Merge Releases 3.7.0 and 3.8.1

src/main/environment/common_ci.properties

@@ -190,10 +190,19 @@ captcha.enable-captcha=@env.ENABLE_CAPTCHA@
 
 cors.allowed-origins=@env.CORS_ALLOWED_ORIGINS@
 
-video-call-url=@env.VIDEO_CALL_URL@
-jibri.output.path=@env.JIBRI_OUTPUT_PATH@
+# Jitsi configuration
+videocall.url=@env.VIDEO_CALL_URL@
 video.recording.path=@env.VIDEO_RECORDING_PATH@
 
+# Jitsi JWT (prosody token-auth)
+jitsi.app.id=@env.JITSI_APP_ID@
+jitsi.app.secret=@env.JITSI_APP_SECRET@
+jitsi.domain=@env.JITSI_DOMAIN@
+jitsi.sub=@env.JITSI_SUB@
+jitsi.token.ttl.seconds=@env.JITSI_TOKEN_TTL_SECONDS@
+jitsi.room.prefix=@env.JITSI_ROOM_PREFIX@
+jitsi.default.user.email=@env.JITSI_DEFAULT_USER_EMAIL@
+
 platform.feedback.ratelimit.enabled=@env.PLATFORM_FEEDBACK_RATELIMIT_ENABLED@
 platform.feedback.ratelimit.pepper=@env.PLATFORM_FEEDBACK_RATELIMIT_PEPPER@
 platform.feedback.ratelimit.trust-forwarded-for=@env.PLATFORM_FEEDBACK_RATELIMIT_TRUST_FORWARDED_FOR@

src/main/environment/common_docker.properties

@@ -192,10 +192,18 @@ firebase.enabled=${FIREBASE_ENABLE}
 firebase.credential-file=${FIREBASE_CREDENTIAL}
 
 
-video-call-url=${VIDEO_CALL_URL}
-jibri.output.path={JIBRI_OUTPUT_PATH}
+videocall.url=${VIDEO_CALL_URL}
 video.recording.path={VIDEO_RECORDING_PATH}
 
+# Jitsi JWT (prosody token-auth)
+jitsi.app.id=${JITSI_APP_ID}
+jitsi.app.secret=${JITSI_APP_SECRET}
+jitsi.domain=${JITSI_DOMAIN}
+jitsi.sub=${JITSI_SUB}
+jitsi.token.ttl.seconds=${JITSI_TOKEN_TTL_SECONDS}
+jitsi.room.prefix=${JITSI_ROOM_PREFIX}
+jitsi.default.user.email=${JITSI_DEFAULT_USER_EMAIL}
+
 # Platform Feedback module
 platform.feedback.ratelimit.enabled=${PLATFORM_FEEDBACK_RATELIMIT_ENABLED}
 platform.feedback.ratelimit.pepper=${PLATFORM_FEEDBACK_RATELIMIT_PEPPER}

src/main/environment/common_example.properties

@@ -25,7 +25,7 @@ km-root-path=/okm:personal/users/
 km-guest-user=guest
 km-guest-password=guest
 
-tempFilePath=/opt/openkm
+tempFilePath=/tmp
 
 # CTI Config
 cti-server-ip=10.208.122.99
@@ -200,9 +200,9 @@ grievanceAllocationRetryConfiguration=3
 logging.path=logs/
 logging.file.name=logs/common-api.log
 
-video-call-url=https://vc.piramalswasthya.org/?
-jibri.output.path=/srv/jibri/recordings
-video.recording.path=/srv/recordings
+# Jitsi configuration
+videocall.url=https://vc.piramalswasthya.org/?
+video.recording.path=/opt/recordings
 
 captcha.secret-key= <Enter Cloudflare Secret Key>
 captcha.verify-url= https://challenges.cloudflare.com/turnstile/v0/siteverify
@@ -233,3 +233,11 @@ otp.ratelimit.day-limit=20
 
