From 8a8eba612c71414d40900c3204f91fc566eae175 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 16:49:13 -0800
Subject: [PATCH 01/95]  set the descriptions for the captions and
 strings#12881

---
 .../main/java/de/symeda/sormas/api/i18n/Captions.java    | 5 +++++
 .../src/main/java/de/symeda/sormas/api/i18n/Strings.java | 9 +++++++++
 2 files changed, 14 insertions(+)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Captions.java b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Captions.java
index d5ef293848c..75357deec80 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Captions.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Captions.java
@@ -2622,11 +2622,16 @@ public interface Captions {
 	String User_userEmail = "User.userEmail";
 	String User_userName = "User.userName";
 	String User_userRoles = "User.userRoles";
+	String updatePassword = "updatePassword";
+	String currentPassword = "currentPassword";
+	String confirmPassword = "confirmPassword";
+	String passwordStrength = "passwordStrength";
 	String User_uuid = "User.uuid";
 	String userMyUserId = "userMyUserId";
 	String userNewUser = "userNewUser";
 	String userResetPassword = "userResetPassword";
 	String userRestrictDiseases = "userRestrictDiseases";
+	String userGeneratePassword = "userGeneratePassword";
 	String userRight = "userRight";
 	String UserRight_caption = "UserRight.caption";
 	String UserRight_description = "UserRight.description";
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
index e54f53c6709..0e1ffbb4b35 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
@@ -667,6 +667,7 @@ public interface Strings {
 	String headingLineListingImport = "headingLineListingImport";
 	String headingLocation = "headingLocation";
 	String headingLoginFailed = "headingLoginFailed";
+	String headingUpdatePasswordFailed = "headingUpdatePasswordFailed";
 	String headingMaternalHistory = "headingMaternalHistory";
 	String headingMedicalInformation = "headingMedicalInformation";
 	String headingMergeDuplicateEventParticipantSamePersonSameEvent = "headingMergeDuplicateEventParticipantSamePersonSameEvent";
@@ -708,6 +709,10 @@ public interface Strings {
 	String headingPaperFormDates = "headingPaperFormDates";
 	String headingPathogenTestsDeleted = "headingPathogenTestsDeleted";
 	String headingPersonData = "headingPersonData";
+	String currentPassword = "currentPassword";
+	String updatePassword = "updatePassword";
+	String confirmPassword = "confirmPassword";
+	String passwordStrength = "passwordStrength";
 	String headingPersonInformation = "headingPersonInformation";
 	String headingPersonOccupation = "headingPersonOccupation";
 	String headingPickEventGroup = "headingPickEventGroup";
@@ -816,6 +821,7 @@ public interface Strings {
 	String headingUpdatedPersonInformation = "headingUpdatedPersonInformation";
 	String headingUpdatedSampleInformation = "headingUpdatedSampleInformation";
 	String headingUpdatePassword = "headingUpdatePassword";
+	String headingChangePassword = "headingChangePassword";
 	String headingUpdatePersonContactDetails = "headingUpdatePersonContactDetails";
 	String headingUploadSuccess = "headingUploadSuccess";
 	String headingUserData = "headingUserData";
@@ -1343,6 +1349,9 @@ public interface Strings {
 	String messageLineListingDisabled = "messageLineListingDisabled";
 	String messageLineListingSaved = "messageLineListingSaved";
 	String messageLoginFailed = "messageLoginFailed";
+	String messageNewPasswordDoesNotMatchFailed = "messageNewPasswordDoesNotMatchFailed";
+	String messagePasswordFailed = "messagePasswordFailed";
+	String messageNewPasswordFailed = "messageNewPasswordFailed";
 	String messageMissingCases = "messageMissingCases";
 	String messageMissingDateFilter = "messageMissingDateFilter";
 	String messageMissingEpiWeekFilter = "messageMissingEpiWeekFilter";

From 8b0c7ed445d472ebd1a33f6056526deac899d8c0 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 16:52:15 -0800
Subject: [PATCH 02/95] current password, new password, confirm password and
 password strength#12881

---
 .../de/symeda/sormas/api/user/UserDto.java    | 39 +++++++++++++++++++
 1 file changed, 39 insertions(+)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
index a2e98c0232d..718e928ea53 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
@@ -68,6 +68,9 @@ public class UserDto extends EntityDto {
 	public static final String LANGUAGE = "language";
 	public static final String HAS_CONSENTED_TO_GDPR = "hasConsentedToGdpr";
 	public static final String JURISDICTION_LEVEL = "jurisdictionLevel";
+	public static final String PASSWORD = "currentPassword";
+	public static final String NEW_PASSWORD = "updatePassword";
+	public static final String CONFIRM_PASSWORD = "confirmPassword";
 
 	private boolean active = true;
 
@@ -106,6 +109,10 @@ public class UserDto extends EntityDto {
 	private Language language;
 
 	private boolean hasConsentedToGdpr;
+	private String currentPassword;
+	private String updatePassword;
+	private String confirmPassword;
+	private String passwordStrength;
 
 	private JurisdictionLevel jurisdictionLevel;
 
@@ -160,6 +167,38 @@ public void setUserEmail(String userEmail) {
 		this.userEmail = userEmail;
 	}
 
+	public void setCurrentPassword(String currentPassword) {
+		this.currentPassword = currentPassword;
+	}
+
+	public String getCurrentPassword() {
+		return currentPassword;
+	}
+
+	public void setUpdatePassword(String updatePassword) {
+		this.updatePassword = updatePassword;
+	}
+
+	public String getUpdatePassword() {
+		return updatePassword;
+	}
+
+	public void setConfirmPassword(String confirmPassword) {
+		this.confirmPassword = confirmPassword;
+	}
+
+	public String getConfirmPassword() {
+		return confirmPassword;
+	}
+
+	public void PasswordStrength(String passwordStrength) {
+		this.passwordStrength = passwordStrength;
+	}
+
+	public String getPasswordStrength() {
+		return passwordStrength;
+	}
+
 	public String getPhone() {
 		return phone;
 	}

From 7b2a25a0c8ca3bcfc758d853e487f194f41a92cf Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 16:57:27 -0800
Subject: [PATCH 03/95] #21-Added methods to  updatePassword validate current
 password,  check password strength and generate password

---
 .../java/de/symeda/sormas/api/user/UserFacade.java | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
index c859c4fa0c1..5ce3ebd6724 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
@@ -50,6 +50,20 @@ public interface UserFacade {
 
 	String resetPassword(String uuid);
 
+	String updatePassword(String uuid, String password);
+
+	String updateUserPassword(String uuid, String newPassword, String currentPassword);
+
+	List<String> changeUserPassword(String uuid, String password);
+
+	boolean validatePassword(String uuid, String password);
+
+	boolean validatePasswordPattern(String password);
+
+	String checkPasswordStrength(String password);
+
+	String generatePassword();
+
 	List<UserDto> getAllAfter(Date date);
 
 	UserDto getByUserName(String userName);

From a679d4760ac080dd80a7c8ab5ca8c63c6d06db54 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 16:59:12 -0800
Subject: [PATCH 04/95] current password, new password, confirm password and
 password strength#12881

---
 sormas-api/src/main/resources/captions.properties | 6 ++++++
 sormas-api/src/main/resources/strings.properties  | 9 +++++++++
 2 files changed, 15 insertions(+)

diff --git a/sormas-api/src/main/resources/captions.properties b/sormas-api/src/main/resources/captions.properties
index 151ef53d2f0..292c50aa5b1 100644
--- a/sormas-api/src/main/resources/captions.properties
+++ b/sormas-api/src/main/resources/captions.properties
@@ -2563,6 +2563,7 @@ TreatmentExport.caseName=Case name
 userNewUser=New user
 userMyUserId=My user ID
 userResetPassword=Create new password
+userGeneratePassword=Generate new password
 userUpdatePasswordConfirmation=Really update password?
 sync=Sync
 syncUsers=Sync Users
@@ -2587,6 +2588,11 @@ User.region=Region
 User.district=District
 User.community=Community
 userRestrictDiseases=Restrict access to specific diseases
+currentPassword=Enter Current Password
+updatePassword=Enter new Password
+confirmPassword=Confirm new Password
+passwordStrength=Password strength
+
 # Vaccination
 vaccinationNewVaccination=New vaccination
 vaccinationNoVaccinationsForPerson=There are no vaccinations for this person
diff --git a/sormas-api/src/main/resources/strings.properties b/sormas-api/src/main/resources/strings.properties
index 6188641d36f..0324185911a 100644
--- a/sormas-api/src/main/resources/strings.properties
+++ b/sormas-api/src/main/resources/strings.properties
@@ -605,6 +605,7 @@ headingLineListing = Line listing
 headingLineListingImport = Line listing import
 headingLocation = Location
 headingLoginFailed = Login failed
+headingUpdatePasswordFailed = Update password failed
 headingMaternalHistory = Maternal history
 headingMedicalInformation = Additional medical information
 headingMissingDateFilter = Missing date filter
@@ -636,6 +637,10 @@ headingOutbreakIn = Outbreak in
 headingPathogenTestsDeleted = Pathogen tests deleted
 headingPaperFormDates = Reception dates of paper form
 headingPersonData = Person data
+currentPassword=Enter Current Password
+updatePassword=Enter new Password
+confirmPassword=Confirm new Password
++passwordStrength=Password strength
 headingPersonInformation = Person information
 headingPersonOccupation = Occupation & education
 headingPickEventGroup = Pick event group
@@ -686,6 +691,7 @@ headingReferCaseFromPointOfEntry = Refer case from point of entry
 headingTreatments = Executed treatments
 headingTreatmentsDeleted = Treatments deleted
 headingUpdatePassword = Update password
+headingChangePassword = Change password
 headingUploadSuccess = Upload Successful
 headingUserData = User data
 headingVaccination = Vaccination
@@ -1262,6 +1268,9 @@ messageUploadSuccessful = Upload successful! You can now close this window.
 messageIncompleteGpsCoordinates = GPS coordinates are incomplete
 messageExternalMessagesAssigned = The assignee has been changed for all selected messages
 messageLoginFailed = Please check your username and password and try again
+messageNewPasswordDoesNotMatchFailed = Please check your new Password and Current Password and try again
+messagePasswordFailed = Incorrect Password Please check your Password and try again
+messageNewPasswordFailed = Password should contain some text, \n atleast one special character \n some numbers \n and should be more than 8 characters
 messageMissingCases = Please generate some cases before generating contacts
 messageMissingDateFilter = Please fill in both date filter fields
 messageMissingEpiWeekFilter = Please fill in both epi week filter fields

From f9e5afbda7ee2d42ca506c1d7fb802f7d70ac400 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 17:06:58 -0800
Subject: [PATCH 05/95] Added plugin to check password strength#12881

---
 sormas-app/app/build.gradle | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/sormas-app/app/build.gradle b/sormas-app/app/build.gradle
index a77d795a1ad..1477bb62e40 100644
--- a/sormas-app/app/build.gradle
+++ b/sormas-app/app/build.gradle
@@ -74,6 +74,7 @@ android {
     }
     buildFeatures {
         dataBinding true
+        viewBinding true
     }
 
     // needed for pre androidx testing. This will not make it's way into the apk
@@ -94,6 +95,12 @@ repositories {
 }
 
 dependencies {
+    implementation 'androidx.constraintlayout:constraintlayout:2.1.3'
+    implementation 'androidx.lifecycle:lifecycle-livedata-ktx:2.4.0'
+    implementation 'androidx.lifecycle:lifecycle-viewmodel-ktx:2.4.0'
+    def lifecycle_version = "2.2.0"
+    def paging_version = "3.0.1"
+
     implementation fileTree(include: ['*.jar'], dir: 'libs')
     implementation platform('com.google.firebase:firebase-bom:32.2.0')
     implementation 'androidx.appcompat:appcompat:1.6.1'

From 056ec34363c007d8d3d1e53aca8dde2c9c72e74f Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 17:07:55 -0800
Subject: [PATCH 06/95] Added activity for changePasswordActivity#12881

---
 sormas-app/app/src/main/AndroidManifest.xml | 442 ++++++++++----------
 1 file changed, 212 insertions(+), 230 deletions(-)

diff --git a/sormas-app/app/src/main/AndroidManifest.xml b/sormas-app/app/src/main/AndroidManifest.xml
index 18d3de04c70..ab9e3b3de28 100644
--- a/sormas-app/app/src/main/AndroidManifest.xml
+++ b/sormas-app/app/src/main/AndroidManifest.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <manifest xmlns:android="http://schemas.android.com/apk/res/android">
 
-    <uses-permission android:name="android.permission.VIBRATE"/>
+    <uses-permission android:name="android.permission.VIBRATE" />
     <uses-permission android:name="android.permission.INTERNET" />
     <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
     <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
@@ -10,9 +10,11 @@
     <uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
     <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" />
     <uses-permission android:name="android.permission.WAKE_LOCK" />
+
     <uses-feature android:name="android.hardware.location.gps" />
+
     <uses-permission android:name="android.permission.CAMERA" />
-    <uses-permission android:name="android.permission.FOREGROUND_SERVICE"/>
+    <uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
 
     <application
         android:name=".SormasApplication"
@@ -20,9 +22,16 @@
         android:icon="@mipmap/ic_launcher"
         android:label="@string/app_name"
         android:supportsRtl="true"
-        android:theme="@style/SormasTheme">
+        android:theme="@style/SormasTheme" >
+        <activity
+            android:name=".login.ChangePasswordActivity"
+            android:launchMode="singleTop"
+            android:screenOrientation="portrait"
+            android:theme="@style/SormasTheme"
+            android:windowSoftInputMode="stateHidden" />
 
-        <uses-library android:name="android.test.runner"
+        <uses-library
+            android:name="android.test.runner"
             android:required="false" />
 
         <uses-library android:name ="org.apache.http.legacy" android:required ="false"/>
@@ -31,397 +40,375 @@
             android:theme="@style/LoginActivityTheme"
             android:screenOrientation="portrait"
             android:exported="true"
-            android:launchMode="singleTop">
+            android:launchMode="singleTop"
+            android:screenOrientation="portrait"
+            android:theme="@style/LoginActivityTheme" >
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />
+
                 <category android:name="android.intent.category.LAUNCHER" />
             </intent-filter>
         </activity>
         <activity
             android:name=".settings.SettingsActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
         <activity
             android:name=".login.EnterPinActivity"
-            android:theme="@style/SormasTheme"
-            android:screenOrientation="portrait"
             android:launchMode="singleTop"
-            android:windowSoftInputMode="stateHidden">
-        </activity>
-
-
-
-        <activity android:name=".dashboard.DashboardActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:screenOrientation="portrait"
+            android:theme="@style/SormasTheme"
+            android:windowSoftInputMode="stateHidden" >
+        </activity>
+        <activity
+            android:name=".dashboard.DashboardActivity"
             android:launchMode="singleTop"
-            android:windowSoftInputMode="stateHidden">
+            android:screenOrientation="portrait"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:windowSoftInputMode="stateHidden" >
         </activity>
-
         <activity
             android:name=".task.list.TaskListActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".task.edit.TaskEditActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".task.edit.TaskEditActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".task.list.TaskListActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".task.edit.TaskNewActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".task.edit.TaskNewActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".task.list.TaskListActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".sample.list.SampleListActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".sample.read.SampleReadActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".sample.read.SampleReadActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".sample.list.SampleListActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".sample.edit.SampleEditActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".sample.edit.SampleEditActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".sample.read.SampleReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".pathogentest.read.PathogenTestReadActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".pathogentest.read.PathogenTestReadActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".sample.read.SampleReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".pathogentest.edit.PathogenTestNewActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".pathogentest.edit.PathogenTestNewActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".sample.read.SampleReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".pathogentest.edit.PathogenTestEditActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".pathogentest.edit.PathogenTestEditActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".pathogentest.read.PathogenTestReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".caze.list.CaseListActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".caze.read.CaseReadActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".caze.list.CaseListActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".caze.edit.CaseNewActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".caze.list.CaseListActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".caze.edit.CaseEditActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".caze.read.CaseReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".report.aggregate.AggregateReportsActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".contact.edit.ContactNewActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".sample.edit.SampleNewActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".contact.list.ContactListActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".contact.read.ContactReadActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".contact.list.ContactListActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".contact.edit.ContactEditActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".contact.read.ContactReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".visit.read.VisitReadActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".contact.read.ContactReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".visit.edit.VisitEditActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".contact.edit.ContactEditActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".visit.edit.VisitNewActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".contact.edit.ContactEditActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".event.list.EventListActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".event.read.EventReadActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".event.read.EventReadActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".event.list.EventListActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".event.eventparticipant.read.EventParticipantReadActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".event.eventparticipant.read.EventParticipantReadActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".event.read.EventReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".event.edit.EventEditActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".event.edit.EventEditActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".event.read.EventReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".event.eventparticipant.edit.EventParticipantNewActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".event.eventparticipant.edit.EventParticipantNewActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".event.edit.EventEditActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".event.eventparticipant.edit.EventParticipantEditActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".event.eventparticipant.edit.EventParticipantEditActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".event.edit.EventEditActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".event.edit.EventNewActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".event.edit.EventNewActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".event.list.EventListActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".campaign.list.CampaignFormDataListActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".campaign.read.CampaignFormDataReadActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".campaign.list.CampaignFormDataListActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".campaign.edit.CampaignFormDataEditActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".campaign.read.CampaignFormDataReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".campaign.edit.CampaignFormDataNewActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".campaign.list.CampaignFormDataListActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".report.ReportActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
-            android:launchMode="singleTop" />
-
-        <activity android:name=".therapy.read.PrescriptionReadActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme" />
+        <activity
+            android:name=".therapy.read.PrescriptionReadActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".caze.read.CaseReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".therapy.edit.PrescriptionEditActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".therapy.edit.PrescriptionEditActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".therapy.edit.PrescriptionNewActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".therapy.read.TreatmentReadActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".therapy.read.TreatmentReadActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".caze.read.CaseReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".therapy.edit.TreatmentEditActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".therapy.edit.TreatmentEditActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".therapy.edit.TreatmentNewActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".therapy.edit.TreatmentNewActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".clinicalcourse.read.ClinicalVisitReadActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".clinicalcourse.read.ClinicalVisitReadActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".caze.read.CaseReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".clinicalcourse.edit.ClinicalVisitEditActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".clinicalcourse.edit.ClinicalVisitEditActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".clinicalcourse.edit.ClinicalVisitNewActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".clinicalcourse.edit.ClinicalVisitNewActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".immunization.list.ImmunizationListActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".immunization.read.ImmunizationReadActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".immunization.read.ImmunizationReadActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".immunization.list.ImmunizationListActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".immunization.edit.ImmunizationEditActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".immunization.edit.ImmunizationEditActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".immunization.read.ImmunizationReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
         <activity
             android:name=".immunization.edit.ImmunizationNewActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop"
             android:parentActivityName=".immunization.list.ImmunizationListActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".immunization.vaccination.VaccinationNewActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".immunization.vaccination.VaccinationNewActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".immunization.edit.ImmunizationEditActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".immunization.vaccination.VaccinationReadActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".immunization.vaccination.VaccinationReadActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".immunization.edit.ImmunizationEditActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+            android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
-
-        <activity android:name=".immunization.vaccination.VaccinationEditActivity"
-            android:theme="@style/ActivityWithOverflowMenuTheme"
+        <activity
+            android:name=".immunization.vaccination.VaccinationEditActivity"
+            android:launchMode="singleTop"
             android:parentActivityName=".immunization.vaccination.VaccinationReadActivity"
             android:screenOrientation="portrait"
-            android:launchMode="singleTop">
+               android:theme="@style/ActivityWithOverflowMenuTheme" >
         </activity>
+           
 
         <activity
             android:name=".environment.list.EnvironmentListActivity"
@@ -489,75 +476,70 @@
 
         <activity
             android:name=".barcode.BarcodeActivity" />
+          <!-- Only needed for androidTest - found no other way to manifest this -->
+   
 
         <receiver
             android:name=".SormasBootstrap"
             android:enabled="true"
-            android:exported="true">
+            android:exported="true" >
             <intent-filter>
                 <action android:name="android.intent.action.BOOT_COMPLETED" />
             </intent-filter>
         </receiver>
-
         <!--
              Optionally, register AnalyticsReceiver and AnalyticsService to support background
              dispatching on non-Google Play devices
         -->
-        <!--<receiver-->
-            <!--android:name="com.google.android.gms.analytics.AnalyticsReceiver"-->
-            <!--android:enabled="true">-->
-            <!--<intent-filter>-->
-                <!--<action android:name="com.google.android.gms.analytics.ANALYTICS_DISPATCH" />-->
-            <!--</intent-filter>-->
-        <!--</receiver>-->
-
-        <!--<service-->
-            <!--android:name="com.google.android.gms.analytics.AnalyticsService"-->
-            <!--android:enabled="true"-->
-            <!--android:exported="false" />-->
-
+        <!-- <receiver -->
+        <!-- android:name="com.google.android.gms.analytics.AnalyticsReceiver" -->
+        <!-- android:enabled="true"> -->
+        <!-- <intent-filter> -->
+        <!-- <action android:name="com.google.android.gms.analytics.ANALYTICS_DISPATCH" /> -->
+        <!-- </intent-filter> -->
+        <!-- </receiver> -->
+        <!-- <service -->
+        <!-- android:name="com.google.android.gms.analytics.AnalyticsService" -->
+        <!-- android:enabled="true" -->
+        <!-- android:exported="false" /> -->
         <!--
              Optionally, register CampaignTrackingReceiver and CampaignTrackingService to enable
              installation campaign reporting
         -->
-        <!--<receiver-->
-            <!--android:name="com.google.android.gms.analytics.CampaignTrackingReceiver"-->
-            <!--android:exported="true">-->
-            <!--<intent-filter>-->
-                <!--<action android:name="com.android.vending.INSTALL_REFERRER" />-->
-            <!--</intent-filter>-->
-        <!--</receiver>-->
-
+        <!-- <receiver -->
+        <!-- android:name="com.google.android.gms.analytics.CampaignTrackingReceiver" -->
+        <!-- android:exported="true"> -->
+        <!-- <intent-filter> -->
+        <!-- <action android:name="com.android.vending.INSTALL_REFERRER" /> -->
+        <!-- </intent-filter> -->
+        <!-- </receiver> -->
         <provider
             android:name="androidx.core.content.FileProvider"
             android:authorities="${applicationId}.fileprovider"
             android:exported="false"
-            android:grantUriPermissions="true">
+            android:grantUriPermissions="true" >
             <meta-data
                 android:name="android.support.FILE_PROVIDER_PATHS"
                 android:resource="@xml/file_paths" />
         </provider>
 
         <service
-            android:enabled="true"
-            android:name=".core.TaskNotificationService" />
-
+            android:name=".core.TaskNotificationService"
+            android:enabled="true" />
         <service
-            android:enabled="true"
-            android:name=".core.FeatureConfigurationService" />
-
-        <!--<service android:name="com.google.android.gms.analytics.CampaignTrackingService" />-->
-        <!--<service-->
-            <!--android:name=".core.TaskNotificationService"-->
-            <!--android:enabled="true" />-->
-
+            android:name=".core.FeatureConfigurationService"
+            android:enabled="true" /> <!-- <service android:name="com.google.android.gms.analytics.CampaignTrackingService" /> -->
+        <!-- <service -->
+        <!-- android:name=".core.TaskNotificationService" -->
+        <!-- android:enabled="true" /> -->
         <receiver
             android:name=".LbdsRecevierComponent"
             android:enabled="true"
-            android:exported="true">
+            android:exported="true" >
             <intent-filter>
-                <action android:name="android.intent.action.BOOT_COMPLETED"/>
+                <action android:name="android.intent.action.BOOT_COMPLETED" />
                 <action android:name="android.intent.action.SEND" />
+
                 <category android:name="android.intent.category.DEFAULT" />
             </intent-filter>
         </receiver>

From 68916e53c6e30dc52070ef0eae7a799f1876bf7f Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 17:11:45 -0800
Subject: [PATCH 07/95] #21-Added function to setNewPassword locally to android

---
 .../sormas/app/backend/config/ConfigProvider.java     | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
index ca3d83e329f..5353e75e89f 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
@@ -130,6 +130,8 @@ private ConfigProvider(Context context) {
 		this.context = context;
 	}
 
+
+
 	private boolean hasDeviceEncryption() {
 
 		// Device encryption is no longer used, because it's not reliably implemented
@@ -311,6 +313,15 @@ public static void setUsernameAndPassword(String username, String password) {
 			setRepullNeeded(true);
 		}
 	}
+	public static void setNewPassword(String password) {
+		if (password == null)
+			throw new NullPointerException("password");
+		password = instance.encodeCredential(password, "Password");
+
+		instance.password = password;
+		DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PASSWORD, password));
+
+	}
 
 	public static void setPin(String pin) {
 		if (pin == null) {

From f0634c46ab730fe793eedad6dd634d73171a9860 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 17:13:11 -0800
Subject: [PATCH 08/95] #21-Added saveNewPassword and generatePassword calls to
 the server

---
 .../de/symeda/sormas/app/backend/user/UserDtoHelper.java  | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
index 647aa000902..bbc8b7a021f 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
@@ -132,4 +132,12 @@ public static UserReferenceDto toReferenceDto(User ado) {
 		UserReferenceDto dto = new UserReferenceDto(ado.getUuid());
 		return dto;
 	}
+	public static Call<String> saveNewPassword(String uuid,String newPassword,String currentPassword) throws NoConnectionException {
+		return RetroProvider.getUserFacade().saveNewPassword(uuid,newPassword,currentPassword);
+	}
+	public static Call<String> generatePassword() throws NoConnectionException {
+		return RetroProvider.getUserFacade().generatePassword();
+	}
+
+
 }

From 9709c8679174192bd4b415e41af8cc65358fec41 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 20:30:29 -0800
Subject: [PATCH 09/95] #21-override the setHint method in the password
 controlField

---
 .../component/controls/ControlPasswordField.java    | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
index 7689911a37f..42ca2834da9 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
@@ -63,6 +63,19 @@ protected void inflateView(Context context, AttributeSet attrs, int defStyle) {
 			throw new RuntimeException("Unable to inflate layout in " + getClass().getName());
 		}
 	}
+	@Override
+	public void setHint(String hint) {
+		this.hint = hint;
+		input.setHint(hint);
+	}
+
+	@Override
+	protected String getFieldValue() {
+		if (input.getText() == null) {
+			return null;
+		}
+		return input.getText().toString();
+	}
 
 	@Override
 	protected void onFinishInflate() {

From 1810d6cfd53a407d5d5f61cd91f2a55671a4a4d2 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 20:35:51 -0800
Subject: [PATCH 10/95] #21- created a ChangePassword activity

---
 .../app/login/ChangePasswordActivity.java     | 233 ++++++++++++++++++
 1 file changed, 233 insertions(+)
 create mode 100644 sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
new file mode 100644
index 00000000000..eb96ad486b8
--- /dev/null
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -0,0 +1,233 @@
+package de.symeda.sormas.app.login;
+
+import android.annotation.SuppressLint;
+import android.app.ProgressDialog;
+import android.content.Intent;
+import android.graphics.Color;
+import android.os.Build;
+import android.os.Bundle;
+import android.util.Log;
+import android.view.View;
+import android.widget.Toast;
+
+import androidx.annotation.NonNull;
+import androidx.annotation.RequiresApi;
+import androidx.core.app.ActivityCompat;
+import androidx.databinding.DataBindingUtil;
+import de.symeda.sormas.api.utils.DataHelper;
+import de.symeda.sormas.app.BaseLocalizedActivity;
+import de.symeda.sormas.app.R;
+import de.symeda.sormas.app.backend.config.ConfigProvider;
+import de.symeda.sormas.app.backend.user.UserDtoHelper;
+import de.symeda.sormas.app.core.NotificationContext;
+import de.symeda.sormas.app.core.notification.NotificationHelper;
+import de.symeda.sormas.app.core.notification.NotificationType;
+import de.symeda.sormas.app.databinding.ActivityChangePasswordLayoutBinding;
+import de.symeda.sormas.app.rest.RetroProvider;
+import de.symeda.sormas.app.settings.SettingsActivity;
+import de.symeda.sormas.app.util.NavigationHelper;
+import de.symeda.sormas.app.util.SoftKeyboardHelper;
+import retrofit2.Call;
+import retrofit2.Callback;
+import retrofit2.Response;
+
+
+@SuppressLint("ResourceType")
+public class ChangePasswordActivity extends BaseLocalizedActivity implements ActivityCompat.OnRequestPermissionsResultCallback, NotificationContext {
+
+
+    private boolean isAtLeast8 = false, hasUppercase = false, hasNumber = false, hasSymbol = false, isGood = false;
+
+    private ActivityChangePasswordLayoutBinding binding;
+    private ProgressDialog progressDialog = null;
+
+    @RequiresApi(api = Build.VERSION_CODES.R)
+    @Override
+    protected void onCreate(Bundle savedInstanceState) {
+        super.onCreate(savedInstanceState);
+        setContentView(R.layout.activity_change_password_layout);
+        LoginViewModel loginViewModel = new LoginViewModel();
+        binding = DataBindingUtil.setContentView(this, R.layout.activity_change_password_layout);
+        binding.setData(loginViewModel);
+    }
+
+    @Override
+    public void onPause() {
+        super.onPause();
+
+        SoftKeyboardHelper.hideKeyboard(this, binding.changePasswordCurrentPassword.getWindowToken());
+    }
+
+    @Override
+    protected void onDestroy() {
+        if (progressDialog != null && progressDialog.isShowing()) {
+            progressDialog.dismiss();
+        }
+
+        super.onDestroy();
+    }
+
+    @Override
+    protected void onResume() {
+        super.onResume();
+
+    }
+
+    public void backToSettings(View view) {
+        Intent intent = new Intent(this, SettingsActivity.class);
+        startActivity(intent);
+    }
+
+
+
+
+
+
+    @SuppressLint("ResourceType")
+    public void registrationDataCheck(View view) {
+        String newPassword = binding.changePasswordNewPassword.getValue();
+
+        isAtLeast8 = newPassword.length() >= 8;
+        hasUppercase = newPassword.matches("(.*[A-Z].*)");
+        hasNumber = newPassword.matches("(.*[0-9].*)");
+        hasSymbol = newPassword.matches("^(?=.*[_@#%&?;,.()]).*$");
+        if (isAtLeast8 && hasNumber && hasUppercase && hasSymbol) {
+            isGood = true;
+            binding.actionPasswordStrength.setVisibility(view.getVisibility());
+            binding.actionPasswordStrength.setText(R.string.message_password_strong);
+            binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.successBackground)));
+        } else if (isAtLeast8 && hasUppercase && hasNumber) {
+            isGood = true;
+            binding.actionPasswordStrength.setVisibility(view.getVisibility());
+            binding.actionPasswordStrength.setText(R.string.message_password_moderate);
+            binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.brightYellow)));
+        } else {
+            binding.actionPasswordStrength.setVisibility(view.getVisibility());
+            binding.actionPasswordStrength.setText(R.string.message_password_weak);
+            binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.errorBackground)));
+        }
+    }
+
+    @SuppressLint("ResourceType")
+    public void generatePassword(View view) {
+        if (DataHelper.isNullOrEmpty(ConfigProvider.getServerRestUrl())) {
+            NavigationHelper.goToSettings(this);
+            return;
+        }
+        try {
+            RetroProvider.connectAsyncHandled(this, true, true, result -> {
+                if (Boolean.TRUE.equals(result)) {
+                    try {
+                        executeGeneratePasswordCall(UserDtoHelper.generatePassword());
+                    } catch (Exception e) {
+                        binding.actionPasswordStrength.setVisibility(view.getVisibility());
+                        binding.actionPasswordStrength.setText(e.toString());
+                        binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.brightYellow)));
+                    }
+                    RetroProvider.disconnect();
+
+                }
+            });
+        } catch (Exception e) {
+            binding.actionPasswordStrength.setVisibility(view.getVisibility());
+            binding.actionPasswordStrength.setText(e.toString());
+            binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.brightYellow)));
+        }
+    }
+
+    @Override
+    public View getRootView() {
+        if (binding != null)
+            return binding.getRoot();
+
+        return null;
+    }
+
+
+
+
+
+    private void executeGeneratePasswordCall(Call<String> call) {
+        try {
+            call.enqueue(new Callback<>() {
+                @Override
+                public void onResponse(@NonNull Call<String> call, @NonNull Response<String> response) {
+                    if (response.code() != 200) {
+                        NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_generate_password);
+                    }
+                    var generatedPassword = response.body();
+                    binding.changePasswordNewPassword.setValue(generatedPassword);
+                    binding.changePasswordConfirmPassword.setValue(generatedPassword);
+                    Toast.makeText(getApplicationContext(),"Password Generated",Toast.LENGTH_SHORT).show();
+                }
+
+                @Override
+                public void onFailure(@NonNull Call<String> call, @NonNull Throwable t) {
+                    NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_generate_password);
+                }
+            });
+        }catch (Exception e){
+            NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_generate_password);
+        }
+    }
+
+    private void executeSaveNewPasswordCall(Call<String> call){
+        try {
+            call.enqueue(new Callback<String>() {
+                @Override
+                public void onResponse(Call<String> call, Response<String> response) {
+                    if (response.code() != 200) {
+                        NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_save_password);
+                    }else {
+                        Toast.makeText(getApplicationContext(), "Password Saved", Toast.LENGTH_SHORT).show();
+                        NotificationHelper.showNotification(binding, NotificationType.SUCCESS, R.string.message_password_changed);
+                        finish();
+                    }
+                }
+
+                @Override
+                public void onFailure(Call<String> call, Throwable t) {
+                    Toast.makeText(getApplicationContext(), "Could not connect to server", Toast.LENGTH_SHORT).show();
+                }
+            });
+        }catch (Exception e){
+            Log.d("Call",call.toString());
+        }
+
+    }
+
+    /**
+     * When clicked on submit
+     **/
+    public void savePassword(View view) {
+        if (DataHelper.isNullOrEmpty(ConfigProvider.getServerRestUrl())) {
+            NavigationHelper.goToSettings(this);
+            return;
+        }
+        String currentPassword = binding.changePasswordCurrentPassword.getValue();
+        String newPassword = binding.changePasswordNewPassword.getValue();
+        String confirmPassword = binding.changePasswordConfirmPassword.getValue();
+        registrationDataCheck(view);
+        if (!ConfigProvider.getPassword().equals(currentPassword)) {
+            binding.incorrectCurrentPassword.setVisibility(view.getVisibility());
+        } else if (!confirmPassword.equals(newPassword)) {
+            binding.incorrectConfirmPassword.setVisibility(view.getVisibility());
+        } else if (ConfigProvider.getPassword().equals(currentPassword) && confirmPassword.equals(newPassword) && isGood) {
+            RetroProvider.connectAsyncHandled(this, true, true, result -> {
+                if (Boolean.TRUE.equals(result)) {
+                    try {
+
+                        executeSaveNewPasswordCall(UserDtoHelper.saveNewPassword(ConfigProvider.getUser().getUuid(), newPassword,currentPassword));
+                    } catch (Exception e) {
+                        binding.actionPasswordStrength.setVisibility(view.getVisibility());
+                        binding.actionPasswordStrength.setText(e.toString());
+                        binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.brightYellow)));
+                    }
+                    RetroProvider.disconnect();
+
+                }
+            });
+        }
+
+    }
+}

From cb989442dc3269b8d4efb5d8ff558be3a6054df8 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 20:37:17 -0800
Subject: [PATCH 11/95] #21-Added a post request to save password and a get
 request to generate password

---
 .../java/de/symeda/sormas/app/rest/UserFacadeRetro.java   | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java
index 790099a2015..143aa233c43 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java
@@ -23,6 +23,7 @@
 import retrofit2.http.GET;
 import retrofit2.http.POST;
 import retrofit2.http.Path;
+import retrofit2.http.Query;
 
