1    package com.instantbank.collections.security.ejb;
2    
3    import java.io.ByteArrayInputStream;
4    import java.io.PrintWriter;
5    import java.io.StringWriter;
6    import java.sql.Connection;
7    import java.sql.PreparedStatement;
8    import java.sql.ResultSet;
9    import java.sql.SQLException;
10   import java.util.Vector;
11   import javax.ejb.CreateException;
12   import javax.ejb.EJBContext;
13   import javax.ejb.SessionBean;
14   import javax.ejb.SessionContext;
15   import oracle.xml.parser.v2.DOMParser;
16   import oracle.xml.parser.v2.XMLDocument;
17   import oracle.xml.parser.v2.XMLElement;
18   import oracle.xml.parser.v2.XMLNode;
19   import oracle.xml.parser.v2.XSLException;
20   import org.w3c.dom.Element;
21   import org.w3c.dom.NodeList;
22   import com.instantbank.collections.util.InstantbankException;
23   import com.instantbank.collections.util.ServiceLocator;
24   import com.instantbank.collections.util.StringFormat;
25   import com.instantbank.collections.util.UniqueIDGenerator;
26   import com.instantbank.collections.util.XMLDataAccess;
27   import com.instantbank.collections.util.XMLUtils;
28   
29   public class SecurityProfilesServicesBean
30       implements SessionBean {
31     private String CategoryParent;
32     private String Children;
33     private String CodeParent;
34     private EJBContext context;
35     private Long IdChild;
36     private Long IdParent;
37     private String NameChild;
38     private String NameParent;
39     private int nlGroupIdLen;
40     private NodeList nlIdChild;
41     private NodeList nlIdParent;
42     private int nlLength;
43     private NodeList nlNameChild;
44     private NodeList nlCodeParent;
45     private NodeList nlNameParent;
46     private NodeList nlCategoryParent;
47     private NodeList nlGroupIdChildren;
48     private String Parent;
49     private SecurityServices SecServices;
50   
51   
52     public void ejbCreate() throws CreateException { }
53   
54   
55     public void ejbActivate() { }
56   
57   
58     public void ejbPassivate() { }
59   
60   
61     public void ejbRemove() { }
62   
63   
64     public SecurityProfilesServicesBean() { }
65   
66   
67     public void setSessionContext(SessionContext ctx) {
68       this.context = ctx;
69     }
70   
71   
72     private void createCollectionsProfile(XMLDocument profiles, long id_profile) throws InstantbankException, XSLException {
73       Connection con = null;
74       PreparedStatement ps = null;
75       ResultSet result = null;
76       try {
77         con = ServiceLocator.instance().getConnection();
78         ps = con.prepareStatement(
79           "insert into collections_security_profiles(" +
80           "csp_id, " +
81           "csp_add_comment, " +
82           "csp_add_account_to_queue, " +
83           "csp_cancel_letter, " +
84           "csp_change_review_time, " +
85           "csp_clear_added_account, " +
86           "csp_change_demographics, " +
87           "csp_transfer_queue, " +
88           "csp_change_permanent_comment, " +
89           "csp_order_letter, " +
90           "csp_action_code_level, " +
91           "csp_result_code_level, " +
92           "csp_supervisor_queue_id, " +
93           "csp_record_promise, " +
94           "csp_restore_account_to_queue, " +
95           "csp_schedule_representation, " +
96           "csp_security_administration, " +
97           "csp_statement_reprint, " +
98           "csp_system_administration, " +
99           "csp_account_transfer, " +
100          "csp_payoff_quote, " +
101          "csp_skip_acc_if_contact_today, " +
102          "csp_supervisor " +
103          ") values (" +
104          " ?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,? " +
105          ")"
106          );
107        ps.setLong(1, id_profile);
108        ps.setLong(2, Long.parseLong(profiles.valueOf("/Profiles/Collections/addcomment")));
109        ps.setLong(3, Long.parseLong(profiles.valueOf("/Profiles/Collections/addaccounttoqueue")));
110        ps.setLong(4, Long.parseLong(profiles.valueOf("/Profiles/Collections/cancelletter")));
111        ps.setLong(5, Long.parseLong(profiles.valueOf("/Profiles/Collections/changereviewtime")));
112        ps.setLong(6, Long.parseLong(profiles.valueOf("/Profiles/Collections/clearaddedaccount")));
113        ps.setLong(7, Long.parseLong(profiles.valueOf("/Profiles/Collections/changedemographics")));
114        ps.setLong(8, Long.parseLong(profiles.valueOf("/Profiles/Collections/transferqueue")));
115        ps.setLong(9, Long.parseLong(profiles.valueOf("/Profiles/Collections/changecomment")));
116        ps.setLong(10, Long.parseLong(profiles.valueOf("/Profiles/Collections/orderletter")));
117        ps.setLong(11, Long.parseLong(profiles.valueOf("/Profiles/Collections/actioncodelevel")));
118        ps.setLong(12, Long.parseLong(profiles.valueOf("/Profiles/Collections/resultcodelevel")));
119        if(profiles.valueOf("/Profiles/Collections/supervisorqueueid").equals("_")) {
120          ps.setNull(13, java.sql.Types.NUMERIC);
121        }
122        else {
123          ps.setLong(13, Long.parseLong(profiles.valueOf("/Profiles/Collections/supervisorqueueid")));
124        }
125        ps.setLong(14, Long.parseLong(profiles.valueOf("/Profiles/Collections/recordpromise")));
