Added NewPasswordException and updated UserService to throw this exception if the new password matches the current password. Introduced a new error code ERR_SEC_0007 for this scenario and added a matches method to PasswordEncryptionService for password comparison.
The LoggingFilter now checks for the 'SUS_USERCODE' header if the user ID is not found in previous headers. This improves compatibility with clients that use this header for user identification.
Replaced ERRCode.TRANSACTIONAMOUNT with ERRCode.MISMATCH_TRANSACTION_AMT to improve naming consistency and clarity in error handling for mismatched transaction amounts.
Introduces a new transactionCode field to the TransactionLog entity and updates TransactionLogService to set this field when creating transaction logs. Also adds TRANSACTION_CODE constant to FieldNameLength for column definition.
Introduced a transactionUri field to TransactionLog and updated TransactionLogService methods to accept and store the URI. Refactored deposit approval endpoints in DepositAccountController to use new URIs and updated AconnectURI and TokenBypassURI constants accordingly for individual and business deposit approvals.
Introduced separate endpoints and service methods for approving individual and business CRM applications. Updated URI constants and token bypass lists to support business CRM approval. Also added endpoint to check individual CRM applications by workflow reference.
Replaced InProcessApplicationsController with PendingCRMApplicationsController to handle individual and business pending CRM applications. Updated InProcessApplicationsService to separate logic for individual and business workflows, adding new methods for pending CRM retrieval. Adjusted AconnectURI and TokenBypassURI constants to support new endpoints.
Updated LoggingFilter to first check for 'userId' header, then fallback to 'X-USER-ID' if not present. Default userId is now set to 'NA' instead of 'ANONYMOUS' when no header is found.
Introduced a new endpoint and service method for individual loan approval. Updated AconnectURI and TokenBypassURI to include the new approval URI, and implemented the approval logic in LoanAccountService and LoanAccountController.
Introduced ChangePasswordDTO and implemented password change functionality in UserService and AuthenticationController. Added custom exceptions for existing email, username, and incorrect old password. Updated User entity and DTOs to include porOrgacode, and enforced uniqueness checks for userId and email. Enhanced ERRCode with new error codes and improved boolean field handling in User entity.
Introduced the TransactionLog JPA entity for transaction logging. Added FieldNameConstant and DBFieldNameConstant enums for standardized field names, and expanded FieldNameLength with additional constants. Updated SecurityURI and AuthenticationController to support password change endpoint. Commented out request limiting logic in SubscriptionFilter.
Introduced DepositAccountService and LoanAccountService for handling deposit and loan account operations. Updated DepositAccountController and LoanAccountController to use these services and added new endpoints for individual and business deposit/loan creation and approval. Added RestTemplate configuration and updated AconnectURI and TokenBypassURI constants. Modified PermissionDTO to use a String for permissions and adjusted UserService accordingly. Increased requestBody column length in Logger entity. Added Apache HttpClient5 dependency.
Split transaction-related endpoints into dedicated controllers and services for authorization, cancellation, rejection, and reversal. Renamed LoginController and LoginService to AuthController and AuthService. Added DTOs for account-to-account and GL-to-account transactions, updated TransactionService to handle new transaction types, and adjusted URI constants and token bypass lists accordingly. Removed EnvironmentDetectionService as part of the refactor.
Naeem Ullah
Wasiullah Khan
Naeem Ullah