Feature/signaturerelease

[ravishanigarapu]

📋 Description

JIRA ID:

Please provide a summary of the change and the motivation behind it. Include relevant context and details.

---

✅ Type of Change

• 🐞 Bug fix (non-breaking change which resolves an issue)
• ✨ New feature (non-breaking change which adds functionality)
• 🔥 Breaking change (fix or feature that would cause existing functionality to not work as expected)
• 🛠 Refactor (change that is neither a fix nor a new feature)
• ⚙️ Config change (configuration file or build script updates)
• 📚 Documentation (updates to docs or readme)
• 🧪 Tests (adding new or updating existing tests)
• 🎨 UI/UX (changes that affect the user interface)
• 🚀 Performance (improves performance)
• 🧹 Chore (miscellaneous changes that don't modify src or test files)

---

ℹ️ Additional Information

Please describe how the changes were tested, and include any relevant screenshots, logs, or other information that provides additional context.

Summary by CodeRabbit

• Bug Fixes

  • Employee signature downloads now display correct filenames across browsers, including special/Unicode characters, and set accurate content type and size to reduce failed downloads.
  • User deletion status is handled safely when data is missing, preventing incorrect “deleted” indicators.

• Improvements

  • Supervisor status now supports unknown/nullable values, enabling UIs to distinguish between “not set” and “not a supervisor” for more accurate display.

[coderabbitai]

Walkthrough

Updates adjust file download response headers by URL-encoding filenames and constructing ResponseEntity with explicit headers, media type, and content length. Additionally, the user model changes a supervisor getter to return a Boolean and makes the deleted getter null-safe.

Changes

Cohort / File(s)	Summary
Employee signature download response handling src/main/java/com/iemr/admin/controller/employeemaster/EmployeeSignatureController.java	Replace ContentDisposition builder with manual Content-Disposition using URL-encoded filename; compute fileBytes, set headers, content type, and content length; minor exception variable rename; preserves method signatures.
User model getters nullability change src/main/java/com/iemr/admin/data/user/M_User.java	Change isIsSupervisor() return type from boolean to Boolean; make isDeleted() null-safe using Boolean.TRUE.equals(...).

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant C as Client
  participant Cn as EmployeeSignatureController
  participant S as Repository/Service
  participant R as ResponseEntity

  C->>Cn: GET /employee-signature/{userId}
  Cn->>S: Fetch user signature + metadata
  S-->>Cn: byte[] signature, mediaType, filename
  note right of Cn: URL-encode filename<br/>Build headers: Content-Disposition<br/>Set media type and content length
  Cn->>R: Create ResponseEntity<byte[]>
  R-->>C: 200 OK with attachment
  alt Error (e.g., invalid media type)
    Cn-->>C: Error ResponseEntity
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• Httpheader content disposition changed #100 — Similar update to EmployeeSignatureController for URL-encoded filenames and Content-Disposition construction.

Suggested reviewers

• drtechie

Poem

I nibbled bytes and headers neat,
Encoded names—a tidy treat.
Booleans hop from null to true,
Safer fields in pastures new.
With packets packed and bytes just right,
I thump approval—download’s light. 🐇📦

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/signaturerelease

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore or @coderabbit ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[helenKaryamsetty]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

src/main/java/com/iemr/admin/data/user/M_User.java (2)

93-93: Bug: field shadowing leaves userID uninitialized

userID = userID; assigns the parameter to itself. The field remains defaulted.

-        userID = userID;
+        this.userID = userID;

---

62-65: Prevent password exposure in toString()

-    private String Password;
+    @com.fasterxml.jackson.annotation.JsonIgnore
+    @Expose(serialize = false, deserialize = false)
+    private String Password;

OutputMapper.gson() is already configured with excludeFieldsWithoutExposeAnnotation(), so toString() will omit non-exposed fields.

🧹 Nitpick comments (1)

src/main/java/com/iemr/admin/controller/employeemaster/EmployeeSignatureController.java (1)

108-115: Response construction LGTM; expose header for CORS and disable caching (optional)

Add exposure so browsers can read Content-Disposition across origins and prevent caching of personal artifacts.

             byte[] fileBytes = userSignID.getSignature(); // MUST be byte[]
 
-            return ResponseEntity.ok()
+            // Let browsers access the filename on cross-origin downloads
+            responseHeaders.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, HttpHeaders.CONTENT_DISPOSITION);
+            // Avoid caching user signatures
+            responseHeaders.setCacheControl("no-store");
+
+            return ResponseEntity.ok()
                 .headers(responseHeaders)
                 .contentType(mediaType)
                 .contentLength(fileBytes.length)
                 .body(fileBytes);

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between adc946d and f189421.

📒 Files selected for processing (2)

• src/main/java/com/iemr/admin/controller/employeemaster/EmployeeSignatureController.java (2 hunks)
• src/main/java/com/iemr/admin/data/user/M_User.java (2 hunks)

🔇 Additional comments (3)

src/main/java/com/iemr/admin/data/user/M_User.java (2)

274-276: Null-safe deleted flag LGTM

Boolean.TRUE.equals(Deleted) is the right defensive default.