 ### generate Beneficiary IDs URL
 generateBeneficiaryIDs-api-url=/generateBeneficiaryController/generateBeneficiaryIDs
+
+JITSI_APP_ID=piramal_vc
+JITSI_APP_SECRET=5b9883418be6f228ffe3ceaa74dd3d3b91737733a4a85c5e82fc584ad449850b                                                                                                                          
+JITSI_DOMAIN=vc.piramalswasthya.org                                                                                                                                                                        
+JITSI_SUB=meet.jitsi                                                                                                                                                                                       
+JITSI_TOKEN_TTL_SECONDS=3600                                                                                                                                                                               
+JITSI_ROOM_PREFIX=piramal-meeting-                                                                                                                                                                         
+JITSI_DEFAULT_USER_EMAIL=admin@piramalswasthya.org

src/main/java/com/iemr/common/CommonApplication.java

@@ -29,6 +29,7 @@
 import org.springframework.data.redis.connection.RedisConnectionFactory;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.data.redis.serializer.Jackson2JsonRedisSerializer;
+import org.springframework.scheduling.annotation.EnableAsync;
 import org.springframework.scheduling.annotation.EnableScheduling;
 import org.springframework.web.client.RestTemplate;
 
@@ -40,6 +41,7 @@
 
 @SpringBootApplication
 @EnableScheduling
+@EnableAsync(proxyTargetClass = true)
 public class CommonApplication extends SpringBootServletInitializer {
 
 	@Bean

src/main/java/com/iemr/common/config/InterceptorConfig.java

@@ -36,7 +36,8 @@ public class InterceptorConfig implements WebMvcConfigurer {
 
 	@Override
 	public void addInterceptors(InterceptorRegistry registry) {
-		registry.addInterceptor(requestInterceptor);
+		registry.addInterceptor(requestInterceptor)
+				.excludePathPatterns("/video-consultation/resolve", "**/video-consultation/resolve");
 	}
 
 }

src/main/java/com/iemr/common/config/encryption/SecurePassword.java

@@ -26,10 +26,8 @@
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.security.spec.InvalidKeySpecException;
-
 import javax.crypto.SecretKeyFactory;
 import javax.crypto.spec.PBEKeySpec;
-
 import org.springframework.stereotype.Service;
 
 @Service

src/main/java/com/iemr/common/controller/beneficiary/BeneficiaryRegistrationController.java

@@ -37,6 +37,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestHeader;
+import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
@@ -74,6 +75,8 @@
 import com.iemr.common.service.userbeneficiarydata.TitleService;
 import com.iemr.common.utils.CookieUtil;
 import com.iemr.common.utils.JwtUtil;
+import com.iemr.common.utils.CookieUtil;
+import com.iemr.common.utils.JwtUtil;
 import com.iemr.common.utils.mapper.InputMapper;
 import com.iemr.common.utils.mapper.OutputMapper;
 import com.iemr.common.utils.response.OutputResponse;

src/main/java/com/iemr/common/controller/dynamicForm/DynamicFormController.java

@@ -97,4 +97,6 @@ public ResponseEntity<ApiResponse<?>> getStructuredForm(@PathVariable String for
     }
 
 
+
+
 }

src/main/java/com/iemr/common/controller/users/IEMRAdminController.java

@@ -337,6 +337,16 @@
 			String userId = claims.get("userId", String.class);
 			User user = iemrAdminUserServiceImpl.getUserById(Long.parseLong(userId));
 
+			// validate if user account is locked or de-activated
+			if(user.getDeleted()){
+				logger.warn("Your account is locked or de-activated. Please contact administrator");
+				return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Your account is locked or de-activated. Please contact administrator.");
+			}
+			if(user.getStatusID()>2){
+				logger.warn("Your account is not active. Please contact administrator");
+				return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Your account is not active. Please contact administrator.");
+			}
+
 			// Validate that the user still exists and is active
 			if (user == null) {
 				logger.warn("Token validation failed: user not found for userId in token.");

src/main/java/com/iemr/common/controller/version/VersionController.java

@@ -75,6 +75,8 @@ public ResponseEntity<Map<String, String>> versionInformation() {
 		return ResponseEntity.ok(response);
 	}
 
+
+
 	private Properties loadGitProperties() throws IOException {
 		Properties properties = new Properties();
 		try (InputStream input = getClass().getClassLoader()

src/main/java/com/iemr/common/controller/videocall/VideoCallController.java

@@ -1,5 +1,28 @@
+/*
+* AMRIT – Accessible Medical Records via Integrated Technology 
+* Integrated EHR (Electronic Health Records) Solution 
+*
+* Copyright (C) "Piramal Swasthya Management and Research Institute" 
+*
+* This file is part of AMRIT.
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation, either version 3 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with this program.  If not, see https://www.gnu.org/licenses/.
+*/
+
 package com.iemr.common.controller.videocall;
 