 /**
  * Created by Martin Wahnschaffe on 07.06.2016.
@@ -37,4 +38,11 @@ public interface UserFacadeRetro {
 
 	@GET("users/uuids")
 	Call<List<String>> pullUuids();
+
+
+	@POST("users/passwordStrength")
+	Call<String> saveNewPassword(@Query("uuid") String uuid,@Query("newPassword") String newPassword, @Query("currentPassword") String currentPassword);
+
+	@GET("users/generatePassword")
+	Call<String> generatePassword();
 }

From e884e2af2f9834dd1423020115f45efb3532cda8 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 22:12:08 -0800
Subject: [PATCH 12/95] #21-Added getters and setters for password strength

---
 sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
index 718e928ea53..a74c9eebfa1 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
@@ -71,6 +71,7 @@ public class UserDto extends EntityDto {
 	public static final String PASSWORD = "currentPassword";
 	public static final String NEW_PASSWORD = "updatePassword";
 	public static final String CONFIRM_PASSWORD = "confirmPassword";
+	public static final String PASSWORD_STRENGTH = "passwordStrength";
 
 	private boolean active = true;
 

From 1c5b453e96f98896708919f98d0f9e4734151952 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 22:14:04 -0800
Subject: [PATCH 13/95] #21-Added change password button that leads to
 changePasswordActivity

---
 .../de/symeda/sormas/app/settings/SettingsFragment.java  | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
index ac66cad5939..c2e6a8a3286 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
@@ -57,6 +57,7 @@
 import de.symeda.sormas.app.core.notification.NotificationHelper;
 import de.symeda.sormas.app.databinding.FragmentSettingsLayoutBinding;
 import de.symeda.sormas.app.lbds.LbdsIntentSender;
+import de.symeda.sormas.app.login.ChangePasswordActivity;
 import de.symeda.sormas.app.login.EnterPinActivity;
 import de.symeda.sormas.app.login.LoginActivity;
 import de.symeda.sormas.app.rest.SynchronizeDataAsync;
@@ -89,6 +90,7 @@ public View onCreateView(LayoutInflater inflater, @Nullable ViewGroup container,
 
 		binding.settingsServerUrl.setValue(ConfigProvider.getServerRestUrl());
 		binding.changePin.setOnClickListener(v -> changePIN());
+		binding.changePassword.setOnClickListener(v -> changePassword());
 		binding.resynchronizeData.setOnClickListener(v -> repullData());
 		binding.showSyncLog.setOnClickListener(v -> openSyncLog());
 		binding.logout.setOnClickListener(v -> logout());
@@ -157,6 +159,7 @@ public void onResume() {
 		binding.settingsServerUrlInfo.setVisibility(!hasServerUrl() ? View.VISIBLE : View.GONE);
 		binding.settingsServerUrl.setVisibility(!hasServerUrl() || isShowDevOptions() ? View.VISIBLE : View.GONE);
 		binding.changePin.setVisibility(hasUser ? View.VISIBLE : View.GONE);
+		binding.changePassword.setVisibility(hasUser ? View.VISIBLE : View.GONE);
 		binding.resynchronizeData.setVisibility(hasUser ? View.VISIBLE : View.GONE);
 		binding.showSyncLog.setVisibility(hasUser ? View.VISIBLE : View.GONE);
 		binding.logout.setVisibility(hasUser && isShowDevOptions() ? View.VISIBLE : View.GONE);
@@ -183,6 +186,12 @@ public void changePIN() {
 		intent.putExtra(EnterPinActivity.CALLED_FROM_SETTINGS, true);
 		startActivity(intent);
 	}
+	public void changePassword() {
+		Intent intent = new Intent(getActivity(), ChangePasswordActivity.class);
+		startActivity(intent);
+	}
+
+
 
 	private void repullData() {
 		checkAndShowUnsynchronizedChangesDialog(() -> showRepullDataConfirmationDialog(), "SYNC");

From 1839224786f24b9029d50a2f1394ce1f4468c52e Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 22:15:00 -0800
Subject: [PATCH 14/95] #21-Added curved edges to button

---
 .../app/src/main/res/drawable/button_round_edges.xml       | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 sormas-app/app/src/main/res/drawable/button_round_edges.xml

diff --git a/sormas-app/app/src/main/res/drawable/button_round_edges.xml b/sormas-app/app/src/main/res/drawable/button_round_edges.xml
new file mode 100644
index 00000000000..2f91b0416a5
--- /dev/null
+++ b/sormas-app/app/src/main/res/drawable/button_round_edges.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<shape xmlns:android="http://schemas.android.com/apk/res/android">
+    <stroke android:color="@color/colorPrimary" android:width="1dp" />
+    <corners
+        android:radius="5dp"
+        />
+</shape>
\ No newline at end of file

From ab14391be03f131327831c53266ec76c3090a889 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 22:16:20 -0800
Subject: [PATCH 15/95] #21-created a check icon

---
 .../app/src/main/res/drawable/ic_baseline_check_.xml   | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 sormas-app/app/src/main/res/drawable/ic_baseline_check_.xml

diff --git a/sormas-app/app/src/main/res/drawable/ic_baseline_check_.xml b/sormas-app/app/src/main/res/drawable/ic_baseline_check_.xml
new file mode 100644
index 00000000000..0432fa69bb7
--- /dev/null
+++ b/sormas-app/app/src/main/res/drawable/ic_baseline_check_.xml
@@ -0,0 +1,10 @@
+<vector xmlns:android="http://schemas.android.com/apk/res/android"
+    android:width="24dp"
+    android:height="24dp"
+    android:viewportWidth="24"
+    android:viewportHeight="24"
+    android:tint="?attr/colorControlNormal">
+  <path
+      android:fillColor="@android:color/white"
+      android:pathData="M9,16.17L4.83,12l-1.42,1.41L9,19 21,7l-1.41,-1.41z"/>
+</vector>

From c8a9021e5d5b4e489395c8c99d3f5e94f813c068 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 22:22:27 -0800
Subject: [PATCH 16/95] #21-Added change password button

---
 .../src/main/res/layout/fragment_settings_layout.xml   | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/sormas-app/app/src/main/res/layout/fragment_settings_layout.xml b/sormas-app/app/src/main/res/layout/fragment_settings_layout.xml
index af484c7e9aa..9f533b4ec61 100644
--- a/sormas-app/app/src/main/res/layout/fragment_settings_layout.xml
+++ b/sormas-app/app/src/main/res/layout/fragment_settings_layout.xml
@@ -71,6 +71,16 @@
                 app:buttonType="@{ControlButtonType.LINE_SECONDARY}"
                 app:rounded="true" />
 
+            <de.symeda.sormas.app.component.controls.ControlButton
+                android:id="@+id/change_password"
+                android:layout_width="match_parent"
+                android:layout_height="wrap_content"
+                android:layout_marginBottom="32dp"
+                android:text="@string/action_change_password"
+                app:buttonType="@{ControlButtonType.LINE_SECONDARY}"
+                app:rounded="true"
+                />
+
             <de.symeda.sormas.app.component.controls.ControlButton
                 android:id="@+id/resynchronize_data"
                 android:layout_width="match_parent"

From 02e91b2f2185cb3762fdd58d75a63b69510292ea Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 22:26:53 -0800
Subject: [PATCH 17/95] #21-Edited the textInputfield to change hint

---
 sormas-app/app/src/main/res/layout/control_password_layout.xml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sormas-app/app/src/main/res/layout/control_password_layout.xml b/sormas-app/app/src/main/res/layout/control_password_layout.xml
index 7aacb40d551..f7f5cf6ceae 100644
--- a/sormas-app/app/src/main/res/layout/control_password_layout.xml
+++ b/sormas-app/app/src/main/res/layout/control_password_layout.xml
@@ -39,6 +39,7 @@
                 android:id="@+id/text_input"
                 android:layout_width="match_parent"
                 android:inputType="textPassword"
+                android:hint=""
                 style="@style/ControlTextFieldStyle" />
 
         </com.google.android.material.textfield.TextInputLayout>

From 5036d4f9a3ce603793f570e5bb08a0c4011a8063 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 22:34:15 -0800
Subject: [PATCH 18/95] #21-Created a validator for the password field

---
 .../ui/utils/UpdatePasswordValidator.java     | 28 +++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 sormas-ui/src/main/java/de/symeda/sormas/ui/utils/UpdatePasswordValidator.java

diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/UpdatePasswordValidator.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/UpdatePasswordValidator.java
new file mode 100644
index 00000000000..36175288ffb
--- /dev/null
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/UpdatePasswordValidator.java
@@ -0,0 +1,28 @@
+package de.symeda.sormas.ui.utils;
+
+import com.vaadin.v7.data.validator.AbstractValidator;
+
+public class UpdatePasswordValidator extends AbstractValidator<String> {
+
+	/**
+	 * Constructs a validator with the given error message.
+	 *
+	 * @param errorMessage
+	 *            the message to be included in an {@link InvalidValueException}
+	 *            (with "{0}" replaced by the value that failed validation).
+	 */
+	public UpdatePasswordValidator(String errorMessage) {
+		super(errorMessage);
+	}
+
+	@Override
+	protected boolean isValidValue(String password) {
+		String pattern = "(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=])(?=\\S+$).{8,}";
+		return password == null || password.isEmpty() || password.matches(pattern);
+	}
+
+	@Override
+	public Class getType() {
+		return String.class;
+	}
+}

From 0ee7ee28f078fb8225f73845455e5d3e4a937edb Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 22:36:10 -0800
Subject: [PATCH 19/95] #21-Added a change password layout

---
 .../activity_change_password_layout.xml       | 182 ++++++++++++++++++
 1 file changed, 182 insertions(+)
 create mode 100644 sormas-app/app/src/main/res/layout/activity_change_password_layout.xml

diff --git a/sormas-app/app/src/main/res/layout/activity_change_password_layout.xml b/sormas-app/app/src/main/res/layout/activity_change_password_layout.xml
new file mode 100644
index 00000000000..884ee4c832b
--- /dev/null
+++ b/sormas-app/app/src/main/res/layout/activity_change_password_layout.xml
@@ -0,0 +1,182 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+  ~ SORMAS® - Surveillance Outbreak Response Management & Analysis System
+  ~ Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+  ~
+  ~ This program is free software: you can redistribute it and/or modify
+  ~ it under the terms of the GNU General Public License as published by
+  ~ the Free Software Foundation, either version 3 of the License, or
+  ~ (at your option) any later version.
+  ~
+  ~ This program is distributed in the hope that it will be useful,
+  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
+  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  ~ GNU General Public License for more details.
+  ~
+  ~ You should have received a copy of the GNU General Public License
+  ~ along with this program.  If not, see <https://www.gnu.org/licenses/>.
+  -->
+
+<layout
+    xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:app="http://schemas.android.com/apk/res-auto"
+    android:descendantFocusability="beforeDescendants"
+    android:id="@+id/base_layout">
+
+    <data>
+        <variable name="data" type="de.symeda.sormas.app.login.LoginViewModel" />
+    </data>
+
+    <ScrollView
+        android:layout_width="match_parent"
+        android:layout_height="match_parent">
+
+        <FrameLayout
+            android:layout_width="match_parent"
+            android:layout_height="wrap_content">
+
+            <LinearLayout
+                android:id="@+id/changePasswordLayout"
+                android:layout_height="match_parent"
+                android:layout_width="match_parent"
+                android:layout_gravity="center_vertical"
+                android:gravity="center_horizontal"
+                android:paddingLeft="@dimen/parentLayoutHorizontalPadding"
+                android:paddingRight="@dimen/parentLayoutHorizontalPadding"
+                android:focusable="true"
+                android:focusableInTouchMode="true"
+                android:layout_margin="56dp"
+                android:orientation="vertical">
+                <TextView
+                    android:id="@+id/changePasswordHeader"
+                    android:layout_width="match_parent"
+                    android:layout_height="wrap_content"
+                    android:gravity="center"
+                    android:text="@string/heading_change_password"
+                    style="@style/LoginSignInText"/>
+                <TextView
+                    android:id="@+id/signInSubHeader"
+                    android:layout_width="match_parent"
+                    android:layout_height="wrap_content"
+                    android:text="@string/info_change_password"
+                    style="@style/LoginSignInTagLineText" />
+
+                <de.symeda.sormas.app.component.controls.ControlPasswordField
+                    android:id="@+id/change_password_current_password"
+                    style="@style/ControlSingleColumnStyle"
+                    app:caption="@string/caption_enter_current_password"
+                    app:description="@string/caption_enter_current_password"
+                    app:required="true"
+                    android:layout_marginBottom="-10dp"
+                    app:hint="@string/hint_enter_current_password"
+                    app:labelCaption="@string/caption_enter_current_password" />
+                <!---for error-->
+                <TextView
+                android:id="@+id/incorrect_current_password"
+                android:layout_width="match_parent"
+                android:layout_height="wrap_content"
+                android:visibility="gone"
+                android:layout_marginBottom="10dp"
+                android:text="@string/message_incorrect_password"
+                android:textColor="@color/errorBackground"
+                    />
+
+                <de.symeda.sormas.app.component.controls.ControlPasswordField
+                    android:id="@+id/change_password_new_password"
+                    style="@style/ControlSingleColumnStyle"
+                    android:hint="@string/caption_enter_new_password"
+                    android:onClick="registrationDataCheck"
+                    app:caption="@string/caption_enter_new_password"
+                    app:description="@string/caption_enter_new_password"
+                    app:labelCaption="@string/caption_enter_new_password"
+                    app:hint="@string/caption_enter_new_password"
+                    app:required="true" />
+
+                <de.symeda.sormas.app.component.controls.ControlPasswordField
+                    android:id="@+id/change_password_confirm_password"
+                    style="@style/ControlSingleColumnStyle"
+                    app:description="@string/caption_confirm_new_password"
+                    app:caption="@string/caption_confirm_new_password"
+                    app:required="true"
+                    app:hint="@string/hint_enter_confirm_new_password"
+                    app:inputType="textPassword"
+                    app:hintEnabled="false"
+                    android:layout_marginBottom="-10dp"
+                    app:labelCaption="@string/caption_confirm_new_password" />
+                <!---for error-->
+                <TextView
+                    android:id="@+id/incorrect_confirm_password"
+                    android:layout_width="match_parent"
+                    android:layout_height="wrap_content"
+                    android:text="@string/message_not_match_password"
+                    android:visibility="gone"
+                    android:layout_marginBottom="15dp"
+                    android:textColor="@color/errorBackground"
+                    />
+                <RelativeLayout
+                    android:layout_width="match_parent"
+                    android:layout_height="wrap_content"
+                    android:orientation="horizontal">
+                    <!---for error-->
+                    <TextView
+                        android:id="@+id/action_password_strength"
+                        android:visibility="gone"
+                        style="@style/LinkButtonStyle"
+                        android:layout_marginTop="-20dp"
+                        android:layout_width="match_parent"
+                        android:layout_height="match_parent"
+                        android:onClick="registrationDataCheck"
+                        android:text="@string/action_strength_password"
+                        android:textAlignment="viewStart" />
+
+                    <Button
+                        android:id="@+id/action_generatePassword"
+                        style="@style/GenerateButtonStyle"
+                        android:background="@drawable/button_round_edges"
+                        android:layout_width="wrap_content"
+                        android:layout_height="wrap_content"
+                        android:layout_alignParentEnd="true"
+                        android:layout_marginBottom="15dp"
+                        android:onClick="generatePassword"
+                        android:text="@string/action_generate_password"
+                        android:textAlignment="viewEnd"/>
+
+                </RelativeLayout>
+                <Button
+                    android:id="@+id/btn_changePassword"
+                    android:layout_width="match_parent"
+                    android:layout_height="wrap_content"
+                    android:layout_marginBottom="@dimen/loginButtonMarginTop"
+                    android:layout_marginTop="@dimen/loginButtonMarginTop"
+                    android:text="@string/action_change_password"
+                    style="@style/PrimaryButtonStyle"
+                    android:onClick="savePassword" />
+                <LinearLayout
+                    android:layout_width="match_parent"
+                    android:layout_height="match_parent"
+                    android:layout_gravity="bottom"
+                    android:layout_marginTop="48dp"
+                    android:orientation="horizontal"
+                    >
+                    <TextView
+                        android:id="@+id/action_backToSettings"
+                        style="@style/LinkButtonStyle"
+                        android:layout_width="wrap_content"
+                        android:layout_height="wrap_content"
+                        android:onClick="backToSettings"
+                        android:text="@string/action_back_to_settings"
+                        android:textAlignment="viewStart"/>
+                </LinearLayout>
+
+            </LinearLayout>
+            <include
+                android:id="@+id/notification_frame"
+                layout="@layout/activity_root_notification_layout"
+                android:layout_width="match_parent"
+                android:layout_height="wrap_content" />
+
+        </FrameLayout>
+
+    </ScrollView>
+
+</layout>
\ No newline at end of file

From a5f44ff33acce4b48b4bc293801a20a2a90f0b75 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 22:40:40 -0800
Subject: [PATCH 20/95] Added a pop up component that contains update password
 form for changing password and generating password#12881

---
 .../symeda/sormas/ui/user/UserController.java | 102 ++++++++++++++++++
 1 file changed, 102 insertions(+)

diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 926c2b49567..323afd04442 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -21,6 +21,12 @@
 import java.util.Collection;
 import java.util.List;
 import java.util.Set;
+import static de.symeda.sormas.ui.utils.CssStyles.LABEL_CRITICAL;
+import static de.symeda.sormas.ui.utils.CssStyles.LABEL_POSITIVE;
+import static de.symeda.sormas.ui.utils.CssStyles.LABEL_WARNING;
+
+import java.util.Collection;
+import java.util.Objects;
 import java.util.function.Consumer;
 import java.util.stream.Collectors;
 
@@ -54,6 +60,7 @@
 import de.symeda.sormas.api.user.UserRight;
 import de.symeda.sormas.api.user.UserRoleDto;
 import de.symeda.sormas.api.utils.DataHelper;
+import de.symeda.sormas.ui.ControllerProvider;
 import de.symeda.sormas.ui.SormasUI;
 import de.symeda.sormas.ui.UserProvider;
 import de.symeda.sormas.ui.utils.BulkOperationHandler;
@@ -228,6 +235,16 @@ public void makeNewPassword(String userUuid, String userEmail) {
 		}
 	}
 
+	public void makeUpdatePassword(String userUuid, String userEmail, String password) {
+		String newPassword = FacadeProvider.getUserFacade().updatePassword(userUuid, password);
+
+		if (StringUtils.isBlank(userEmail) || AuthProvider.getProvider(FacadeProvider.getConfigFacade()).isDefaultProvider()) {
+			showPasswordResetInternalSuccessPopup(newPassword);
+		} else {
+			showPasswordResetExternalSuccessPopup();
+		}
+	}
+
 	private void showPasswordResetInternalSuccessPopup(String newPassword) {
 		VerticalLayout layout = new VerticalLayout();
 		layout.addComponent(new Label(I18nProperties.getString(Strings.messageCopyPassword)));
@@ -290,6 +307,36 @@ public void buttonClick(ClickEvent event) {
 		}, ValoTheme.BUTTON_LINK);
 	}
 
+	public Button generatePasswordButton() {
+
+		return ButtonHelper.createIconButton(Captions.userGeneratePassword, VaadinIcons.UNLOCK, new ClickListener() {
+
+			private static final long serialVersionUID = 1L;
+			final UpdatePasswordForm form = new UpdatePasswordForm();
+
+			@Override
+			public void buttonClick(ClickEvent event) {
+				String generatedPassword = FacadeProvider.getUserFacade().generatePassword();
+				form.currentPassword.setCaption(generatedPassword);
+				form.confirmPassword.setCaption(generatedPassword);
+			}
+		}, ValoTheme.BUTTON_LINK);
+	}
+
+	public Button createUpdatePasswordButton() {
+
+		return ButtonHelper.createIconButton(Captions.userResetPassword, VaadinIcons.UNLOCK, new ClickListener() {
+
+			private static final long serialVersionUID = 1L;
+
+			@Override
+			public void buttonClick(ClickEvent event) {
+				Window popupWindow = VaadinUiUtil.showPopupWindow(getUpdatePasswordComponent());
+				popupWindow.setCaption(I18nProperties.getString(Strings.headingChangePassword));
+			}
+		}, ValoTheme.BUTTON_LINK);
+	}
+
 	public ConfirmationComponent getResetPasswordConfirmationComponent(
 		String userUuid,
 		String userEmail,
@@ -336,6 +383,61 @@ public CommitDiscardWrapperComponent<UserSettingsForm> getUserSettingsComponent(
 		return component;
 	}
 
+	public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordComponent() {
+		Label passwordStrengthDesc = new Label();
+		UpdatePasswordForm form = new UpdatePasswordForm();
+		UserDto user = FacadeProvider.getUserFacade().getByUuid(UserProvider.getCurrent().getUuid());
+		form.setValue(user);
+		final CommitDiscardWrapperComponent<UpdatePasswordForm> component = new CommitDiscardWrapperComponent<>(form, form.getFieldGroup());
+		form.newPassword.addTextChangeListener(event -> {
+			passwordStrengthDesc.setValue(FacadeProvider.getUserFacade().checkPasswordStrength(event.getText()));
+			if (passwordStrengthDesc.getValue().contains("Strong")) {
+				passwordStrengthDesc.setStyleName(LABEL_POSITIVE);
+			} else if (passwordStrengthDesc.getValue().contains("Moderate")) {
+				passwordStrengthDesc.setStyleName(LABEL_WARNING);
+			} else {
+				passwordStrengthDesc.setStyleName(LABEL_CRITICAL);
+			}
+		});
+		component.addCommitListener(() -> {
+			if (!form.getFieldGroup().isModified()) {
+				UserDto changedUser = form.getValue();
+				if (!Objects.equals(changedUser.getConfirmPassword(), changedUser.getUpdatePassword())) {
+					form.showNotification(
+						new Notification(
+							I18nProperties.getString(Strings.headingUpdatePasswordFailed),
+							I18nProperties.getString(Strings.messageNewPasswordDoesNotMatchFailed),
+							Notification.Type.WARNING_MESSAGE));
+				} else if (!FacadeProvider.getUserFacade().validatePassword(user.getUuid(), changedUser.getCurrentPassword())) {
+					form.showNotification(
+						new Notification(
+							I18nProperties.getString(Strings.headingUpdatePasswordFailed),
+							I18nProperties.getString(Strings.messagePasswordFailed),
+							Notification.Type.WARNING_MESSAGE));
+				} else if (!FacadeProvider.getUserFacade().validatePasswordPattern(changedUser.getUpdatePassword())) {
+					form.showNotification(
+						new Notification(
+							I18nProperties.getString(Strings.headingUpdatePasswordFailed),
+							I18nProperties.getString(Strings.messageNewPasswordFailed),
+							Notification.Type.WARNING_MESSAGE));
+				} else {
+					FacadeProvider.getUserFacade().updatePassword(user.getUuid(), changedUser.getUpdatePassword());
+					makeUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getUpdatePassword());
+				}
+			}
+		});
+		Button generatePasswordButton = ControllerProvider.getUserController().generatePasswordButton();
+		generatePasswordButton.addClickListener((ClickListener) event -> {
+			String generatedPassword = FacadeProvider.getUserFacade().generatePassword();
+			form.newPassword.setValue(generatedPassword);
+			form.confirmPassword.setValue(generatedPassword);
+		});
+		component.getButtonsPanel().addComponent(generatePasswordButton, 0);
+
+		component.addComponent(passwordStrengthDesc, 1);
+		return component;
+	}
+
 	public void setFlagIcons(ComboBox cbLanguage) {
 		for (Language language : Language.values()) {
 			cbLanguage.setItemIcon(language, new ThemeResource("img/flag-icons/" + language.name().toLowerCase() + ".png"));

From c1079ad3fad5ab5978a7329595d5d9250161441c Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 22:45:05 -0800
Subject: [PATCH 21/95] Added descriptions to captions of strings#12880

---
 .../app/src/main/res/values/strings.xml       | 37 +++++++++++++++++--
 1 file changed, 34 insertions(+), 3 deletions(-)

diff --git a/sormas-app/app/src/main/res/values/strings.xml b/sormas-app/app/src/main/res/values/strings.xml
index 35b988811ae..d2f4ff0e301 100644
--- a/sormas-app/app/src/main/res/values/strings.xml
+++ b/sormas-app/app/src/main/res/values/strings.xml
@@ -37,8 +37,11 @@
     <string name="action_allow_gps_access">Allow GPS Access</string>
     <string name="action_apply_filters">Apply filters</string>
     <string name="action_back_to_settings">Back to settings</string>
+    <string name="action_generate_password">Generate Password</string>
+    <string name="action_strength_password">Password Strength</string>
     <string name="action_cancel">Cancel</string>
     <string name="action_change_PIN">Change PIN</string>
+    <string name="action_change_password">Change Password</string>
     <string name="action_change_settings"><u>Change Settings</u></string>
     <string name="action_clear">Clear</string>
     <string name="action_clear_all">Clear All</string>
@@ -68,6 +71,7 @@
     <string name="action_install_later">Install later</string>
     <string name="action_loadMore">Load more</string>
     <string name="action_login">Sign in</string>
+    <string name="action_change_password">Change Password</string>
     <string name="action_login_default_user">Sign in as demo user</string>
     <string name="action_logout">Logout</string>
     <string name="action_logout_anyway">Logout anyway</string>
@@ -212,7 +216,7 @@
     <string name="caption_not_a_contact">Not a Contact</string>
     <string name="caption_not_an_event">Not an Event</string>
     <string name="caption_outbreak">Outbreaks</string>
-    <string name="caption_password">Password</string>
+    <string name="caption_password">Enter Password</string>
     <string name="caption_patient_information">Patient Information</string>
     <string name="caption_pending">Pending</string>
     <string name="caption_period_end">Period End</string>
@@ -297,12 +301,14 @@
     <string name="description_epi_week">Epi Week</string>
     <string name="description_first_name">First Name</string>
     <string name="description_last_name">Last Name</string>
-    <string name="description_password">Password</string>
+    <string name="description_password">Enter Password</string>
     <string name="description_period_end">Period End</string>
     <string name="description_period_start">Period Start</string>
     <string name="description_report_message">Your Message</string>
     <string name="description_sormas_logo">SORMAS Logo</string>
     <string name="description_username">Username</string>
+    <string name="description_new_password">New Password</string>
+    <string name="description_confirm_password">Confirm Password</string>
     <string name="description_year">Year</string>
     <string name="description_report">Report</string>
 
@@ -424,6 +430,7 @@
     <string name="heading_pathogen_test_summary">Pathogen Test Summary</string>
     <string name="heading_pathogen_tests_list">Pathogen Test Listing</string>
     <string name="heading_sign_in">Sign In</string>
+    <string name="heading_change_password">Change Password</string>
     <string name="heading_social_events">Social Events</string>
     <string name="heading_source_case">Source Case</string>
     <string name="heading_source_of_information">Source of Information</string>
@@ -477,7 +484,7 @@
     <string name="hint_enter_location">Please enter a location</string>
     <string name="hint_first_name">First Name</string>
     <string name="hint_last_name">Last Name</string>
-    <string name="hint_login_password">Your Password</string>
+    <string name="hint_login_password">Password</string>
     <string name="hint_login_username">Username</string>
     <string name="hint_new_pin">Please choose a new four-digit PIN to authenticate when opening the SORMAS app in the future.</string>
     <string name="hint_new_pin_again">Please enter the new PIN again.</string>
@@ -525,6 +532,7 @@
     <string name="info_resync_duration">Re-sync will probably take several minutes.</string>
     <string name="info_select_create_person">Please select a person or click \'Create\' to create a new one.</string>
     <string name="info_sign_in">Sign into SORMAS to continue the journey of saving lives.</string>
+    <string name="info_change_password">To change your Password you will <b>need to enter your SORMAS user password.</b></string>
     <string name="info_similar_persons_found">SORMAS already contains at least one person that seems to be very similar to the personal details you have entered.</string>
     <string name="info_symptoms">Please select an answer for ALL symptoms indicating if they occurred during this illness between symptom onset and case detection:</string>
     <string name="info_synchronizing">Synchronizing with SORMAS server...</string>
@@ -555,6 +563,8 @@
     <string name="message_case_infrastructure_data_changed">You have changed the infrastructure data of this case. Do you want to transfer the case to the new health facility (the hospitalization data will be updated) or do you only want to edit the data to correct a mistake?</string>
     <string name="message_download_app_failed">The download of the new SORMAS version failed. Please make sure you have the best internet connection possible and try again or inform a supervisor if you keep getting this error despite a good internet connection.</string>
     <string name="message_empty_password">Please enter a password.</string>
+    <string name="message_incorrect_password">Please your password is incorrect.</string>
+    <string name="message_not_match_password">Password does not match.</string>
     <string name="message_empty_username">Please enter a username.</string>
     <string name="message_encryption">SORMAS requires device encryption to be activated on your device to ensure data security.\n\nPlease note that you cannot use the application as long as device encryption is disabled.</string>
     <string name="message_enter_person_name">Please enter a first and last name for the new person.</string>
@@ -576,11 +586,17 @@
     <string name="message_no_user_selected">No user has been selected</string>
     <string name="message_not_specified">Not specified</string>
     <string name="message_pin_changed">PIN has been successfully changed.</string>
+    <string name="message_password_changed">Password has been successfully changed.</string>
     <string name="message_pin_correct_loading">PIN correct. Starting SORMAS ...</string>
     <string name="message_pin_no_consecutive">PIN must not be made of consecutive numbers.</string>
     <string name="message_pin_no_same">PIN must not have more than 2 equal numbers.</string>
+    <string name="message_password_weak">Password Strength is Weak</string>
+    <string name="message_password_moderate">Password Strength is Moderate</string>
+    <string name="message_password_strong">Password Strength is strong</string>
     <string name="message_pin_not_matching">The PINs you\'ve entered do not match. Please try again.</string>
     <string name="message_pin_too_short">PIN has to be four digits long.</string>
+    <string name="message_could_not_generate_password">Could not generate password</string>
+    <string name="message_could_not_save_password">Could not save password</string>
     <string name="message_pin_wrong">You\'ve entered an incorrect PIN.</string>
     <string name="message_report_not_sent">Unable to send report at this time.</string>
     <string name="message_report_sent">Problem report successfully sent.</string>
@@ -722,5 +738,20 @@
     <string name="value_environment_name_unknown">Environment Name N/A</string>
     <string name="rapidEntry">Use rapid event participant entry</string>
     <string name="value_environment_media_unknown">Environment Media N/A</string>
+    <string name="title_activity_change_password">ChangePasswordActivity</string>
+    <string name="prompt_email">Email</string>
+    <string name="prompt_password">Password</string>
+    <string name="action_sign_in">Sign in or register</string>
+    <string name="action_sign_in_short">Sign in</string>
+    <string name="welcome">"Welcome !"</string>
+    <string name="invalid_username">Not a valid username</string>
+    <string name="invalid_password">Password must be >5 characters</string>
+    <string name="login_failed">"Login failed"</string>
+    <string name="hint_enter_current_password" >"Enter Current Password"</string>
+    <string name="hint_enter_new_password" >"Enter New Password"</string>
+    <string name="hint_enter_confirm_new_password" >"Enter Confirm Password"</string>
+    <string name="caption_enter_current_password" >"Enter Current Password"</string>
+    <string name="caption_enter_new_password" >"Enter new Password"</string>
+    <string name="caption_confirm_new_password" >"Confirm Password"</string>
 
 </resources>

From 5c8caf53a5cc816051f8e5ddaa609b5ad79725d2 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 22:49:00 -0800
Subject: [PATCH 22/95] #21-Created a form for changing password

---
 .../sormas/ui/user/UpdatePasswordForm.java    | 57 +++++++++++++++++++
 1 file changed, 57 insertions(+)
 create mode 100644 sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java

diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java
new file mode 100644
index 00000000000..b1d075f1331
--- /dev/null
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java
@@ -0,0 +1,57 @@
+package de.symeda.sormas.ui.user;
+
+import static de.symeda.sormas.ui.utils.LayoutUtil.fluidRowLocs;
+import static de.symeda.sormas.ui.utils.LayoutUtil.loc;
+
+import com.vaadin.server.Page;
+import com.vaadin.ui.Notification;
+import com.vaadin.v7.ui.PasswordField;
+
+import de.symeda.sormas.api.user.UserDto;
+import de.symeda.sormas.ui.utils.AbstractEditForm;
+
+public class UpdatePasswordForm extends AbstractEditForm<UserDto> {
+
+	private static final long serialVersionUID = 1L;
+	private static final String OLD_PASSWORD = "oldPassword";
+	private static final String NEW_PASSWORD = "newPassword";
+	private static final String CONFIRM_PASSWORD = "updateConfirmPassword";
+
+	//@formater:off
+	private static final String HTML_LAYOUT = loc(OLD_PASSWORD)
+		+ fluidRowLocs(UserDto.PASSWORD)
+		+ loc(NEW_PASSWORD)
+		+ fluidRowLocs(UserDto.NEW_PASSWORD)
+		+ loc(CONFIRM_PASSWORD)
+		+ fluidRowLocs(UserDto.CONFIRM_PASSWORD);
+
+	//@formatter:off
+	PasswordField currentPassword;
+	PasswordField newPassword;
+	PasswordField confirmPassword;
+	public UpdatePasswordForm(){
+		super(UserDto.class, UserDto.I18N_PREFIX);
+
+		setWidth(480, Unit.PIXELS);
+	}
+	public void showNotification(Notification notification) {
+		// keep the notification visible a little while after moving the
+		// mouse, or until clicked
+		notification.setDelayMsec(2000);
+		notification.show(Page.getCurrent());
+	}
+	@Override
+	protected void addFields() {
+		currentPassword = addField(UserDto.PASSWORD, PasswordField.class);
+		newPassword = addField(UserDto.NEW_PASSWORD, PasswordField.class);
+		confirmPassword = addField(UserDto.CONFIRM_PASSWORD, PasswordField.class);
+		setRequired(true,UserDto.PASSWORD,UserDto.NEW_PASSWORD,UserDto.CONFIRM_PASSWORD);
+	}
+
+
+
+	@Override
+	protected String createHtmlLayout() {
+		return HTML_LAYOUT;
+	}
+}

From be226647ae9461f62eaf1d60cc68178f35d9c4b2 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 23:12:11 -0800
Subject: [PATCH 23/95] Added generated password and update Password to user
 service#12880

---
 .../sormas/backend/user/UserService.java       | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
index 0961f9fa9c4..a261e5ef941 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
@@ -1,6 +1,6 @@
 /*
  * SORMAS® - Surveillance Outbreak Response Management & Analysis System
- * Copyright © 2016-2022 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+ * Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
@@ -647,6 +647,22 @@ public String resetPassword(String userUuid) {
 		return password;
 	}
 
+	public String generatePassword() {
+		return PasswordHelper.createPass(12);
+	}
+
+	public String updatePassword(String userUuid, String password) {
+		User user = getByUuid(userUuid);
+
+		if (user == null && password == null) {
+			return null;
+		}
+		assert user != null;
+		user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
+		ensurePersisted(user);
+		return password;
+	};
+
 	public Predicate buildCriteriaFilter(UserCriteria userCriteria, CriteriaBuilder cb, Root<User> from) {
 
 		Predicate filter = null;

From a9da21ba33e993a3b84325f8a0cabdb945f75821 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 23:14:56 -0800
Subject: [PATCH 24/95] #21-Added styling to the generate button