126        ps.setLong(15, Long.parseLong(profiles.valueOf("/Profiles/Collections/restoreaccounttoqueue")));
127        ps.setLong(16, Long.parseLong(profiles.valueOf("/Profiles/Collections/schedulerepresentation")));
128        ps.setLong(17, Long.parseLong(profiles.valueOf("/Profiles/Collections/securityadministrator")));
129        ps.setLong(18, Long.parseLong(profiles.valueOf("/Profiles/Collections/statementreprint")));
130        ps.setLong(19, Long.parseLong(profiles.valueOf("/Profiles/Collections/systemadministrator")));
131        ps.setLong(20, Long.parseLong(profiles.valueOf("/Profiles/Collections/accounttransfer")));
132        ps.setLong(21, Long.parseLong(profiles.valueOf("/Profiles/Collections/payoffquote")));
133        ps.setLong(22, Long.parseLong(profiles.valueOf("/Profiles/Collections/skipaccount")));
134        ps.setLong(23, Long.parseLong(profiles.valueOf("/Profiles/Collections/supervisor")));
135        int n = ps.executeUpdate();
136        if(n != 1) {
137          throw new InstantbankException("131001", "Failed to add Collections profiles to the database");
138        }
139      }
140      catch(Exception e) {
141        this.context.setRollbackOnly();
142        throw new InstantbankException(e, "131002", "Failed to add Collections profiles to the database");
143      }
144      finally {
145        try {
146          if(ps != null) {
147            ps.close();
148          }
149          if(con != null) {
150            con.close();
151          }
152        }
153        catch(SQLException se) {
154          se.printStackTrace();
155        }
156      }
157    }
158  
159  
160    private void createRol(long prlSprfId, long prlSrolId) throws InstantbankException {
161      Connection con = null;
162      PreparedStatement ps = null;
163      ResultSet result = null;
164      try {
165        con = ServiceLocator.instance().getConnection();
166        ps = con.prepareStatement(
167          "insert into profile_roles_links(" +
168          "prl_sprf_id, " +
169          "prl_srol_id " +
170          ") values (" +
171          " ?,? " +
172          ")"
173          );
174        ps.setLong(1, prlSprfId);
175        ps.setLong(2, prlSrolId);
176  
177        int n = ps.executeUpdate();
178        if(n != 1) {
179          throw new InstantbankException("131003", "Failed to create User Rol to the database");
180        }
181      }
182      catch(Exception e) {
183        this.context.setRollbackOnly();
184        throw new InstantbankException(e, "131004", "Failed to create User Rol to the database");
185      }
186      finally {
187        try {
188          if(ps != null) {
189            ps.close();
190          }
191          if(con != null) {
192            con.close();
193          }
194        }
195        catch(SQLException se) {
196          se.printStackTrace();
197        }
198      }
199    }
200  
201  
202    private void createSecurityProfile(long SprfId, long cspId, long ospId, long sspId) throws InstantbankException {
203      Connection con = null;
204      PreparedStatement ps = null;
205      ResultSet result = null;
206  
207      try {
208        con = ServiceLocator.instance().getConnection();
209        ps = con.prepareStatement(
210          "insert into security_profiles(" +
211          "sprf_id, " +
212          "sprf_osp_id, " +
213          "sprf_ssp_id, " +
214          "sprf_csp_id " +
215          ") values (" +
216          " ?,?,?,? " +
217          ")"
218          );
219        ps.setLong(1, SprfId);
220        ps.setNull(2, java.sql.Types.NUMERIC);
221        ps.setNull(3, java.sql.Types.NUMERIC);
222        ps.setLong(4, cspId);
223  
224        int n = ps.executeUpdate();
225        if(n != 1) {
226          throw new InstantbankException("131005", "Failed to add security profiles to the database");
227        }
228      }
229      catch(Exception e) {
230        this.context.setRollbackOnly();
231        throw new InstantbankException(e, "131006", "Failed to add security profiles to the database");
232      }
233      finally {
234        try {
235          if(ps != null) {
236            ps.close();
237          }
238          if(con != null) {
239            con.close();
240          }
241        }
242        catch(SQLException se) {
243          se.printStackTrace();
244        }
245      }
246    }
247  
248  
249    private void deleteRol(long prlSprfId) throws InstantbankException {
250      Connection con = null;
251      PreparedStatement ps = null;
252      ResultSet result = null;
253      try {
254        con = ServiceLocator.instance().getConnection();
255        ps = con.prepareStatement(
256          "delete profile_roles_links " +
257          "where prl_sprf_id = ? "
258          );
259        ps.setLong(1, prlSprfId);
260  
261        int n = ps.executeUpdate();
262      }
263      catch(Exception e) {
264        this.context.setRollbackOnly();
265        throw new InstantbankException(e, "131007", "Failed to delete a rol in the database");
266      }
267      finally {
268        try {
269          if(ps != null) {
270            ps.close();
271          }
272          if(con != null) {
273            con.close();
274          }
275        }