+import java.net.URI;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -12,19 +35,19 @@
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import com.iemr.common.model.videocall.UpdateCallRequest;
 import com.iemr.common.model.videocall.VideoCallRequest;
 import com.iemr.common.service.videocall.VideoCallService;
 import com.iemr.common.utils.response.OutputResponse;
-import com.fasterxml.jackson.databind.SerializationFeature;
-import com.fasterxml.jackson.databind.DeserializationFeature;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import jakarta.servlet.http.HttpServletRequest;
 
-import org.springframework.web.bind.annotation.RequestBody;
+import jakarta.servlet.http.HttpServletRequest;
 
 @RestController
 @RequestMapping(value = "/video-consultation")
@@ -42,7 +65,7 @@
             response.put("meetingLink", link);
             return ResponseEntity.ok(response);
         } catch (Exception e) {
             response.put("error", e.getMessage());
             return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(response);
         }
     }
@@ -67,32 +90,118 @@
 }
 
 @PostMapping(value = "/update-call-status", produces = MediaType.APPLICATION_JSON_VALUE, headers = "Authorization")
-public ResponseEntity<String> updateCallStatus(@RequestBody UpdateCallRequest requestModel, HttpServletRequest request) {
+public ResponseEntity<String> updateCallStatus(@RequestBody UpdateCallRequest requestModel,
+                                               HttpServletRequest request) {
     OutputResponse response = new OutputResponse();
+    logger.info("[updateCallStatus CONTROLLER] Received — meetingLink={}, callStatus={}, callDuration={}, modifiedBy={}, isLinkUsed={}",
+        requestModel.getMeetingLink(),
+        requestModel.getCallStatus(),
+        requestModel.getCallDuration(),
+        requestModel.getModifiedBy(),
+        requestModel.getIsLinkUsed());
 
     try {
         if (requestModel.getMeetingLink() == null || requestModel.getCallStatus() == null) {
+            logger.error("[updateCallStatus CONTROLLER] Validation failed — meetingLink or callStatus is null");
             throw new IllegalArgumentException("Meeting Link and Status are required");
         }
 
         String result = videoCallService.updateCallStatus(requestModel);
+        logger.info("[updateCallStatus CONTROLLER] Service returned successfully");
 
         JSONObject responseObj = new JSONObject();
         responseObj.put("status", "success");
         responseObj.put("message", result);
         response.setResponse(responseObj.toString());
 
     } catch (IllegalArgumentException e) {
-        logger.error("Validation error: " + e.getMessage(), e);
-        return ResponseEntity.badRequest().body("{\"status\":\"error\",\"message\":\"" + e.getMessage() + "\"}");
+        logger.error("[updateCallStatus CONTROLLER] Validation error: {}", e.getMessage(), e);
+        return ResponseEntity.badRequest()
+            .body("{\"status\":\"error\",\"message\":\"" + e.getMessage() + "\"}");
     } catch (Exception e) {
-        logger.error("updateCallStatus failed with error: " + e.getMessage(), e);
+        logger.error("[updateCallStatus CONTROLLER] Unexpected error: {}", e.getMessage(), e);
         response.setError(e);
     }
 