---
 sormas-app/app/src/main/res/values/styles.xml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/sormas-app/app/src/main/res/values/styles.xml b/sormas-app/app/src/main/res/values/styles.xml
index 82bd6125add..1a55eff19f7 100644
--- a/sormas-app/app/src/main/res/values/styles.xml
+++ b/sormas-app/app/src/main/res/values/styles.xml
@@ -413,6 +413,15 @@
         <item name="android:background">@drawable/selector_button_primary</item>
         <item name="android:elevation">@dimen/primaryButtonElevation</item>
     </style>
+    <style name="GenerateButtonStyle">
+        <item name="android:layout_height">@dimen/primaryButtonHeight</item>
+        <item name="android:gravity">center</item>
+        <item name="android:paddingLeft">@dimen/buttonHorizontalPadding</item>
+        <item name="android:paddingRight">@dimen/buttonHorizontalPadding</item>
+        <item name="android:textColor">@color/lightBlue</item>
+        <item name="android:background">@android:color/transparent</item>
+        <item name="android:elevation">@dimen/primaryButtonElevation</item>
+    </style>
 
     <style name="EmptyListHintStyle">
         <item name="android:paddingTop">@dimen/parentLayoutVerticalPadding</item>

From 6bbae902a97542e96edbee11185a36f54c048cbf Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 23:16:07 -0800
Subject: [PATCH 25/95] #21- Added create new password to user settings menu

---
 .../main/java/de/symeda/sormas/ui/Menu.java   | 27 ++++++++++---------
 1 file changed, 15 insertions(+), 12 deletions(-)

diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
index 13789b3c938..957752f1596 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
@@ -17,8 +17,13 @@
  *******************************************************************************/
 package de.symeda.sormas.ui;
 
-import com.vaadin.event.ContextClickEvent;
-import com.vaadin.event.MouseEvents;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.StringUtils;
+
 import com.vaadin.icons.VaadinIcons;
 import com.vaadin.navigator.Navigator;
 import com.vaadin.navigator.View;
@@ -36,10 +41,12 @@
 import com.vaadin.ui.UI;
 import com.vaadin.ui.Window;
 import com.vaadin.ui.themes.ValoTheme;
+
 import de.symeda.sormas.api.FacadeProvider;
 import de.symeda.sormas.api.i18n.Captions;
 import de.symeda.sormas.api.i18n.I18nProperties;
 import de.symeda.sormas.api.i18n.Strings;
+import de.symeda.sormas.api.user.UserDto;
 import de.symeda.sormas.ui.dashboard.surveillance.SurveillanceDashboardView;
 import de.symeda.sormas.ui.login.LoginHelper;
 import de.symeda.sormas.ui.user.UserSettingsForm;
@@ -47,12 +54,6 @@
 import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent;
 import de.symeda.sormas.ui.utils.CssStyles;
 import de.symeda.sormas.ui.utils.VaadinUiUtil;
-import org.apache.commons.lang3.StringUtils;
-
-import java.nio.file.Path;
-import java.nio.file.Paths;
-import java.util.HashMap;
-import java.util.Map;
 
 /**
  * Responsive navigation menu presenting a list of available views to the user.
@@ -68,6 +69,7 @@ public class Menu extends CssLayout {
 
 	private CssLayout menuItemsLayout;
 	private CssLayout menuPart;
+	private UserDto user;
 
 	public Menu(Navigator navigator) {
 
@@ -75,7 +77,7 @@ public Menu(Navigator navigator) {
 		setPrimaryStyleName(ValoTheme.MENU_ROOT);
 		menuPart = new CssLayout();
 		menuPart.addStyleName(ValoTheme.MENU_PART);
-
+		user = UserProvider.getCurrent().getUser();
 		// header of the menu
 		final HorizontalLayout top = new HorizontalLayout();
 		top.setDefaultComponentAlignment(Alignment.MIDDLE_CENTER);
@@ -117,7 +119,7 @@ public Menu(Navigator navigator) {
 		// settings menu item
 		MenuBar settingsMenu = new MenuBar();
 		settingsMenu.setId(Captions.actionSettings);
-		settingsMenu.addItem(I18nProperties.getCaption(Captions.actionSettings), VaadinIcons.COG, (Command) selectedItem -> showSettingsPopup());
+		settingsMenu.addItem(I18nProperties.getCaption(Captions.actionSettings), VaadinIcons.COG, (Command) selectedItem -> showSettingsPopup(user));
 
 		settingsMenu.addStyleNames("user-menu", "settings-menu");
 		menuPart.addComponent(settingsMenu);
@@ -136,7 +138,7 @@ public Menu(Navigator navigator) {
 		addComponent(menuPart);
 	}
 
-	private void showSettingsPopup() {
+	private void showSettingsPopup(UserDto user) {
 
 		Window window = VaadinUiUtil.createPopupWindow();
 		window.setCaption(I18nProperties.getString(Strings.headingUserSettings));
@@ -144,7 +146,8 @@ private void showSettingsPopup() {
 
 		CommitDiscardWrapperComponent<UserSettingsForm> component =
 			ControllerProvider.getUserController().getUserSettingsComponent(() -> window.close());
-
+		Button resetPasswordButton = ControllerProvider.getUserController().createUpdatePasswordButton();
+		component.getButtonsPanel().addComponent(resetPasswordButton, 0);
 		window.setContent(component);
 		UI.getCurrent().addWindow(window);
 	}

From 330c3339226b01518a3db0c10a0f1d89832120ed Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 23:16:46 -0800
Subject: [PATCH 26/95] #21-Added plugin to check passwors strength

---
 sormas-backend/pom.xml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/sormas-backend/pom.xml b/sormas-backend/pom.xml
index 43a87400349..eb9ef847cb6 100644
--- a/sormas-backend/pom.xml
+++ b/sormas-backend/pom.xml
@@ -318,6 +318,12 @@
 
 		<!-- *** Test dependencies END *** -->
 
+		<dependency>
+			<groupId>edu.vt.middleware</groupId>
+			<artifactId>vt-password</artifactId>
+			<version>3.1.2</version>
+		</dependency>
+
 	</dependencies>
 
 	<build>

From c474f8d29b594b17b64a8d97d6d0665222dd5e4a Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 23:18:51 -0800
Subject: [PATCH 27/95] #21-Added http request to rest to receive requests sent
 from android

---
 .../sormas/rest/resources/UserResource.java      | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
index fac1ce36b3a..5db33920f80 100644
--- a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
+++ b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
@@ -97,4 +97,20 @@ public List<UserRight> getUserRightsForCurrentUser() {
 	public List<UserRight> getUserRights(@PathParam("uuid") String uuid) {
 		return FacadeProvider.getUserFacade().getUserRights(uuid);
 	}
+
+	@POST
+	@Path("/passwordStrength")
+	public String saveNewPassword(
+		@QueryParam("uuid") String uuid,
+		@QueryParam("newPassword") String newPassword,
+		@QueryParam("currentPassword") String currentPassword) {
+		return FacadeProvider.getUserFacade().updateUserPassword(uuid, newPassword, currentPassword);
+	}
+
+	@GET
+	@Path("/generatePassword")
+	public String generatePassword() {
+		return FacadeProvider.getUserFacade().generatePassword();
+	}
+
 }

From e501765b8dad7142d78aaae4126926ecb053cf6c Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 23:28:57 -0800
Subject: [PATCH 28/95] Added a method to generate password      Added a method
 to validate password      Added a method to check password strength#12881

---
 .../sormas/backend/user/UserFacadeEjb.java    | 162 ++++++++++++++++++
 1 file changed, 162 insertions(+)

diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index bf98568c25c..ca8177398a2 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -141,6 +141,18 @@
 import de.symeda.sormas.backend.util.ModelConstants;
 import de.symeda.sormas.backend.util.QueryHelper;
 import de.symeda.sormas.backend.util.RightsAllowed;
+import edu.vt.middleware.password.CharacterCharacteristicsRule;
+import edu.vt.middleware.password.DigitCharacterRule;
+import edu.vt.middleware.password.LengthRule;
+import edu.vt.middleware.password.LowercaseCharacterRule;
+import edu.vt.middleware.password.NonAlphanumericCharacterRule;
+import edu.vt.middleware.password.Password;
+import edu.vt.middleware.password.PasswordData;
+import edu.vt.middleware.password.PasswordValidator;
+import edu.vt.middleware.password.Rule;
+import edu.vt.middleware.password.RuleResult;
+import edu.vt.middleware.password.UppercaseCharacterRule;
+import edu.vt.middleware.password.WhitespaceRule;
 
 @Stateless(name = "UserFacade")
 public class UserFacadeEjb implements UserFacade {
@@ -851,6 +863,35 @@ public UserDto getCurrentUser() {
 		return toDto(userService.getCurrentUser());
 	}
 
+	@PermitAll
+	@AuditIgnore
+	public String updatePassword(String uuid, String password) {
+		String updatePassword = userService.updatePassword(uuid, password);
+		passwordResetEvent.fire(new PasswordResetEvent(userService.getByUuid(uuid)));
+
+		return updatePassword;
+	}
+
+	@Override
+	public String updateUserPassword(String uuid, String newPassword, String currentPassword) {
+		if (!validatePassword(uuid, currentPassword)) {
+			return null;
+		} else {
+			String updatePassword = userService.updatePassword(uuid, newPassword);
+			passwordResetEvent.fire(new PasswordResetEvent(userService.getByUuid(uuid)));
+
+			return updatePassword;
+		}
+	}
+
+	@Override
+	public String generatePassword() {
+		return userService.generatePassword();
+
+	}
+
+	@Override
+	
 	@Override
 	@PermitAll
 	public UserReferenceDto getCurrentUserAsReference() {
@@ -861,7 +902,15 @@ public UserReferenceDto getCurrentUserAsReference() {
 	@PermitAll
 	@AuditIgnore
 	public Set<UserRight> getValidLoginRights(String userName, String password) {
+			User user = userService.getByUserName(userName);
+		if (user != null && user.isActive() && DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()))) {
+			return new HashSet<>(UserRole.getUserRights(user.getUserRoles()));
+		}
+
+		return null;
+	}
 
+	public Set<UserRole> getValidLoginRoles(String userName, String password) {
 		User user = userService.getByUserName(userName);
 		if (user != null && user.isActive() && DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()))) {
 			return new HashSet<>(UserRole.getUserRights(user.getUserRoles()));
@@ -872,6 +921,119 @@ public Set<UserRight> getValidLoginRights(String userName, String password) {
 
 	@Override
 	@RightsAllowed(UserRight._USER_EDIT)
+	public boolean validatePassword(String uuid, String password) {
+		User user = userService.getCurrentUser();
+		if (user != null) {
+			if (DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()))) {
+				return true;
+			}
+		}
+		return false;
+	}
+
+	@Override
+	public boolean validatePasswordPattern(String password) {
+		//Password must be between 8 and
+		LengthRule lengthRule = new LengthRule(8, 16);
+		// don't allow whitespace
+		WhitespaceRule whitespaceRule = new WhitespaceRule();
+		// control allowed characters
+		CharacterCharacteristicsRule charRule = new CharacterCharacteristicsRule();
+		// require at least 1 digit in passwords
+		charRule.getRules().add(new DigitCharacterRule(1));
+		// require at least 1 non-alphanumeric char
+		charRule.getRules().add(new NonAlphanumericCharacterRule(1));
+		// require at least 1 upper case char
+		charRule.getRules().add(new UppercaseCharacterRule(1));
+		// require at least 1 lower case char
+		charRule.getRules().add(new LowercaseCharacterRule(1));
+		// require at least 3 of the previous rules be met
+		charRule.setNumberOfCharacteristics(4);
+
+		List<Rule> ruleList = new ArrayList<Rule>();
+
+		ruleList.add(lengthRule);
+		ruleList.add(whitespaceRule);
+		ruleList.add(charRule);
+		PasswordValidator validator = new PasswordValidator(ruleList);
+		PasswordData passwordData = new PasswordData(new Password(password));
+		RuleResult result = validator.validate(passwordData);
+
+		if (result.isValid()) {
+			return true;
+		} else {
+			return false;
+		}
+	}
+
+	@Override
+	public String checkPasswordStrength(String password) {
+		//Password must be between 8 and
+		LengthRule strongPasswordlengthRule = new LengthRule(10, 64);
+
+		LengthRule moderatePasswordlengthRule = new LengthRule(8, 16);
+		// don't allow whitespace
+		WhitespaceRule whitespaceRule = new WhitespaceRule();
+		/*-----STrong password-----*/
+		// control allowed characters
+		CharacterCharacteristicsRule strongPassword = new CharacterCharacteristicsRule();
+		// require at least 2 digit in passwords
+		strongPassword.getRules().add(new DigitCharacterRule(2));
+		// require at least 2 non-alphanumeric char
+		strongPassword.getRules().add(new NonAlphanumericCharacterRule(2));
+		// require at least 1 upper case char
+		strongPassword.getRules().add(new UppercaseCharacterRule(1));
+		// require at least 1 lower case char
+		strongPassword.getRules().add(new LowercaseCharacterRule(1));
+
+		// require at least 6 of the previous rules be met
+		strongPassword.setNumberOfCharacteristics(4);
+		//Check to see all rules are met for a strong
+		List<Rule> strongPasswordRuleList = new ArrayList<Rule>();
+		strongPasswordRuleList.add(strongPasswordlengthRule);
+		strongPasswordRuleList.add(whitespaceRule);
+		strongPasswordRuleList.add(strongPassword);
+		PasswordValidator strongPasswordValidator = new PasswordValidator(strongPasswordRuleList);
+		PasswordData strongPasswordData = new PasswordData(new Password(password));
+		RuleResult strongPasswordresult = strongPasswordValidator.validate(strongPasswordData);
+
+		/*-----moderate password-----*/
+		// control allowed characters
+		CharacterCharacteristicsRule moderatePassword = new CharacterCharacteristicsRule();
+		// require at least 1 digit in passwords
+		moderatePassword.getRules().add(new DigitCharacterRule(1));
+		// require at least 1 non-alphanumeric char
+		moderatePassword.getRules().add(new NonAlphanumericCharacterRule(1));
+		// require at least 1 upper case char
+		moderatePassword.getRules().add(new UppercaseCharacterRule(1));
+		// require at least 1 lower case char
+		moderatePassword.getRules().add(new LowercaseCharacterRule(1));
+
+		// require at least 6 of the previous rules be met
+		strongPassword.setNumberOfCharacteristics(3);
+		//Check to see all rules are met for a strong
+		List<Rule> moderatePasswordRuleList = new ArrayList<Rule>();
+		moderatePasswordRuleList.add(moderatePasswordlengthRule);
+		moderatePasswordRuleList.add(whitespaceRule);
+		moderatePasswordRuleList.add(moderatePassword);
+		PasswordValidator moderatePasswordValidator = new PasswordValidator(moderatePasswordRuleList);
+		PasswordData moderatePasswordData = new PasswordData(new Password(password));
+		RuleResult moderatePasswordresult = moderatePasswordValidator.validate(moderatePasswordData);
+
+		String passStrength = "Password Strength is Weak";
+		if (strongPasswordresult.isValid()) {
+			passStrength = "Password Strength is Strong";
+			return passStrength;
+
+		} else if (moderatePasswordresult.isValid()) {
+			passStrength = "Password Strength is Moderate";
+			return passStrength;
+
+		} else
+			return passStrength;
+	};
+
+	@Override
 	public void removeUserAsSurveillanceAndContactOfficer(String userUuid) {
 		CriteriaBuilder cb = em.getCriteriaBuilder();
 		CriteriaQuery<Case> caseQuery = cb.createQuery(Case.class);

From 826a0d286e49a67b849bd43dd09f6385a7f128a4 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 23:30:28 -0800
Subject: [PATCH 29/95] #21-Added a default screen magin to position change
 password layout according to different screen sizes

---
 sormas-app/app/src/main/res/values/dimens.xml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sormas-app/app/src/main/res/values/dimens.xml b/sormas-app/app/src/main/res/values/dimens.xml
index f015359ef87..aa51016d4a0 100644
--- a/sormas-app/app/src/main/res/values/dimens.xml
+++ b/sormas-app/app/src/main/res/values/dimens.xml
@@ -424,5 +424,7 @@
 
     <dimen name="dashboardPreloaderWidth">50dp</dimen>
     <dimen name="dashboardPreloaderHeight">50dp</dimen>
+    <!-- Default screen margins, per the Android Design guidelines. -->
+    <dimen name="activity_horizontal_margin">16dp</dimen>
 
 </resources>

From 792355d8c56498aeea6e757617611eb803f6cb3b Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 23:31:48 -0800
Subject: [PATCH 30/95] #21

---
 .../src/main/java/de/symeda/sormas/api/user/UserFacade.java     | 2 --
 1 file changed, 2 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
index 5ce3ebd6724..4206d7cd6e8 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
@@ -54,8 +54,6 @@ public interface UserFacade {
 
 	String updateUserPassword(String uuid, String newPassword, String currentPassword);
 
-	List<String> changeUserPassword(String uuid, String password);
-
 	boolean validatePassword(String uuid, String password);
 
 	boolean validatePasswordPattern(String password);

From 6372d6864ac9b7f3accbef510d6c261775877f93 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 21 Feb 2022 23:43:24 -0800
Subject: [PATCH 31/95] #21-removed duplicate entries

---
 sormas-app/app/src/main/res/values/strings.xml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/sormas-app/app/src/main/res/values/strings.xml b/sormas-app/app/src/main/res/values/strings.xml
index d2f4ff0e301..609eea42e0f 100644
--- a/sormas-app/app/src/main/res/values/strings.xml
+++ b/sormas-app/app/src/main/res/values/strings.xml
@@ -41,7 +41,6 @@
     <string name="action_strength_password">Password Strength</string>
     <string name="action_cancel">Cancel</string>
     <string name="action_change_PIN">Change PIN</string>
-    <string name="action_change_password">Change Password</string>
     <string name="action_change_settings"><u>Change Settings</u></string>
     <string name="action_clear">Clear</string>
     <string name="action_clear_all">Clear All</string>

From d55f94c32cb4e84f3b510e807a7fb6306027c6b4 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 16 May 2022 15:10:10 +0000
Subject: [PATCH 32/95] Rephrased the error message

---
 sormas-api/src/main/resources/strings.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sormas-api/src/main/resources/strings.properties b/sormas-api/src/main/resources/strings.properties
index 0324185911a..926a76ef6fc 100644
--- a/sormas-api/src/main/resources/strings.properties
+++ b/sormas-api/src/main/resources/strings.properties
@@ -1268,7 +1268,7 @@ messageUploadSuccessful = Upload successful! You can now close this window.
 messageIncompleteGpsCoordinates = GPS coordinates are incomplete
 messageExternalMessagesAssigned = The assignee has been changed for all selected messages
 messageLoginFailed = Please check your username and password and try again
-messageNewPasswordDoesNotMatchFailed = Please check your new Password and Current Password and try again
+messageNewPasswordDoesNotMatchFailed = New password and current password does not match
 messagePasswordFailed = Incorrect Password Please check your Password and try again
 messageNewPasswordFailed = Password should contain some text, \n atleast one special character \n some numbers \n and should be more than 8 characters
 messageMissingCases = Please generate some cases before generating contacts

From 5d7b532034779ed05794d5ba20cd548d0a51169b Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 16 May 2022 15:52:17 +0000
Subject: [PATCH 33/95] Changed the name of the method makeUpdatePassword to
 showUpdatePassword Changed the implementation of the password strength error

---
 .../java/de/symeda/sormas/ui/user/UserController.java | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 323afd04442..c69a9dfb032 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -235,8 +235,8 @@ public void makeNewPassword(String userUuid, String userEmail) {
 		}
 	}
 
-	public void makeUpdatePassword(String userUuid, String userEmail, String password) {
-		String newPassword = FacadeProvider.getUserFacade().updatePassword(userUuid, password);
+	public void showUpdatePassword(String userUuid, String userEmail, String password, String currentPassword) {
+		String newPassword = FacadeProvider.getUserFacade().updateUserPassword(userUuid, password, currentPassword);
 
 		if (StringUtils.isBlank(userEmail) || AuthProvider.getProvider(FacadeProvider.getConfigFacade()).isDefaultProvider()) {
 			showPasswordResetInternalSuccessPopup(newPassword);
@@ -414,15 +414,16 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
 							I18nProperties.getString(Strings.headingUpdatePasswordFailed),
 							I18nProperties.getString(Strings.messagePasswordFailed),
 							Notification.Type.WARNING_MESSAGE));
-				} else if (!FacadeProvider.getUserFacade().validatePasswordPattern(changedUser.getUpdatePassword())) {
+				} else if (passwordStrengthDesc.getValue().contains("Weak")) {
 					form.showNotification(
 						new Notification(
 							I18nProperties.getString(Strings.headingUpdatePasswordFailed),
 							I18nProperties.getString(Strings.messageNewPasswordFailed),
 							Notification.Type.WARNING_MESSAGE));
 				} else {
-					FacadeProvider.getUserFacade().updatePassword(user.getUuid(), changedUser.getUpdatePassword());
-					makeUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getUpdatePassword());
+					FacadeProvider.getUserFacade()
+						.updateUserPassword(user.getUuid(), changedUser.getUpdatePassword(), changedUser.getCurrentPassword());
+					showUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getUpdatePassword(), changedUser.getCurrentPassword());
 				}
 			}
 		});

From 3a018a7706fdebf6bac83369eedcb67f0895c86b Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 16 May 2022 15:52:36 +0000
Subject: [PATCH 34/95] Removed redundant code#12881

---
 .../src/main/java/de/symeda/sormas/api/user/UserFacade.java  | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
index 4206d7cd6e8..a85164759d5 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
@@ -56,8 +56,6 @@ public interface UserFacade {
 
 	boolean validatePassword(String uuid, String password);
 
-	boolean validatePasswordPattern(String password);
-
 	String checkPasswordStrength(String password);
 
 	String generatePassword();
@@ -89,7 +87,6 @@ public interface UserFacade {
 	long count(UserCriteria userCriteria);
 
 	/**
-	 * 
 	 * @param district
 	 *            reference of the district to be filtered for. When this district is null, it is not filtered in this regard.
 	 *            NOTE: some users don't have a district (often users with NATIONAL_USER role, for example). They will
@@ -176,4 +173,6 @@ List<UserReferenceDto> getUserRefsByInfrastructure(
 	 * @return A set containing the user rights associated to all user roles assigned to the user
 	 */
 	List<UserRight> getUserRights(String userUuid);
+	List<UserReferenceWithTaskNumbersDto> getAssignableUsersWithTaskNumbers(@NotNull TaskContextIndex taskContextIndex);
+
 }

From 9c61bd61a6dc6ef53d17765ebb6a4bd3b6f47e65 Mon Sep 17 00:00:00 2001
From: Anthony4m <amoahanthony41@gmail.com>
Date: Mon, 16 May 2022 15:53:01 +0000
Subject: [PATCH 35/95] Removed redundant code

---
 .../sormas/backend/user/UserFacadeEjb.java    | 52 +++----------------
 1 file changed, 6 insertions(+), 46 deletions(-)

diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index ca8177398a2..0805b1a1285 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -873,15 +873,12 @@ public String updatePassword(String uuid, String password) {
 	}
 
 	@Override
-	public String updateUserPassword(String uuid, String newPassword, String currentPassword) {
-		if (!validatePassword(uuid, currentPassword)) {
-			return null;
-		} else {
-			String updatePassword = userService.updatePassword(uuid, newPassword);
-			passwordResetEvent.fire(new PasswordResetEvent(userService.getByUuid(uuid)));
+	public String updateUserPassword(String uuid, String password, String currentPassword) {
+		String updatePassword = userService.updatePassword(uuid, password);
+		passwordResetEvent.fire(new PasswordResetEvent(userService.getByUuid(uuid)));
+
+		return updatePassword;
 
-			return updatePassword;
-		}
 	}
 
 	@Override
@@ -924,48 +921,11 @@ public Set<UserRole> getValidLoginRoles(String userName, String password) {
 	public boolean validatePassword(String uuid, String password) {
 		User user = userService.getCurrentUser();
 		if (user != null) {
-			if (DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()))) {
-				return true;
-			}
+			return DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()));
 		}
 		return false;
 	}
 
-	@Override
-	public boolean validatePasswordPattern(String password) {
-		//Password must be between 8 and
-		LengthRule lengthRule = new LengthRule(8, 16);
-		// don't allow whitespace
-		WhitespaceRule whitespaceRule = new WhitespaceRule();
-		// control allowed characters
-		CharacterCharacteristicsRule charRule = new CharacterCharacteristicsRule();
-		// require at least 1 digit in passwords
-		charRule.getRules().add(new DigitCharacterRule(1));
-		// require at least 1 non-alphanumeric char
-		charRule.getRules().add(new NonAlphanumericCharacterRule(1));
-		// require at least 1 upper case char
-		charRule.getRules().add(new UppercaseCharacterRule(1));
-		// require at least 1 lower case char
-		charRule.getRules().add(new LowercaseCharacterRule(1));
-		// require at least 3 of the previous rules be met
-		charRule.setNumberOfCharacteristics(4);
-
-		List<Rule> ruleList = new ArrayList<Rule>();
-
-		ruleList.add(lengthRule);
-		ruleList.add(whitespaceRule);
-		ruleList.add(charRule);
-		PasswordValidator validator = new PasswordValidator(ruleList);
-		PasswordData passwordData = new PasswordData(new Password(password));
-		RuleResult result = validator.validate(passwordData);
-
-		if (result.isValid()) {
-			return true;
-		} else {
-			return false;
-		}
-	}
-
 	@Override
 	public String checkPasswordStrength(String password) {
 		//Password must be between 8 and

From 88ecf92d45a95709b075c7de98eebe49b668ae88 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 6 Feb 2024 17:19:33 +0000
Subject: [PATCH 36/95] added sormas linces info on top of new classes and
 enhanced password change to close window after it's changed#12881

---
 .../de/symeda/sormas/api/i18n/Strings.java    |  1 +
 .../symeda/sormas/api/task/TaskAssignee.java  | 18 ++++++
 .../sormas/api/task/TaskContextIndex.java     | 55 +++++++++++++++++++
 .../api/task/TaskContextIndexCriteria.java    | 18 ++++++
 .../symeda/sormas/api/task/TaskDateType.java  | 17 ++++++
 .../de/symeda/sormas/api/user/UserFacade.java |  4 +-
 .../src/main/resources/strings.properties     |  1 +
 .../sormas/backend/user/UserFacadeEjb.java    | 16 ++++--
 .../symeda/sormas/ui/user/UserController.java | 30 +++++++---
 .../ui/utils/ConfirmationComponent.java       |  2 +-
 10 files changed, 148 insertions(+), 14 deletions(-)
 create mode 100644 sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
index 0e1ffbb4b35..d2dc16ed1d8 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
@@ -1393,6 +1393,7 @@ public interface Strings {
 	String messageOtherDeleteReasonNotFilled = "messageOtherDeleteReasonNotFilled";
 	String messageOutbreakSaved = "messageOutbreakSaved";
 	String messagePasswordReset = "messagePasswordReset";
+	String messagePasswordChange = "messagePasswordChange";
 	String messagePasswordResetEmailLink = "messagePasswordResetEmailLink";
 	String messagePathogenTestSaved = "messagePathogenTestSaved";
 	String messagePathogenTestSavedShort = "messagePathogenTestSavedShort";
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskAssignee.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskAssignee.java
index 439b1e5dd06..908e06f1256 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskAssignee.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskAssignee.java
@@ -1,3 +1,21 @@
+/*******************************************************************************
+ * SORMAS® - Surveillance Outbreak Response Management & Analysis System
+ * Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *******************************************************************************/
+
 package de.symeda.sormas.api.task;
 
 import de.symeda.sormas.api.i18n.I18nProperties;
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java
new file mode 100644
index 00000000000..472f9818e80
--- /dev/null
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java
@@ -0,0 +1,55 @@
+/*******************************************************************************
+ * SORMAS® - Surveillance Outbreak Response Management & Analysis System
+ * Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *******************************************************************************/
+
+package de.symeda.sormas.api.task;
+
+
+import java.io.Serializable;
+
+public class TaskContextIndex implements Serializable, Cloneable {
+
+    private TaskContext taskContext;
+    private String uuid;
+
+    public TaskContextIndex() {
+    }
+
+    public TaskContextIndex(TaskContext taskContext) {
+        this.taskContext = taskContext;
+    }
+
+    public TaskContext getTaskContext() {
+        return taskContext;
+    }
+
+    public String getUuid() {
+        return uuid;
+    }
+
+    @Override
+    public TaskContextIndex clone() {
+        try {
+            TaskContextIndex clone = (TaskContextIndex) super.clone();
+            // TODO: copy mutable state here, so the clone can't change the internals of the original
+            return clone;
+        } catch (CloneNotSupportedException e) {
+            throw new AssertionError();
+        }
+    }
+}
+
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
index 488c7102514..fb86f7e9fe3 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
@@ -1,3 +1,21 @@
+/*******************************************************************************
+ * SORMAS® - Surveillance Outbreak Response Management & Analysis System
+ * Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *******************************************************************************/
+
 package de.symeda.sormas.api.task;
 
 import de.symeda.sormas.api.audit.AuditIncludeProperty;
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskDateType.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskDateType.java
index 30d065e2610..9a7b34f7644 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskDateType.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskDateType.java
@@ -1,3 +1,20 @@
+/*******************************************************************************
+ * SORMAS® - Surveillance Outbreak Response Management & Analysis System
+ * Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *******************************************************************************/
 package de.symeda.sormas.api.task;
 
 import de.symeda.sormas.api.i18n.I18nProperties;
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
index a85164759d5..fb9cc878386 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
@@ -35,6 +35,7 @@
 import de.symeda.sormas.api.event.EventReferenceDto;
 import de.symeda.sormas.api.infrastructure.district.DistrictReferenceDto;
 import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
+import de.symeda.sormas.api.task.TaskContextIndex;
 import de.symeda.sormas.api.task.TaskContextIndexCriteria;
 import de.symeda.sormas.api.travelentry.TravelEntryReferenceDto;
 import de.symeda.sormas.api.utils.SortProperty;
@@ -54,6 +55,8 @@ public interface UserFacade {
 
 	String updateUserPassword(String uuid, String newPassword, String currentPassword);
 
+	Set<UserRoleDto> getValidLoginRoles(String userName, String password);
+
 	boolean validatePassword(String uuid, String password);
 
 	String checkPasswordStrength(String password);
@@ -173,6 +176,5 @@ List<UserReferenceDto> getUserRefsByInfrastructure(
 	 * @return A set containing the user rights associated to all user roles assigned to the user
 	 */
 	List<UserRight> getUserRights(String userUuid);
-	List<UserReferenceWithTaskNumbersDto> getAssignableUsersWithTaskNumbers(@NotNull TaskContextIndex taskContextIndex);
 
 }
diff --git a/sormas-api/src/main/resources/strings.properties b/sormas-api/src/main/resources/strings.properties
index 926a76ef6fc..f80fb84ba57 100644
--- a/sormas-api/src/main/resources/strings.properties
+++ b/sormas-api/src/main/resources/strings.properties
@@ -1300,6 +1300,7 @@ messageNoUsersSelected = You have not selected any users
 messageNoUserSelected = No user has been selected
 messageOutbreakSaved = Outbreak information saved
 messagePasswordReset = User's password was reset
+messagePasswordChange = User's password was changed successfully
 messagePasswordResetEmailLink = A link to reset the password was sent to the user's email
 messagePathogenTestSaved = Pathogen test saved. The classification of its associated case was automatically changed to %s.
 messagePathogenTestSavedShort = Pathogen test saved
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 0805b1a1285..0126fd978b7 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -12,6 +12,7 @@
  * You should have received a copy of the GNU General Public License
  * along with this program. If not, see <https://www.gnu.org/licenses/>.
  */
+
 package de.symeda.sormas.backend.user;
 
 import static java.util.Objects.isNull;
@@ -51,6 +52,7 @@
 import javax.validation.Valid;
 import javax.validation.ValidationException;
 
+import de.symeda.sormas.api.task.TaskContextIndex;
 import org.apache.commons.beanutils.BeanUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.jetbrains.annotations.NotNull;
@@ -887,7 +889,7 @@ public String generatePassword() {
 
 	}
 
-	@Override
+
 	
 	@Override
 	@PermitAll
@@ -907,15 +909,18 @@ public Set<UserRight> getValidLoginRights(String userName, String password) {
 		return null;
 	}
 
-	public Set<UserRole> getValidLoginRoles(String userName, String password) {
+	@Override
+	public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
 		User user = userService.getByUserName(userName);
-		if (user != null && user.isActive() && DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()))) {
-			return new HashSet<>(UserRole.getUserRights(user.getUserRoles()));
+		if (user != null && user.isActive()) {
+			if (DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()))) {
+				return getUserRoles(toDto(user));
+			}
 		}
-
 		return null;
 	}
 
+
 	@Override
 	@RightsAllowed(UserRight._USER_EDIT)
 	public boolean validatePassword(String uuid, String password) {
@@ -1203,6 +1208,7 @@ public List<UserRight> getUserRights(String userUuid) {
 		}
 	}
 
+
 	public interface JurisdictionOverEntitySubqueryBuilder<ADO extends AbstractDomainObject> {
 
 		Subquery<ADO> buildSubquery(CriteriaBuilder cb, CriteriaQuery<?> cq, Root<User> userRoot);
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index c69a9dfb032..62bc770502d 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -73,6 +73,8 @@
 
 public class UserController {
 
+	private Window popUpWindow;
+
 	public void create() {
 		CommitDiscardWrapperComponent<UserEditForm> userCreateComponent = getUserCreateComponent();
 		Window window = VaadinUiUtil.showModalPopupWindow(userCreateComponent, I18nProperties.getString(Strings.headingCreateNewUser));
@@ -235,11 +237,11 @@ public void makeNewPassword(String userUuid, String userEmail) {
 		}
 	}
 
-	public void showUpdatePassword(String userUuid, String userEmail, String password, String currentPassword) {
-		String newPassword = FacadeProvider.getUserFacade().updateUserPassword(userUuid, password, currentPassword);
+	public void showUpdatePassword(String userUuid, String userEmail, String password, String currentPassword ) {
+		FacadeProvider.getUserFacade().updateUserPassword(userUuid, password, currentPassword);
 
 		if (StringUtils.isBlank(userEmail) || AuthProvider.getProvider(FacadeProvider.getConfigFacade()).isDefaultProvider()) {
-			showPasswordResetInternalSuccessPopup(newPassword);
+			showPasswordChangeInternalSuccessPopup(I18nProperties.getString(Strings.messagePasswordChange));
 		} else {
 			showPasswordResetExternalSuccessPopup();
 		}
@@ -256,6 +258,21 @@ private void showPasswordResetInternalSuccessPopup(String newPassword) {
 		layout.setMargin(true);
 	}
 
+	private void showPasswordChangeInternalSuccessPopup(String passwordSuccessMessage) {
+		VerticalLayout layout = new VerticalLayout();
+		Label passwordLabel = new Label(passwordSuccessMessage);
+		passwordLabel.addStyleName(CssStyles.H2);
+		layout.addComponent(passwordLabel);
+		Window popupWindow = VaadinUiUtil.showPopupWindow(layout);
+		popupWindow.setCaption(I18nProperties.getString(Strings.headingChangePassword));
+
+		layout.setMargin(true);
+		popupWindow.addCloseListener(event -> {
+			System.out.println("closed");
+			popUpWindow.close();
+		});
+	}
+
 	private void showAccountCreatedSuccessful() {
 		VerticalLayout layout = new VerticalLayout();
 		layout.addComponent(new Label(I18nProperties.getString(Strings.messageActivateAccount)));
@@ -331,8 +348,8 @@ public Button createUpdatePasswordButton() {
 
 			@Override
 			public void buttonClick(ClickEvent event) {
-				Window popupWindow = VaadinUiUtil.showPopupWindow(getUpdatePasswordComponent());
-				popupWindow.setCaption(I18nProperties.getString(Strings.headingChangePassword));
+				popUpWindow = VaadinUiUtil.showPopupWindow(getUpdatePasswordComponent());
+				popUpWindow.setCaption(I18nProperties.getString(Strings.headingChangePassword));
 			}
 		}, ValoTheme.BUTTON_LINK);
 	}
@@ -421,8 +438,7 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
 							I18nProperties.getString(Strings.messageNewPasswordFailed),
 							Notification.Type.WARNING_MESSAGE));
 				} else {
-					FacadeProvider.getUserFacade()
-						.updateUserPassword(user.getUuid(), changedUser.getUpdatePassword(), changedUser.getCurrentPassword());
+
 					showUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getUpdatePassword(), changedUser.getCurrentPassword());
 				}
 			}
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/ConfirmationComponent.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/ConfirmationComponent.java
index 04ace91340f..692b9f48cf0 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/ConfirmationComponent.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/ConfirmationComponent.java
@@ -108,7 +108,7 @@ public void removeDoneListener(DoneListener listener) {
 		doneListeners.remove(listener);
 	}
 