---

266-268: Preserve existing wrapper getter; add null-safe primitive helper

• Do not change the signature of public Boolean isIsSupervisor() (keep it as-is to avoid breaking binary compatibility).
• Add a new primitive accessor for null-safe checks:

  public boolean isSupervisor() {
      return Boolean.TRUE.equals(IsSupervisor);
  }

• (Optional) For standard JavaBean naming, you can also add

  public Boolean getIsSupervisor() {
      return IsSupervisor;
  }

• Deprecate isIsSupervisor() if you plan to remove it in a future major release.
• Manually verify that no external consumers (code or JSON contracts) rely on the old isIsSupervisor() signature.

src/main/java/com/iemr/admin/controller/employeemaster/EmployeeSignatureController.java (1)

103-106: Media type fallback LGTM

Gracefully defaults to application/octet-stream on parse/null issues.

[coderabbitai]

🛠️ Refactor suggestion

⚠️ Potential issue

Don’t use URLEncoder for Content-Disposition

URLEncoder is for form/query encoding (space -> '+') and is incorrect for header params; it also requires Java 10+ for the Charset overload. Prefer Spring’s ContentDisposition builder, which emits both filename and RFC 5987 filename* correctly.

-import java.net.URLEncoder;

Committable suggestion skipped: line range outside the PR's diff.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Build standards-compliant Content-Disposition; avoid '+' for spaces

Manually URL-encoding breaks filename* (expects percent-encoding with spaces as %20) and may confuse some clients. Let Spring format it.

-            String fileName = URLEncoder.encode(userSignID.getFileName(), StandardCharsets.UTF_8);
-
-            responseHeaders.set(HttpHeaders.CONTENT_DISPOSITION,
-                "attachment; filename=\"" + fileName + "\"; filename*=UTF-8''" + fileName);
+            org.springframework.http.ContentDisposition cd =
+                ContentDisposition.attachment()
+                    .filename(userSignID.getFileName(), StandardCharsets.UTF_8)
+                    .build();
+            responseHeaders.setContentDisposition(cd);

If the project targets Java 8/11, this also removes reliance on URLEncoder.encode(String, Charset) (added post-8). Please confirm your baseline JDK.

---

🏁 Script executed:

#!/bin/bash
# Search for Java compiler version configuration in Maven/Gradle build files
rg -nP '<maven\\.compiler\\.source>' -n pom.xml
rg -nP '<maven\\.compiler\\.target>' -n pom.xml
rg -nP '<java\\.version>' -n pom.xml
rg -nP 'sourceCompatibility' -n .
rg -nP 'targetCompatibility' -n .

# Check usage of Spring's ContentDisposition and HttpHeaders.setContentDisposition
rg -nP 'ContentDisposition' -n src/main/java
rg -nP 'setContentDisposition' -n src

Length of output: 432

---

🏁 Script executed:

#!/bin/bash
# Extract parent section to determine Spring Boot version
sed -n '1,200p' pom.xml | sed -n '/<parent>/,/<\/parent>/p'

# Extract properties to determine java.version
sed -n '1,200p' pom.xml | sed -n '/<properties>/,/<\/properties>/p'

# Locate maven-compiler-plugin configuration
rg -nP '<artifactId>maven-compiler-plugin</artifactId>' -A5 -B5 -n pom.xml

# Check for spring-boot-starter-parent version explicit declaration
rg -nP '<artifactId>spring-boot-starter-parent</artifactId>' -A3 -B3 -n pom.xml

Length of output: 2702

---

Use Spring’s ContentDisposition builder for a standards-compliant Content-Disposition header
Manual URL-encoding with URLEncoder.encode(...) uses ‘+’ for spaces (invalid in filename*); use ContentDisposition.attachment().filename(..., UTF_8).build() and responseHeaders.setContentDisposition(...) to let Spring percent-encode correctly.

-            String fileName = URLEncoder.encode(userSignID.getFileName(), StandardCharsets.UTF_8);
-
-            responseHeaders.set(HttpHeaders.CONTENT_DISPOSITION,
-                "attachment; filename=\"" + fileName + "\"; filename*=UTF-8''" + fileName);
+            ContentDisposition cd = ContentDisposition
+                .attachment()
+                .filename(userSignID.getFileName(), StandardCharsets.UTF_8)
+                .build();
+            responseHeaders.setContentDisposition(cd);

Project uses Spring Boot 3.2.2 on Java 17, so the builder API is available.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	String fileName = URLEncoder.encode(userSignID.getFileName(), StandardCharsets.UTF_8);
	responseHeaders.set(HttpHeaders.CONTENT_DISPOSITION,
	"attachment; filename=\"" + fileName + "\"; filename*=UTF-8''" + fileName);
	ContentDisposition cd = ContentDisposition
	.attachment()
	.filename(userSignID.getFileName(), StandardCharsets.UTF_8)
	.build();
	responseHeaders.setContentDisposition(cd);

🤖 Prompt for AI Agents

In
src/main/java/com/iemr/admin/controller/employeemaster/EmployeeSignatureController.java
around lines 96 to 99, replace the manual URLEncoder.encode(...) and header
string assembly with Spring's ContentDisposition builder: create a
ContentDisposition via
ContentDisposition.attachment().filename(userSignID.getFileName(),
StandardCharsets.UTF_8).build() and call
responseHeaders.setContentDisposition(...) (removing URLEncoder use and the
manual filename*= part) so Spring will percent-encode the filename correctly for
standards-compliant Content-Disposition.