     return ResponseEntity.ok(response.toString());
 }
 
+/**
+ * Returns a moderator JWT URL for the agent so they can use "End Meeting for All".
+ * Called by the frontend after the meeting link is generated.
+ */
+@PostMapping(value = "/agent-token", produces = MediaType.APPLICATION_JSON_VALUE, headers = "Authorization")
+public ResponseEntity<Map<String, String>> generateAgentToken(@RequestBody Map<String, String> body) {
+    Map<String, String> response = new HashMap<>();
+    try {
+        String slug = body.get("slug");
+        String agentName = body.get("agentName");
+        String agentEmail = body.get("agentEmail");
+
+        if (slug == null || slug.isEmpty()) {
+            response.put("error", "slug is required");
+            return ResponseEntity.badRequest().body(response);
+        }
+
+        String agentUrl = videoCallService.generateAgentToken(slug, agentName, agentEmail);
+        response.put("agentMeetingUrl", agentUrl);
+
+        // Parse roomName and jwt out of the URL so the frontend can pass them
+        // directly to JitsiMeetExternalAPI without re-parsing the URL itself.
+        // URL format: https://<domain>/<roomName>?jwt=<token>
+        int jwtIdx = agentUrl.lastIndexOf("?jwt=");
+        if (jwtIdx > 0) {
+            String jwt = agentUrl.substring(jwtIdx + 5);
+            String pathPart = agentUrl.substring(0, jwtIdx);
+            String roomName = pathPart.substring(pathPart.lastIndexOf('/') + 1);
+            response.put("roomName", roomName);
+            response.put("jwt", jwt);
+        }
+
+        return ResponseEntity.ok(response);
+    } catch (IllegalArgumentException e) {
+        response.put("error", e.getMessage());
+        return ResponseEntity.badRequest().body(response);
+    } catch (Exception e) {
+        logger.error("generateAgentToken failed: {}", e.getMessage(), e);
+        response.put("error", e.getMessage());
+        return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(response);
+    }
+}
+
+/**
+ * Public redirect endpoint hit when a beneficiary clicks the short SMS link.
+ *
+ * Flow:
+ *   1. Jitsi host nginx receives "https://vc.piramalswasthya.org/?m=&lt;slug&gt;"
+ *      and proxies/redirects it to this endpoint.
+ *   2. This endpoint looks up the slug, mints a fresh Jitsi JWT bound to the
+ *      room and the agent, and 302-redirects the browser to the full Jitsi URL
+ *      "https://vc.piramalswasthya.org/&lt;room&gt;?jwt=&lt;token&gt;".
+ *   3. The Jitsi server enforces the JWT (prosody token-auth) and admits the user.
+ *
+ * Intentionally NOT guarded by Authorization header - the SMS recipient is on
+ * a phone browser and has no app session. Access control is the JWT itself
+ * plus the slug being unguessable and the meeting row existing.
+ */
+@GetMapping(value = "/resolve")
+public ResponseEntity<Void> resolveMeetingLink(@RequestParam("m") String slug) {
+    try {
+        String redirectUrl = videoCallService.resolveMeetingLink(slug);
+        return ResponseEntity.status(HttpStatus.FOUND)
+                .location(URI.create(redirectUrl))
+                .build();
+    } catch (IllegalArgumentException e) {
+        logger.warn("resolveMeetingLink rejected: {}", e.getMessage());
+        return ResponseEntity.badRequest().build();
+    } catch (Exception e) {
+    logger.error("resolveMeetingLink failed for slug={}: {}", slug, e.getMessage(), e);
 
-
+    // Distinguish "link expired" from "not found" with a 410 Gone
+    if (e.getMessage() != null && e.getMessage().contains("already been used")) {
+        return ResponseEntity.status(HttpStatus.GONE).build(); // 410
+    }
+    return ResponseEntity.status(HttpStatus.NOT_FOUND).build();
+}
+}
 }

src/main/java/com/iemr/common/data/translation/Translation.java

@@ -22,4 +22,5 @@ public class Translation {
     private String assameseTranslation;
     @Column(name = "is_active")
     private Boolean isActive;
+
 }

src/main/java/com/iemr/common/data/videocall/VideoCallParameters.java

@@ -1,3 +1,25 @@
+/*
+* AMRIT – Accessible Medical Records via Integrated Technology 
+* Integrated EHR (Electronic Health Records) Solution 
+*
+* Copyright (C) "Piramal Swasthya Management and Research Institute" 
+*
+* This file is part of AMRIT.
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation, either version 3 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with this program.  If not, see https://www.gnu.org/licenses/.
+*/
+
 package com.iemr.common.data.videocall;
 
 import java.sql.Timestamp;
@@ -57,6 +79,9 @@ public class VideoCallParameters {
 		@Column(name = "IsLinkUsed")
 		private boolean linkUsed;
 
+		@Column(name = "RecordingFileName")
+		private String recordingFileName;
+
 	    @Column(name = "Deleted", insertable = false, updatable = true)
 		private Boolean deleted;