-	protected void onDone() {
+	public void onDone() {
 		for (DoneListener listener : doneListeners)
 			listener.onDone();
 	}

From 3eb3a3900757a900c8689436785e388fdfebd328 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 7 Feb 2024 11:00:08 +0000
Subject: [PATCH 37/95] upating camera permission and progress dialog#12881

---
 sormas-app/app/src/main/AndroidManifest.xml   | 12 +++++++----
 .../app/login/ChangePasswordActivity.java     | 21 +++++++++++++++----
 .../main/res/layout/layout_loading_dialog.xml | 19 +++++++++++++++++
 3 files changed, 44 insertions(+), 8 deletions(-)
 create mode 100644 sormas-app/app/src/main/res/layout/layout_loading_dialog.xml

diff --git a/sormas-app/app/src/main/AndroidManifest.xml b/sormas-app/app/src/main/AndroidManifest.xml
index ab9e3b3de28..2ec0864393b 100644
--- a/sormas-app/app/src/main/AndroidManifest.xml
+++ b/sormas-app/app/src/main/AndroidManifest.xml
@@ -8,10 +8,15 @@
     <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
     <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
     <uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
+    <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
+
     <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" />
     <uses-permission android:name="android.permission.WAKE_LOCK" />
 
     <uses-feature android:name="android.hardware.location.gps" />
+    <uses-feature
+        android:name="android.hardware.camera"
+        android:required="false" />
 
     <uses-permission android:name="android.permission.CAMERA" />
     <uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
@@ -41,8 +46,7 @@
             android:screenOrientation="portrait"
             android:exported="true"
             android:launchMode="singleTop"
-            android:screenOrientation="portrait"
-            android:theme="@style/LoginActivityTheme" >
+            >
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />
 
@@ -471,8 +475,8 @@
         </activity>
 
         <!-- Only needed for androidTest - found no other way to manifest this -->
-        <activity
-            android:name=".TestBackendActivity" />
+<!--        <activity-->
+<!--            android:name=".TestBackendActivity" />-->
 
         <activity
             android:name=".barcode.BarcodeActivity" />
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index eb96ad486b8..4670541be3d 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -1,6 +1,7 @@
 package de.symeda.sormas.app.login;
 
 import android.annotation.SuppressLint;
+import android.app.AlertDialog;
 import android.app.ProgressDialog;
 import android.content.Intent;
 import android.graphics.Color;
@@ -39,7 +40,7 @@ public class ChangePasswordActivity extends BaseLocalizedActivity implements Act
     private boolean isAtLeast8 = false, hasUppercase = false, hasNumber = false, hasSymbol = false, isGood = false;
 
     private ActivityChangePasswordLayoutBinding binding;
-    private ProgressDialog progressDialog = null;
+    private AlertDialog dialog;
 
     @RequiresApi(api = Build.VERSION_CODES.R)
     @Override
@@ -49,6 +50,11 @@ protected void onCreate(Bundle savedInstanceState) {
         LoginViewModel loginViewModel = new LoginViewModel();
         binding = DataBindingUtil.setContentView(this, R.layout.activity_change_password_layout);
         binding.setData(loginViewModel);
+
+        AlertDialog.Builder builder = new AlertDialog.Builder(this);
+        builder.setCancelable(false); 
+        builder.setView(R.layout.layout_loading_dialog);
+        dialog = builder.create();
     }
 
     @Override
@@ -60,8 +66,8 @@ public void onPause() {
 
     @Override
     protected void onDestroy() {
-        if (progressDialog != null && progressDialog.isShowing()) {
-            progressDialog.dismiss();
+        if (dialog != null && dialog.isShowing()) {
+            dialog.dismiss();
         }
 
         super.onDestroy();
@@ -173,16 +179,22 @@ public void onFailure(@NonNull Call<String> call, @NonNull Throwable t) {
 
     private void executeSaveNewPasswordCall(Call<String> call){
         try {
+            dialog.show();
+
             call.enqueue(new Callback<String>() {
                 @Override
                 public void onResponse(Call<String> call, Response<String> response) {
                     if (response.code() != 200) {
                         NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_save_password);
+                        dialog.dismiss();
                     }else {
-                        Toast.makeText(getApplicationContext(), "Password Saved", Toast.LENGTH_SHORT).show();
+                        Toast.makeText(getApplicationContext(), "Password Saved", Toast.LENGTH_LONG).show();
                         NotificationHelper.showNotification(binding, NotificationType.SUCCESS, R.string.message_password_changed);
                         finish();
+                        dialog.dismiss();
                     }
+
+
                 }
 
                 @Override
@@ -229,5 +241,6 @@ public void savePassword(View view) {
             });
         }
 
+
     }
 }
diff --git a/sormas-app/app/src/main/res/layout/layout_loading_dialog.xml b/sormas-app/app/src/main/res/layout/layout_loading_dialog.xml
new file mode 100644
index 00000000000..0626fe657cc
--- /dev/null
+++ b/sormas-app/app/src/main/res/layout/layout_loading_dialog.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="utf-8"?>
+<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
+    android:layout_width="match_parent"
+    android:layout_height="wrap_content"
+    android:orientation="horizontal"
+    android:padding="20dp">
+    <ProgressBar
+        android:layout_width="0dp"
+        android:layout_height="wrap_content"
+        android:layout_weight="1" />
+
+    <TextView
+        android:layout_width="0dp"
+        android:layout_height="match_parent"
+        android:layout_weight="4"
+        android:gravity="center"
+        android:text="Please wait! This may take a moment." />
+</LinearLayout>
+

From 08a5b6bf081266e34abcd9158b25f627f8abdc8b Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 7 Feb 2024 16:16:29 +0000
Subject: [PATCH 38/95] removed user edit from validate password to enable all
 users to be able to reset their password#12881

---
 .../de/symeda/sormas/app/login/ChangePasswordActivity.java  | 2 +-
 .../java/de/symeda/sormas/backend/user/UserFacadeEjb.java   | 6 ++++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index 4670541be3d..81e50e720f1 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -52,7 +52,7 @@ protected void onCreate(Bundle savedInstanceState) {
         binding.setData(loginViewModel);
 
         AlertDialog.Builder builder = new AlertDialog.Builder(this);
-        builder.setCancelable(false); 
+        builder.setCancelable(false);
         builder.setView(R.layout.layout_loading_dialog);
         dialog = builder.create();
     }
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 0126fd978b7..e14da8aaaba 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -874,9 +874,10 @@ public String updatePassword(String uuid, String password) {
 		return updatePassword;
 	}
 
+
 	@Override
 	public String updateUserPassword(String uuid, String password, String currentPassword) {
-		String updatePassword = userService.updatePassword(uuid, password);
+		String updatePassword = updatePassword(uuid, password);
 		passwordResetEvent.fire(new PasswordResetEvent(userService.getByUuid(uuid)));
 
 		return updatePassword;
@@ -922,7 +923,8 @@ public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
 
 
 	@Override
-	@RightsAllowed(UserRight._USER_EDIT)
+	@PermitAll
+	//@RightsAllowed(UserRight._USER_EDIT)
 	public boolean validatePassword(String uuid, String password) {
 		User user = userService.getCurrentUser();
 		if (user != null) {

From 47b3dc980db22a0d0a0f166b57d516a97935bb4c Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Mon, 12 Feb 2024 17:36:26 +0000
Subject: [PATCH 39/95] Added @Audited Annotations to classes that require them
 and rearranged key value pairs in strings and captions class#12881

---
 .../de/symeda/sormas/api/i18n/Captions.java   | 10 +++++-----
 .../de/symeda/sormas/api/i18n/Strings.java    | 20 +++++++++----------
 .../sormas/api/task/TaskContextIndex.java     |  6 ++++++
 .../symeda/sormas/api/user/UserRoleDto.java   |  3 ++-
 .../src/main/resources/strings.properties     |  2 +-
 5 files changed, 24 insertions(+), 17 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Captions.java b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Captions.java
index 75357deec80..03d0cd9507a 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Captions.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Captions.java
@@ -620,6 +620,7 @@ public interface Captions {
 	String Configuration_LineListing = "Configuration.LineListing";
 	String Configuration_Outbreaks = "Configuration.Outbreaks";
 	String Configuration_PointsOfEntry = "Configuration.PointsOfEntry";
+	String confirmPassword = "confirmPassword";
 	String Contact = "Contact";
 	String Contact_additionalDetails = "Contact.additionalDetails";
 	String Contact_ageAndBirthDate = "Contact.ageAndBirthDate";
@@ -816,6 +817,7 @@ public interface Captions {
 	String countryArchivedCountries = "countryArchivedCountries";
 	String createSymptomJournalAccountButton = "createSymptomJournalAccountButton";
 	String creationDate = "creationDate";
+	String currentPassword = "currentPassword";
 	String CustomizableEnum_hasDetails = "CustomizableEnum.hasDetails";
 	String CustomizableEnum_hasDetails_short = "CustomizableEnum.hasDetails.short";
 	String CustomizableEnumValue_caption = "CustomizableEnumValue.caption";
@@ -1750,6 +1752,7 @@ public interface Captions {
 	String outbreakNormal = "outbreakNormal";
 	String outbreakOutbreak = "outbreakOutbreak";
 	String passportNumber = "passportNumber";
+	String passwordStrength = "passwordStrength";
 	String PathogenTest = "PathogenTest";
 	String PathogenTest_cqValue = "PathogenTest.cqValue";
 	String PathogenTest_ctValueE = "PathogenTest.ctValueE";
@@ -2606,6 +2609,7 @@ public interface Captions {
 	String treatmentOpenPrescription = "treatmentOpenPrescription";
 	String unassigned = "unassigned";
 	String unknown = "unknown";
+	String updatePassword = "updatePassword";
 	String User = "User";
 	String User_active = "User.active";
 	String User_address = "User.address";
@@ -2622,16 +2626,12 @@ public interface Captions {
 	String User_userEmail = "User.userEmail";
 	String User_userName = "User.userName";
 	String User_userRoles = "User.userRoles";
-	String updatePassword = "updatePassword";
-	String currentPassword = "currentPassword";
-	String confirmPassword = "confirmPassword";
-	String passwordStrength = "passwordStrength";
 	String User_uuid = "User.uuid";
+	String userGeneratePassword = "userGeneratePassword";
 	String userMyUserId = "userMyUserId";
 	String userNewUser = "userNewUser";
 	String userResetPassword = "userResetPassword";
 	String userRestrictDiseases = "userRestrictDiseases";
-	String userGeneratePassword = "userGeneratePassword";
 	String userRight = "userRight";
 	String UserRight_caption = "UserRight.caption";
 	String UserRight_description = "UserRight.description";
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
index d2dc16ed1d8..3e0339d657b 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
@@ -184,6 +184,8 @@ public interface Strings {
 	String confirmationVaccinationStatusUpdate = "confirmationVaccinationStatusUpdate";
 	String confirmExternalMessageCorrectionThrough = "confirmExternalMessageCorrectionThrough";
 	String confirmNetworkDiagramTooManyContacts = "confirmNetworkDiagramTooManyContacts";
+	String confirmPassword = "confirmPassword";
+	String currentPassword = "currentPassword";
 	String date = "date";
 	String day = "day";
 	String DefaultPassword_newPassword = "DefaultPassword.newPassword";
@@ -444,6 +446,7 @@ public interface Strings {
 	String headingcasesWithReferenceDefinitionFulfilled = "headingcasesWithReferenceDefinitionFulfilled";
 	String headingCaution = "headingCaution";
 	String headingChangeCaseDisease = "headingChangeCaseDisease";
+	String headingChangePassword = "headingChangePassword";
 	String headingChangePathogenTestResult = "headingChangePathogenTestResult";
 	String headingClinicalMeasurements = "headingClinicalMeasurements";
 	String headingClinicalVisitsDeleted = "headingClinicalVisitsDeleted";
@@ -667,7 +670,6 @@ public interface Strings {
 	String headingLineListingImport = "headingLineListingImport";
 	String headingLocation = "headingLocation";
 	String headingLoginFailed = "headingLoginFailed";
-	String headingUpdatePasswordFailed = "headingUpdatePasswordFailed";
 	String headingMaternalHistory = "headingMaternalHistory";
 	String headingMedicalInformation = "headingMedicalInformation";
 	String headingMergeDuplicateEventParticipantSamePersonSameEvent = "headingMergeDuplicateEventParticipantSamePersonSameEvent";
@@ -709,10 +711,6 @@ public interface Strings {
 	String headingPaperFormDates = "headingPaperFormDates";
 	String headingPathogenTestsDeleted = "headingPathogenTestsDeleted";
 	String headingPersonData = "headingPersonData";
-	String currentPassword = "currentPassword";
-	String updatePassword = "updatePassword";
-	String confirmPassword = "confirmPassword";
-	String passwordStrength = "passwordStrength";
 	String headingPersonInformation = "headingPersonInformation";
 	String headingPersonOccupation = "headingPersonOccupation";
 	String headingPickEventGroup = "headingPickEventGroup";
@@ -821,7 +819,7 @@ public interface Strings {
 	String headingUpdatedPersonInformation = "headingUpdatedPersonInformation";
 	String headingUpdatedSampleInformation = "headingUpdatedSampleInformation";
 	String headingUpdatePassword = "headingUpdatePassword";
-	String headingChangePassword = "headingChangePassword";
+	String headingUpdatePasswordFailed = "headingUpdatePasswordFailed";
 	String headingUpdatePersonContactDetails = "headingUpdatePersonContactDetails";
 	String headingUploadSuccess = "headingUploadSuccess";
 	String headingUserData = "headingUserData";
@@ -1349,13 +1347,12 @@ public interface Strings {
 	String messageLineListingDisabled = "messageLineListingDisabled";
 	String messageLineListingSaved = "messageLineListingSaved";
 	String messageLoginFailed = "messageLoginFailed";
-	String messageNewPasswordDoesNotMatchFailed = "messageNewPasswordDoesNotMatchFailed";
-	String messagePasswordFailed = "messagePasswordFailed";
-	String messageNewPasswordFailed = "messageNewPasswordFailed";
 	String messageMissingCases = "messageMissingCases";
 	String messageMissingDateFilter = "messageMissingDateFilter";
 	String messageMissingEpiWeekFilter = "messageMissingEpiWeekFilter";
 	String messageMultipleSampleReports = "messageMultipleSampleReports";
+	String messageNewPasswordDoesNotMatchFailed = "messageNewPasswordDoesNotMatchFailed";
+	String messageNewPasswordFailed = "messageNewPasswordFailed";
 	String messageNoCaseFound = "messageNoCaseFound";
 	String messageNoCaseFoundToLinkImmunization = "messageNoCaseFoundToLinkImmunization";
 	String messageNoCasesSelected = "messageNoCasesSelected";
@@ -1392,8 +1389,9 @@ public interface Strings {
 	String messageNoVisitsSelected = "messageNoVisitsSelected";
 	String messageOtherDeleteReasonNotFilled = "messageOtherDeleteReasonNotFilled";
 	String messageOutbreakSaved = "messageOutbreakSaved";
-	String messagePasswordReset = "messagePasswordReset";
 	String messagePasswordChange = "messagePasswordChange";
+	String messagePasswordFailed = "messagePasswordFailed";
+	String messagePasswordReset = "messagePasswordReset";
 	String messagePasswordResetEmailLink = "messagePasswordResetEmailLink";
 	String messagePathogenTestSaved = "messagePathogenTestSaved";
 	String messagePathogenTestSavedShort = "messagePathogenTestSavedShort";
@@ -1563,6 +1561,7 @@ public interface Strings {
 	String of = "of";
 	String on = "on";
 	String or = "or";
+	String passwordStrength = "passwordStrength";
 	String pathogenTestDeletedDuringLabMessageConversion = "pathogenTestDeletedDuringLabMessageConversion";
 	String pleaseSpecify = "pleaseSpecify";
 	String populationDataByArea = "populationDataByArea";
@@ -1710,6 +1709,7 @@ public interface Strings {
 	String unsavedChanges_warningMessage = "unsavedChanges.warningMessage";
 	String unsavedChanges_warningTitle = "unsavedChanges.warningTitle";
 	String until = "until";
+	String updatePassword = "updatePassword";
 	String uuidOf = "uuidOf";
 	String warningDashboardMapTooManyMarkers = "warningDashboardMapTooManyMarkers";
 	String warningNetworkDiagramTooManyContacts = "warningNetworkDiagramTooManyContacts";
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java
index 472f9818e80..c2ba77a921c 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java
@@ -19,11 +19,17 @@
 package de.symeda.sormas.api.task;
 
 
+import de.symeda.sormas.api.audit.AuditIncludeProperty;
+import de.symeda.sormas.api.audit.AuditedClass;
+
 import java.io.Serializable;
 
+@AuditedClass
 public class TaskContextIndex implements Serializable, Cloneable {
 
+    @AuditIncludeProperty
     private TaskContext taskContext;
+    @AuditIncludeProperty
     private String uuid;
 
     public TaskContextIndex() {
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
index 8016b1f17db..5b7ff0cd2e2 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
@@ -30,13 +30,14 @@
 import com.fasterxml.jackson.annotation.JsonIgnore;
 
 import de.symeda.sormas.api.EntityDto;
+import de.symeda.sormas.api.audit.AuditedClass;
 import de.symeda.sormas.api.i18n.I18nProperties;
 import de.symeda.sormas.api.i18n.Strings;
 import de.symeda.sormas.api.i18n.Validations;
 import de.symeda.sormas.api.utils.DataHelper;
 import de.symeda.sormas.api.utils.FieldConstraints;
 import de.symeda.sormas.api.utils.ValidationException;
-
+@AuditedClass
 public class UserRoleDto extends EntityDto {
 
 	private static final long serialVersionUID = -547459523041494446L;
diff --git a/sormas-api/src/main/resources/strings.properties b/sormas-api/src/main/resources/strings.properties
index f80fb84ba57..0367628edd7 100644
--- a/sormas-api/src/main/resources/strings.properties
+++ b/sormas-api/src/main/resources/strings.properties
@@ -640,7 +640,7 @@ headingPersonData = Person data
 currentPassword=Enter Current Password
 updatePassword=Enter new Password
 confirmPassword=Confirm new Password
-+passwordStrength=Password strength
+passwordStrength=Password strength
 headingPersonInformation = Person information
 headingPersonOccupation = Occupation & education
 headingPickEventGroup = Pick event group

From 340eb6fc5cb047a3e7200c168e478aa81801fc56 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Sun, 18 Feb 2024 07:54:28 +0000
Subject: [PATCH 40/95] fix methods to pass testcases#12881

---
 .../de/symeda/sormas/backend/user/UserFacadeEjb.java   | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 6f707dc2066..98a5ca1c7c2 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -879,7 +879,7 @@ public String updatePassword(String uuid, String password) {
 		return updatePassword;
 	}
 
-
+	@PermitAll
 	@Override
 	public String updateUserPassword(String uuid, String password, String currentPassword) {
 		String updatePassword = updatePassword(uuid, password);
@@ -888,7 +888,7 @@ public String updateUserPassword(String uuid, String password, String currentPas
 		return updatePassword;
 
 	}
-
+	@PermitAll
 	@Override
 	public String generatePassword() {
 		return userService.generatePassword();
@@ -914,7 +914,7 @@ public Set<UserRight> getValidLoginRights(String userName, String password) {
 
 		return null;
 	}
-
+	@PermitAll
 	@Override
 	public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
 		User user = userService.getByUserName(userName);
@@ -937,7 +937,7 @@ public boolean validatePassword(String uuid, String password) {
 		}
 		return false;
 	}
-
+	@PermitAll
 	@Override
 	public String checkPasswordStrength(String password) {
 		//Password must be between 8 and
@@ -1004,7 +1004,7 @@ public String checkPasswordStrength(String password) {
 		} else
 			return passStrength;
 	};
-
+	@PermitAll
 	@Override
 	public void removeUserAsSurveillanceAndContactOfficer(String userUuid) {
 		CriteriaBuilder cb = em.getCriteriaBuilder();

From d2d955d9ef3322981b50dd3378a44aaba2caef5f Mon Sep 17 00:00:00 2001
From: David <daveotengo@yahoo.com>
Date: Sun, 18 Feb 2024 09:39:46 +0000
Subject: [PATCH 41/95] user facade update to fix double methods#12881

---
 .../symeda/sormas/backend/user/UserFacadeEjb.java | 15 +--------------
 1 file changed, 1 insertion(+), 14 deletions(-)

diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index c9312500c8f..8b367b5adab 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -926,20 +926,7 @@ public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
 		}
 		return null;
 	}
-
-
-	@Override
-	public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
-		User user = userService.getByUserName(userName);
-		if (user != null && user.isActive()) {
-			if (DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()))) {
-				return getUserRoles(toDto(user));
-			}
-		}
-		return null;
-	}
-
-
+	
 	@Override
 	@PermitAll
 	//@RightsAllowed(UserRight._USER_EDIT)

From 2d320b88707609074cefb94291cae900a9fbb6c8 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Sun, 18 Feb 2024 09:57:04 +0000
Subject: [PATCH 42/95] user facade update to fix double methods#12881

---
 .../symeda/sormas/backend/user/UserFacadeEjb.java | 15 +--------------
 1 file changed, 1 insertion(+), 14 deletions(-)

diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index c9312500c8f..8b367b5adab 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -926,20 +926,7 @@ public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
 		}
 		return null;
 	}
-
-
-	@Override
-	public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
-		User user = userService.getByUserName(userName);
-		if (user != null && user.isActive()) {
-			if (DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()))) {
-				return getUserRoles(toDto(user));
-			}
-		}
-		return null;
-	}
-
-
+	
 	@Override
 	@PermitAll
 	//@RightsAllowed(UserRight._USER_EDIT)

From 2729b1c682989a07d1c00184eaa389bcbc26f681 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Sat, 16 Mar 2024 08:21:39 +0000
Subject: [PATCH 43/95] special characters, notification, password generation
 logic and discard btn update

---
 .../de/symeda/sormas/api/i18n/Strings.java    |  1 +
 .../sormas/api/utils/PasswordHelper.java      | 22 ++++++++
 .../src/main/resources/strings.properties     |  3 +-
 .../sormas/backend/user/UserService.java      |  2 +-
 .../symeda/sormas/ui/user/UserController.java | 56 +++++++++++--------
 5 files changed, 59 insertions(+), 25 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
index c7b94ced7b2..a7dc873eac9 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
@@ -1505,6 +1505,7 @@ public interface Strings {
 	String messageVisitsDeleted = "messageVisitsDeleted";
 	String messageVisitsWithWrongStatusNotCancelled = "messageVisitsWithWrongStatusNotCancelled";
 	String messageVisitsWithWrongStatusNotSetToLost = "messageVisitsWithWrongStatusNotSetToLost";
+	String messageWrongCurrentPassword = "messageWrongCurrentPassword";
 	String messageWrongFileType = "messageWrongFileType";
 	String messageWrongTemplateFileType = "messageWrongTemplateFileType";
 	String min = "min";
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java b/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
index 7ccdb33428d..84f97c78323 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
@@ -21,6 +21,7 @@
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
+import java.util.Arrays;
 
 import javax.validation.ValidationException;
 
@@ -66,6 +67,27 @@ private PasswordHelper() {
 		}
 	}
 
+	public static String generatePasswordWithSpecialChars(int length) {
+		// Combine the existing character set with special characters
+		char[] combinedChars = Arrays.copyOf(PASSWORD_CHARS, PASSWORD_CHARS.length + 10);
+		combinedChars[PASSWORD_CHARS.length] = '!';
+		combinedChars[PASSWORD_CHARS.length + 1] = '@';
+		combinedChars[PASSWORD_CHARS.length + 2] = '#';
+		combinedChars[PASSWORD_CHARS.length + 3] = '$';
+		combinedChars[PASSWORD_CHARS.length + 4] = '%';
+		combinedChars[PASSWORD_CHARS.length + 5] = '^';
+		combinedChars[PASSWORD_CHARS.length + 6] = '&';
+		combinedChars[PASSWORD_CHARS.length + 7] = '*';
+		combinedChars[PASSWORD_CHARS.length + 8] = '(';
+		combinedChars[PASSWORD_CHARS.length + 9] = ')';
+
+		SecureRandom rnd = new SecureRandom();
+		char[] chs = new char[length];
+		for (int i = 0; i < length; i++)
+			chs[i] = combinedChars[rnd.nextInt(combinedChars.length)];
+		return new String(chs);
+	}
+
 	public static String createPass(final int length) {
 
 		SecureRandom rnd = new SecureRandom();
diff --git a/sormas-api/src/main/resources/strings.properties b/sormas-api/src/main/resources/strings.properties
index 1b564d60cee..0a1d757de08 100644
--- a/sormas-api/src/main/resources/strings.properties
+++ b/sormas-api/src/main/resources/strings.properties
@@ -1268,8 +1268,9 @@ messageUploadSuccessful = Upload successful! You can now close this window.
 messageIncompleteGpsCoordinates = GPS coordinates are incomplete
 messageExternalMessagesAssigned = The assignee has been changed for all selected messages
 messageLoginFailed = Please check your username and password and try again
-messageNewPasswordDoesNotMatchFailed = New password and current password does not match
+messageNewPasswordDoesNotMatchFailed = New password and Confirm password does not match
 messagePasswordFailed = Incorrect Password Please check your Password and try again
+messageWrongCurrentPassword = Wrong Current Password
 messageNewPasswordFailed = Password should contain some text, \n atleast one special character \n some numbers \n and should be more than 8 characters
 messageMissingCases = Please generate some cases before generating contacts
 messageMissingDateFilter = Please fill in both date filter fields
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
index c09bcc62365..7d5e80d9d4f 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
@@ -651,7 +651,7 @@ public String resetPassword(String userUuid) {
 	}
 
 	public String generatePassword() {
-		return PasswordHelper.createPass(12);
+		return PasswordHelper.generatePasswordWithSpecialChars(12);
 	}
 
 	public String updatePassword(String userUuid, String password) {
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 62bc770502d..9bd77489a2e 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -74,6 +74,7 @@
 public class UserController {
 
 	private Window popUpWindow;
+	private boolean isGeneratePassword=false;
 
 	public void create() {
 		CommitDiscardWrapperComponent<UserEditForm> userCreateComponent = getUserCreateComponent();
@@ -237,16 +238,22 @@ public void makeNewPassword(String userUuid, String userEmail) {
 		}
 	}
 
-	public void showUpdatePassword(String userUuid, String userEmail, String password, String currentPassword ) {
+	public void showUpdatePassword(String userUuid, String userEmail, String password, String currentPassword) {
 		FacadeProvider.getUserFacade().updateUserPassword(userUuid, password, currentPassword);
-
-		if (StringUtils.isBlank(userEmail) || AuthProvider.getProvider(FacadeProvider.getConfigFacade()).isDefaultProvider()) {
-			showPasswordChangeInternalSuccessPopup(I18nProperties.getString(Strings.messagePasswordChange));
+		if (isGeneratePassword) {
+			if (StringUtils.isBlank(userEmail) || AuthProvider.getProvider(FacadeProvider.getConfigFacade()).isDefaultProvider()) {
+				showPasswordResetInternalSuccessPopup(password);
+			} else {
+				showPasswordResetExternalSuccessPopup();
+			}
 		} else {
-			showPasswordResetExternalSuccessPopup();
+			showPasswordChangeInternalSuccessPopup(I18nProperties.getString(Strings.messagePasswordChange));
 		}
+
+		isGeneratePassword=false;
 	}
 
+
 	private void showPasswordResetInternalSuccessPopup(String newPassword) {
 		VerticalLayout layout = new VerticalLayout();
 		layout.addComponent(new Label(I18nProperties.getString(Strings.messageCopyPassword)));
@@ -256,6 +263,10 @@ private void showPasswordResetInternalSuccessPopup(String newPassword) {
 		Window popupWindow = VaadinUiUtil.showPopupWindow(layout);
 		popupWindow.setCaption(I18nProperties.getString(Strings.headingNewPassword));
 		layout.setMargin(true);
+
+		popupWindow.addCloseListener(event -> {
+			popUpWindow.close();
+		});
 	}
 
 	private void showPasswordChangeInternalSuccessPopup(String passwordSuccessMessage) {
@@ -268,7 +279,6 @@ private void showPasswordChangeInternalSuccessPopup(String passwordSuccessMessag
 
 		layout.setMargin(true);
 		popupWindow.addCloseListener(event -> {
-			System.out.println("closed");
 			popUpWindow.close();
 		});
 	}
@@ -289,6 +299,10 @@ private void showPasswordResetExternalSuccessPopup() {
 		popupWindow.setCaption(I18nProperties.getString(Strings.headingNewPassword));
 		popupWindow.setWidth(450, Unit.PIXELS);
 		layout.setMargin(true);
+
+		popupWindow.addCloseListener(event -> {
+			popUpWindow.close();
+		});
 	}
 
 	private void refreshView() {
@@ -333,6 +347,9 @@ public Button generatePasswordButton() {
 
 			@Override
 			public void buttonClick(ClickEvent event) {
+
+				isGeneratePassword = true;
+
 				String generatedPassword = FacadeProvider.getUserFacade().generatePassword();
 				form.currentPassword.setCaption(generatedPassword);
 				form.confirmPassword.setCaption(generatedPassword);
@@ -416,30 +433,23 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
 				passwordStrengthDesc.setStyleName(LABEL_CRITICAL);
 			}
 		});
+
+		component.addDiscardListener(()->{
+			popUpWindow.close();
+		});
+
 		component.addCommitListener(() -> {
 			if (!form.getFieldGroup().isModified()) {
 				UserDto changedUser = form.getValue();
 				if (!Objects.equals(changedUser.getConfirmPassword(), changedUser.getUpdatePassword())) {
-					form.showNotification(
-						new Notification(
-							I18nProperties.getString(Strings.headingUpdatePasswordFailed),
-							I18nProperties.getString(Strings.messageNewPasswordDoesNotMatchFailed),
-							Notification.Type.WARNING_MESSAGE));
+					Notification.show(I18nProperties.getString(Strings.messageNewPasswordDoesNotMatchFailed), Notification.Type.ERROR_MESSAGE);
 				} else if (!FacadeProvider.getUserFacade().validatePassword(user.getUuid(), changedUser.getCurrentPassword())) {
-					form.showNotification(
-						new Notification(
-							I18nProperties.getString(Strings.headingUpdatePasswordFailed),
-							I18nProperties.getString(Strings.messagePasswordFailed),
-							Notification.Type.WARNING_MESSAGE));
+					Notification.show(I18nProperties.getString(Strings.messageWrongCurrentPassword), Notification.Type.ERROR_MESSAGE);
 				} else if (passwordStrengthDesc.getValue().contains("Weak")) {
-					form.showNotification(
-						new Notification(
-							I18nProperties.getString(Strings.headingUpdatePasswordFailed),
-							I18nProperties.getString(Strings.messageNewPasswordFailed),
-							Notification.Type.WARNING_MESSAGE));
+					Notification.show(I18nProperties.getString(Strings.messageNewPasswordFailed), Notification.Type.ERROR_MESSAGE);
 				} else {
-
-					showUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getUpdatePassword(), changedUser.getCurrentPassword());
+					showUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getUpdatePassword(),
+							changedUser.getCurrentPassword());
 				}
 			}
 		});

From 6bef4e57d2e73b0be1b74ec6f282ede50b6cedb5 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 19 Mar 2024 17:11:44 +0000
Subject: [PATCH 44/95] Adding special character validation to password
 policy#12881

---
 .../sormas/backend/user/UserFacadeEjb.java    | 88 ++-----------------
 .../backend/util/PasswordValidator.java       | 44 ++++++++++
 .../symeda/sormas/ui/user/UserController.java |  1 +
 3 files changed, 51 insertions(+), 82 deletions(-)
 create mode 100644 sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java

diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 8b367b5adab..f4320412e54 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -52,6 +52,7 @@
 import javax.validation.ValidationException;
 
 import de.symeda.sormas.api.task.TaskContextIndex;
+import de.symeda.sormas.backend.util.*;
 import org.apache.commons.beanutils.BeanUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.jetbrains.annotations.NotNull;
@@ -140,22 +141,7 @@
 import de.symeda.sormas.backend.user.event.PasswordResetEvent;
 import de.symeda.sormas.backend.user.event.UserCreateEvent;
 import de.symeda.sormas.backend.user.event.UserUpdateEvent;
-import de.symeda.sormas.backend.util.DtoHelper;
-import de.symeda.sormas.backend.util.ModelConstants;
-import de.symeda.sormas.backend.util.QueryHelper;
-import de.symeda.sormas.backend.util.RightsAllowed;
-import edu.vt.middleware.password.CharacterCharacteristicsRule;
-import edu.vt.middleware.password.DigitCharacterRule;
-import edu.vt.middleware.password.LengthRule;
-import edu.vt.middleware.password.LowercaseCharacterRule;
-import edu.vt.middleware.password.NonAlphanumericCharacterRule;
-import edu.vt.middleware.password.Password;
-import edu.vt.middleware.password.PasswordData;
-import edu.vt.middleware.password.PasswordValidator;
-import edu.vt.middleware.password.Rule;
-import edu.vt.middleware.password.RuleResult;
-import edu.vt.middleware.password.UppercaseCharacterRule;
-import edu.vt.middleware.password.WhitespaceRule;
+
 