276        catch(SQLException se) {
277          se.printStackTrace();
278        }
279      }
280    }
281  
282  
283    public String getGroupProfileId(String groupId) throws InstantbankException {
284      Connection con = null;
285      PreparedStatement ps = null;
286      ResultSet result = null;
287      String PrfId = null;
288  
289      try {
290        con = ServiceLocator.instance().getConnection();
291        ps = con.prepareStatement("SELECT usg_sprf_id from user_groups where usg_id = ?");
292        ps.setString(1, groupId);
293        result = ps.executeQuery();
294        if(result.next()) {
295          PrfId = result.getString("usg_sprf_id");
296        }
297        return PrfId;
298      }
299      catch(Exception e) {
300        this.context.setRollbackOnly();
301        throw new InstantbankException(e, "131008", "Failed to get the identifier of group profile of the database");
302      }
303      finally {
304        try {
305          if(result != null) {
306            result.close();
307          }
308          if(ps != null) {
309            ps.close();
310          }
311          if(con != null) {
312            con.close();
313          }
314        }
315        catch(SQLException se) {
316          se.printStackTrace();
317        }
318      }
319    }
320  
321  
322    public String getRolId(String rolName) throws InstantbankException {
323      Connection con = null;
324      PreparedStatement ps = null;
325      ResultSet result = null;
326      String rolId = null;
327  
328      try {
329        con = ServiceLocator.instance().getConnection();
330        ps = con.prepareStatement("SELECT srol_Id from security_roles where lower(srol_name) = ?");
331        ps.setString(1, rolName);
332        result = ps.executeQuery();
333        if(result.next()) {
334          rolId = result.getString("srol_Id");
335        }
336        return rolId;
337      }
338      catch(Exception e) {
339        this.context.setRollbackOnly();
340        throw new InstantbankException(e, "131009", "Failed to get the identifier rol in the database");
341      }
342      finally {
343        try {
344          if(result != null) {
345            result.close();
346          }
347          if(ps != null) {
348            ps.close();
349          }
350          if(con != null) {
351            con.close();
352          }
353        }
354        catch(SQLException se) {
355          se.printStackTrace();
356        }
357      }
358    }
359  
360  
361    public Long getCompanyProfile(Long companyId) throws InstantbankException {
362      Connection con = null;
363      PreparedStatement ps = null;
364      ResultSet result = null;
365      String xml = "";
366      Long prfId = null;
367  
368      try {
369        con = ServiceLocator.instance().getConnection();
370        ps = con.prepareStatement("SELECT CSPL_SPRF_ID FROM COMPANY_SECURITY_PROFILE_LINKS where CSPL_CMP_ID = ?");
371        ps.setLong(1, companyId.longValue());
372        result = ps.executeQuery();
373  
374        if(result.next()) {
375          prfId = new Long(result.getLong("CSPL_SPRF_ID"));
376        }
377        else {
378          prfId = new Long("0");
379        }
380  
381        return prfId;
382      }
383      catch(Exception e) {
384        throw new InstantbankException(e, "131009", "Failed to get the identifier rol in the database");
385      }
386      finally {
387        try {
388          if(result != null) {
389            result.close();
390          }
391          if(ps != null) {
392            ps.close();
393          }
394          if(con != null) {
395            con.close();
396          }
397        }
398        catch(SQLException se) {
399          se.printStackTrace();
400        }
401      }
402  
403    }
404  
405  
406    public String getProfiles(Long profileId, String Type) throws InstantbankException {
407      String xml = new String();
408  
409      if(Type.equals("C")) {
410        xml = getCollProfiles(profileId);
411      }
412      return xml;
413    }
414  
415  
416    private String getCollProfiles(Long profileId) throws InstantbankException {
417      XMLDataAccess da = null;
418      XMLDocument doc;
419      PrintWriter pw;
420      String sql = "";
421      StringWriter sw;
422      String xml = "";
423  
424      try {
425        da = new XMLDataAccess("");
426        da.connect();
427        sql = "SELECT ";
428        sql += "sprf_id profileid, ";
429        sql += "csp_add_comment addcomment, ";
430        sql += "csp_add_account_to_queue addaccounttoqueue, ";
431        sql += "csp_cancel_letter cancelletter, ";
432        sql += "csp_change_review_time changereviewtime, ";
433        sql += "csp_clear_added_account clearaddedaccount, ";
434        sql += "csp_change_demographics changedemographics, ";
435        sql += "csp_transfer_queue transferqueue, ";
436        sql += "csp_change_permanent_comment changecomment, ";
437        sql += "csp_order_letter orderletter, ";
438        sql += "csp_action_code_level actioncodelevel, ";
439        sql += "csp_result_code_level resultcodelevel, ";
440        sql += "csp_supervisor_queue_id supervisorqueueid, ";
441        sql += "csp_record_promise recordpromise, ";
