() {
-        return isDefaultProvider;
+    public boolean isUserSyncSupported() {
+        return isUserSyncSupported;
     }
+
 }

sormas-api/src/main/java/de/symeda/sormas/api/AuthProvider.java

@@ -22,6 +22,7 @@
 
 import javax.ejb.Remote;
 
+import de.symeda.sormas.api.event.EventActionExportDto;
 import de.symeda.sormas.api.event.EventActionIndexDto;
 import de.symeda.sormas.api.event.EventCriteria;
 import de.symeda.sormas.api.utils.SortProperty;
@@ -47,5 +48,7 @@ public interface ActionFacade {
 
 	List<EventActionIndexDto> getEventActionList(EventCriteria criteria, Integer first, Integer max, List<SortProperty> sortProperties);
 
+	List<EventActionExportDto> getEventActionExportList(EventCriteria criteria, Integer first, Integer max);
+
 	long countEventAction(EventCriteria criteria);
 }

sormas-api/src/main/java/de/symeda/sormas/api/action/ActionFacade.java

@@ -0,0 +1,33 @@
+package de.symeda.sormas.api.campaign;
+
+import de.symeda.sormas.api.i18n.I18nProperties;
+import de.symeda.sormas.api.user.JurisdictionLevel;
+
+public enum CampaignJurisdictionLevel {
+
+	AREA,
+	REGION,
+	DISTRICT,
+	COMMUNITY;
+
+	public static CampaignJurisdictionLevel getByJurisdictionLevel(JurisdictionLevel jurisdictionLevel) {
+		switch (jurisdictionLevel) {
+
+		case NATION:
+		case NONE:
+			return AREA;
+		case REGION:
+			return REGION;
+		case DISTRICT:
+			return DISTRICT;
+		case COMMUNITY:
+			return COMMUNITY;
+		default:
+			throw new UnsupportedOperationException();
+		}
+	}
+
+	public String toString() {
+		return I18nProperties.getEnumCaption(this);
+	}
+}