 @Stateless(name = "UserFacade")
 public class UserFacadeEjb implements UserFacade {
@@ -937,75 +923,13 @@ public boolean validatePassword(String uuid, String password) {
 		}
 		return false;
 	}
-  
+
 	@PermitAll
 	@Override
 	public String checkPasswordStrength(String password) {
-		//Password must be between 8 and
-		LengthRule strongPasswordlengthRule = new LengthRule(10, 64);
-
-		LengthRule moderatePasswordlengthRule = new LengthRule(8, 16);
-		// don't allow whitespace
-		WhitespaceRule whitespaceRule = new WhitespaceRule();
-		/*-----STrong password-----*/
-		// control allowed characters
-		CharacterCharacteristicsRule strongPassword = new CharacterCharacteristicsRule();
-		// require at least 2 digit in passwords
-		strongPassword.getRules().add(new DigitCharacterRule(2));
-		// require at least 2 non-alphanumeric char
-		strongPassword.getRules().add(new NonAlphanumericCharacterRule(2));
-		// require at least 1 upper case char
-		strongPassword.getRules().add(new UppercaseCharacterRule(1));
-		// require at least 1 lower case char
-		strongPassword.getRules().add(new LowercaseCharacterRule(1));
-
-		// require at least 6 of the previous rules be met
-		strongPassword.setNumberOfCharacteristics(4);
-		//Check to see all rules are met for a strong
-		List<Rule> strongPasswordRuleList = new ArrayList<Rule>();
-		strongPasswordRuleList.add(strongPasswordlengthRule);
-		strongPasswordRuleList.add(whitespaceRule);
-		strongPasswordRuleList.add(strongPassword);
-		PasswordValidator strongPasswordValidator = new PasswordValidator(strongPasswordRuleList);
-		PasswordData strongPasswordData = new PasswordData(new Password(password));
-		RuleResult strongPasswordresult = strongPasswordValidator.validate(strongPasswordData);
-
-		/*-----moderate password-----*/
-		// control allowed characters
-		CharacterCharacteristicsRule moderatePassword = new CharacterCharacteristicsRule();
-		// require at least 1 digit in passwords
-		moderatePassword.getRules().add(new DigitCharacterRule(1));
-		// require at least 1 non-alphanumeric char
-		moderatePassword.getRules().add(new NonAlphanumericCharacterRule(1));
-		// require at least 1 upper case char
-		moderatePassword.getRules().add(new UppercaseCharacterRule(1));
-		// require at least 1 lower case char
-		moderatePassword.getRules().add(new LowercaseCharacterRule(1));
-
-		// require at least 6 of the previous rules be met
-		strongPassword.setNumberOfCharacteristics(3);
-		//Check to see all rules are met for a strong
-		List<Rule> moderatePasswordRuleList = new ArrayList<Rule>();
-		moderatePasswordRuleList.add(moderatePasswordlengthRule);
-		moderatePasswordRuleList.add(whitespaceRule);
-		moderatePasswordRuleList.add(moderatePassword);
-		PasswordValidator moderatePasswordValidator = new PasswordValidator(moderatePasswordRuleList);
-		PasswordData moderatePasswordData = new PasswordData(new Password(password));
-		RuleResult moderatePasswordresult = moderatePasswordValidator.validate(moderatePasswordData);
-
-		String passStrength = "Password Strength is Weak";
-		if (strongPasswordresult.isValid()) {
-			passStrength = "Password Strength is Strong";
-			return passStrength;
-
-		} else if (moderatePasswordresult.isValid()) {
-			passStrength = "Password Strength is Moderate";
-			return passStrength;
-
-		} else
-			return passStrength;
-	};
-  
+		return PasswordValidator.checkPasswordStrength(password);
+	}
+
 	@PermitAll
 	@Override
 	public void removeUserAsSurveillanceAndContactOfficer(String userUuid) {
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
new file mode 100644
index 00000000000..39471a65acd
--- /dev/null
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
@@ -0,0 +1,44 @@
+package de.symeda.sormas.backend.util;
+
+public class PasswordValidator {
+
+    public static String  checkPasswordStrength(String password) {
+        // Define your password strength rules here
+        boolean strongPassword = isStrongPassword(password);
+        boolean moderatePassword = isModeratePassword(password);
+
+        if (strongPassword) {
+            return "Password Strength is Strong";
+        } else if (moderatePassword) {
+            return "Password Strength is Moderate";
+        } else {
+            return "Password Strength is Weak";
+        }
+    }
+
+    private static boolean isStrongPassword(String password) {
+        // Define strong password criteria here
+        return password.length() >= 10 && hasTwoDigits(password) && hasTwoSpecialCharacters(password);
+    }
+
+    private static boolean isModeratePassword(String password) {
+        // Define moderate password criteria here
+        return password.length() >= 8 && hasDigits(password) && hasSpecialCharacters(password);
+    }
+
+    private static boolean hasDigits(String password) {
+        return password.matches(".*\\d.*");
+    }
+
+    private static boolean hasSpecialCharacters(String password) {
+        return password.matches(".*[^a-zA-Z0-9 ].*");
+    }
+
+    private static boolean hasTwoDigits(String password) {
+        return password.replaceAll("\\D", "").length() >= 2;
+    }
+
+    private static boolean hasTwoSpecialCharacters(String password) {
+        return password.replaceAll("[\\w\\s]", "").length() >= 2;
+    }
+}
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 9abbfeedf86..e7a127136ab 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -30,6 +30,7 @@
 import java.util.function.Consumer;
 import java.util.stream.Collectors;
 
+import de.symeda.sormas.ui.UserProvider;
 import org.apache.commons.collections4.CollectionUtils;
 import org.apache.commons.lang3.StringUtils;
 

From 851aa453bb3d0141bcc28bbe325a8683cd695313 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Thu, 21 Mar 2024 18:27:04 +0000
Subject: [PATCH 45/95] updated notification

---
 .../de/symeda/sormas/api/i18n/Strings.java    |  1 +
 .../src/main/resources/strings.properties     |  1 +
 .../symeda/sormas/ui/user/UserController.java | 25 ++++++-------------
 3 files changed, 10 insertions(+), 17 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
index 13b89187652..806b515f97c 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java
@@ -1507,6 +1507,7 @@ public interface Strings {
 	String messageVisitsDeleted = "messageVisitsDeleted";
 	String messageVisitsWithWrongStatusNotCancelled = "messageVisitsWithWrongStatusNotCancelled";
 	String messageVisitsWithWrongStatusNotSetToLost = "messageVisitsWithWrongStatusNotSetToLost";
+	String messageWrongCurrentPassword = "messageWrongCurrentPassword";
 	String messageWrongFileType = "messageWrongFileType";
 	String messageWrongTemplateFileType = "messageWrongTemplateFileType";
 	String min = "min";
diff --git a/sormas-api/src/main/resources/strings.properties b/sormas-api/src/main/resources/strings.properties
index 92a29f8ad93..9a03725c06f 100644
--- a/sormas-api/src/main/resources/strings.properties
+++ b/sormas-api/src/main/resources/strings.properties
@@ -1351,6 +1351,7 @@ messageVaccinationOutsideJurisdictionDeletionDenied = The vaccination outside us
 messageVisitsDeleted = All selected eligible visits have been deleted
 messageVisitsWithWrongStatusNotCancelled = Follow-up visits with CANCELLED or NO FOLLOW-UP status can not be cancelled
 messageVisitsWithWrongStatusNotSetToLost = Follow-up visits with NO FOLLOW-UP status can not be set to lost
+messageWrongCurrentPassword = Wrong Current Password
 messageWrongFileType = Please provide a .csv file containing the data you want to import. It's recommended to use the import template file as a starting point.
 messageWrongTemplateFileType=For %s, please provide a .%s file.
 messageLineListingDisabled = Line listing has been disabled
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 07a7981bd24..f7ac29d6cca 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -30,6 +30,7 @@
 import java.util.function.Consumer;
 import java.util.stream.Collectors;
 
+import de.symeda.sormas.ui.UserProvider;
 import org.apache.commons.collections4.CollectionUtils;
 import org.apache.commons.lang3.StringUtils;
 
@@ -415,29 +416,19 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
 			if (!form.getFieldGroup().isModified()) {
 				UserDto changedUser = form.getValue();
 				if (!Objects.equals(changedUser.getConfirmPassword(), changedUser.getUpdatePassword())) {
-					form.showNotification(
-						new Notification(
-							I18nProperties.getString(Strings.headingUpdatePasswordFailed),
-							I18nProperties.getString(Strings.messageNewPasswordDoesNotMatchFailed),
-							Notification.Type.WARNING_MESSAGE));
+
+					Notification.show(I18nProperties.getString(Strings.messageNewPasswordDoesNotMatchFailed), Notification.Type.ERROR_MESSAGE);
 				} else if (!FacadeProvider.getUserFacade().validatePassword(user.getUuid(), changedUser.getCurrentPassword())) {
-					form.showNotification(
-						new Notification(
-							I18nProperties.getString(Strings.headingUpdatePasswordFailed),
-							I18nProperties.getString(Strings.messagePasswordFailed),
-							Notification.Type.WARNING_MESSAGE));
+					Notification.show(I18nProperties.getString(Strings.messageWrongCurrentPassword), Notification.Type.ERROR_MESSAGE);
 				} else if (passwordStrengthDesc.getValue().contains("Weak")) {
-					form.showNotification(
-						new Notification(
-							I18nProperties.getString(Strings.headingUpdatePasswordFailed),
-							I18nProperties.getString(Strings.messageNewPasswordFailed),
-							Notification.Type.WARNING_MESSAGE));
-				} else {
-
+					Notification.show(I18nProperties.getString(Strings.messageNewPasswordFailed), Notification.Type.ERROR_MESSAGE);
+				} else{
 					showUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getUpdatePassword(), changedUser.getCurrentPassword());
+
 				}
 			}
 		});
+
 		Button generatePasswordButton = ControllerProvider.getUserController().generatePasswordButton();
 		generatePasswordButton.addClickListener((ClickListener) event -> {
 			String generatedPassword = FacadeProvider.getUserFacade().generatePassword();

From 99f75971b5acf3057c1b24706964899e218afb2d Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 29 May 2024 15:07:47 +0000
Subject: [PATCH 46/95] fix for sonarqube errors

---
 .../sormas/api/task/TaskContextIndex.java     | 22 ++++----
 .../de/symeda/sormas/api/user/UserDto.java    |  2 +-
 .../de/symeda/sormas/api/user/UserFacade.java |  1 -
 .../sormas/backend/user/UserFacadeEjb.java    |  5 +-
 .../sormas/backend/user/UserService.java      |  2 +-
 .../backend/util/PasswordValidator.java       |  3 +
 .../main/java/de/symeda/sormas/ui/Menu.java   |  4 +-
 .../symeda/sormas/ui/user/UserController.java | 56 +++++--------------
 .../ui/utils/UpdatePasswordValidator.java     |  2 +-
 9 files changed, 36 insertions(+), 61 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java
index c2ba77a921c..60810197558 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java
@@ -25,7 +25,7 @@
 import java.io.Serializable;
 
 @AuditedClass
-public class TaskContextIndex implements Serializable, Cloneable {
+public class TaskContextIndex implements Serializable{
 
     @AuditIncludeProperty
     private TaskContext taskContext;
@@ -39,6 +39,8 @@ public TaskContextIndex(TaskContext taskContext) {
         this.taskContext = taskContext;
     }
 
+
+
     public TaskContext getTaskContext() {
         return taskContext;
     }
@@ -47,15 +49,15 @@ public String getUuid() {
         return uuid;
     }
 
-    @Override
-    public TaskContextIndex clone() {
-        try {
-            TaskContextIndex clone = (TaskContextIndex) super.clone();
-            // TODO: copy mutable state here, so the clone can't change the internals of the original
-            return clone;
-        } catch (CloneNotSupportedException e) {
-            throw new AssertionError();
-        }
+    // Copy constructor
+    public TaskContextIndex(TaskContextIndex other) {
+        this.taskContext = other.taskContext; // Enum instances can be directly assigned
+        this.uuid = other.uuid;
     }
+    // Copy factory method
+    public static TaskContextIndex copyOf(TaskContextIndex other) {
+        return new TaskContextIndex(other);
+    }
+
 }
 
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
index a74c9eebfa1..84cf201ab72 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
@@ -192,7 +192,7 @@ public String getConfirmPassword() {
 		return confirmPassword;
 	}
 
-	public void PasswordStrength(String passwordStrength) {
+	public void setPasswordStrength(String passwordStrength) {
 		this.passwordStrength = passwordStrength;
 	}
 
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
index ad2df5d10a4..c599836aa8c 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
@@ -35,7 +35,6 @@
 import de.symeda.sormas.api.event.EventReferenceDto;
 import de.symeda.sormas.api.infrastructure.district.DistrictReferenceDto;
 import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
-import de.symeda.sormas.api.task.TaskContextIndex;
 import de.symeda.sormas.api.task.TaskContextIndexCriteria;
 import de.symeda.sormas.api.travelentry.TravelEntryReferenceDto;
 import de.symeda.sormas.api.utils.SortProperty;
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index ca4f67be71d..df3dca4c629 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -54,7 +54,6 @@
 import javax.validation.ValidationException;
 import javax.ws.rs.ForbiddenException;
 
-import de.symeda.sormas.api.task.TaskContextIndex;
 import de.symeda.sormas.backend.util.*;
 import org.apache.commons.beanutils.BeanUtils;
 import org.apache.commons.lang3.StringUtils;
@@ -959,7 +958,7 @@ public Set<UserRight> getValidLoginRights(String userName, String password) {
 
 		return null;
 	}
-  
+
 	@PermitAll
 	@Override
 	public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
@@ -969,7 +968,7 @@ public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
 				return getUserRoles(toDto(user));
 			}
 		}
-		return null;
+		return Collections.emptySet();
 	}
 	
 	@Override
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
index ed32d6aa2db..6baaa09023b 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
@@ -668,7 +668,7 @@ public String updatePassword(String userUuid, String password) {
 		user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
 		ensurePersisted(user);
 		return password;
-	};
+	}
 
 	public Predicate buildCriteriaFilter(UserCriteria userCriteria, CriteriaBuilder cb, Root<User> from) {
 
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
index 39471a65acd..4854f5f071b 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
@@ -2,6 +2,9 @@
 
 public class PasswordValidator {
 
+    private PasswordValidator() {
+        throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
+    }
     public static String  checkPasswordStrength(String password) {
         // Define your password strength rules here
         boolean strongPassword = isStrongPassword(password);
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
index bdb5b97dd48..c55c965a010 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
@@ -119,7 +119,7 @@ public Menu(Navigator navigator) {
 		// settings menu item
 		MenuBar settingsMenu = new MenuBar();
 		settingsMenu.setId(Captions.actionSettings);
-		settingsMenu.addItem(I18nProperties.getCaption(Captions.actionSettings), VaadinIcons.COG, (Command) selectedItem -> showSettingsPopup(user));
+		settingsMenu.addItem(I18nProperties.getCaption(Captions.actionSettings), VaadinIcons.COG, (Command) selectedItem -> showSettingsPopup());
 
 		settingsMenu.addStyleNames("user-menu", "settings-menu");
 		menuPart.addComponent(settingsMenu);
@@ -138,7 +138,7 @@ public Menu(Navigator navigator) {
 		addComponent(menuPart);
 	}
 
-	private void showSettingsPopup(UserDto user) {
+	private void showSettingsPopup() {
 
 		Window window = VaadinUiUtil.createPopupWindow();
 		window.setCaption(I18nProperties.getString(Strings.headingUserSettings));
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 8ff1a3dcde6..17eef56d7c5 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -17,39 +17,16 @@
  *******************************************************************************/
 package de.symeda.sormas.ui.user;
 
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-import java.util.Set;
-import static de.symeda.sormas.ui.utils.CssStyles.LABEL_CRITICAL;
-import static de.symeda.sormas.ui.utils.CssStyles.LABEL_POSITIVE;
-import static de.symeda.sormas.ui.utils.CssStyles.LABEL_WARNING;
-
-import java.util.Collection;
-import java.util.Objects;
-import java.util.function.Consumer;
-import java.util.stream.Collectors;
-
-import de.symeda.sormas.ui.UserProvider;
-import org.apache.commons.collections4.CollectionUtils;
-import org.apache.commons.lang3.StringUtils;
-
 import com.vaadin.icons.VaadinIcons;
 import com.vaadin.navigator.View;
 import com.vaadin.server.Page;
 import com.vaadin.server.Sizeable.Unit;
 import com.vaadin.server.ThemeResource;
-import com.vaadin.ui.Button;
+import com.vaadin.ui.*;
 import com.vaadin.ui.Button.ClickEvent;
 import com.vaadin.ui.Button.ClickListener;
-import com.vaadin.ui.Label;
-import com.vaadin.ui.Notification;
-import com.vaadin.ui.UI;
-import com.vaadin.ui.VerticalLayout;
-import com.vaadin.ui.Window;
 import com.vaadin.ui.themes.ValoTheme;
 import com.vaadin.v7.ui.ComboBox;
-
 import de.symeda.sormas.api.AuthProvider;
 import de.symeda.sormas.api.FacadeProvider;
 import de.symeda.sormas.api.Language;
@@ -65,13 +42,17 @@
 import de.symeda.sormas.ui.ControllerProvider;
 import de.symeda.sormas.ui.SormasUI;
 import de.symeda.sormas.ui.UiUtil;
-import de.symeda.sormas.ui.utils.BulkOperationHandler;
-import de.symeda.sormas.ui.utils.ButtonHelper;
-import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent;
+import de.symeda.sormas.ui.UserProvider;
+import de.symeda.sormas.ui.utils.*;
 import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent.CommitListener;
-import de.symeda.sormas.ui.utils.ConfirmationComponent;
-import de.symeda.sormas.ui.utils.CssStyles;
-import de.symeda.sormas.ui.utils.VaadinUiUtil;
+import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.lang3.StringUtils;
+
+import java.util.*;
+import java.util.function.Consumer;
+import java.util.stream.Collectors;
+
+import static de.symeda.sormas.ui.utils.CssStyles.*;
 
 public class UserController {
 
@@ -270,10 +251,7 @@ private void showPasswordResetInternalSuccessPopup(String newPassword) {
 		Window popupWindow = VaadinUiUtil.showPopupWindow(layout);
 		popupWindow.setCaption(I18nProperties.getString(Strings.headingNewPassword));
 		layout.setMargin(true);
-
-		popupWindow.addCloseListener(event -> {
-			popUpWindow.close();
-		});
+		popupWindow.addCloseListener(event -> popUpWindow.close());
 	}
 
 	private void showPasswordChangeInternalSuccessPopup(String passwordSuccessMessage) {
@@ -309,9 +287,7 @@ private void showPasswordResetExternalSuccessPopup() {
 		popupWindow.setWidth(450, Unit.PIXELS);
 		layout.setMargin(true);
 
-		popupWindow.addCloseListener(event -> {
-			popUpWindow.close();
-		});
+		popupWindow.addCloseListener(event -> popUpWindow.close());
 	}
 
 	private void refreshView() {
@@ -441,11 +417,7 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
 				passwordStrengthDesc.setStyleName(LABEL_CRITICAL);
 			}
 		});
-
-		component.addDiscardListener(()->{
-			popUpWindow.close();
-		});
-
+		component.addDiscardListener(()-> popUpWindow.close());
 
 		component.addCommitListener(() -> {
 			if (!form.getFieldGroup().isModified()) {
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/UpdatePasswordValidator.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/UpdatePasswordValidator.java
index 36175288ffb..cd914d524c1 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/UpdatePasswordValidator.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/UpdatePasswordValidator.java
@@ -17,7 +17,7 @@ public UpdatePasswordValidator(String errorMessage) {
 
 	@Override
 	protected boolean isValidValue(String password) {
-		String pattern = "(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=])(?=\\S+$).{8,}";
+		String pattern = "(?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=])(?=\\S+$).{8,}";
 		return password == null || password.isEmpty() || password.matches(pattern);
 	}
 

From 971f573d4cab09b4419f81ce967e199a61f108e8 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 29 May 2024 19:50:55 +0000
Subject: [PATCH 47/95] two sonarqube errors fixed

---
 .../java/de/symeda/sormas/backend/user/UserFacadeEjb.java  | 7 +++----
 .../main/java/de/symeda/sormas/ui/user/UserController.java | 4 +---
 2 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index df3dca4c629..136ed1596f4 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -963,10 +963,9 @@ public Set<UserRight> getValidLoginRights(String userName, String password) {
 	@Override
 	public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
 		User user = userService.getByUserName(userName);
-		if (user != null && user.isActive()) {
-			if (DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()))) {
-				return getUserRoles(toDto(user));
-			}
+		if (user != null && user.isActive()
+			&& (DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed())))) {
+			return getUserRoles(toDto(user));
 		}
 		return Collections.emptySet();
 	}
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 17eef56d7c5..ad69a07379f 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -263,9 +263,7 @@ private void showPasswordChangeInternalSuccessPopup(String passwordSuccessMessag
 		popupWindow.setCaption(I18nProperties.getString(Strings.headingChangePassword));
 
 		layout.setMargin(true);
-		popupWindow.addCloseListener(event -> {
-			popUpWindow.close();
-		});
+		popupWindow.addCloseListener(event -> popUpWindow.close());
 	}
 
 	

From 3c824f5459b21fa81a03b62da5bc2db5f10d7983 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 29 May 2024 20:05:41 +0000
Subject: [PATCH 48/95] cleared unnecessay comment

---
 .../main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java   | 1 -
 1 file changed, 1 deletion(-)

diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 136ed1596f4..5abd7b6d9d6 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -972,7 +972,6 @@ public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
 	
 	@Override
 	@PermitAll
-	//@RightsAllowed(UserRight._USER_EDIT)
 	public boolean validatePassword(String uuid, String password) {
 		User user = userService.getCurrentUser();
 		if (user != null) {

From 3de56b194bc87ae13f1ca0e67cb6d24d1438e994 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 29 May 2024 20:31:57 +0000
Subject: [PATCH 49/95] security error sonarqube

---
 .../de/symeda/sormas/backend/util/PasswordValidator.java   | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
index 4854f5f071b..9eabd4f9c71 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
@@ -29,12 +29,13 @@ private static boolean isModeratePassword(String password) {
         return password.length() >= 8 && hasDigits(password) && hasSpecialCharacters(password);
     }
 
+
     private static boolean hasDigits(String password) {
-        return password.matches(".*\\d.*");
+        return password.chars().anyMatch(Character::isDigit);
     }
-
+    
     private static boolean hasSpecialCharacters(String password) {
-        return password.matches(".*[^a-zA-Z0-9 ].*");
+        return password.chars().anyMatch(ch -> !Character.isLetterOrDigit(ch) && !Character.isWhitespace(ch));
     }
 
     private static boolean hasTwoDigits(String password) {

From 1765ca4fe4203c3136aaf62b8f5cd5ee834d733f Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 4 Jun 2024 06:07:30 +0000
Subject: [PATCH 50/95] fix for sonar qube tests coverage and duplicates

---
 .../api/task/TaskContextIndexCriteria.java    |   4 +
 .../backend/user/CurrentUserService.java      |   1 +
 .../sormas/backend/user/UserFacadeEjb.java    |  21 ++-
 .../sormas/backend/user/UserService.java      |   1 -
 .../user/event/PasswordResetEvent.java        |   2 +
 .../backend/util/PasswordValidator.java       |  28 ++--
 .../sormas/backend/AbstractBeanTest.java      |  29 ++++
 .../sormas/backend/TestDataCreator.java       |  26 ++++
 .../EnvironmentSampleServiceTest.java         |   1 -
 .../backend/user/UserFacadeEjbTest.java       | 146 ++++++++++++++----
 .../symeda/sormas/ui/user/UserController.java |  55 +++----
 11 files changed, 222 insertions(+), 92 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
index fb86f7e9fe3..2541df20184 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
@@ -44,4 +44,8 @@ public TaskContext getTaskContext() {
 	public String getUuid() {
 		return uuid;
 	}
+
+	public void setUuid(String uuid) {
+		this.uuid = uuid;
+	}
 }
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java
index ddfad704911..711af653672 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java
@@ -59,6 +59,7 @@ public User getCurrentUser() {
 		}
 
 		User cachedUser = userCache.get(currentUsername);
+
 		if (cachedUser != null) {
 			return cachedUser;
 		}
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 5abd7b6d9d6..231011c045a 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -58,7 +58,6 @@
 import org.apache.commons.beanutils.BeanUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.jetbrains.annotations.NotNull;
-import org.jetbrains.annotations.Nullable;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -408,7 +407,7 @@ public List<UserReferenceDto> getAllUserRefs(boolean includeInactive) {
 		return userService.getUserReferences(null, null, !includeInactive).stream().map(UserFacadeEjb::toReferenceDto).collect(Collectors.toList());
 	}
 
-	private List<UserReferenceDto> getAssignableUsersBasedOnContext(TaskContextIndexCriteria taskContextIndexCriteria) {
+	protected List<UserReferenceDto> getAssignableUsersBasedOnContext(TaskContextIndexCriteria taskContextIndexCriteria) {
 		List<UserReferenceDto> availableUsers = new ArrayList<>();
 		if (taskContextIndexCriteria.getUuid() == null) {
 			taskContextIndexCriteria = new TaskContextIndexCriteria(TaskContext.GENERAL);
@@ -572,8 +571,8 @@ public List<UserReferenceDto> getUsersHavingEnvironmentInJurisdiction(Environmen
 		});
 	}
 
-	private <ADO extends AbstractDomainObject> List<UserReferenceDto> getUsersHavingEntityInJurisdiction(
-		JurisdictionOverEntitySubqueryBuilder<ADO> subqueryBuilder) {
+	protected <ADO extends AbstractDomainObject> List<UserReferenceDto> getUsersHavingEntityInJurisdiction(
+			JurisdictionOverEntitySubqueryBuilder<ADO> subqueryBuilder) {
 
 		final CriteriaBuilder cb = em.getCriteriaBuilder();
 		final CriteriaQuery<User> cq = cb.createQuery(User.class);
@@ -664,8 +663,7 @@ public UserDto saveUser(@Valid UserDto dto, boolean isUserSettingsUpdate) {
 		return toDto(user);
 	}
 
-	@Nullable
-	private User validateUserRoles(Set<UserRoleReferenceDto> roles, boolean isUserSettingsUpdate, User user, boolean isUserUpdate) {
+	protected void validateUserRoles(Set<UserRoleReferenceDto> roles, boolean isUserSettingsUpdate, User user, boolean isUserUpdate) {
 		Collection<UserRoleDto> newRoles = userRoleFacade.getByReferences(roles);
 
 		try {
@@ -694,7 +692,6 @@ private User validateUserRoles(Set<UserRoleReferenceDto> roles, boolean isUserSe
 				throw new ValidationException(I18nProperties.getValidationError(Validations.removeUserEditRightFromOwnUser));
 			}
 		}
-		return oldUser;
 	}
 
 	@Override
@@ -835,7 +832,7 @@ public long count(UserCriteria userCriteria) {
 		return em.createQuery(cq).getSingleResult();
 	}
 
-	private User fillOrBuildEntity(UserDto source, User target, boolean checkChangeDate) {
+	protected User fillOrBuildEntity(UserDto source, User target, boolean checkChangeDate) {
 		boolean targetWasNull = isNull(target);
 
 		target = DtoHelper.fillOrBuildEntity(source, target, userService::createUser, checkChangeDate);
@@ -871,7 +868,7 @@ private User fillOrBuildEntity(UserDto source, User target, boolean checkChangeD
 		return target;
 	}
 
-	private void fillEntityUserRoles(User target, UserDto source) {
+	protected void fillEntityUserRoles(User target, UserDto source) {
 		//Make sure userroles of target are attached
 		Set<UserRole> userRoles = Optional.of(target).map(User::getUserRoles).orElseGet(HashSet::new);
 		target.setUserRoles(userRoles);
@@ -1024,7 +1021,7 @@ public void removeUserAsSurveillanceAndContactOfficer(String userUuid) {
 		});
 	}
 
-	private List<User> getPossibleUsersBasedOnCasesResponsibleDistrict(List<Case> cases) {
+	protected List<User> getPossibleUsersBasedOnCasesResponsibleDistrict(List<Case> cases) {
 		List<String> responsibleDistrictsUuidsAmongCases = cases.stream()
 			.map(Case::getResponsibleDistrict)
 			.collect(Collectors.toSet())
@@ -1040,7 +1037,7 @@ private List<User> getPossibleUsersBasedOnCasesResponsibleDistrict(List<Case> ca
 		return possibleUserForReplacement;
 	}
 
-	private List<User> getPossibleUsersBasedOnCasesDistrict(List<Case> cases) {
+	protected List<User> getPossibleUsersBasedOnCasesDistrict(List<Case> cases) {
 		List<String> districtsUuidsAmongCases = cases.stream()
 			.map(Case::getDistrict)
 			.collect(Collectors.toSet())
@@ -1072,7 +1069,7 @@ private List<User> getUsersFromCasesByDistricts(List<String> districtsUuidsAmong
 		return possibleUserForReplacement;
 	}
 
-	private Set<User> getPossibleUsersBasedOnCasesFacility(List<Case> cases) {
+	protected Set<User> getPossibleUsersBasedOnCasesFacility(List<Case> cases) {
 		return cases.stream()
 			.map(Case::getHealthFacility)
 			.filter(Objects::nonNull)
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
index 6baaa09023b..4842bd37f4b 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
@@ -197,7 +197,6 @@ public List<User> getAllByDistrictsAndUserRights(List<District> districts, Colle
 	 * @param userRights
 	 */
 	public List<UserReference> getUserReferences(List<String> regionUuids, List<String> districtUuids, boolean activeOnly, UserRight... userRights) {
-
 		return getUserReferences(regionUuids, districtUuids, null, activeOnly, userRights);
 	}
 
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java
index 1ee38c7f853..4af5527f0de 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java
@@ -34,6 +34,8 @@ public PasswordResetEvent(User user) {
 		this.user = user;
 	}
 
+
+
 	public User getUser() {
 		return user;
 	}
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
index 9eabd4f9c71..dba17321728 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
@@ -6,27 +6,20 @@ private PasswordValidator() {
         throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
     }
     public static String  checkPasswordStrength(String password) {
-        // Define your password strength rules here
         boolean strongPassword = isStrongPassword(password);
-        boolean moderatePassword = isModeratePassword(password);
 
         if (strongPassword) {
             return "Password Strength is Strong";
-        } else if (moderatePassword) {
-            return "Password Strength is Moderate";
-        } else {
+        }
+
+
+        else {
             return "Password Strength is Weak";
         }
     }
 
     private static boolean isStrongPassword(String password) {
-        // Define strong password criteria here
-        return password.length() >= 10 && hasTwoDigits(password) && hasTwoSpecialCharacters(password);
-    }
-
-    private static boolean isModeratePassword(String password) {
-        // Define moderate password criteria here
-        return password.length() >= 8 && hasDigits(password) && hasSpecialCharacters(password);
+        return password.length() >= 8 && hasDigits(password) && hasSpecialCharacters(password)&& hasCapitalLetter(password);
     }
 
 
@@ -38,11 +31,12 @@ private static boolean hasSpecialCharacters(String password) {
         return password.chars().anyMatch(ch -> !Character.isLetterOrDigit(ch) && !Character.isWhitespace(ch));
     }
 
-    private static boolean hasTwoDigits(String password) {
-        return password.replaceAll("\\D", "").length() >= 2;
-    }
 
-    private static boolean hasTwoSpecialCharacters(String password) {
-        return password.replaceAll("[\\w\\s]", "").length() >= 2;
+
+    private static boolean hasCapitalLetter(String password) {
+        return password.chars().anyMatch(Character::isUpperCase);
     }
+
+
+
 }
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
index 2bee6a92470..5bfa37ec07f 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
@@ -20,6 +20,7 @@
 import static org.mockito.Mockito.when;
 
 import java.lang.annotation.Annotation;
+import java.security.Principal;
 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.List;
@@ -851,14 +852,40 @@ protected UserDto loginWith(UserDto user) {
 		when(MockProducer.getPrincipal().getName()).thenReturn(user.getUserName());
 		// load into cache, to work-around CurrentUserService.fetchUser @Transactional annotation not working in tests
 		getCurrentUserService().getCurrentUser();
+
 		return user;
 	}
 
+//	protected UserDto loginWith(UserDto user) {
+//		if (user == null) {
+//			throw new IllegalArgumentException("User cannot be null");
+//		}
+//
+//		String userName = user.getUserName();
+//		if (userName == null) {
+//			throw new IllegalArgumentException("User name cannot be null");
+//		}
+//
+//		// Ensure MockProducer.getPrincipal() is not null
+//		Principal principal = MockProducer.getPrincipal();
+//		if (principal == null) {
+//			throw new IllegalStateException("Principal cannot be null");
+//		}
+//
+//		when(principal.getName()).thenReturn(userName);
+//
+//		// Load into cache, to work-around CurrentUserService.fetchUser @Transactional annotation not working in tests
+//		getCurrentUserService().getCurrentUser();
+//		return user;
+//	}
+
+
 	protected UserDto useNationalUserLogin() {
 		return loginWith(creator.createNationalUser());
 	}
 
 	protected UserDto useNationalAdminLogin() {
+
 		if (nationalAdmin == null) {
 			// we don't use TestDataCreator.createUser here, because we first need any user to have the user right to access backend facades
 			User user = new User();
@@ -874,7 +901,9 @@ protected UserDto useNationalAdminLogin() {
 
 			getUserService().persist(user);
 			nationalAdmin = getUserFacade().getByUuid(user.getUuid());
+
 		}
+
 		return loginWith(nationalAdmin);
 	}
 
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
index 53e0f1fb8cd..082ccff6abd 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
@@ -30,6 +30,7 @@
 
 import javax.annotation.Nullable;
 
+import de.symeda.sormas.api.utils.PasswordHelper;
 import org.jetbrains.annotations.NotNull;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
@@ -2515,4 +2516,29 @@ public RDP(RegionReferenceDto region, DistrictReferenceDto district, PointOfEntr
 			this.pointOfEntry = pointOfEntry;
 		}
 	}
+
+
+	public User createTestUser() {
+		User user = new User();
+		user.setUserName("testuser");
+		user.setFirstName("Test");
+		user.setLastName("User");
+		user.setUuid(DataHelper.createUuid());
+		String password = "password";
+		String seed = "seed";
+		String encodedPassword = PasswordHelper.encodePassword(password, seed); // Assume PasswordHelper is the correct utility for encoding
+		user.setPassword(encodedPassword);
+		user.setSeed(seed);
+		user.setActive(true);
+		user.setUserRoles(
+				new HashSet<>(Arrays.asList(
+						getUserRole(DefaultUserRole.ADMIN),
+						getUserRole(DefaultUserRole.NATIONAL_USER))));
+
+		beanTest.getUserService().persist(user);
+		return user;
+	}
+
+
+
 }
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
index fea33d3dc7f..b3ec30f298f 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
@@ -58,7 +58,6 @@ public void testJurisdiction() {
 			u.setFirstName("Lab");
 			u.setLastName("User");
 			u.setUserName("LabUser");
-
 			u.setLaboratory(lab1.toReference());
 		});
 		FacilityDto lab2 = creator.createFacility("Lab2", rdcf1.region, rdcf1.district, rdcf1.community, FacilityType.LABORATORY);
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
index 59ed2aa4e71..09b896abf1b 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
@@ -20,42 +20,28 @@
 import static org.hamcrest.Matchers.is;
 import static org.hamcrest.Matchers.not;
 import static org.hamcrest.Matchers.nullValue;
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.junit.jupiter.api.Assertions.assertFalse;
-import static org.junit.jupiter.api.Assertions.assertNotNull;
-import static org.junit.jupiter.api.Assertions.assertNull;
-import static org.junit.jupiter.api.Assertions.assertThrows;
-import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.*;
 import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.mockStatic;
-
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.List;
-import java.util.Set;
-import java.util.UUID;
+import static org.mockito.Mockito.*;
+
+import java.util.*;
 import java.util.stream.Collectors;
 
+
 import javax.persistence.EntityNotFoundException;
+
 import javax.validation.ValidationException;
 
+import de.symeda.sormas.api.user.*;
+
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
-import org.mockito.MockedStatic;
-import org.mockito.Mockito;
-import org.mockito.MockitoAnnotations;
+import org.mockito.*;
 
 import de.symeda.sormas.api.AuthProvider;
 import de.symeda.sormas.api.Disease;
 import de.symeda.sormas.api.EntityDto;
 import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
-import de.symeda.sormas.api.user.UserCriteria;
-import de.symeda.sormas.api.user.UserDto;
-import de.symeda.sormas.api.user.UserFacade;
-import de.symeda.sormas.api.user.UserReferenceDto;
-import de.symeda.sormas.api.user.UserRight;
 import de.symeda.sormas.api.utils.AccessDeniedException;
 import de.symeda.sormas.api.utils.SortProperty;
 import de.symeda.sormas.backend.AbstractBeanTest;
@@ -187,7 +173,7 @@ public void testGetValidLoginRoles() {
 		AuthProvider authProvider = mock(AuthProvider.class);
 
 		MockedStatic<AuthProvider> mockAuthProvider = mockStatic(AuthProvider.class);
-		Mockito.when(AuthProvider.getProvider(any())).thenReturn(authProvider);
+		when(AuthProvider.getProvider(any())).thenReturn(authProvider);
 
 		RDCF rdcf = creator.createRDCF();
 		UserDto user = creator.createUser(rdcf, creator.getUserRoleReference(SURVEILLANCE_SUPERVISOR));
@@ -223,20 +209,20 @@ public void testGetExistentDefaultUsers() {
 		}
 
 		for (User user : testUsers) {
-			loginWith(UserFacadeEjb.toDto(user));
+			loginWith(getUserFacade().toDto(user));
 			List<UserDto> persistedDefaultUsers = getUserFacade().getUsersWithDefaultPassword();
 
 			if (user.hasUserRight(UserRight.USER_EDIT)) {
 				assertEquals(defaultUsers.size(), persistedDefaultUsers.size());
 				for (User defUser : defaultUsers) {
-					assertThat(persistedDefaultUsers, hasItem(UserFacadeEjb.toDto(defUser)));
+					assertThat(persistedDefaultUsers, hasItem(getUserFacade().toDto(defUser)));
 				}
 				for (User randomUser : randomUsers) {
-					assertThat(persistedDefaultUsers, not(hasItem(UserFacadeEjb.toDto(randomUser))));
+					assertThat(persistedDefaultUsers, not(hasItem(getUserFacade().toDto(randomUser))));
 				}
 			} else if (defaultUsers.contains(user)) {
 				assertEquals(1, persistedDefaultUsers.size());
-				assertEquals(UserFacadeEjb.toDto(user), persistedDefaultUsers.get(0));
+				assertEquals(getUserFacade().toDto(user), persistedDefaultUsers.get(0));
 			} else {
 				assertEquals(0, persistedDefaultUsers.size());
 			}
@@ -457,6 +443,9 @@ public void testGetUserRefsByDistrictsWithExcludeLimitedDiseaseUsersAndSingleDis
 