442        sql += "csp_restore_account_to_queue restoreaccounttoqueue, ";
443        sql += "csp_schedule_representation schedulerepresentation,";
444        sql += "csp_security_administration securityadministrator, ";
445        sql += "csp_statement_reprint statementreprint, ";
446        sql += "csp_system_administration systemadministrator, ";
447        sql += "csp_account_transfer accounttransfer, ";
448        sql += "csp_payoff_quote payoffquote, ";
449        sql += "csp_skip_acc_if_contact_today skipaccount, ";
450        sql += "csp_supervisor supervisor ";
451        sql += "FROM ";
452        sql += "collections_security_profiles, security_profiles ";
453        sql += "WHERE ";
454        sql += "sprf_csp_id = csp_id AND ";
455        sql += "sprf_id = " + profileId;
456        sw = new StringWriter();
457        pw = new PrintWriter(sw);
458        doc = da.makeXMLSelect(sql, "Profiles", "Collections");
459        doc.print(pw);
460        return sw.toString();
461      }
462      catch(Exception e) {
463        this.context.setRollbackOnly();
464        throw new InstantbankException(e, "131010", "Failed to retrieve Collections Security Profiles");
465      }
466      finally {
467        try {
468          if(da != null) {
469            da.disconnect();
470          }
471        }
472        catch(Exception e) {
473        }
474      }
475    }
476  
477  
478    private String getQueuePlan(Long companyId, Long qutId, String qutStatus, XMLDataAccess da) throws InstantbankException {
479      String Child = new String();
480      XMLDocument doc;
481      String Result = new String();
482      String sql = "";
483      String Tmp = new String();
484      String xml = "";
485  
486      sql = "SELECT ";
487      sql += "qplan_id id,";
488      sql += "qplan_name name ";
489      sql += "FROM ";
490      sql += "queue_plans ";
491      sql += "WHERE ";
492      sql += "qplan_cmp_id = " + companyId + " and ";
493      sql += "qplan_qut_id = " + qutId + " and ";
494      sql += "qplan_status = '" + qutStatus + "' ";
495      sql += "ORDER BY ";
496      sql += "qplan_name";
497      try {
498        Result = XMLUtils.removeHeader(da.getXml(sql, "ChildQueues", "Queue"));
499        return Result;
500      }
501      catch(Exception e) {
502        this.context.setRollbackOnly();
503        throw new InstantbankException(e, "131011", "Failed to retrieve a queue plan");
504      }
505    }
506  
507  
508    public String getQueues(Long companyId) throws InstantbankException {
509      String sql = "";
510      String xml = "";
511      XMLDataAccess da = null;
512      XMLDocument doc;
513      String Children;
514      String Tmp = new String();
515  
516      da = new XMLDataAccess("");
517      Parent = new String();
518      sql = "SELECT ";
519      sql += "qut_id id,";
520      sql += "qut_name name,";
521      sql += "qut_category category ";
522      sql += "FROM ";
523      sql += "queue_types ";
524      sql += "WHERE ";
525      sql += "qut_cmp_id = " + companyId + " ";
526      sql += "ORDER BY ";
527      sql += "qut_name";
528      try {
529        da.connect();
530        doc = da.makeXMLSelect(sql, "QueueList", "QueueType");
531        nlIdParent = doc.selectNodes("/QueueList/QueueType/id/text()");
532        nlNameParent = doc.selectNodes("/QueueList/QueueType/name/text()");
533        nlCategoryParent = doc.selectNodes("/QueueList/QueueType/category/text()");
534        nlLength = nlIdParent.getLength();
535        for(int i = 0; i < nlLength; i++) {
536          IdParent = new Long(nlIdParent.item(i).getNodeValue());
537          NameParent = nlNameParent.item(i).getNodeValue();
538          CategoryParent = nlCategoryParent.item(i).getNodeValue();
539          Children = getQueuePlan(companyId, IdParent, "A", da);
540          Tmp = Tmp + makeXMLAttributes("id", IdParent.toString());
541          Tmp = Tmp + makeXMLAttributes("name", NameParent);
542          Tmp = Tmp + makeXMLAttributes("category", CategoryParent);
543          Tmp = Tmp + Children;
544          Tmp = makeXMLElement("QueueType", Tmp);
545          Parent = Parent + Tmp;
546          Tmp = new String();
547        }
548        Parent = makeXMLNode("QueueList", Parent, true);
549        return Parent;
550      }
551      catch(Exception e) {
552        this.context.setRollbackOnly();
553        throw new InstantbankException(e, "131012", "Queue types not found");
554      }
555      finally {
556        try {
557          if(da != null) {
558            da.disconnect();
559          }
560        }
561        catch(Exception e) {
562        }
563      }
564    }
565  
566  
567    private String getSecProfile(String SecPrfId) throws InstantbankException {
568      Connection con = null;
569      PreparedStatement ps = null;
570      ResultSet result = null;
571      String SPrfId = null;
572      try {
573        con = ServiceLocator.instance().getConnection();
574        ps = con.prepareStatement("SELECT sprf_csp_id FROM security_profiles WHERE sprf_id = ?");
575        ps.setString(1, SecPrfId);
576        result = ps.executeQuery();
577        if(result.next()) {
578          SPrfId = result.getString("sprf_csp_id");
579        }
580        return SPrfId;
581      }
582      catch(Exception e) {
