From bbdc59c302291a84d5441e33cf8f8a87d169179a Mon Sep 17 00:00:00 2001
From: Wasiullah Khan Jadoon <wasiullah.khan@mfsys.ca>
Date: Wed, 8 Apr 2026 18:42:43 +0500
Subject: [PATCH] User Fixed

---
 .../controller/AuthenticationController.java  |  9 ++-
 .../usermanagement/service/UserService.java   | 68 +++++++++++++++++--
 2 files changed, 67 insertions(+), 10 deletions(-)

diff --git a/aconnect/src/main/java/com/mfsys/aconnect/security/controller/AuthenticationController.java b/aconnect/src/main/java/com/mfsys/aconnect/security/controller/AuthenticationController.java
index 8b443e2..53dd771 100644
--- a/aconnect/src/main/java/com/mfsys/aconnect/security/controller/AuthenticationController.java
+++ b/aconnect/src/main/java/com/mfsys/aconnect/security/controller/AuthenticationController.java
@@ -1,5 +1,6 @@
 package com.mfsys.aconnect.security.controller;
 
+import com.fasterxml.jackson.core.JsonProcessingException;
 import com.mfsys.aconnect.security.constant.SecurityURI;
 import com.mfsys.aconnect.security.dto.ChangePasswordDTO;
 import com.mfsys.aconnect.security.dto.LoginRequest;
@@ -12,10 +13,8 @@ import com.mfsys.aconnect.usermanagement.service.UserService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.http.HttpHeaders;
 
 import java.util.HashMap;
 import java.util.Map;
@@ -56,7 +55,7 @@ public class AuthenticationController {
   }
 
     @PostMapping(SecurityURI.FIRST_LOGIN)
-    public ResponseEntity<Map<String, String>> firstLogin(@RequestBody ChangePasswordDTO request) {
+    public ResponseEntity<Map<String, String>> firstLogin(@RequestBody ChangePasswordDTO request) throws JsonProcessingException {
         String message = userService.firstLogin(request);
         Map<String, String> response = new HashMap<>();
         response.put("message", message);
diff --git a/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/UserService.java b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/UserService.java
index 492cc2e..4134606 100644
--- a/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/UserService.java
+++ b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/UserService.java
@@ -1,5 +1,8 @@
 package com.mfsys.aconnect.usermanagement.service;
 
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.mfsys.aconnect.configuration.config.WebClientConfig;
 import com.mfsys.aconnect.security.dto.ChangePasswordDTO;
 import com.mfsys.aconnect.security.dto.ResetPasswordDTO;
 import com.mfsys.aconnect.usermanagement.exceptions.EmailAlreadyExistException;
@@ -11,21 +14,35 @@ import com.mfsys.aconnect.usermanagement.dto.UserDTOs;
 import com.mfsys.aconnect.usermanagement.model.User;
 import com.mfsys.aconnect.usermanagement.repository.UserRepository;
 import jakarta.persistence.EntityNotFoundException;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import org.springframework.http.HttpHeaders;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 import java.util.stream.Collectors;
 
 @Service
 public class UserService {
 
+    @Value("${app.security.uri}")
+    private String securityURI;
+
   private final UserRepository userRepository;
   private final PasswordEncryptionService passwordEncryptionService;
+  private final WebClientConfig webClientConfig;
+  private final ObjectMapper objectMapper;
 
-  public UserService(UserRepository userRepository, PasswordEncryptionService passwordEncryptionService) {
+  public UserService(UserRepository userRepository, PasswordEncryptionService passwordEncryptionService, WebClientConfig webClientConfig,
+                     ObjectMapper objectMapper) {
     this.userRepository = userRepository;
     this.passwordEncryptionService = passwordEncryptionService;
+    this.webClientConfig = webClientConfig;
+    this.objectMapper = objectMapper;
   }
 
   @Transactional
@@ -65,20 +82,61 @@ public class UserService {
   }
 
     @Transactional
-    public String firstLogin(ChangePasswordDTO request) {
+    public String firstLogin(ChangePasswordDTO request) throws JsonProcessingException {
+
+        String url = securityURI + "/security/thirdparty/user/changePassword";
+
         User user = userRepository.findById(request.getUserId())
-                .orElseThrow(() -> new EntityNotFoundException("User not found with ID: " + request.getUserId()));
+                .orElseThrow(() -> new EntityNotFoundException(
+                        "User not found with ID: " + request.getUserId()));
 
-        boolean isPasswordValid = PasswordEncryptionService.verifyPassword(request.getOldPassword(), user.getPassword());
-        if(!isPasswordValid) {
+        boolean isPasswordValid = PasswordEncryptionService.verifyPassword(
+                request.getOldPassword(), user.getPassword());
+
+        if (!isPasswordValid) {
             throw new OldPasswordNotMatch(request.getPorOrgacode());
         }
+
+        HttpHeaders headers = new HttpHeaders();
+        headers.setContentType(MediaType.APPLICATION_JSON);
+        headers.set("sus_usercode", request.getUserId());
+        headers.set("por_orgacode", request.getPorOrgacode());
+
+        // Build $set payload
+        Map<String, Object> setPayload = new HashMap<>();
+        setPayload.put("SUS_USERCODE", user.getUserId());
+        setPayload.put("SUS_PASSWORD", request.getNewPassword());
+        setPayload.put("OLD_PASSWORD", request.getOldPassword());
+        setPayload.put("POR_ORGACODE", user.getPorOrgacode());
+
+        // Build main payload
+        Map<String, Object> requestBody = new HashMap<>();
+        requestBody.put("formId", "SH_SM_US_USER"); // your form ID
+        requestBody.put("porOrgacode", user.getPorOrgacode());
+        requestBody.put("set", objectMapper.writeValueAsString(setPayload));
+        requestBody.put("filter", buildFilter(user.getPorOrgacode(), user.getUserId()));
+
+        ResponseEntity<Object> ciihiveResponse =
+                webClientConfig.patch(url, requestBody, headers);
+
+        if (!ciihiveResponse.getStatusCode().is2xxSuccessful()) {
+            throw new RuntimeException("Failed to update password in ciihive: " + ciihiveResponse.getBody());
+        }
+
+        // Update local DB
         user.setPassword(passwordEncryptionService.hashPassword(request.getNewPassword()));
         user.setFirstLogin(false);
         userRepository.save(user);
+
         return "Password changed successfully";
     }
 
+    private String buildFilter(String porOrgacode, String userId) {
+        return "{ \"$and\": [ " +
+                "{ \"SUS_USERCODE\": { \"$eq\": \"" + userId + "\" } }, " +
+                "{ \"POR_ORGACODE\": { \"$eq\": \"" + porOrgacode + "\" } } ] }";
+    }
+
   @Transactional
   public String resetPassword(ResetPasswordDTO request) {
     User user = userRepository.findById(request.getUserId())