 	}
 
+
+
+
 	@Test
 	void getUserRights() {
 
@@ -480,4 +469,105 @@ void getUserRights() {
 		loginWith(nationalAdmin);
 		assertThrows(EntityNotFoundException.class, () -> getUserFacade().getUserRights("12345"));
 	}
+
+
+		@Test
+		public void testUpdateUserPassword() {
+			// Arrange
+			User testUser =creator.createTestUser();
+
+			String newPassword="newPassword";
+			String currentPassword=testUser.getPassword();
+			String uuid=testUser.getUuid();
+			String result = getUserFacade().updateUserPassword(uuid, newPassword , currentPassword);
+
+			// Assert
+			assertEquals(newPassword, result);
+
+			// Verify the password was updated in the database
+			User updatedUser = getUserService().getByUuid(uuid);
+
+			assertNotEquals(currentPassword, updatedUser.getPassword()); // Password should be different
+			UserDto updatedUserDto = getUserFacade().getByUuid(uuid);
+
+			loginWith(updatedUserDto); // Login again with changed password
+			assertTrue(getUserFacade().validatePassword(uuid,newPassword)); // Validate the new password
+
+		}
+
+
+	@Test
+	public void testGeneratePassword() {
+		// Act
+		String result = getUserFacade().generatePassword();
+
+		// Assert
+		assertNotNull(result);
+		assertFalse(result.isEmpty());
+	}
+
+	@Test
+	void testGetValidLoginRoles_ValidUser() {
+		// Arrange
+		User user = creator.createTestUser();
+
+		// Act
+		Set<UserRoleDto> result = getUserFacade().getValidLoginRoles(user.getUserName(), "password");
+
+		// Assert
+		assertNotNull(result);
+		assertFalse(result.isEmpty());
+	}
+
+	@Test
+	void testGetValidLoginRoles_InvalidUser() {
+		// Act
+		Set<UserRoleDto> result = getUserFacade().getValidLoginRoles("testuser", "password");
+
+		// Assert
+		assertNotNull(result);
+		assertTrue(result.isEmpty());
+	}
+
+
+	@Test
+	void testValidatePassword_Valid() {
+		// Arrange
+
+		User user= creator.createTestUser();
+		// Act
+		UserDto loggedInUser = getUserFacade().getByUuid(user.getUuid());
+		loginWith(loggedInUser);
+		boolean result = getUserFacade().validatePassword(loggedInUser.getUuid(), "password"); // Use plain password for validation
+
+		// Assert
+		assertTrue(result);
+	}
+
+
+	@Test
+	void testValidatePassword_Invalid() {
+		// Act
+		boolean result = getUserFacade().validatePassword("uuid", "password");
+
+		// Assert
+		assertFalse(result);
+	}
+
+
+
+
+	@Test
+	void testCheckPasswordStrength_Strong() {
+		String result = getUserFacade().checkPasswordStrength("Verystrongassword134$");
+		assertEquals("Password Strength is Strong", result);
+	}
+
+	@Test
+	void testCheckPasswordStrength_Weak() {
+		String result = getUserFacade().checkPasswordStrength("weak");
+		assertEquals("Password Strength is Weak", result);
+	}
+
+
 }
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index ad69a07379f..19c6772e923 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -243,49 +243,39 @@ public void showUpdatePassword(String userUuid, String userEmail, String passwor
 
 
 	private void showPasswordResetInternalSuccessPopup(String newPassword) {
-		VerticalLayout layout = new VerticalLayout();
-		layout.addComponent(new Label(I18nProperties.getString(Strings.messageCopyPassword)));
-		Label passwordLabel = new Label(newPassword);
-		passwordLabel.addStyleName(CssStyles.H2);
-		layout.addComponent(passwordLabel);
-		Window popupWindow = VaadinUiUtil.showPopupWindow(layout);
-		popupWindow.setCaption(I18nProperties.getString(Strings.headingNewPassword));
-		layout.setMargin(true);
-		popupWindow.addCloseListener(event -> popUpWindow.close());
+		showPopupWindow(I18nProperties.getString(Strings.headingNewPassword),newPassword,450,true);
 	}
 
 	private void showPasswordChangeInternalSuccessPopup(String passwordSuccessMessage) {
+		showPopupWindow(I18nProperties.getString(Strings.headingChangePassword), passwordSuccessMessage,null,true);
+	}
+
+	private void showPopupWindow(String header,String message,Integer width,Boolean closeable) {
 		VerticalLayout layout = new VerticalLayout();
-		Label passwordLabel = new Label(passwordSuccessMessage);
-		passwordLabel.addStyleName(CssStyles.H2);
-		layout.addComponent(passwordLabel);
+		Label messageLabel = new Label(message);
+		messageLabel.addStyleName(CssStyles.H2);
+		layout.addComponent(messageLabel);
 		Window popupWindow = VaadinUiUtil.showPopupWindow(layout);
-		popupWindow.setCaption(I18nProperties.getString(Strings.headingChangePassword));
+
+		popupWindow.setCaption(header);
+		if(width!=null) {
+			popupWindow.setWidth(width, Unit.PIXELS);
+		}
 
 		layout.setMargin(true);
-		popupWindow.addCloseListener(event -> popUpWindow.close());
-	}
+		if(closeable) {
+			popupWindow.addCloseListener(event -> popUpWindow.close());
+		}
+
 
-	
+	}
 
 	private void showAccountCreatedSuccessful() {
-		VerticalLayout layout = new VerticalLayout();
-		layout.addComponent(new Label(I18nProperties.getString(Strings.messageActivateAccount)));
-		Window popupWindow = VaadinUiUtil.showPopupWindow(layout);
-		popupWindow.setCaption(I18nProperties.getString(Strings.headingNewAccount));
-		popupWindow.setWidth(350, Unit.PIXELS);
-		layout.setMargin(true);
+		showPopupWindow(I18nProperties.getString(Strings.headingNewAccount), I18nProperties.getString(Strings.messageActivateAccount),350,false);
 	}
 
 	private void showPasswordResetExternalSuccessPopup() {
-		VerticalLayout layout = new VerticalLayout();
-		layout.addComponent(new Label(I18nProperties.getString(Strings.messagePasswordResetEmailLink)));
-		Window popupWindow = VaadinUiUtil.showPopupWindow(layout);
-		popupWindow.setCaption(I18nProperties.getString(Strings.headingNewPassword));
-		popupWindow.setWidth(450, Unit.PIXELS);
-		layout.setMargin(true);
-
-		popupWindow.addCloseListener(event -> popUpWindow.close());
+		showPopupWindow(I18nProperties.getString(Strings.headingNewPassword), I18nProperties.getString(Strings.messagePasswordResetEmailLink),450,true);
 	}
 
 	private void refreshView() {
@@ -409,9 +399,8 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
 			passwordStrengthDesc.setValue(FacadeProvider.getUserFacade().checkPasswordStrength(event.getText()));
 			if (passwordStrengthDesc.getValue().contains("Strong")) {
 				passwordStrengthDesc.setStyleName(LABEL_POSITIVE);
-			} else if (passwordStrengthDesc.getValue().contains("Moderate")) {
-				passwordStrengthDesc.setStyleName(LABEL_WARNING);
-			} else {
+			}
+			else {
 				passwordStrengthDesc.setStyleName(LABEL_CRITICAL);
 			}
 		});

From 9aa2e5bfd3aa4cdceaaec7d9d7956c38769ed320 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Thu, 27 Jun 2024 02:07:29 +0000
Subject: [PATCH 51/95] review issues identified fixed

---
 .../sormas/api/task/TaskContextIndex.java     | 63 -------------------
 .../de/symeda/sormas/api/user/UserFacade.java |  2 +
 .../sormas/backend/user/UserFacadeEjb.java    | 17 +++--
 .../backend/util/PasswordValidator.java       |  4 +-
 .../backend/user/UserFacadeEjbTest.java       | 15 ++---
 .../symeda/sormas/ui/user/UserController.java |  6 +-
 6 files changed, 21 insertions(+), 86 deletions(-)
 delete mode 100644 sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java
deleted file mode 100644
index 60810197558..00000000000
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndex.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/*******************************************************************************
- * SORMAS® - Surveillance Outbreak Response Management & Analysis System
- * Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <https://www.gnu.org/licenses/>.
- *******************************************************************************/
-
-package de.symeda.sormas.api.task;
-
-
-import de.symeda.sormas.api.audit.AuditIncludeProperty;
-import de.symeda.sormas.api.audit.AuditedClass;
-
-import java.io.Serializable;
-
-@AuditedClass
-public class TaskContextIndex implements Serializable{
-
-    @AuditIncludeProperty
-    private TaskContext taskContext;
-    @AuditIncludeProperty
-    private String uuid;
-
-    public TaskContextIndex() {
-    }
-
-    public TaskContextIndex(TaskContext taskContext) {
-        this.taskContext = taskContext;
-    }
-
-
-
-    public TaskContext getTaskContext() {
-        return taskContext;
-    }
-
-    public String getUuid() {
-        return uuid;
-    }
-
-    // Copy constructor
-    public TaskContextIndex(TaskContextIndex other) {
-        this.taskContext = other.taskContext; // Enum instances can be directly assigned
-        this.uuid = other.uuid;
-    }
-    // Copy factory method
-    public static TaskContextIndex copyOf(TaskContextIndex other) {
-        return new TaskContextIndex(other);
-    }
-
-}
-
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
index c599836aa8c..ea1496062fb 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
@@ -62,6 +62,8 @@ public interface UserFacade {
 
 	String checkPasswordStrength(String password);
 
+	boolean isPasswordStrong(String password);
+
 	String generatePassword();
 
 	List<UserDto> getAllAfter(Date date);
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 231011c045a..4e8893a6f61 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -929,14 +929,13 @@ public String updateUserPassword(String uuid, String password, String currentPas
 		return updatePassword;
 
 	}
+
 	@PermitAll
 	@Override
 	public String generatePassword() {
 		return userService.generatePassword();
 
 	}
-
-
 	
 	@Override
 	@PermitAll
@@ -948,11 +947,10 @@ public UserReferenceDto getCurrentUserAsReference() {
 	@PermitAll
 	@AuditIgnore
 	public Set<UserRight> getValidLoginRights(String userName, String password) {
-			User user = userService.getByUserName(userName);
+		User user = userService.getByUserName(userName);
 		if (user != null && user.isActive() && DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()))) {
 			return new HashSet<>(UserRole.getUserRights(user.getUserRoles()));
 		}
-
 		return null;
 	}
 
@@ -960,10 +958,12 @@ public Set<UserRight> getValidLoginRights(String userName, String password) {
 	@Override
 	public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
 		User user = userService.getByUserName(userName);
+
 		if (user != null && user.isActive()
 			&& (DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed())))) {
 			return getUserRoles(toDto(user));
 		}
+
 		return Collections.emptySet();
 	}
 	
@@ -971,17 +971,22 @@ public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
 	@PermitAll
 	public boolean validatePassword(String uuid, String password) {
 		User user = userService.getCurrentUser();
+
 		if (user != null) {
 			return DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()));
 		}
+
 		return false;
 	}
 
-	@PermitAll
-	@Override
 	public String checkPasswordStrength(String password) {
 		return PasswordValidator.checkPasswordStrength(password);
 	}
+	
+	@Override
+	public boolean isPasswordStrong(String password){
+		return PasswordValidator.isStrongPassword(password);
+	}
 
 	@PermitAll
 	@Override
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
index dba17321728..0a5d58c3b35 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
@@ -11,14 +11,12 @@ public static String  checkPasswordStrength(String password) {
         if (strongPassword) {
             return "Password Strength is Strong";
         }
-
-
         else {
             return "Password Strength is Weak";
         }
     }
 
-    private static boolean isStrongPassword(String password) {
+    public static boolean isStrongPassword(String password) {
         return password.length() >= 8 && hasDigits(password) && hasSpecialCharacters(password)&& hasCapitalLetter(password);
     }
 
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
index 09b896abf1b..949b08edbc3 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
@@ -507,7 +507,7 @@ public void testGeneratePassword() {
 	}
 
 	@Test
-	void testGetValidLoginRoles_ValidUser() {
+	void testGetValidLoginRolesValidUser() {
 		// Arrange
 		User user = creator.createTestUser();
 
@@ -520,7 +520,7 @@ void testGetValidLoginRoles_ValidUser() {
 	}
 
 	@Test
-	void testGetValidLoginRoles_InvalidUser() {
+	void testGetValidLoginRolesInvalidUser() {
 		// Act
 		Set<UserRoleDto> result = getUserFacade().getValidLoginRoles("testuser", "password");
 
@@ -531,7 +531,7 @@ void testGetValidLoginRoles_InvalidUser() {
 
 
 	@Test
-	void testValidatePassword_Valid() {
+	void testValidatePasswordValid() {
 		// Arrange
 
 		User user= creator.createTestUser();
@@ -544,9 +544,8 @@ void testValidatePassword_Valid() {
 		assertTrue(result);
 	}
 
-
 	@Test
-	void testValidatePassword_Invalid() {
+	void testValidatePasswordInvalid() {
 		// Act
 		boolean result = getUserFacade().validatePassword("uuid", "password");
 
@@ -555,16 +554,14 @@ void testValidatePassword_Invalid() {
 	}
 
 
-
-
 	@Test
-	void testCheckPasswordStrength_Strong() {
+	void testCheckPasswordStrengthStrong() {
 		String result = getUserFacade().checkPasswordStrength("Verystrongassword134$");
 		assertEquals("Password Strength is Strong", result);
 	}
 
 	@Test
-	void testCheckPasswordStrength_Weak() {
+	void testCheckPasswordStrengthWeak() {
 		String result = getUserFacade().checkPasswordStrength("weak");
 		assertEquals("Password Strength is Weak", result);
 	}
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 19c6772e923..4e6d3ed666f 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -236,7 +236,6 @@ public void showUpdatePassword(String userUuid, String userEmail, String passwor
 		} else {
 			showPasswordChangeInternalSuccessPopup(I18nProperties.getString(Strings.messagePasswordChange));
 		}
-
 		isGeneratePassword=false;
 	}
 
@@ -330,11 +329,8 @@ public void buttonClick(ClickEvent event) {
 	}
 
 	public Button createUpdatePasswordButton() {
-
 		return ButtonHelper.createIconButton(Captions.userResetPassword, VaadinIcons.UNLOCK, new ClickListener() {
-
 			private static final long serialVersionUID = 1L;
-
 			@Override
 			public void buttonClick(ClickEvent event) {
 				popUpWindow = VaadinUiUtil.showPopupWindow(getUpdatePasswordComponent());
@@ -397,7 +393,7 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
 		final CommitDiscardWrapperComponent<UpdatePasswordForm> component = new CommitDiscardWrapperComponent<>(form, form.getFieldGroup());
 		form.newPassword.addTextChangeListener(event -> {
 			passwordStrengthDesc.setValue(FacadeProvider.getUserFacade().checkPasswordStrength(event.getText()));
-			if (passwordStrengthDesc.getValue().contains("Strong")) {
+			if (FacadeProvider.getUserFacade().isPasswordStrong(event.getText())) {
 				passwordStrengthDesc.setStyleName(LABEL_POSITIVE);
 			}
 			else {

From 17c2c480964323897c0aa1d34c47df24a9694ab0 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Mon, 22 Jul 2024 20:59:45 +0000
Subject: [PATCH 52/95] update after review

---
 .../api/task/TaskContextIndexCriteria.java    |    4 -
 .../symeda/sormas/api/user/UserRoleDto.java   |  495 +-
 sormas-app/app/src/main/AndroidManifest.xml   |   28 +-
 .../app/backend/config/ConfigProvider.java    | 1688 +++---
 .../app/backend/user/UserDtoHelper.java       |  219 +-
 .../controls/ControlPasswordField.java        |   13 -
 .../app/login/ChangePasswordActivity.java     |  151 +-
 .../app/login/ChangePasswordViewModel.java    |   49 +
 .../sormas/app/rest/UserFacadeRetro.java      |   22 +-
 .../sormas/app/settings/SettingsFragment.java |  525 +-
 .../activity_change_password_layout.xml       |  134 +-
 .../main/res/layout/layout_loading_dialog.xml |   19 -
 sormas-app/app/src/main/res/values/dimens.xml |   27 +-
 .../app/src/main/res/values/strings.xml       |   19 +-
 sormas-app/pom.xml                            |    2 +-
 .../backend/user/CurrentUserService.java      |  257 +-
 .../sormas/backend/user/UserFacadeEjb.java    | 2301 ++++----
 .../user/event/PasswordResetEvent.java        |   16 +-
 .../sormas/backend/AbstractBeanTest.java      | 1581 +++---
 .../sormas/backend/TestDataCreator.java       | 4857 ++++++++---------
 .../EnvironmentSampleServiceTest.java         |  224 +-
 .../backend/user/UserFacadeEjbTest.java       |  921 ++--
 .../sormas/rest/resources/UserResource.java   |  148 +-
 .../main/java/de/symeda/sormas/ui/Menu.java   |  350 +-
 .../sormas/ui/user/UpdatePasswordForm.java    |   87 +-
 .../symeda/sormas/ui/user/UserController.java |  983 ++--
 .../ui/utils/UpdatePasswordValidator.java     |   28 -
 27 files changed, 7500 insertions(+), 7648 deletions(-)
 create mode 100644 sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordViewModel.java
 delete mode 100644 sormas-app/app/src/main/res/layout/layout_loading_dialog.xml
 delete mode 100644 sormas-ui/src/main/java/de/symeda/sormas/ui/utils/UpdatePasswordValidator.java

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
index 2541df20184..fb86f7e9fe3 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
@@ -44,8 +44,4 @@ public TaskContext getTaskContext() {
 	public String getUuid() {
 		return uuid;
 	}
-
-	public void setUuid(String uuid) {
-		this.uuid = uuid;
-	}
 }
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
index 5b7ff0cd2e2..fd141b9f47a 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
@@ -17,18 +17,7 @@
  *******************************************************************************/
 package de.symeda.sormas.api.user;
 
-import java.beans.Transient;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Set;
-import java.util.stream.Collectors;
-
-import javax.validation.constraints.Size;
-
 import com.fasterxml.jackson.annotation.JsonIgnore;
-
 import de.symeda.sormas.api.EntityDto;
 import de.symeda.sormas.api.audit.AuditedClass;
 import de.symeda.sormas.api.i18n.I18nProperties;
@@ -37,246 +26,252 @@
 import de.symeda.sormas.api.utils.DataHelper;
 import de.symeda.sormas.api.utils.FieldConstraints;
 import de.symeda.sormas.api.utils.ValidationException;
+
+import javax.validation.constraints.Size;
+import java.beans.Transient;
+import java.util.*;
+import java.util.stream.Collectors;
+
 @AuditedClass
 public class UserRoleDto extends EntityDto {
 
-	private static final long serialVersionUID = -547459523041494446L;
-
-	public static final String I18N_PREFIX = "UserRole";
-
-	public static final String USER_RIGHTS = "userRights";
-	public static final String CAPTION = "caption";
-	public static final String JURISDICTION_LEVEL = "jurisdictionLevel";
-	public static final String DESCRIPTION = "description";
-	public static final String ENABLED = "enabled";
-	public static final String HAS_OPTIONAL_HEALTH_FACILITY = "hasOptionalHealthFacility";
-	public static final String HAS_ASSOCIATED_DISTRICT_USER = "hasAssociatedDistrictUser";
-	public static final String PORT_HEALTH_USER = "portHealthUser";
-	public static final String NOTIFICATION_TYPES = "notificationTypes";
-	public static final String LINKED_DEFAULT_USER_ROLE = "linkedDefaultUserRole";
-	public static final String RESTRICT_ACCESS_TO_ASSIGNED_ENTITIES = "restrictAccessToAssignedEntities";
-
-	private Set<UserRight> userRights;
-	private boolean enabled = true;
-
-	@Size(max = FieldConstraints.CHARACTER_LIMIT_DEFAULT, message = Validations.textTooLong)
-	private String caption;
-	@Size(max = FieldConstraints.CHARACTER_LIMIT_BIG, message = Validations.textTooLong)
-	private String description;
-	private boolean hasOptionalHealthFacility = false;
-	private boolean hasAssociatedDistrictUser = true;
-	private boolean portHealthUser = false;
-	private DefaultUserRole linkedDefaultUserRole;
-	private JurisdictionLevel jurisdictionLevel;
-	private Set<NotificationType> emailNotificationTypes = Collections.emptySet();
-	private Set<NotificationType> smsNotificationTypes = Collections.emptySet();
-	private boolean restrictAccessToAssignedEntities = false;
-
-	public static UserRoleDto build(UserRight... userRights) {
-
-		UserRoleDto dto = new UserRoleDto();
-		dto.setUuid(DataHelper.createUuid());
-		Set<UserRight> userRightsSet = new HashSet<>();
-		userRightsSet.addAll(Arrays.asList(userRights));
-		dto.setUserRights(userRightsSet);
-		return dto;
-	}
-
-	public Set<UserRight> getUserRights() {
-		return userRights;
-	}
-
-	public void setUserRights(Set<UserRight> userRights) {
-		this.userRights = userRights;
-	}
-
-	public boolean isEnabled() {
-		return enabled;
-	}
-
-	public void setEnabled(boolean enabled) {
-		this.enabled = enabled;
-	}
-
-	public String getCaption() {
-		return caption;
-	}
-
-	public void setCaption(String caption) {
-		this.caption = caption;
-	}
-
-	public String getDescription() {
-		return description;
-	}
-
-	public void setDescription(String description) {
-		this.description = description;
-	}
-
-	public boolean getHasOptionalHealthFacility() {
-		return hasOptionalHealthFacility;
-	}
-
-	public void setHasOptionalHealthFacility(boolean hasOptionalHealthFacility) {
-		this.hasOptionalHealthFacility = hasOptionalHealthFacility;
-	}
-
-	public boolean getHasAssociatedDistrictUser() {
-		return hasAssociatedDistrictUser;
-	}
-
-	public void setHasAssociatedDistrictUser(boolean hasAssociatedDistrictUser) {
-		this.hasAssociatedDistrictUser = hasAssociatedDistrictUser;
-	}
-
-	public boolean isPortHealthUser() {
-		return portHealthUser;
-	}
-
-	public void setPortHealthUser(boolean portHealthUser) {
-		this.portHealthUser = portHealthUser;
-	}
-
-	public JurisdictionLevel getJurisdictionLevel() {
-		return jurisdictionLevel;
-	}
-
-	public void setJurisdictionLevel(JurisdictionLevel jurisdictionLevel) {
-		this.jurisdictionLevel = jurisdictionLevel;
-	}
-
-	public Set<NotificationType> getEmailNotificationTypes() {
-		return emailNotificationTypes;
-	}
-
-	public void setEmailNotificationTypes(Set<NotificationType> emailNotificationTypes) {
-		this.emailNotificationTypes = emailNotificationTypes;
-	}
-
-	public Set<NotificationType> getSmsNotificationTypes() {
-		return smsNotificationTypes;
-	}
-
-	public void setSmsNotificationTypes(Set<NotificationType> smsNotificationTypes) {
-		this.smsNotificationTypes = smsNotificationTypes;
-	}
-
-	public UserRoleReferenceDto toReference() {
-		return new UserRoleReferenceDto(getUuid(), getCaption());
-	}
-
-	public static Set<UserRight> getUserRights(Collection<UserRoleDto> userRoles) {
-
-		return userRoles != null ? userRoles.stream().flatMap(role -> role.getUserRights().stream()).collect(Collectors.toSet()) : null;
-	}
-
-	public DefaultUserRole getLinkedDefaultUserRole() {
-		return linkedDefaultUserRole;
-	}
-
-	public void setLinkedDefaultUserRole(DefaultUserRole linkedDefaultUserRole) {
-		this.linkedDefaultUserRole = linkedDefaultUserRole;
-	}
-
-	public static JurisdictionLevel getJurisdictionLevel(Collection<UserRoleDto> roles) {
-
-		boolean laboratoryJurisdictionPresent = false;
-		for (UserRoleDto role : roles) {
-			final JurisdictionLevel jurisdictionLevel = role.getJurisdictionLevel();
-			if (roles.size() == 1 || (jurisdictionLevel != JurisdictionLevel.NONE && jurisdictionLevel != JurisdictionLevel.LABORATORY)) {
-				return jurisdictionLevel;
-			} else if (jurisdictionLevel == JurisdictionLevel.LABORATORY) {
-				laboratoryJurisdictionPresent = true;
-			}
-		}
-
-		return laboratoryJurisdictionPresent ? JurisdictionLevel.LABORATORY : JurisdictionLevel.NONE;
-	}
-
-	@JsonIgnore
-	public String i18nPrefix() {
-		return I18N_PREFIX;
-	}
-
-	@Transient
-	public NotificationTypes getNotificationTypes() {
-		return NotificationTypes.of(smsNotificationTypes, emailNotificationTypes);
-	}
-
-	@Transient
-	public void setNotificationTypes(NotificationTypes notificationTypes) {
-		this.smsNotificationTypes = notificationTypes.sms;
-		this.emailNotificationTypes = notificationTypes.email;
-	}
-
-	public boolean isRestrictAccessToAssignedEntities() {
-		return restrictAccessToAssignedEntities;
-	}
-
-	public void setRestrictAccessToAssignedEntities(boolean restrictAccessToAssignedEntities) {
-		this.restrictAccessToAssignedEntities = restrictAccessToAssignedEntities;
-	}
-
-	@Override
-	public String buildCaption() {
-		return caption;
-	}
-
-	@SuppressWarnings("serial")
-	public static class UserRoleValidationException extends ValidationException {
-
-		private final UserRoleDto checkedUserRole;
-		private final UserRoleDto forbiddenUserRole;
-
-		public UserRoleValidationException(UserRoleDto checkedUserRole, UserRoleDto forbiddenUserRole) {
-			super(
-				checkedUserRole.getCaption() + " " + I18nProperties.getString(Strings.messageUserRoleCombination) + " "
-					+ forbiddenUserRole.getCaption());
-			this.checkedUserRole = checkedUserRole;
-			this.forbiddenUserRole = forbiddenUserRole;
-		}
-
-		public UserRoleDto getCheckedUserRole() {
-			return checkedUserRole;
-		}
-
-		public UserRoleDto getForbiddenUserRole() {
-			return forbiddenUserRole;
-		}
-	}
-
-	public static class NotificationTypes {
-
-		private final Set<NotificationType> sms;
-		private final Set<NotificationType> email;
-
-		private NotificationTypes(Set<NotificationType> sms, Set<NotificationType> email) {
-			this.sms = sms;
-			this.email = email;
-		}
-
-		public static NotificationTypes of(Set<NotificationType> sms, Set<NotificationType> email) {
-			return new NotificationTypes(sms, email);
-		}
-
-		public Set<NotificationType> getSms() {
-			return sms;
-		}
-
-		public Set<NotificationType> getEmail() {
-			return email;
-		}
-
-		@Override
-		public boolean equals(Object obj) {
-			if (!(obj instanceof NotificationTypes)) {
-				return false;
-			}
-
-			NotificationTypes notificationTypes = (NotificationTypes) obj;
-
-			return sms.equals(notificationTypes.sms) && email.equals(notificationTypes.email);
-		}
-	}
+    private static final long serialVersionUID = -547459523041494446L;
+
+    public static final String I18N_PREFIX = "UserRole";
+
+    public static final String USER_RIGHTS = "userRights";
+    public static final String CAPTION = "caption";
+    public static final String JURISDICTION_LEVEL = "jurisdictionLevel";
+    public static final String DESCRIPTION = "description";
+    public static final String ENABLED = "enabled";
+    public static final String HAS_OPTIONAL_HEALTH_FACILITY = "hasOptionalHealthFacility";
+    public static final String HAS_ASSOCIATED_DISTRICT_USER = "hasAssociatedDistrictUser";
+    public static final String PORT_HEALTH_USER = "portHealthUser";
+    public static final String NOTIFICATION_TYPES = "notificationTypes";
+    public static final String LINKED_DEFAULT_USER_ROLE = "linkedDefaultUserRole";
+    public static final String RESTRICT_ACCESS_TO_ASSIGNED_ENTITIES = "restrictAccessToAssignedEntities";
+
+    private Set<UserRight> userRights;
+    private boolean enabled = true;
+
+    @Size(max = FieldConstraints.CHARACTER_LIMIT_DEFAULT, message = Validations.textTooLong)
+    private String caption;
+    @Size(max = FieldConstraints.CHARACTER_LIMIT_BIG, message = Validations.textTooLong)
+    private String description;
+    private boolean hasOptionalHealthFacility = false;
+    private boolean hasAssociatedDistrictUser = true;
+    private boolean portHealthUser = false;
+    private DefaultUserRole linkedDefaultUserRole;
+    private JurisdictionLevel jurisdictionLevel;
+    private Set<NotificationType> emailNotificationTypes = Collections.emptySet();
+    private Set<NotificationType> smsNotificationTypes = Collections.emptySet();
+    private boolean restrictAccessToAssignedEntities = false;
+
+    public static UserRoleDto build(UserRight... userRights) {
+
+        UserRoleDto dto = new UserRoleDto();
+        dto.setUuid(DataHelper.createUuid());
+        Set<UserRight> userRightsSet = new HashSet<>();
+        userRightsSet.addAll(Arrays.asList(userRights));
+        dto.setUserRights(userRightsSet);
+        return dto;
+    }
+
+    public Set<UserRight> getUserRights() {
+        return userRights;
+    }
+
+    public void setUserRights(Set<UserRight> userRights) {
+        this.userRights = userRights;
+    }
+
+    public boolean isEnabled() {
+        return enabled;
+    }
+
+    public void setEnabled(boolean enabled) {
+        this.enabled = enabled;
+    }
+
+    public String getCaption() {
+        return caption;
+    }
+
+    public void setCaption(String caption) {
+        this.caption = caption;
+    }
+
+    public String getDescription() {
+        return description;
+    }
+
+    public void setDescription(String description) {
+        this.description = description;
+    }
+
+    public boolean getHasOptionalHealthFacility() {
+        return hasOptionalHealthFacility;
+    }
+
+    public void setHasOptionalHealthFacility(boolean hasOptionalHealthFacility) {
+        this.hasOptionalHealthFacility = hasOptionalHealthFacility;
+    }
+
+    public boolean getHasAssociatedDistrictUser() {
+        return hasAssociatedDistrictUser;
+    }
+
+    public void setHasAssociatedDistrictUser(boolean hasAssociatedDistrictUser) {
+        this.hasAssociatedDistrictUser = hasAssociatedDistrictUser;
+    }
+
+    public boolean isPortHealthUser() {
+        return portHealthUser;
+    }
+
+    public void setPortHealthUser(boolean portHealthUser) {
+        this.portHealthUser = portHealthUser;
+    }
+
+    public JurisdictionLevel getJurisdictionLevel() {
+        return jurisdictionLevel;
+    }
+
+    public void setJurisdictionLevel(JurisdictionLevel jurisdictionLevel) {
+        this.jurisdictionLevel = jurisdictionLevel;
+    }
+
+    public Set<NotificationType> getEmailNotificationTypes() {
+        return emailNotificationTypes;
+    }
+
+    public void setEmailNotificationTypes(Set<NotificationType> emailNotificationTypes) {
+        this.emailNotificationTypes = emailNotificationTypes;
+    }
+
+    public Set<NotificationType> getSmsNotificationTypes() {
+        return smsNotificationTypes;
+    }
+
+    public void setSmsNotificationTypes(Set<NotificationType> smsNotificationTypes) {
+        this.smsNotificationTypes = smsNotificationTypes;
+    }
+
+    public UserRoleReferenceDto toReference() {
+        return new UserRoleReferenceDto(getUuid(), getCaption());
+    }
+
+    public static Set<UserRight> getUserRights(Collection<UserRoleDto> userRoles) {
+
+        return userRoles != null ? userRoles.stream().flatMap(role -> role.getUserRights().stream()).collect(Collectors.toSet()) : null;
+    }
+
+    public DefaultUserRole getLinkedDefaultUserRole() {
+        return linkedDefaultUserRole;
+    }
+
+    public void setLinkedDefaultUserRole(DefaultUserRole linkedDefaultUserRole) {
+        this.linkedDefaultUserRole = linkedDefaultUserRole;
+    }
+
+    public static JurisdictionLevel getJurisdictionLevel(Collection<UserRoleDto> roles) {
+
+        boolean laboratoryJurisdictionPresent = false;
+        for (UserRoleDto role : roles) {
+            final JurisdictionLevel jurisdictionLevel = role.getJurisdictionLevel();
+            if (roles.size() == 1 || (jurisdictionLevel != JurisdictionLevel.NONE && jurisdictionLevel != JurisdictionLevel.LABORATORY)) {
+                return jurisdictionLevel;
+            } else if (jurisdictionLevel == JurisdictionLevel.LABORATORY) {
+                laboratoryJurisdictionPresent = true;
+            }
+        }
+
+        return laboratoryJurisdictionPresent ? JurisdictionLevel.LABORATORY : JurisdictionLevel.NONE;
+    }
+
+    @JsonIgnore
+    public String i18nPrefix() {
+        return I18N_PREFIX;
+    }
+
+    @Transient
+    public NotificationTypes getNotificationTypes() {
+        return NotificationTypes.of(smsNotificationTypes, emailNotificationTypes);
+    }
+
+    @Transient
+    public void setNotificationTypes(NotificationTypes notificationTypes) {
+        this.smsNotificationTypes = notificationTypes.sms;
+        this.emailNotificationTypes = notificationTypes.email;
+    }
+
+    public boolean isRestrictAccessToAssignedEntities() {
+        return restrictAccessToAssignedEntities;
+    }
+
+    public void setRestrictAccessToAssignedEntities(boolean restrictAccessToAssignedEntities) {
+        this.restrictAccessToAssignedEntities = restrictAccessToAssignedEntities;
+    }
+
+    @Override
+    public String buildCaption() {
+        return caption;
+    }
+
+    @SuppressWarnings("serial")
+    public static class UserRoleValidationException extends ValidationException {
+
+        private final UserRoleDto checkedUserRole;
+        private final UserRoleDto forbiddenUserRole;
+
+        public UserRoleValidationException(UserRoleDto checkedUserRole, UserRoleDto forbiddenUserRole) {
+            super(
+                    checkedUserRole.getCaption() + " " + I18nProperties.getString(Strings.messageUserRoleCombination) + " "
+                            + forbiddenUserRole.getCaption());
+            this.checkedUserRole = checkedUserRole;
+            this.forbiddenUserRole = forbiddenUserRole;
+        }
+
+        public UserRoleDto getCheckedUserRole() {
+            return checkedUserRole;
+        }
+
+        public UserRoleDto getForbiddenUserRole() {
+            return forbiddenUserRole;
+        }
+    }
+
+    public static class NotificationTypes {
+
+        private final Set<NotificationType> sms;
+        private final Set<NotificationType> email;
+
+        private NotificationTypes(Set<NotificationType> sms, Set<NotificationType> email) {
+            this.sms = sms;
+            this.email = email;
+        }
+
+        public static NotificationTypes of(Set<NotificationType> sms, Set<NotificationType> email) {
+            return new NotificationTypes(sms, email);
+        }
+
+        public Set<NotificationType> getSms() {
+            return sms;
+        }
+
+        public Set<NotificationType> getEmail() {
+            return email;
+        }
+
+        @Override
+        public boolean equals(Object obj) {
+            if (!(obj instanceof NotificationTypes)) {
+                return false;
+            }
+
+            NotificationTypes notificationTypes = (NotificationTypes) obj;
+
+            return sms.equals(notificationTypes.sms) && email.equals(notificationTypes.email);
+        }
+    }
 }
diff --git a/sormas-app/app/src/main/AndroidManifest.xml b/sormas-app/app/src/main/AndroidManifest.xml
index 2ec0864393b..dc3e18592fc 100644
--- a/sormas-app/app/src/main/AndroidManifest.xml
+++ b/sormas-app/app/src/main/AndroidManifest.xml
@@ -9,16 +9,9 @@
     <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
     <uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
     <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
-
     <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" />
     <uses-permission android:name="android.permission.WAKE_LOCK" />
-
     <uses-feature android:name="android.hardware.location.gps" />
-    <uses-feature
-        android:name="android.hardware.camera"
-        android:required="false" />
-
-    <uses-permission android:name="android.permission.CAMERA" />
     <uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
 