583        this.context.setRollbackOnly();
584        throw new InstantbankException(e, "131013", "Failed to get the identifier security profile of the database");
585      }
586      finally {
587        try {
588          if(result != null) {
589            result.close();
590          }
591          if(ps != null) {
592            ps.close();
593          }
594          if(con != null) {
595            con.close();
596          }
597        }
598        catch(SQLException se) {
599          se.printStackTrace();
600        }
601      }
602    }
603  
604  
605    private void initSecServices() throws InstantbankException {
606      try {
607        SecurityServicesHome SecHome = (SecurityServicesHome)
608          ServiceLocator.instance().createEJB("SecurityServicesHome", SecurityServicesHome.class, false);
609        SecServices = SecHome.create();
610      }
611      catch(Exception e) {
612        throw new InstantbankException(e, "131014", "Failed to create the EJB");
613      }
614    }
615  
616  
617    private String makeXMLAttributes(String attributeNode, String valueNode) throws InstantbankException {
618      char Ch3 = '/';
619      String XMLtmp = new String();
620  
621      valueNode = StringFormat.toSafeXMLString(valueNode);
622      XMLtmp = "<" + attributeNode + ">" + valueNode + "<" + Ch3 + attributeNode + ">\n";
623      return XMLtmp;
624    }
625  
626  
627    private String makeXMLElement(String element, String XMLAttributes) throws InstantbankException {
628      String XMLtmp = new String();
629      char Ch3 = '/';
630      XMLtmp = "<" + element + ">\n" + XMLAttributes +
631        "<" + Ch3 + element + ">\n";
632      return XMLtmp;
633    }
634  
635  
636    private String makeXMLNode(String nameNode, String XMLElement, boolean withHeader) throws InstantbankException {
637      String XMLtmp = new String();
638      char Ch3 = '/';
639      char Ch1 = '"';
640      if(withHeader) {
641        XMLtmp = XMLUtils.xmlHeader() + "\n";
642      }
643      else {
644        XMLtmp = "";
645      }
646      XMLtmp = XMLtmp + "<" + nameNode + "> \n" + XMLElement + "<" + Ch3 + nameNode + ">\n";
647      return XMLtmp;
648    }
649  
650  
651    public void modifyCollectionsProfile(XMLDocument profiles, long id_profile) throws InstantbankException, XSLException {
652      Connection con = null;
653      PreparedStatement ps = null;
654  
655      try {
656        con = ServiceLocator.instance().getConnection();
657        ps = con.prepareStatement(
658          "update collections_security_profiles " +
659          "set csp_add_comment = ?, " +
660          "csp_add_account_to_queue = ?, " +
661          "csp_cancel_letter = ?, " +
662          "csp_change_review_time = ?, " +
663          "csp_clear_added_account = ?, " +
664          "csp_change_demographics = ?, " +
665          "csp_transfer_queue = ?, " +
666          "csp_change_permanent_comment = ?, " +
667          "csp_order_letter = ?, " +
668          "csp_action_code_level = ?, " +
669          "csp_result_code_level = ?, " +
670          "csp_supervisor_queue_id = ?, " +
671          "csp_record_promise = ?, " +
672          "csp_restore_account_to_queue = ?, " +
673          "csp_schedule_representation = ?, " +
674          "csp_security_administration = ?, " +
675          "csp_statement_reprint = ?, " +
676          "csp_system_administration = ?, " +
677          "csp_account_transfer = ?, " +
678          "csp_payoff_quote = ?, " +
679          "csp_skip_acc_if_contact_today = ?, " +
680          "csp_supervisor = ? " +
681          "where csp_id = ?"
682          );
683        ps.setLong(1, Long.parseLong(profiles.valueOf("/Profiles/Collections/addcomment")));
684        ps.setLong(2, Long.parseLong(profiles.valueOf("/Profiles/Collections/addaccounttoqueue")));
685        ps.setLong(3, Long.parseLong(profiles.valueOf("/Profiles/Collections/cancelletter")));
686        ps.setLong(4, Long.parseLong(profiles.valueOf("/Profiles/Collections/changereviewtime")));
687        ps.setLong(5, Long.parseLong(profiles.valueOf("/Profiles/Collections/clearaddedaccount")));
688        ps.setLong(6, Long.parseLong(profiles.valueOf("/Profiles/Collections/changedemographics")));
689        ps.setLong(7, Long.parseLong(profiles.valueOf("/Profiles/Collections/transferqueue")));
690        ps.setLong(8, Long.parseLong(profiles.valueOf("/Profiles/Collections/changecomment")));
691        ps.setLong(9, Long.parseLong(profiles.valueOf("/Profiles/Collections/orderletter")));
692        ps.setLong(10, Long.parseLong(profiles.valueOf("/Profiles/Collections/actioncodelevel")));
693        ps.setLong(11, Long.parseLong(profiles.valueOf("/Profiles/Collections/resultcodelevel")));
694        if(profiles.valueOf("/Profiles/Collections/supervisorqueueid").equals("_")) {
695          ps.setNull(12, java.sql.Types.NUMERIC);
696        }
697        else {
698          ps.setLong(12, Long.parseLong(profiles.valueOf("/Profiles/Collections/supervisorqueueid")));
699        }
700        ps.setLong(13, Long.parseLong(profiles.valueOf("/Profiles/Collections/recordpromise")));
701        ps.setLong(14, Long.parseLong(profiles.valueOf("/Profiles/Collections/restoreaccounttoqueue")));
702        ps.setLong(15, Long.parseLong(profiles.valueOf("/Profiles/Collections/schedulerepresentation")));
703        ps.setLong(16, Long.parseLong(profiles.valueOf("/Profiles/Collections/securityadministrator")));
704        ps.setLong(17, Long.parseLong(profiles.valueOf("/Profiles/Collections/statementreprint")));
705        ps.setLong(18, Long.parseLong(profiles.valueOf("/Profiles/Collections/systemadministrator")));
706        ps.setLong(19, Long.parseLong(profiles.valueOf("/Profiles/Collections/accounttransfer")));
707        ps.setLong(20, Long.parseLong(profiles.valueOf("/Profiles/Collections/payoffquote")));
708        ps.setLong(21, Long.parseLong(profiles.valueOf("/Profiles/Collections/skipaccount")));
709        ps.setLong(22, Long.parseLong(profiles.valueOf("/Profiles/Collections/supervisor")));
710        ps.setLong(23, id_profile);
711  
712        int n = ps.executeUpdate();
713        if(n != 1) {
714          throw new InstantbankException("131015", "Failed to modify collections profile to the database");
715        }
716      }
717      catch(Exception e) {
718        this.context.setRollbackOnly();
719        throw new InstantbankException(e, "131016", "Failed to modify collections profile to the database");
720      }
721      finally {
722        try {
723          if(ps != null) {
724            ps.close();
725          }
726          if(con != null) {
727            con.close();
728          }
729        }
730        catch(SQLException se) {
731          se.printStackTrace();
732        }
733      }
734    }
735  
736  
737    public String newProfiles(Long companyId) throws InstantbankException {
738      String doc;
739      Long sprfId;
740  
741      if(!companyId.equals(new Long("0"))) {
742        sprfId = getCompanyProfile(companyId);
743        if(!sprfId.equals(new Long("0"))) {
744          doc = getProfiles(sprfId, new String("C"));
745        }
746        else {
747          doc = "";
748          doc = doc + makeXMLAttributes("profileid", "0");
749          doc = doc + makeXMLAttributes("addcomment", "0");
750          doc = doc + makeXMLAttributes("addaccounttoqueue", "0");
751          doc = doc + makeXMLAttributes("cancelletter", "0");
752          doc = doc + makeXMLAttributes("changereviewtime", "0");
753          doc = doc + makeXMLAttributes("clearaddedaccount", "0");
754          doc = doc + makeXMLAttributes("changedemographics", "0");
755          doc = doc + makeXMLAttributes("transferqueue", "0");
756          doc = doc + makeXMLAttributes("changecomment", "0");
757          doc = doc + makeXMLAttributes("orderletter", "0");
758          doc = doc + makeXMLAttributes("actioncodelevel", "0");
759          doc = doc + makeXMLAttributes("resultcodelevel", "0");
760          doc = doc + makeXMLAttributes("supervisorqueueid", "_");
761          doc = doc + makeXMLAttributes("recordpromise", "0");
762          doc = doc + makeXMLAttributes("restoreaccounttoqueue", "0");
763          doc = doc + makeXMLAttributes("schedulerepresentation", "0");
764          doc = doc + makeXMLAttributes("securityadministrator", "0");
765          doc = doc + makeXMLAttributes("statementreprint", "0");
766          doc = doc + makeXMLAttributes("systemadministrator", "0");
767          doc = doc + makeXMLAttributes("accounttransfer", "0");
768          doc = doc + makeXMLAttributes("payoffquote", "0");
769          doc = doc + makeXMLAttributes("skipaccount", "0");
770          doc = doc + makeXMLAttributes("supervisor", "0");
771          doc = makeXMLElement("Collections", doc);
772          doc = makeXMLNode("Profiles", doc, true);
773        }
774      }
775      else {
776        doc = "";
777        doc = doc + makeXMLAttributes("profileid", "0");
778        doc = doc + makeXMLAttributes("addcomment", "0");
779        doc = doc + makeXMLAttributes("addaccounttoqueue", "0");
780        doc = doc + makeXMLAttributes("cancelletter", "0");
781        doc = doc + makeXMLAttributes("changereviewtime", "0");
782        doc = doc + makeXMLAttributes("clearaddedaccount", "0");
783        doc = doc + makeXMLAttributes("changedemographics", "0");
784        doc = doc + makeXMLAttributes("transferqueue", "0");
785        doc = doc + makeXMLAttributes("changecomment", "0");
786        doc = doc + makeXMLAttributes("orderletter", "0");
787        doc = doc + makeXMLAttributes("actioncodelevel", "0");
788        doc = doc + makeXMLAttributes("resultcodelevel", "0");
789        doc = doc + makeXMLAttributes("supervisorqueueid", "_");
790        doc = doc + makeXMLAttributes("recordpromise", "0");
791        doc = doc + makeXMLAttributes("restoreaccounttoqueue", "0");
792        doc = doc + makeXMLAttributes("schedulerepresentation", "0");
793        doc = doc + makeXMLAttributes("securityadministrator", "0");
794        doc = doc + makeXMLAttributes("statementreprint", "0");
795        doc = doc + makeXMLAttributes("systemadministrator", "0");
796        doc = doc + makeXMLAttributes("accounttransfer", "0");
797        doc = doc + makeXMLAttributes("payoffquote", "0");
798        doc = doc + makeXMLAttributes("skipaccount", "0");
799        doc = doc + makeXMLAttributes("supervisor", "0");
800        doc = makeXMLElement("Collections", doc);
801        doc = makeXMLNode("Profiles", doc, true);
802      }