     <application
@@ -28,12 +21,6 @@
         android:label="@string/app_name"
         android:supportsRtl="true"
         android:theme="@style/SormasTheme" >
-        <activity
-            android:name=".login.ChangePasswordActivity"
-            android:launchMode="singleTop"
-            android:screenOrientation="portrait"
-            android:theme="@style/SormasTheme"
-            android:windowSoftInputMode="stateHidden" />
 
         <uses-library
             android:name="android.test.runner"
@@ -474,9 +461,12 @@
             android:launchMode="singleTop">
         </activity>
 
-        <!-- Only needed for androidTest - found no other way to manifest this -->
-<!--        <activity-->
-<!--            android:name=".TestBackendActivity" />-->
+        <activity
+            android:name=".login.ChangePasswordActivity"
+            android:launchMode="singleTop"
+            android:screenOrientation="portrait"
+            android:theme="@style/SormasTheme"
+            android:windowSoftInputMode="stateHidden" />
 
         <activity
             android:name=".barcode.BarcodeActivity" />
@@ -530,12 +520,11 @@
         <service
             android:name=".core.TaskNotificationService"
             android:enabled="true" />
+
         <service
             android:name=".core.FeatureConfigurationService"
             android:enabled="true" /> <!-- <service android:name="com.google.android.gms.analytics.CampaignTrackingService" /> -->
-        <!-- <service -->
-        <!-- android:name=".core.TaskNotificationService" -->
-        <!-- android:enabled="true" /> -->
+
         <receiver
             android:name=".LbdsRecevierComponent"
             android:enabled="true"
@@ -543,7 +532,6 @@
             <intent-filter>
                 <action android:name="android.intent.action.BOOT_COMPLETED" />
                 <action android:name="android.intent.action.SEND" />
-
                 <category android:name="android.intent.category.DEFAULT" />
             </intent-filter>
         </receiver>
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
index 5353e75e89f..7b04d4b1cc8 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
@@ -15,6 +15,15 @@
 
 package de.symeda.sormas.app.backend.config;
 
+import android.app.Activity;
+import android.app.AlertDialog;
+import android.content.Context;
+import android.content.DialogInterface;
+import android.os.Build;
+import android.security.KeyPairGeneratorSpec;
+import android.util.Base64;
+import android.util.Log;
+
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
@@ -47,15 +56,6 @@
 import javax.crypto.NoSuchPaddingException;
 import javax.security.auth.x500.X500Principal;
 
-import android.app.Activity;
-import android.app.AlertDialog;
-import android.content.Context;
-import android.content.DialogInterface;
-import android.os.Build;
-import android.security.KeyPairGeneratorSpec;
-import android.util.Base64;
-import android.util.Log;
-
 import de.symeda.sormas.api.user.UserRight;
 import de.symeda.sormas.api.utils.DataHelper;
 import de.symeda.sormas.app.R;
@@ -68,842 +68,844 @@
 
 public final class ConfigProvider {
 
-	private static String KEY_USERNAME = "username";
-	private static String KEY_PASSWORD = "password";
-	private static String KEY_PIN = "pin";
-	private static String KEY_SERVER_REST_URL = "serverRestUrl";
-	private static String KEY_ACCESS_GRANTED = "accessGranted";
-	private static String KEY_REPULL_NEEDED = "repullNeeded";
-	private static String LAST_NOTIFICATION_DATE = "lastNotificationDate";
-	private static final String LAST_OBSOLETE_UUIDS_SYNC_DATE = "lastObsoleteUuidsSyncDate";
-	private static String CURRENT_APP_DOWNLOAD_ID = "currentAppDownloadId";
-	private static String SERVER_LOCALE = "locale";
-	private static String SERVER_COUNTRY_NAME = "countryname";
-	private static String INITIAL_SYNC_REQUIRED = "initialSyncRequired";
-
-	private static String LBDS_SORMAS_PRIVATE_KEY_AES_SECRET = "lbdsSormasPrivateKeyAesSecret";
-	private static String LBDS_SORMAS_PRIVATE_KEY = "lbdsSormasPrivateKey";
-	private static String LBDS_SORMAS_PUBLIC_KEY = "lbdsSormasPublicKey";
-	private static String LBDS_SERVICE_PUBLIC_KEY = "lbdsServicePublicKey";
-	private static String LBDS_AES_SECRET = "lbdsAesSecret";
-	private static String LBDS_DEBUG_URL = "lbdsDebugUrl";
-
-	private static String LBDS_KEYSTORE_ALIAS_SORMAS_PRIVATE_KEY_AES_SECRET = "LBDS_PRIVATE_KEY_AES_SECRET";
-	private static String LBDS_KEYSTORE_ALIAS_AES_SECRET = "LBDS_AES_SECRET";
-
-	private static final String FULL_COUNTRY_LOCALE_PATTERN = "[a-zA-Z]*-[a-zA-Z]*";
-
-	public static ConfigProvider instance = null;
-
-	public static void init(Context context) {
-		if (instance != null) {
-			Log.e(ConfigProvider.class.getName(), "ConfigProvider has already been initalized");
-		}
-		instance = new ConfigProvider(context);
-	}
-
-	private final Context context;
-
-	private String serverRestUrl;
-	private String username;
-	private String password;
-	private String pin;
-	private User user;
-	private Set<UserRight> userRights; // just a cache
-	private Date lastNotificationDate;
-	private Date lastObsoleteUuidsSyncDate;
-	private Long currentAppDownloadId;
-	private Boolean accessGranted;
-	private String serverLocale;
-	private String serverCountryName;
-	private Boolean repullNeeded;
-	private Boolean initialSyncRequired;
-
-	private String lbdsSormasPrivateKeyAesSecret;
-	private String lbdsSormasPrivateKeyPKCS8;
-	private PublicKey lbdsSormasPublicKey;
-	private PublicKey lbdsServicePublicKey;
-	private String lbdsAesSecret;
-	private String serverLbdsDebugUrl;
-
-	private ConfigProvider(Context context) {
-		this.context = context;
-	}
-
-
-
-	private boolean hasDeviceEncryption() {
-
-		// Device encryption is no longer used, because it's not reliably implemented
-		// on old android devices (versions 5 and 6) - see #410
-		// As a replacement the database should be encrypted #905
-		return true;
+    private static String KEY_USERNAME = "username";
+    private static String KEY_PASSWORD = "password";
+    private static String KEY_PIN = "pin";
+    private static String KEY_SERVER_REST_URL = "serverRestUrl";
+    private static String KEY_ACCESS_GRANTED = "accessGranted";
+    private static String KEY_REPULL_NEEDED = "repullNeeded";
+    private static String LAST_NOTIFICATION_DATE = "lastNotificationDate";
+    private static final String LAST_OBSOLETE_UUIDS_SYNC_DATE = "lastObsoleteUuidsSyncDate";
+    private static String CURRENT_APP_DOWNLOAD_ID = "currentAppDownloadId";
+    private static String SERVER_LOCALE = "locale";
+    private static String SERVER_COUNTRY_NAME = "countryname";
+    private static String INITIAL_SYNC_REQUIRED = "initialSyncRequired";
+
+    private static String LBDS_SORMAS_PRIVATE_KEY_AES_SECRET = "lbdsSormasPrivateKeyAesSecret";
+    private static String LBDS_SORMAS_PRIVATE_KEY = "lbdsSormasPrivateKey";
+    private static String LBDS_SORMAS_PUBLIC_KEY = "lbdsSormasPublicKey";
+    private static String LBDS_SERVICE_PUBLIC_KEY = "lbdsServicePublicKey";
+    private static String LBDS_AES_SECRET = "lbdsAesSecret";
+    private static String LBDS_DEBUG_URL = "lbdsDebugUrl";
+
+    private static String LBDS_KEYSTORE_ALIAS_SORMAS_PRIVATE_KEY_AES_SECRET = "LBDS_PRIVATE_KEY_AES_SECRET";
+    private static String LBDS_KEYSTORE_ALIAS_AES_SECRET = "LBDS_AES_SECRET";
+
+    private static final String FULL_COUNTRY_LOCALE_PATTERN = "[a-zA-Z]*-[a-zA-Z]*";
+
+    public static ConfigProvider instance = null;
+
+    public static void init(Context context) {
+        if (instance != null) {
+            Log.e(ConfigProvider.class.getName(), "ConfigProvider has already been initalized");
+        }
+        instance = new ConfigProvider(context);
+    }
+
+    private final Context context;
+
+    private String serverRestUrl;
+    private String username;
+    private String password;
+    private String pin;
+    private User user;
+    private Set<UserRight> userRights; // just a cache
+    private Date lastNotificationDate;
+    private Date lastObsoleteUuidsSyncDate;
+    private Long currentAppDownloadId;
+    private Boolean accessGranted;
+    private String serverLocale;
+    private String serverCountryName;
+    private Boolean repullNeeded;
+    private Boolean initialSyncRequired;
+
+    private String lbdsSormasPrivateKeyAesSecret;
+    private String lbdsSormasPrivateKeyPKCS8;
+    private PublicKey lbdsSormasPublicKey;
+    private PublicKey lbdsServicePublicKey;
+    private String lbdsAesSecret;
+    private String serverLbdsDebugUrl;
+
+    private ConfigProvider(Context context) {
+        this.context = context;
+    }
+
+
+    private boolean hasDeviceEncryption() {
+
+        // Device encryption is no longer used, because it's not reliably implemented
+        // on old android devices (versions 5 and 6) - see #410
+        // As a replacement the database should be encrypted #905
+        return true;
 //        DevicePolicyManager dpm = (DevicePolicyManager) context.getSystemService(Context.DEVICE_POLICY_SERVICE);
 //        return dpm.getStorageEncryptionStatus() == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE ||
 //                dpm.getStorageEncryptionStatus() == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE_PER_USER ||
 //                dpm.getStorageEncryptionStatus() == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY;
-	}
-
-	/**
-	 * If device encryption is not active, show a non-cancelable alert that blocks app usage
-	 *
-	 * @param activity
-	 * @return
-	 */
-	public static boolean ensureDeviceEncryption(final Activity activity) {
-
-		if (!instance.hasDeviceEncryption()) {
-			AlertDialog.Builder builder = new AlertDialog.Builder(activity);
-			builder.setCancelable(false);
-			builder.setMessage(R.string.message_encryption);
-			AlertDialog dialog = builder.create();
-			dialog.setButton(AlertDialog.BUTTON_POSITIVE, activity.getString(R.string.action_ok), new DialogInterface.OnClickListener() {
-
-				@Override
-				public void onClick(DialogInterface dialog, int which) {
-					Activity finishActivity = activity;
-					do {
-						finishActivity.finish();
-						finishActivity = finishActivity.getParent();
-					}
-					while (finishActivity != null);
-				}
-			});
-			dialog.show();
-			return false;
-		}
-		return true;
-	}
-
-	public static User getUser() {
-		synchronized (ConfigProvider.class) {
-			if (instance.user == null || instance.userRights == null) {
-				String username = getUsername();
-				String password = getPassword(); // needed to not automatically "login" again on logout with missing server connection
-				if (username != null && password != null) {
-					instance.user = DatabaseHelper.getUserDao().getByUsername(username);
-				}
-			}
-			return instance.user;
-		}
-	}
-
-	public static Set<UserRight> getUserRights() {
-		synchronized (ConfigProvider.class) {
-			if (instance.userRights == null) {
-				User user = getUser();
-				if (user != null) {
-					Set<UserRight> userRights = new HashSet();
-					for (UserRole userRole : user.getUserRoles()) {
-						userRights.addAll(userRole.getUserRights());
-					}
-					instance.userRights = userRights;
-				} else {
-					return new HashSet();
-				}
-			}
-			return instance.userRights;
-		}
-	}
-
-	public static boolean hasUserRight(UserRight userRight) {
-		Set<UserRight> userRights = getUserRights();
-		return userRights != null && userRights.contains(userRight);
-	}
-
-	public static void clearUserRights() {
-		instance.userRights = null;
-	}
-
-	public static String getUsername() {
-		synchronized (ConfigProvider.class) {
-			if (instance.username == null) {
-				Config config = DatabaseHelper.getConfigDao().queryForId(KEY_USERNAME);
-				if (config != null) {
-					instance.username = config.getValue();
-				}
-			}
-			return instance.username;
-		}
-	}
-
-	public static String getPassword() {
-		synchronized (ConfigProvider.class) {
-			if (instance.password == null) {
-				Config config = DatabaseHelper.getConfigDao().queryForId(KEY_PASSWORD);
-				if (config != null) {
-					instance.password = config.getValue();
-				}
-			}
-			return instance.decodeCredential(instance.password, "Password");
-		}
-	}
-
-	public static String getPin() {
-		if (instance.pin == null) {
-			Config config = DatabaseHelper.getConfigDao().queryForId(KEY_PIN);
-			if (config != null) {
-				instance.pin = config.getValue();
-			}
-		}
-		return instance.decodeCredential(instance.pin, "PIN");
-	}
-
-	public static void clearUserLogin() {
-		// synchronized to make sure this does not interfere with setUserNameAndPassword or getUsername/getPassword
-		synchronized (ConfigProvider.class) {
-
-			ConfigDao configDao = DatabaseHelper.getConfigDao();
-			if (configDao.queryForId(KEY_PASSWORD) != null) {
-				configDao.delete(new Config(KEY_PASSWORD, ""));
-			}
-			instance.password = null;
-
-			// remember the username - needed to decide whether non-infrastructure data has to be cleared
-			// instance.username = null;
-
-			instance.user = null;
-			instance.accessGranted = null;
-			instance.lastNotificationDate = null;
-			instance.lastObsoleteUuidsSyncDate = null;
-			instance.userRights = null;
-
-			// old credentials are no longer valid
-			RetroProvider.disconnect();
-		}
-	}
-
-	public static void clearPin() {
-		instance.pin = null;
-
-		ConfigDao configDao = DatabaseHelper.getConfigDao();
-		if (configDao.queryForId(KEY_PIN) == null) {
-			return;
-		}
-
-		configDao.delete(new Config(KEY_PIN, ""));
-
-		setAccessGranted(false);
-	}
-
-	public static void setUsernameAndPassword(String username, String password) {
-		synchronized (ConfigProvider.class) {
-			if (username == null)
-				throw new NullPointerException("username");
-			if (password == null)
-				throw new NullPointerException("password");
-
-			password = instance.encodeCredential(password, "Password");
-
-			if (username.equals(instance.username) && password.equals(instance.password)) {
-				return;
-			}
-
-			if (!username.equals(instance.username)) {
-				DatabaseHelper.clearTables(false);
-			}
-
-			instance.user = null;
-			instance.username = username;
-			instance.password = password;
-
-			DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_USERNAME, username));
-			DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PASSWORD, password));
-
-			setRepullNeeded(true);
-		}
-	}
-	public static void setNewPassword(String password) {
-		if (password == null)
-			throw new NullPointerException("password");
-		password = instance.encodeCredential(password, "Password");
-
-		instance.password = password;
-		DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PASSWORD, password));
-
-	}
-
-	public static void setPin(String pin) {
-		if (pin == null) {
-			throw new NullPointerException("pin");
-		}
-
-		pin = instance.encodeCredential(pin, "PIN");
-
-		if (pin.equals(instance.pin)) {
-			return;
-		}
-
-		instance.pin = pin;
-
-		DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PIN, pin));
-	}
-
-	private String encodeCredential(String clearCredential, String keyStoreAlias) {
-
-		if (clearCredential == null) {
-			return null;
-		}
-
-		if (!hasDeviceEncryption()) {
-			throw new IllegalStateException(context.getString(R.string.message_encryption));
-		}
-
-		try {
-			KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
-			keyStore.load(null);
-
-			if (!keyStore.containsAlias(keyStoreAlias)) {
-				Calendar start = Calendar.getInstance();
-				Calendar end = Calendar.getInstance();
-				end.add(Calendar.YEAR, 1);
-
-				KeyPairGeneratorSpec credentialsSpec = new KeyPairGeneratorSpec.Builder(instance.context).setAlias(keyStoreAlias)
-					.setSubject(new X500Principal("CN=SORMAS, O=symeda, C=Germany"))
-					.setSerialNumber(BigInteger.ONE)
-					.setStartDate(start.getTime())
-					.setEndDate(end.getTime())
-					.build();
-
-				KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
-				generator.initialize(credentialsSpec);
-				generator.generateKeyPair();
-			}
-
-			PublicKey publicKey;
-			if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
-				publicKey = keyStore.getCertificate(keyStoreAlias).getPublicKey();
-			} else {
-				KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(keyStoreAlias, null);
-				publicKey = privateKeyEntry.getCertificate().getPublicKey();
-			}
-
-			if (publicKey == null) {
-				return null;
-			}
-
-			Cipher input = Cipher.getInstance("RSA/ECB/PKCS1Padding");
-			input.init(Cipher.ENCRYPT_MODE, publicKey);
-
-			ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-			CipherOutputStream cipherOutputStream = new CipherOutputStream(outputStream, input);
-			cipherOutputStream.write(clearCredential.getBytes("UTF-8"));
-			cipherOutputStream.close();
-
-			byte[] resultByteArray = outputStream.toByteArray();
-			String result = Base64.encodeToString(resultByteArray, Base64.DEFAULT);
-			return result;
-
-		} catch (KeyStoreException
-			| NoSuchAlgorithmException
-			| NoSuchProviderException
-			| UnrecoverableEntryException
-			| IOException
-			| NoSuchPaddingException
-			| InvalidKeyException
-			| CertificateException
-			| InvalidAlgorithmParameterException e) {
-			throw new RuntimeException(e);
-		}
-	}
-
-	private String decodeCredential(String encodedCredential, String keyStoreAlias) {
-
-		if (encodedCredential == null) {
-			return null;
-		}
-
-		if (!hasDeviceEncryption()) {
-			throw new IllegalStateException(context.getString(R.string.message_encryption));
-		}
-
-		try {
-			KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
-			keyStore.load(null);
-
-			PrivateKey privateKey;
-			if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
-				privateKey = (PrivateKey) keyStore.getKey(keyStoreAlias, null);
-			} else {
-				KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(keyStoreAlias, null);
-				privateKey = privateKeyEntry.getPrivateKey();
-			}
-
-			if (privateKey == null) {
-				return null;
-			}
-
-			Cipher decryptCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
-			decryptCipher.init(Cipher.DECRYPT_MODE, privateKey);
-
-			byte[] encodedBytes = Base64.decode(encodedCredential, Base64.DEFAULT);
-			InputStream inputStream = new ByteArrayInputStream(encodedBytes);
-			CipherInputStream cipherStream = new CipherInputStream(inputStream, decryptCipher);
-			byte[] passwordBytes = new byte[1024];
-			int passwordByteLength = cipherStream.read(passwordBytes);
-			cipherStream.close();
-
-			if (passwordByteLength <= 0) {
-				return null;
-			}
-
-			String result = new String(passwordBytes, 0, passwordByteLength, "UTF-8");
-			return result;
-
-		} catch (KeyStoreException
-			| UnrecoverableEntryException
-			| NoSuchAlgorithmException
-			| CertificateException
-			| InvalidKeyException
-			| NoSuchPaddingException
-			| IOException e) {
-			throw new RuntimeException(e);
-		}
-	}
-
-	private static void saveConfigEntry(String configKey, String configValue) {
-		if (configValue == null) {
-			DatabaseHelper.getConfigDao().delete(new Config(configKey, ""));
-		} else {
-			DatabaseHelper.getConfigDao().createOrUpdate(new Config(configKey, configValue));
-		}
-	}
-
-	public static String getServerRestUrl() {
-		if (instance.serverRestUrl == null)
-			synchronized (ConfigProvider.class) {
-				if (instance.serverRestUrl == null) {
-					Config config = DatabaseHelper.getConfigDao().queryForId(KEY_SERVER_REST_URL);
-					if (config != null) {
-						instance.serverRestUrl = config.getValue();
-
-						// take care of old mal-formatted urls
-						String properServerRestUrl = toProperRestUrl(instance.serverRestUrl);
-						if (!DataHelper.equal(instance.serverRestUrl, properServerRestUrl)) {
-							instance.serverRestUrl = properServerRestUrl;
-							saveConfigEntry(KEY_SERVER_REST_URL, instance.serverRestUrl);
-						}
-					}
-
-					if (instance.serverRestUrl == null) {
-						// fallback to default
-
-						String serverUrlDefault = toProperRestUrl(SormasProperties.getServerUrlDefault());
-						if (serverUrlDefault != null) {
-							instance.serverRestUrl = serverUrlDefault;
-							saveConfigEntry(KEY_SERVER_REST_URL, instance.serverRestUrl);
-						}
-					}
-				}
-			}
-		return instance.serverRestUrl;
-	}
-
-	public static void setServerRestUrl(String serverRestUrl) {
-
-		serverRestUrl = toProperRestUrl(serverRestUrl);
-		String currentServerRestUrl = getServerRestUrl();
-
-		if (DataHelper.equal(serverRestUrl, currentServerRestUrl))
-			return;
-
-		boolean wasNull = currentServerRestUrl == null;
-
-		instance.serverRestUrl = serverRestUrl;
-		saveConfigEntry(KEY_SERVER_REST_URL, serverRestUrl);
-
-		if (!wasNull) {
-			// new server: clear everything
-			clearUserLogin();
-			DatabaseHelper.clearTables(true);
-		}
-	}
-
-	private static String toProperRestUrl(String serverRestUrl) {
-		// clean up url
-		if (serverRestUrl != null) {
-			serverRestUrl = serverRestUrl.trim();
-		}
-		if (serverRestUrl != null && serverRestUrl.isEmpty()) {
-			serverRestUrl = null;
-		}
-		if (serverRestUrl != null && !serverRestUrl.endsWith("/")) {
-			serverRestUrl += "/";
-		}
-		return serverRestUrl;
-	}
-
-	public static Date getLastNotificationDate() {
-		if (instance.lastNotificationDate == null)
-			synchronized (ConfigProvider.class) {
-				if (instance.lastNotificationDate == null) {
-					Config config = DatabaseHelper.getConfigDao().queryForId(LAST_NOTIFICATION_DATE);
-					if (config != null) {
-						instance.lastNotificationDate = new Date(Long.parseLong(config.getValue()));
-					}
-
-				}
-			}
-		return instance.lastNotificationDate;
-	}
-
-	public static void setLastNotificationDate(Date lastNotificationDate) {
-		if (lastNotificationDate != null && lastNotificationDate.equals(instance.lastNotificationDate)) {
-			return;
-		}
-
-		instance.lastNotificationDate = lastNotificationDate;
-		saveConfigEntry(LAST_NOTIFICATION_DATE, lastNotificationDate != null ? String.valueOf(lastNotificationDate.getTime()) : null);
-	}
-
-	public static Date getLastObsoleteUuidsSyncDate() {
-		if (instance.lastObsoleteUuidsSyncDate == null) {
-			synchronized (ConfigProvider.class) {
-				if (instance.lastObsoleteUuidsSyncDate == null) {
-					Config config = DatabaseHelper.getConfigDao().queryForId(LAST_OBSOLETE_UUIDS_SYNC_DATE);
-					if (config != null) {
-						instance.lastObsoleteUuidsSyncDate = new Date(Long.parseLong(config.getValue()));
-					}
-
-				}
-			}
-		}
-
-		return instance.lastObsoleteUuidsSyncDate;
-	}
-
-	public static void setLastObsoleteUuidsSyncDate(Date lastObsoleteUuidsSyncDate) {
-		if (lastObsoleteUuidsSyncDate != null && lastObsoleteUuidsSyncDate.equals(instance.lastObsoleteUuidsSyncDate)) {
-			return;
-		}
-
-		instance.lastObsoleteUuidsSyncDate = lastObsoleteUuidsSyncDate;
-		saveConfigEntry(
-			LAST_OBSOLETE_UUIDS_SYNC_DATE,
-			lastObsoleteUuidsSyncDate != null ? String.valueOf(lastObsoleteUuidsSyncDate.getTime()) : null);
-	}
-
-	public static Long getCurrentAppDownloadId() {
-		if (instance.currentAppDownloadId == null) {
-			synchronized (ConfigProvider.class) {
-				if (instance.currentAppDownloadId == null) {
-					Config config = DatabaseHelper.getConfigDao().queryForId(CURRENT_APP_DOWNLOAD_ID);
-					if (config != null) {
-						instance.currentAppDownloadId = DataHelper.tryParseLong(config.getValue());
-					}
-				}
-			}
-		}
-		return instance.currentAppDownloadId;
-	}
-
-	public static void setCurrentAppDownloadId(Long currentAppDownloadId) {
-		if (currentAppDownloadId != null && currentAppDownloadId.equals(instance.currentAppDownloadId)) {
-			return;
-		}
-
-		instance.currentAppDownloadId = currentAppDownloadId;
-		saveConfigEntry(CURRENT_APP_DOWNLOAD_ID, currentAppDownloadId != null ? String.valueOf(currentAppDownloadId) : null);
-	}
-
-	public static Boolean isAccessGranted() {
-		if (instance.accessGranted == null) {
-			Config config = DatabaseHelper.getConfigDao().queryForId(KEY_ACCESS_GRANTED);
-			if (config != null) {
-				instance.accessGranted = Boolean.parseBoolean(config.getValue());
-			}
-		}
-		return instance.accessGranted;
-	}
-
-	public static void setAccessGranted(Boolean accessGranted) {
-		if (accessGranted == null) {
-			throw new NullPointerException("accessGranted");
-		}
-
-		if (accessGranted.equals(instance.accessGranted)) {
-			return;
-		}
-
-		instance.accessGranted = accessGranted;
-		DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_ACCESS_GRANTED, String.valueOf(accessGranted)));
-	}
-
-	/**
-	 * When no locale is set Locale.getDefault is set.
-	 * (Actually not relevant, because the locale is always updated to the server's, so this is just a fallback).
-	 * 
-	 * @return Will never be null.
-	 */
-	public static String getServerLocale() {
-		if (instance.serverLocale == null)
-			synchronized (ConfigProvider.class) {
-				if (instance.serverLocale == null) {
-					Config config = DatabaseHelper.getConfigDao().queryForId(SERVER_LOCALE);
-					if (config != null) {
-						instance.serverLocale = config.getValue();
-					}
-
-					if (instance.serverLocale == null) {
-						setServerLocale(Locale.getDefault().toString());
-					}
-				}
-			}
-		return instance.serverLocale;
-	}
-
-	public static String getServerCountryCode() {
-		String locale = getServerLocale();
-		String normalizedLocale = normalizeLocaleString(locale);
-
-		if (normalizedLocale.contains("-")) {
-			return normalizedLocale.substring(normalizedLocale.lastIndexOf("-") + 1);
-		} else {
-			return normalizedLocale;
-		}
-	}
-
-	public static String getServerCountryName() {
-		if (instance.serverCountryName == null) {
-			synchronized (ConfigProvider.class) {
-				if (instance.serverCountryName == null) {
-					Config config = DatabaseHelper.getConfigDao().queryForId(SERVER_COUNTRY_NAME);
-					if (config != null) {
-						instance.serverCountryName = config.getValue();
-					}
-
-					if (instance.serverCountryName == null) {
-						setServerCountryName("");
-					}
-				}
-			}
-		}
-		return instance.serverCountryName;
-	}
-
-	public static String normalizeLocaleString(String locale) {
-		locale = locale.trim();
-		int pos = Math.max(locale.indexOf('-'), locale.indexOf('_'));
-		if (pos < 0) {
-			locale = locale.toLowerCase();
-		} else {
-			locale = locale.substring(0, pos).toLowerCase(Locale.ENGLISH) + '-' + locale.substring(pos + 1).toUpperCase(Locale.ENGLISH);
-		}
-		return locale;
-	}
-
-	public static boolean isConfiguredServer(String countryCode) {
-		if (Pattern.matches(FULL_COUNTRY_LOCALE_PATTERN, getServerLocale())) {
-			return getServerLocale().toLowerCase().endsWith(countryCode.toLowerCase());
-		} else {
-			return getServerLocale().toLowerCase().startsWith(countryCode.toLowerCase());
-		}
-	}
-
-	/**
-	 * Note: This will only take effect after the app has been restarted
-	 */
-	public static void setServerLocale(String serverLocale) {
-		if (serverLocale != null && serverLocale.isEmpty()) {
-			serverLocale = null;
-		}
-
-		if (serverLocale == instance.serverLocale || (serverLocale != null && serverLocale.equals(instance.serverLocale)))
-			return;
-
-		instance.serverLocale = serverLocale;
-		saveConfigEntry(SERVER_LOCALE, serverLocale);
-	}
-
-	public static void setServerCountryName(String serverCountryName) {
-		if (serverCountryName != null && serverCountryName.isEmpty()) {
-			serverCountryName = null;
-		}
-
-		if (serverCountryName == instance.serverCountryName || (serverCountryName != null && serverCountryName.equals(instance.serverCountryName)))
-			return;
-
-		instance.serverCountryName = serverCountryName;
-		saveConfigEntry(SERVER_COUNTRY_NAME, serverCountryName);
-	}
-
-	public static boolean isRepullNeeded() {
-		if (instance.repullNeeded == null) {
-			Config config = DatabaseHelper.getConfigDao().queryForId(KEY_REPULL_NEEDED);
-			if (config != null) {
-				instance.repullNeeded = Boolean.parseBoolean(config.getValue());
-			}
-		}
-		return instance.repullNeeded != null && instance.repullNeeded;
-	}
-
-	public static void setRepullNeeded(boolean repullNeeded) {
-		if (instance.repullNeeded != null && instance.repullNeeded == repullNeeded) {
-			return;
-		}
-
-		instance.repullNeeded = repullNeeded;
-		DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_REPULL_NEEDED, String.valueOf(repullNeeded)));
-	}
-
-	public static boolean isInitialSyncRequired() {
-		if (instance.initialSyncRequired == null) {
-			Config config = DatabaseHelper.getConfigDao().queryForId(INITIAL_SYNC_REQUIRED);
-			if (config != null) {
-				instance.initialSyncRequired = Boolean.parseBoolean(config.getValue());
-			}
-		}
-		return instance.initialSyncRequired == null || instance.initialSyncRequired;
-	}
-
-	public static void setInitialSyncRequired(boolean initialSyncRequired) {
-		if (instance.initialSyncRequired != null && instance.initialSyncRequired == initialSyncRequired) {
-			return;
-		}
-
-		instance.initialSyncRequired = initialSyncRequired;
-		DatabaseHelper.getConfigDao().createOrUpdate(new Config(INITIAL_SYNC_REQUIRED, String.valueOf(initialSyncRequired)));
-	}
-
-	public static void resetLbdsSormasKeys() {
-		try {
-			KeyPair rsa = KeyPairGenerator.getInstance("RSA").genKeyPair();
-			instance.lbdsSormasPublicKey = rsa.getPublic();
-			PrivateKey lbdsSormasPrivateKey = rsa.getPrivate();
-
-			String aesKey = LbdsKeyHelper.generateAESKey();
-			instance.lbdsSormasPrivateKeyPKCS8 = LbdsKeyHelper.encryptAES(LbdsKeyHelper.getPKCS8FromPrivateKey(lbdsSormasPrivateKey), aesKey);
-
-			instance.lbdsSormasPrivateKeyAesSecret = instance.encodeCredential(aesKey, LBDS_KEYSTORE_ALIAS_SORMAS_PRIVATE_KEY_AES_SECRET);
-			DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_SORMAS_PRIVATE_KEY_AES_SECRET, instance.lbdsSormasPrivateKeyAesSecret));
-			DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_SORMAS_PRIVATE_KEY, instance.lbdsSormasPrivateKeyPKCS8));
-			DatabaseHelper.getConfigDao()
-				.createOrUpdate(new Config(LBDS_SORMAS_PUBLIC_KEY, LbdsKeyHelper.getX509FromPublicKey(instance.lbdsSormasPublicKey)));
-		} catch (GeneralSecurityException e) {
-			throw new RuntimeException(e);
-		}
-	}
-
-	private static String getLbdsSormasPrivateKeyAesSecret() {
-		if (instance.lbdsSormasPrivateKeyAesSecret == null) {
-			Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SORMAS_PRIVATE_KEY_AES_SECRET);
-			if (config != null) {
-				instance.lbdsSormasPrivateKeyAesSecret = config.getValue();
-			}
-		}
-		return instance.decodeCredential(instance.lbdsSormasPrivateKeyAesSecret, LBDS_KEYSTORE_ALIAS_SORMAS_PRIVATE_KEY_AES_SECRET);
-	}
-
-	public static PrivateKey getLbdsSormasPrivateKey() {
-		if (instance.lbdsSormasPrivateKeyPKCS8 == null) {
-			Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SORMAS_PRIVATE_KEY);
-			if (config != null) {
-				instance.lbdsSormasPrivateKeyPKCS8 = config.getValue();
-			} else {
-				resetLbdsSormasKeys();
-			}
-		}
-		try {
-			String aesKey = getLbdsSormasPrivateKeyAesSecret();
-			String lbdsSormasPrivateKeyPKCS8 = LbdsKeyHelper.decryptAES(instance.lbdsSormasPrivateKeyPKCS8, aesKey);
-			return LbdsKeyHelper.getPrivateKeyFromPKCS8(lbdsSormasPrivateKeyPKCS8);
-		} catch (GeneralSecurityException e) {
-			throw new RuntimeException(e);
-		}
-	}
-
-	public static PublicKey getLbdsSormasPublicKey() {
-		if (instance.lbdsSormasPublicKey == null) {
-			Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SORMAS_PUBLIC_KEY);
-			if (config != null) {
-				try {
-					instance.lbdsSormasPublicKey = LbdsKeyHelper.getPublicKeyFromX509(config.getValue());
-				} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
-					throw new RuntimeException(e);
-				}
-			} else {
-				resetLbdsSormasKeys();
-			}
-		}
-		return instance.lbdsSormasPublicKey;
-	}
-
-	public static PublicKey getLbdsServicePublicKey() {
-		if (instance.lbdsServicePublicKey == null) {
-			Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SERVICE_PUBLIC_KEY);
-			if (config != null) {
-				try {
-					instance.lbdsServicePublicKey = LbdsKeyHelper.getPublicKeyFromX509(config.getValue());
-				} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
-					throw new RuntimeException(e);
-				}
-			}
-		}
-		return instance.lbdsServicePublicKey;
-	}
-
-	public static void setLbdsServicePublicKey(PublicKey lbdsServicePublicKey) {
-		instance.lbdsServicePublicKey = lbdsServicePublicKey;
-		DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_SERVICE_PUBLIC_KEY, LbdsKeyHelper.getX509FromPublicKey(lbdsServicePublicKey)));
-	}
-
-	public static String getLbdsAesSecret() {
-		if (instance.lbdsAesSecret == null) {
-			Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_AES_SECRET);
-			if (config != null) {
-				instance.lbdsAesSecret = config.getValue();
-			}
-		}
-		return instance.decodeCredential(instance.lbdsAesSecret, LBDS_KEYSTORE_ALIAS_AES_SECRET);
-	}
-
-	public static void setLbdsAesSecret(String lbdsAesSecret) {
-		if (lbdsAesSecret == null) {
-			throw new NullPointerException("lbdsAesSecret");
-		}
-
-		lbdsAesSecret = instance.encodeCredential(lbdsAesSecret, LBDS_KEYSTORE_ALIAS_AES_SECRET);
-
-		if (lbdsAesSecret.equals(instance.lbdsAesSecret)) {
-			return;
-		}
-
-		instance.lbdsAesSecret = lbdsAesSecret;
-
-		DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_AES_SECRET, lbdsAesSecret));
-	}
-
-	public static String getServerLbdsDebugUrl() {
-		if (instance.serverLbdsDebugUrl == null)
-			synchronized (ConfigProvider.class) {
-				if (instance.serverLbdsDebugUrl == null) {
-					Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_DEBUG_URL);
-					if (config != null) {
-						instance.serverLbdsDebugUrl = config.getValue();
-
-						// take care of old mal-formatted urls
-						String properServerRestUrl = toProperRestUrl(instance.serverLbdsDebugUrl);
-						if (!DataHelper.equal(instance.serverLbdsDebugUrl, properServerRestUrl)) {
-							instance.serverLbdsDebugUrl = properServerRestUrl;
-							saveConfigEntry(LBDS_DEBUG_URL, instance.serverLbdsDebugUrl);
-						}
-					}
-				}
-			}
-		return instance.serverLbdsDebugUrl;
-	}
-
-	public static void setServerLbdsDebugUrl(String serverRestUrl) {
-
-		serverRestUrl = toProperRestUrl(serverRestUrl);
-		String currentServerRestUrl = getServerRestUrl();
-
-		if (DataHelper.equal(serverRestUrl, currentServerRestUrl))
-			return;
-
-		boolean wasNull = currentServerRestUrl == null;
-
-		instance.serverLbdsDebugUrl = serverRestUrl;
-		saveConfigEntry(LBDS_DEBUG_URL, serverRestUrl);
-	}
+    }
+
+    /**
+     * If device encryption is not active, show a non-cancelable alert that blocks app usage
+     *
+     * @param activity
+     * @return
+     */
+    public static boolean ensureDeviceEncryption(final Activity activity) {
+
+        if (!instance.hasDeviceEncryption()) {
+            AlertDialog.Builder builder = new AlertDialog.Builder(activity);
+            builder.setCancelable(false);
+            builder.setMessage(R.string.message_encryption);
+            AlertDialog dialog = builder.create();
+            dialog.setButton(AlertDialog.BUTTON_POSITIVE, activity.getString(R.string.action_ok), new DialogInterface.OnClickListener() {
+
+                @Override
+                public void onClick(DialogInterface dialog, int which) {
+                    Activity finishActivity = activity;
+                    do {
+                        finishActivity.finish();
+                        finishActivity = finishActivity.getParent();
+                    }
+                    while (finishActivity != null);
+                }
+            });
+            dialog.show();
+            return false;
+        }
+        return true;
+    }
+
+    public static User getUser() {
+        synchronized (ConfigProvider.class) {
+            if (instance.user == null || instance.userRights == null) {
+                String username = getUsername();
+                String password = getPassword(); // needed to not automatically "login" again on logout with missing server connection
+                if (username != null && password != null) {
+                    instance.user = DatabaseHelper.getUserDao().getByUsername(username);
+                }
+            }
+            return instance.user;
+        }
+    }
+
+    public static Set<UserRight> getUserRights() {
+        synchronized (ConfigProvider.class) {
+            if (instance.userRights == null) {
+                User user = getUser();
+                if (user != null) {
+                    Set<UserRight> userRights = new HashSet();
+                    for (UserRole userRole : user.getUserRoles()) {
+                        userRights.addAll(userRole.getUserRights());
+                    }
+                    instance.userRights = userRights;
+                } else {
+                    return new HashSet();
+                }
+            }
+            return instance.userRights;
+        }
+    }
+
+    public static boolean hasUserRight(UserRight userRight) {
+        Set<UserRight> userRights = getUserRights();
+        return userRights != null && userRights.contains(userRight);
+    }
+
+    public static void clearUserRights() {
+        instance.userRights = null;
+    }
+
+    public static String getUsername() {
+        synchronized (ConfigProvider.class) {
+            if (instance.username == null) {
+                Config config = DatabaseHelper.getConfigDao().queryForId(KEY_USERNAME);
+                if (config != null) {
+                    instance.username = config.getValue();
+                }
+            }
+            return instance.username;
+        }
+    }
+
+    public static String getPassword() {
+        synchronized (ConfigProvider.class) {
+            if (instance.password == null) {
+                Config config = DatabaseHelper.getConfigDao().queryForId(KEY_PASSWORD);
+                if (config != null) {
+                    instance.password = config.getValue();
+                }
+            }
+            return instance.decodeCredential(instance.password, "Password");
+        }
+    }
+
+    public static String getPin() {
+        if (instance.pin == null) {
+            Config config = DatabaseHelper.getConfigDao().queryForId(KEY_PIN);
+            if (config != null) {
+                instance.pin = config.getValue();
+            }
+        }
+        return instance.decodeCredential(instance.pin, "PIN");
+    }
+
+    public static void clearUserLogin() {
+        // synchronized to make sure this does not interfere with setUserNameAndPassword or getUsername/getPassword
+        synchronized (ConfigProvider.class) {
+
+            ConfigDao configDao = DatabaseHelper.getConfigDao();
+            if (configDao.queryForId(KEY_PASSWORD) != null) {
+                configDao.delete(new Config(KEY_PASSWORD, ""));
+            }
+            instance.password = null;
+
+            // remember the username - needed to decide whether non-infrastructure data has to be cleared
+            // instance.username = null;
+
+            instance.user = null;
+            instance.accessGranted = null;
+            instance.lastNotificationDate = null;
+            instance.lastObsoleteUuidsSyncDate = null;
+            instance.userRights = null;
+
+            // old credentials are no longer valid
+            RetroProvider.disconnect();
+        }
+    }
+
+    public static void clearPin() {
+        instance.pin = null;
+
+        ConfigDao configDao = DatabaseHelper.getConfigDao();
+        if (configDao.queryForId(KEY_PIN) == null) {
+            return;
+        }
+
+        configDao.delete(new Config(KEY_PIN, ""));
+
+        setAccessGranted(false);
+    }
+
+    public static void setUsernameAndPassword(String username, String password) {
+        synchronized (ConfigProvider.class) {
+            if (username == null)
+                throw new NullPointerException("username");
+            if (password == null)
+                throw new NullPointerException("password");
+
+            password = instance.encodeCredential(password, "Password");
+
+            if (username.equals(instance.username) && password.equals(instance.password)) {
+                return;
+            }
+
+            if (!username.equals(instance.username)) {
+                DatabaseHelper.clearTables(false);
+            }
+
+            instance.user = null;
+            instance.username = username;
+            instance.password = password;
+
+            DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_USERNAME, username));
+            DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PASSWORD, password));
+
+            setRepullNeeded(true);
+        }
+    }
+
+    public static void setNewPassword(String password) {
+        System.out.println("Entered setNewPassword");
+        System.out.println("setNewPassword: newPassword: " + password);
+        if (password == null)
+            throw new NullPointerException("password");
+        password = instance.encodeCredential(password, "Password");
+
+        instance.password = password;
+        DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PASSWORD, password));
+
+    }
+
+    public static void setPin(String pin) {
+        if (pin == null) {
+            throw new NullPointerException("pin");
+        }
+
+        pin = instance.encodeCredential(pin, "PIN");
+
+        if (pin.equals(instance.pin)) {
+            return;
+        }
+
+        instance.pin = pin;
+
+        DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PIN, pin));
+    }
+
+    private String encodeCredential(String clearCredential, String keyStoreAlias) {
+
+        if (clearCredential == null) {
+            return null;
+        }
+
+        if (!hasDeviceEncryption()) {
+            throw new IllegalStateException(context.getString(R.string.message_encryption));
+        }
+
+        try {
+            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
+            keyStore.load(null);
+
+            if (!keyStore.containsAlias(keyStoreAlias)) {
+                Calendar start = Calendar.getInstance();
+                Calendar end = Calendar.getInstance();
+                end.add(Calendar.YEAR, 1);
+
+                KeyPairGeneratorSpec credentialsSpec = new KeyPairGeneratorSpec.Builder(instance.context).setAlias(keyStoreAlias)
+                        .setSubject(new X500Principal("CN=SORMAS, O=symeda, C=Germany"))
+                        .setSerialNumber(BigInteger.ONE)
+                        .setStartDate(start.getTime())
+                        .setEndDate(end.getTime())
+                        .build();
+
+                KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
+                generator.initialize(credentialsSpec);
+                generator.generateKeyPair();
+            }
+
+            PublicKey publicKey;
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
+                publicKey = keyStore.getCertificate(keyStoreAlias).getPublicKey();
+            } else {
+                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(keyStoreAlias, null);
+                publicKey = privateKeyEntry.getCertificate().getPublicKey();
+            }
+
+            if (publicKey == null) {
+                return null;
+            }
+
+            Cipher input = Cipher.getInstance("RSA/ECB/PKCS1Padding");
+            input.init(Cipher.ENCRYPT_MODE, publicKey);
+
+            ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+            CipherOutputStream cipherOutputStream = new CipherOutputStream(outputStream, input);
+            cipherOutputStream.write(clearCredential.getBytes("UTF-8"));
+            cipherOutputStream.close();
+
+            byte[] resultByteArray = outputStream.toByteArray();
+            String result = Base64.encodeToString(resultByteArray, Base64.DEFAULT);
+            return result;
+
+        } catch (KeyStoreException
+                 | NoSuchAlgorithmException
+                 | NoSuchProviderException
+                 | UnrecoverableEntryException
+                 | IOException
+                 | NoSuchPaddingException
+                 | InvalidKeyException
+                 | CertificateException
+                 | InvalidAlgorithmParameterException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    private String decodeCredential(String encodedCredential, String keyStoreAlias) {
+
+        if (encodedCredential == null) {
+            return null;
+        }
+
+        if (!hasDeviceEncryption()) {
+            throw new IllegalStateException(context.getString(R.string.message_encryption));
+        }
+
+        try {
+            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
+            keyStore.load(null);
+
+            PrivateKey privateKey;
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
+                privateKey = (PrivateKey) keyStore.getKey(keyStoreAlias, null);
+            } else {
+                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(keyStoreAlias, null);
+                privateKey = privateKeyEntry.getPrivateKey();
+            }
+
+            if (privateKey == null) {
+                return null;
+            }
+
+            Cipher decryptCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
+            decryptCipher.init(Cipher.DECRYPT_MODE, privateKey);
+
+            byte[] encodedBytes = Base64.decode(encodedCredential, Base64.DEFAULT);
+            InputStream inputStream = new ByteArrayInputStream(encodedBytes);
+            CipherInputStream cipherStream = new CipherInputStream(inputStream, decryptCipher);
+            byte[] passwordBytes = new byte[1024];
+            int passwordByteLength = cipherStream.read(passwordBytes);
+            cipherStream.close();
+
+            if (passwordByteLength <= 0) {
+                return null;
+            }
+
+            String result = new String(passwordBytes, 0, passwordByteLength, "UTF-8");
+            return result;
+
+        } catch (KeyStoreException
+                 | UnrecoverableEntryException
+                 | NoSuchAlgorithmException
+                 | CertificateException
+                 | InvalidKeyException
+                 | NoSuchPaddingException
+                 | IOException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    private static void saveConfigEntry(String configKey, String configValue) {
+        if (configValue == null) {
+            DatabaseHelper.getConfigDao().delete(new Config(configKey, ""));
+        } else {
+            DatabaseHelper.getConfigDao().createOrUpdate(new Config(configKey, configValue));
+        }
+    }
+
+    public static String getServerRestUrl() {
+        if (instance.serverRestUrl == null)
+            synchronized (ConfigProvider.class) {
+                if (instance.serverRestUrl == null) {
+                    Config config = DatabaseHelper.getConfigDao().queryForId(KEY_SERVER_REST_URL);
+                    if (config != null) {
+                        instance.serverRestUrl = config.getValue();
+
+                        // take care of old mal-formatted urls
+                        String properServerRestUrl = toProperRestUrl(instance.serverRestUrl);
+                        if (!DataHelper.equal(instance.serverRestUrl, properServerRestUrl)) {
+                            instance.serverRestUrl = properServerRestUrl;
+                            saveConfigEntry(KEY_SERVER_REST_URL, instance.serverRestUrl);
+                        }
+                    }
+
+                    if (instance.serverRestUrl == null) {
+                        // fallback to default
+
+                        String serverUrlDefault = toProperRestUrl(SormasProperties.getServerUrlDefault());
+                        if (serverUrlDefault != null) {
+                            instance.serverRestUrl = serverUrlDefault;
+                            saveConfigEntry(KEY_SERVER_REST_URL, instance.serverRestUrl);
+                        }
+                    }
+                }
+            }
+        return instance.serverRestUrl;
+    }
+
+    public static void setServerRestUrl(String serverRestUrl) {
+
+        serverRestUrl = toProperRestUrl(serverRestUrl);
+        String currentServerRestUrl = getServerRestUrl();
+
+        if (DataHelper.equal(serverRestUrl, currentServerRestUrl))
+            return;
+
+        boolean wasNull = currentServerRestUrl == null;
+
+        instance.serverRestUrl = serverRestUrl;
+        saveConfigEntry(KEY_SERVER_REST_URL, serverRestUrl);
+
+        if (!wasNull) {
+            // new server: clear everything
+            clearUserLogin();
+            DatabaseHelper.clearTables(true);
+        }
+    }
+
+    private static String toProperRestUrl(String serverRestUrl) {
+        // clean up url
+        if (serverRestUrl != null) {
+            serverRestUrl = serverRestUrl.trim();
+        }
+        if (serverRestUrl != null && serverRestUrl.isEmpty()) {
+            serverRestUrl = null;
+        }
+        if (serverRestUrl != null && !serverRestUrl.endsWith("/")) {
+            serverRestUrl += "/";
+        }
+        return serverRestUrl;
+    }
+
+    public static Date getLastNotificationDate() {
+        if (instance.lastNotificationDate == null)
+            synchronized (ConfigProvider.class) {
+                if (instance.lastNotificationDate == null) {
+                    Config config = DatabaseHelper.getConfigDao().queryForId(LAST_NOTIFICATION_DATE);
+                    if (config != null) {
+                        instance.lastNotificationDate = new Date(Long.parseLong(config.getValue()));
+                    }
+
+                }
+            }
+        return instance.lastNotificationDate;
+    }
+
+    public static void setLastNotificationDate(Date lastNotificationDate) {
+        if (lastNotificationDate != null && lastNotificationDate.equals(instance.lastNotificationDate)) {
+            return;
+        }
+
+        instance.lastNotificationDate = lastNotificationDate;
+        saveConfigEntry(LAST_NOTIFICATION_DATE, lastNotificationDate != null ? String.valueOf(lastNotificationDate.getTime()) : null);
+    }
+
+    public static Date getLastObsoleteUuidsSyncDate() {
+        if (instance.lastObsoleteUuidsSyncDate == null) {
+            synchronized (ConfigProvider.class) {
+                if (instance.lastObsoleteUuidsSyncDate == null) {
+                    Config config = DatabaseHelper.getConfigDao().queryForId(LAST_OBSOLETE_UUIDS_SYNC_DATE);
+                    if (config != null) {
+                        instance.lastObsoleteUuidsSyncDate = new Date(Long.parseLong(config.getValue()));
+                    }
+
+                }
+            }
+        }
+
+        return instance.lastObsoleteUuidsSyncDate;
+    }
+
+    public static void setLastObsoleteUuidsSyncDate(Date lastObsoleteUuidsSyncDate) {
+        if (lastObsoleteUuidsSyncDate != null && lastObsoleteUuidsSyncDate.equals(instance.lastObsoleteUuidsSyncDate)) {
+            return;
+        }
+
+        instance.lastObsoleteUuidsSyncDate = lastObsoleteUuidsSyncDate;
+        saveConfigEntry(
+                LAST_OBSOLETE_UUIDS_SYNC_DATE,
+                lastObsoleteUuidsSyncDate != null ? String.valueOf(lastObsoleteUuidsSyncDate.getTime()) : null);
+    }
+
+    public static Long getCurrentAppDownloadId() {
+        if (instance.currentAppDownloadId == null) {
+            synchronized (ConfigProvider.class) {
+                if (instance.currentAppDownloadId == null) {
+                    Config config = DatabaseHelper.getConfigDao().queryForId(CURRENT_APP_DOWNLOAD_ID);
+                    if (config != null) {
+                        instance.currentAppDownloadId = DataHelper.tryParseLong(config.getValue());
+                    }
+                }
+            }
+        }
+        return instance.currentAppDownloadId;
+    }
+
+    public static void setCurrentAppDownloadId(Long currentAppDownloadId) {
+        if (currentAppDownloadId != null && currentAppDownloadId.equals(instance.currentAppDownloadId)) {
+            return;
+        }
+
+        instance.currentAppDownloadId = currentAppDownloadId;
+        saveConfigEntry(CURRENT_APP_DOWNLOAD_ID, currentAppDownloadId != null ? String.valueOf(currentAppDownloadId) : null);
+    }
+
+    public static Boolean isAccessGranted() {
+        if (instance.accessGranted == null) {
+            Config config = DatabaseHelper.getConfigDao().queryForId(KEY_ACCESS_GRANTED);
+            if (config != null) {
+                instance.accessGranted = Boolean.parseBoolean(config.getValue());
+            }
+        }
+        return instance.accessGranted;
+    }
+
+    public static void setAccessGranted(Boolean accessGranted) {
+        if (accessGranted == null) {
+            throw new NullPointerException("accessGranted");
+        }
+
+        if (accessGranted.equals(instance.accessGranted)) {
+            return;
+        }
+
+        instance.accessGranted = accessGranted;
+        DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_ACCESS_GRANTED, String.valueOf(accessGranted)));
+    }
+
+    /**
+     * When no locale is set Locale.getDefault is set.
+     * (Actually not relevant, because the locale is always updated to the server's, so this is just a fallback).
+     *
+     * @return Will never be null.
+     */
+    public static String getServerLocale() {
+        if (instance.serverLocale == null)
+            synchronized (ConfigProvider.class) {
+                if (instance.serverLocale == null) {
+                    Config config = DatabaseHelper.getConfigDao().queryForId(SERVER_LOCALE);
+                    if (config != null) {
+                        instance.serverLocale = config.getValue();
+                    }
+
+                    if (instance.serverLocale == null) {
+                        setServerLocale(Locale.getDefault().toString());
+                    }
+                }
+            }
+        return instance.serverLocale;
+    }
+
+    public static String getServerCountryCode() {
+        String locale = getServerLocale();
+        String normalizedLocale = normalizeLocaleString(locale);
+
+        if (normalizedLocale.contains("-")) {
+            return normalizedLocale.substring(normalizedLocale.lastIndexOf("-") + 1);
+        } else {
+            return normalizedLocale;
+        }
+    }
+
+    public static String getServerCountryName() {
+        if (instance.serverCountryName == null) {
+            synchronized (ConfigProvider.class) {
+                if (instance.serverCountryName == null) {
+                    Config config = DatabaseHelper.getConfigDao().queryForId(SERVER_COUNTRY_NAME);
+                    if (config != null) {
+                        instance.serverCountryName = config.getValue();
+                    }
+
+                    if (instance.serverCountryName == null) {
+                        setServerCountryName("");
+                    }
+                }
+            }
+        }
+        return instance.serverCountryName;
+    }
+
+    public static String normalizeLocaleString(String locale) {
+        locale = locale.trim();
+        int pos = Math.max(locale.indexOf('-'), locale.indexOf('_'));
+        if (pos < 0) {
+            locale = locale.toLowerCase();
+        } else {
+            locale = locale.substring(0, pos).toLowerCase(Locale.ENGLISH) + '-' + locale.substring(pos + 1).toUpperCase(Locale.ENGLISH);
+        }
+        return locale;
+    }
+
+    public static boolean isConfiguredServer(String countryCode) {
+        if (Pattern.matches(FULL_COUNTRY_LOCALE_PATTERN, getServerLocale())) {
+            return getServerLocale().toLowerCase().endsWith(countryCode.toLowerCase());
+        } else {
+            return getServerLocale().toLowerCase().startsWith(countryCode.toLowerCase());
+        }
+    }
+
+    /**
+     * Note: This will only take effect after the app has been restarted
+     */
+    public static void setServerLocale(String serverLocale) {
+        if (serverLocale != null && serverLocale.isEmpty()) {
+            serverLocale = null;
+        }
+
+        if (serverLocale == instance.serverLocale || (serverLocale != null && serverLocale.equals(instance.serverLocale)))
+            return;
+
+        instance.serverLocale = serverLocale;
+        saveConfigEntry(SERVER_LOCALE, serverLocale);
+    }
+
+    public static void setServerCountryName(String serverCountryName) {
+        if (serverCountryName != null && serverCountryName.isEmpty()) {
+            serverCountryName = null;
+        }
+
+        if (serverCountryName == instance.serverCountryName || (serverCountryName != null && serverCountryName.equals(instance.serverCountryName)))
+            return;
+
+        instance.serverCountryName = serverCountryName;
+        saveConfigEntry(SERVER_COUNTRY_NAME, serverCountryName);
+    }
+
+    public static boolean isRepullNeeded() {
+        if (instance.repullNeeded == null) {
+            Config config = DatabaseHelper.getConfigDao().queryForId(KEY_REPULL_NEEDED);
+            if (config != null) {
+                instance.repullNeeded = Boolean.parseBoolean(config.getValue());
+            }
+        }
+        return instance.repullNeeded != null && instance.repullNeeded;
+    }
+
+    public static void setRepullNeeded(boolean repullNeeded) {
+        if (instance.repullNeeded != null && instance.repullNeeded == repullNeeded) {
+            return;
+        }
+
+        instance.repullNeeded = repullNeeded;
+        DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_REPULL_NEEDED, String.valueOf(repullNeeded)));
+    }
+
+    public static boolean isInitialSyncRequired() {
+        if (instance.initialSyncRequired == null) {
+            Config config = DatabaseHelper.getConfigDao().queryForId(INITIAL_SYNC_REQUIRED);
+            if (config != null) {
+                instance.initialSyncRequired = Boolean.parseBoolean(config.getValue());
+            }
+        }
+        return instance.initialSyncRequired == null || instance.initialSyncRequired;
+    }
+
+    public static void setInitialSyncRequired(boolean initialSyncRequired) {
+        if (instance.initialSyncRequired != null && instance.initialSyncRequired == initialSyncRequired) {
+            return;
+        }
+
+        instance.initialSyncRequired = initialSyncRequired;
+        DatabaseHelper.getConfigDao().createOrUpdate(new Config(INITIAL_SYNC_REQUIRED, String.valueOf(initialSyncRequired)));
+    }
+
+    public static void resetLbdsSormasKeys() {
+        try {
+            KeyPair rsa = KeyPairGenerator.getInstance("RSA").genKeyPair();
+            instance.lbdsSormasPublicKey = rsa.getPublic();
+            PrivateKey lbdsSormasPrivateKey = rsa.getPrivate();
+
+            String aesKey = LbdsKeyHelper.generateAESKey();
+            instance.lbdsSormasPrivateKeyPKCS8 = LbdsKeyHelper.encryptAES(LbdsKeyHelper.getPKCS8FromPrivateKey(lbdsSormasPrivateKey), aesKey);
+
+            instance.lbdsSormasPrivateKeyAesSecret = instance.encodeCredential(aesKey, LBDS_KEYSTORE_ALIAS_SORMAS_PRIVATE_KEY_AES_SECRET);
+            DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_SORMAS_PRIVATE_KEY_AES_SECRET, instance.lbdsSormasPrivateKeyAesSecret));
+            DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_SORMAS_PRIVATE_KEY, instance.lbdsSormasPrivateKeyPKCS8));
+            DatabaseHelper.getConfigDao()
+                    .createOrUpdate(new Config(LBDS_SORMAS_PUBLIC_KEY, LbdsKeyHelper.getX509FromPublicKey(instance.lbdsSormasPublicKey)));
+        } catch (GeneralSecurityException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    private static String getLbdsSormasPrivateKeyAesSecret() {
+        if (instance.lbdsSormasPrivateKeyAesSecret == null) {
+            Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SORMAS_PRIVATE_KEY_AES_SECRET);
+            if (config != null) {
+                instance.lbdsSormasPrivateKeyAesSecret = config.getValue();
+            }
+        }
+        return instance.decodeCredential(instance.lbdsSormasPrivateKeyAesSecret, LBDS_KEYSTORE_ALIAS_SORMAS_PRIVATE_KEY_AES_SECRET);
+    }
+
+    public static PrivateKey getLbdsSormasPrivateKey() {
+        if (instance.lbdsSormasPrivateKeyPKCS8 == null) {
+            Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SORMAS_PRIVATE_KEY);
+            if (config != null) {
+                instance.lbdsSormasPrivateKeyPKCS8 = config.getValue();
+            } else {
+                resetLbdsSormasKeys();
+            }
+        }
+        try {
+            String aesKey = getLbdsSormasPrivateKeyAesSecret();
+            String lbdsSormasPrivateKeyPKCS8 = LbdsKeyHelper.decryptAES(instance.lbdsSormasPrivateKeyPKCS8, aesKey);
+            return LbdsKeyHelper.getPrivateKeyFromPKCS8(lbdsSormasPrivateKeyPKCS8);
+        } catch (GeneralSecurityException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    public static PublicKey getLbdsSormasPublicKey() {
+        if (instance.lbdsSormasPublicKey == null) {
+            Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SORMAS_PUBLIC_KEY);
+            if (config != null) {
+                try {
+                    instance.lbdsSormasPublicKey = LbdsKeyHelper.getPublicKeyFromX509(config.getValue());
+                } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
+                    throw new RuntimeException(e);
+                }
+            } else {
+                resetLbdsSormasKeys();
+            }
+        }
+        return instance.lbdsSormasPublicKey;
+    }
+
+    public static PublicKey getLbdsServicePublicKey() {
+        if (instance.lbdsServicePublicKey == null) {
+            Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SERVICE_PUBLIC_KEY);
+            if (config != null) {
+                try {
+                    instance.lbdsServicePublicKey = LbdsKeyHelper.getPublicKeyFromX509(config.getValue());
+                } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
+                    throw new RuntimeException(e);
+                }
+            }
+        }
+        return instance.lbdsServicePublicKey;
+    }
+
+    public static void setLbdsServicePublicKey(PublicKey lbdsServicePublicKey) {
+        instance.lbdsServicePublicKey = lbdsServicePublicKey;
+        DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_SERVICE_PUBLIC_KEY, LbdsKeyHelper.getX509FromPublicKey(lbdsServicePublicKey)));
+    }
+
+    public static String getLbdsAesSecret() {
+        if (instance.lbdsAesSecret == null) {
+            Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_AES_SECRET);
+            if (config != null) {
+                instance.lbdsAesSecret = config.getValue();
+            }
+        }
+        return instance.decodeCredential(instance.lbdsAesSecret, LBDS_KEYSTORE_ALIAS_AES_SECRET);
+    }
+
+    public static void setLbdsAesSecret(String lbdsAesSecret) {
+        if (lbdsAesSecret == null) {
+            throw new NullPointerException("lbdsAesSecret");
+        }
+
+        lbdsAesSecret = instance.encodeCredential(lbdsAesSecret, LBDS_KEYSTORE_ALIAS_AES_SECRET);
+
+        if (lbdsAesSecret.equals(instance.lbdsAesSecret)) {
+            return;
+        }
+
+        instance.lbdsAesSecret = lbdsAesSecret;
+
+        DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_AES_SECRET, lbdsAesSecret));
+    }
+
+    public static String getServerLbdsDebugUrl() {
+        if (instance.serverLbdsDebugUrl == null)
+            synchronized (ConfigProvider.class) {
+                if (instance.serverLbdsDebugUrl == null) {
+                    Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_DEBUG_URL);
+                    if (config != null) {
+                        instance.serverLbdsDebugUrl = config.getValue();
+
+                        // take care of old mal-formatted urls
+                        String properServerRestUrl = toProperRestUrl(instance.serverLbdsDebugUrl);
+                        if (!DataHelper.equal(instance.serverLbdsDebugUrl, properServerRestUrl)) {
+                            instance.serverLbdsDebugUrl = properServerRestUrl;
+                            saveConfigEntry(LBDS_DEBUG_URL, instance.serverLbdsDebugUrl);
+                        }
+                    }
+                }
+            }
+        return instance.serverLbdsDebugUrl;
+    }
+
+    public static void setServerLbdsDebugUrl(String serverRestUrl) {
+
+        serverRestUrl = toProperRestUrl(serverRestUrl);
+        String currentServerRestUrl = getServerRestUrl();
+
+        if (DataHelper.equal(serverRestUrl, currentServerRestUrl))
+            return;
+
+        boolean wasNull = currentServerRestUrl == null;
+
+        instance.serverLbdsDebugUrl = serverRestUrl;
+        saveConfigEntry(LBDS_DEBUG_URL, serverRestUrl);
+    }
 }
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
index e162df4482e..32a3cee117c 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
@@ -37,113 +37,114 @@
  */
 public class UserDtoHelper extends AdoDtoHelper<User, UserDto> {
 