803  
804      return doc;
805    }
806  
807  
808    private XMLDocument parseInfo(String data) throws InstantbankException {
809      DOMParser docParser = new DOMParser();
810      ByteArrayInputStream stream;
811      XMLDocument xmlDoc = null;
812  
813      try {
814        stream = new ByteArrayInputStream(data.getBytes());
815        docParser.setValidationMode(false);
816        docParser.parse(stream);
817        xmlDoc = docParser.getDocument();
818        return xmlDoc;
819      }
820      catch(Exception e) {
821        throw new InstantbankException(e, "131017", "Failed to parse the information");
822      }
823    }
824  
825  
826    public void refreshChildren(Long loggedUserId, Long groupId, int level) throws InstantbankException {
827      String ChildProfileId = new String();
828      Long ChildId;
829      XMLDataAccess da = null;
830      XMLDocument doc;
831      String Groups = new String();
832      String ProfileId = new String();
833      Long Id;
834      String UGrpId;
835      XMLDocument UserGrp;
836      NodeList UserGrpId;
837      int UserGrpLen;
838      String Users = new String();
839      String UsrPrf;
840  
841      try {
842        initSecServices();
843        ProfileId = getGroupProfileId(groupId.toString());
844        Groups = SecServices.getChildGroups(groupId, 1);
845        doc = parseInfo(Groups);
846        nlGroupIdChildren = doc.selectNodes("/ChildGroups/Group/id/text()");
847        nlGroupIdLen = nlGroupIdChildren.getLength();
848  
849        Users = SecServices.getChildUsers(groupId, level);
850        UserGrp = parseInfo(Users);
851        UserGrpId = UserGrp.selectNodes("/ChildUsers/User/id/text()");
852        UserGrpLen = UserGrpId.getLength();
853        for(int j = 0; j < UserGrpLen; j++) {
854          UGrpId = UserGrpId.item(j).getNodeValue();
855          UsrPrf = SecServices.getUserProfileId(UGrpId);
856          refreshProfile(new Long(UsrPrf), new Long(ProfileId));
857          SecServices.updateUserLastChanged(loggedUserId, new Long(UGrpId));
858        }
859  
860        for(int i = 0; i < nlGroupIdLen; i++) {
861          ChildId = new Long(nlGroupIdChildren.item(i).getNodeValue());
862          ChildProfileId = getGroupProfileId(ChildId.toString());
863          refreshProfile(new Long(ChildProfileId), new Long(ProfileId));
864          SecServices.updateUserGroupLastChanged(loggedUserId, ChildId);
865          Users = SecServices.getChildUsers(ChildId, level);
866          UserGrp = parseInfo(Users);
867          UserGrpId = UserGrp.selectNodes("/ChildUsers/User/id/text()");
868          UserGrpLen = UserGrpId.getLength();
869          for(int j = 0; j < UserGrpLen; j++) {
870            UGrpId = UserGrpId.item(j).getNodeValue();
871            UsrPrf = SecServices.getUserProfileId(UGrpId);
872            refreshProfile(new Long(UsrPrf), new Long(ProfileId));
873            SecServices.updateUserLastChanged(loggedUserId, new Long(UGrpId));
874          }
875        }
876  
877      }
878      catch(Exception e) {
879        this.context.setRollbackOnly();
880        throw new InstantbankException(e, "131018", "Failed to refresh the children of the groups");
881      }
882    }
883  
884  
885    private void refreshProfile(Long destinationId, Long sourceId) throws InstantbankException {
886      String destinationCollectionsId = new String();
887      String sourceCollectionsId = new String();
888      Connection con = null;
889      PreparedStatement ps = null;
890      ResultSet result = null;
891  
892      destinationCollectionsId = getSecProfile(destinationId.toString());
893      sourceCollectionsId = getSecProfile(sourceId.toString());
894      try {
895        con = ServiceLocator.instance().getConnection();
896        ps = con.prepareStatement(
897          "update collections_security_profiles SET" +
898          "(csp_add_comment, csp_add_account_to_queue, " +
899          "csp_cancel_letter, csp_change_review_time, csp_clear_added_account, " +
900          "csp_change_demographics, csp_transfer_queue, csp_change_permanent_comment, " +
901          "csp_order_letter, csp_action_code_level, csp_result_code_level, " +
902          "csp_supervisor_queue_id, csp_record_promise, csp_restore_account_to_queue, " +
903          "csp_schedule_representation, csp_security_administration, csp_statement_reprint, " +
904          "csp_system_administration, csp_account_transfer, csp_payoff_quote, " +
905          "csp_skip_acc_if_contact_today, csp_supervisor)=" +
906          "(SELECT csp_add_comment, csp_add_account_to_queue, " +
907          "csp_cancel_letter, csp_change_review_time, csp_clear_added_account, " +
908          "csp_change_demographics, csp_transfer_queue, csp_change_permanent_comment, " +
909          "csp_order_letter, csp_action_code_level, csp_result_code_level, " +
910          "csp_supervisor_queue_id, csp_record_promise, csp_restore_account_to_queue, " +
911          "csp_schedule_representation, csp_security_administration, csp_statement_reprint, " +
912          "csp_system_administration, csp_account_transfer, csp_payoff_quote, " +
913          "csp_skip_acc_if_contact_today, csp_supervisor FROM collections_security_profiles " +
914          "WHERE csp_id = ?) WHERE csp_id = ?"
915          );
916        ps.setString(1, sourceCollectionsId);
917        ps.setString(2, destinationCollectionsId);
918        int n = ps.executeUpdate();
919        if(n != 1) {
920          throw new InstantbankException("131019", "Failed to modify profiles to the database");
921        }
922      }
923      catch(Exception e) {
924        this.context.setRollbackOnly();
925        throw new InstantbankException(e, "131020", "Failed to modify profiles to the database");
926      }
927      finally {
928        try {
929          if(ps != null) {
930            ps.close();
931          }
932          if(con != null) {
933            con.close();
934          }
935        }
936        catch(SQLException se) {
937          se.printStackTrace();
938        }
939      }
940    }
941  
942  
943    private void createCompanyProfilesLinks(long SPrfId, Long companyId) throws InstantbankException {
944      Connection con = null;
945      PreparedStatement ps = null;
946  
947      try {
948        con = ServiceLocator.instance().getConnection();
949        ps = con.prepareStatement("INSERT INTO COMPANY_SECURITY_PROFILE_LINKS VALUES (?,?)");
950        ps.setLong(1, SPrfId);
951        ps.setLong(2, companyId.longValue());
952        int n = ps.executeUpdate();
953        if(n != 1) {
954          throw new InstantbankException("131015", "Failed to modify company collections profile to the database");
955        }
956      }
957      catch(Exception e) {
958        this.context.setRollbackOnly();
959        throw new InstantbankException(e, "131020", "Failed to modify company collections profile to the database");
960      }
961      finally {
962        try {
963          if(ps != null) {
964            ps.close();
965          }
966          if(con != null) {
967            con.close();
968          }
969        }
970        catch(SQLException se) {
971          se.printStackTrace();
972        }
973      }
974  
975    }
976  
977  
978    public void saveDefaultProfile(String profiles, Long companyId) throws InstantbankException {
979  
980      String cprofileId = new String();
981      String PrfId = new String();
982      XMLDocument XMLProfiles;
983  
984      try {
985        XMLProfiles = parseInfo(profiles);
986  
987        PrfId = XMLProfiles.valueOf("/Profiles/Collections/profileid");
988  
989        if(PrfId.equals("0")) {
990          long cspId = UniqueIDGenerator.instance().getNextId();
991          long ospId = UniqueIDGenerator.instance().getNextId();
992          long sspId = UniqueIDGenerator.instance().getNextId();
993          long SPrfId = UniqueIDGenerator.instance().getNextId();
994          createCollectionsProfile(XMLProfiles, cspId);
995          createSecurityProfile(SPrfId, cspId, ospId, sspId);
996          createCompanyProfilesLinks(SPrfId, companyId);
997        }
998        else {
999          cprofileId = getSecProfile(PrfId);
1000         modifyCollectionsProfile(XMLProfiles, Long.parseLong(cprofileId));
1001       }
1002     }
1003     catch(Exception e) {
1004       this.context.setRollbackOnly();
1005       throw new InstantbankException(e, "131021", "Failed to save the profiles");
1006     }
1007 
1008   }
1009 
1010 
1011   public long saveProfiles(String profiles, boolean superuser) throws InstantbankException {
1012     String cprofileId = new String();
1013     Element newNode;
1014     XMLNode node;
1015     String PrfId = new String();
1016     XMLDocument XMLProfiles;
1017 
1018     try {
1019       XMLProfiles = parseInfo(profiles);
1020       long cspId = UniqueIDGenerator.instance().getNextId();
1021       long ospId = UniqueIDGenerator.instance().getNextId();
1022       long sspId = UniqueIDGenerator.instance().getNextId();
1023       long SPrfId = UniqueIDGenerator.instance().getNextId();
1024       PrfId = XMLProfiles.valueOf("/Profiles/Collections/profileid");
1025       if(PrfId.equals("0")) {
1026         createCollectionsProfile(XMLProfiles, cspId);
1027         createSecurityProfile(SPrfId, cspId, ospId, sspId);
1028         saveRoles(XMLProfiles, SPrfId, "co_", superuser);
1029         return SPrfId;
1030       }
1031       else {
1032         cprofileId = getSecProfile(PrfId);
1033         modifyCollectionsProfile(XMLProfiles, Long.parseLong(cprofileId));
1034         deleteRol(Long.parseLong(PrfId));
1035         saveRoles(XMLProfiles, Long.parseLong(PrfId), "co_", superuser);
1036         return Long.parseLong(PrfId);
1037       }
1038     }
1039     catch(Exception e) {
1040       this.context.setRollbackOnly();
1041       throw new InstantbankException(e, "131021", "Failed to save the profiles");
1042     }
1043   }
1044 
1045 
1046   private void saveRoles(XMLDocument profiles, long sprfId, String prefix, boolean superuser) throws InstantbankException, XSLException {
1047     int docLength;
1048     Vector rolesId = new Vector();
1049     String rolId = new String();
1050     String rolName = new String();
1051 
1052     try {
1053       docLength = profiles.getElementsByTagName("Collections").item(0).getChildNodes().getLength();
1054       for(int i = 0; i < docLength; i++) {
1055         rolName = profiles.getElementsByTagName("Collections").item(0).getChildNodes().item(i).getNodeName();
1056         rolId = getRolId(prefix + rolName);
1057         if((rolId != null) && (!(profiles.valueOf("/Profiles/Collections/" + rolName).equals("0")))) {
1058           rolesId.addElement(rolId);
1059         }
1060         if((rolName.equals("actioncodelevel")) && (!(profiles.valueOf("/Profiles/Collections/" + rolName).equals("0")))) {
1061           /**
1062            *adds to roles vector the roleId 2 "co_collector" if action code level > 0 *
1063            */
1064           rolId = getRolId(prefix + "collections");
1065           rolesId.addElement(rolId);
1066         }
1067       }
1068 
1069       /**
1070        *adds to roles vector the roleId "co_everyone"*
1071        */
1072       rolId = getRolId(prefix + "everyone");
1073       rolesId.addElement(rolId);
1074 
1075       if(superuser) {
1076         rolId = getRolId(prefix + "superuser");
1077         rolesId.addElement(rolId);
1078       }
1079 
1080       for(int j = 0; j < rolesId.size(); j++) {
1081         createRol(sprfId, Long.parseLong(rolesId.elementAt(j).toString()));
1082       }
1083     }
1084     catch(Exception e) {
1085       this.context.setRollbackOnly();
1086       throw new InstantbankException(e, "131022", "Failed to save the roles");
1087     }
1088   }
1089 }
1090 
1091