-	private LocationDtoHelper locationHelper = new LocationDtoHelper();
-	private UserRoleDtoHelper userRoleDtoHelper = new UserRoleDtoHelper();
-
-	@Override
-	protected Class<User> getAdoClass() {
-		return User.class;
-	}
-
-	@Override
-	protected Class<UserDto> getDtoClass() {
-		throw new UnsupportedOperationException();
-	}
-
-	@Override
-	protected Call<List<UserDto>> pullAllSince(long since, Integer size, String lastSynchronizedUuid) throws NoConnectionException {
-		return RetroProvider.getUserFacade().pullAllSince(since);
-	}
-
-	@Override
-	protected Call<List<UserDto>> pullByUuids(List<String> uuids) throws NoConnectionException {
-		return RetroProvider.getUserFacade().pullByUuids(uuids);
-	}
-
-	@Override
-	protected Call<List<PostResponse>> pushAll(List<UserDto> userDtos) throws NoConnectionException {
-		throw new UnsupportedOperationException("Can't change users in app");
-	}
-
-	protected void preparePulledResult(List<UserDto> result) {
-		Collections.sort(result, new Comparator<UserDto>() {
-
-			@Override
-			public int compare(UserDto lhs, UserDto rhs) {
-				if (lhs.getAssociatedOfficer() == null && rhs.getAssociatedOfficer() != null) {
-					return -1;
-				} else if (lhs.getAssociatedOfficer() != null && rhs.getAssociatedOfficer() == null) {
-					return 1;
-				}
-				return 0;
-			}
-		});
-	}
-
-	@Override
-	protected long getApproximateJsonSizeInBytes() {
-		return 0;
-	}
-
-	@Override
-	protected void fillInnerFromDto(User target, UserDto source) {
-		target.setActive(source.isActive());
-		target.setUserName(source.getUserName());
-		target.setFirstName(source.getFirstName());
-		target.setLastName(source.getLastName());
-		target.setUserEmail(source.getUserEmail());
-
-		if (source.getUserRoles() != null && source.getUserRoles().size() > 0) {
-			Set<UserRole> userRoles = Optional.of(target).map(User::getUserRoles).orElseGet(HashSet::new);
-			target.setUserRoles(userRoles);
-			userRoles.clear();
-			source.getUserRoles()
-				.stream()
-				.map(userRoleReferenceDto -> DatabaseHelper.getUserRoleDao().getByReferenceDto(userRoleReferenceDto))
-				.forEach(userRoles::add);
-		}
-
-		target.setRegion(DatabaseHelper.getRegionDao().getByReferenceDto(source.getRegion()));
-		target.setDistrict(DatabaseHelper.getDistrictDao().getByReferenceDto(source.getDistrict()));
-		target.setCommunity(DatabaseHelper.getCommunityDao().getByReferenceDto(source.getCommunity()));
-		target.setHealthFacility(DatabaseHelper.getFacilityDao().getByReferenceDto(source.getHealthFacility()));
-		target.setPointOfEntry(DatabaseHelper.getPointOfEntryDao().getByReferenceDto(source.getPointOfEntry()));
-
-		target.setAssociatedOfficer(DatabaseHelper.getUserDao().getByReferenceDto(source.getAssociatedOfficer()));
-		target.setLimitedDiseases(source.getLimitedDiseases());
-
-		target.setAddress(locationHelper.fillOrCreateFromDto(target.getAddress(), source.getAddress()));
-		target.setPhone(source.getPhone());
-		target.setLanguage(source.getLanguage());
-
-		target.setJurisdictionLevel(source.getJurisdictionLevel());
-	}
-
-	@Override
-	protected void fillInnerFromAdo(UserDto userDto, User user) {
-		// TODO
-		throw new UnsupportedOperationException("Can't change users in app");
-	}
-
-	public static UserReferenceDto toReferenceDto(User ado) {
-		if (ado == null) {
-			return null;
-		}
-		UserReferenceDto dto = new UserReferenceDto(ado.getUuid());
-		return dto;
-	}
-	public static Call<String> saveNewPassword(String uuid,String newPassword,String currentPassword) throws NoConnectionException {
-		return RetroProvider.getUserFacade().saveNewPassword(uuid,newPassword,currentPassword);
-	}
-	public static Call<String> generatePassword() throws NoConnectionException {
-		return RetroProvider.getUserFacade().generatePassword();
-	}
-
-
-	public static boolean isRestrictedToAssignEntities(User user) {
-		if (user != null && !user.getUserRoles().isEmpty()) {
-			return user.getUserRoles().stream().allMatch(UserRole::isRestrictAccessToAssignedEntities);
-		}
-		return false;
-	}
+    private LocationDtoHelper locationHelper = new LocationDtoHelper();
+    private UserRoleDtoHelper userRoleDtoHelper = new UserRoleDtoHelper();
+
+    @Override
+    protected Class<User> getAdoClass() {
+        return User.class;
+    }
+
+    @Override
+    protected Class<UserDto> getDtoClass() {
+        throw new UnsupportedOperationException();
+    }
+
+    @Override
+    protected Call<List<UserDto>> pullAllSince(long since, Integer size, String lastSynchronizedUuid) throws NoConnectionException {
+        return RetroProvider.getUserFacade().pullAllSince(since);
+    }
+
+    @Override
+    protected Call<List<UserDto>> pullByUuids(List<String> uuids) throws NoConnectionException {
+        return RetroProvider.getUserFacade().pullByUuids(uuids);
+    }
+
+    @Override
+    protected Call<List<PostResponse>> pushAll(List<UserDto> userDtos) throws NoConnectionException {
+        throw new UnsupportedOperationException("Can't change users in app");
+    }
+
+    protected void preparePulledResult(List<UserDto> result) {
+        Collections.sort(result, new Comparator<UserDto>() {
+
+            @Override
+            public int compare(UserDto lhs, UserDto rhs) {
+                if (lhs.getAssociatedOfficer() == null && rhs.getAssociatedOfficer() != null) {
+                    return -1;
+                } else if (lhs.getAssociatedOfficer() != null && rhs.getAssociatedOfficer() == null) {
+                    return 1;
+                }
+                return 0;
+            }
+        });
+    }
+
+    @Override
+    protected long getApproximateJsonSizeInBytes() {
+        return 0;
+    }
+
+    @Override
+    protected void fillInnerFromDto(User target, UserDto source) {
+        target.setActive(source.isActive());
+        target.setUserName(source.getUserName());
+        target.setFirstName(source.getFirstName());
+        target.setLastName(source.getLastName());
+        target.setUserEmail(source.getUserEmail());
+
+        if (source.getUserRoles() != null && source.getUserRoles().size() > 0) {
+            Set<UserRole> userRoles = Optional.of(target).map(User::getUserRoles).orElseGet(HashSet::new);
+            target.setUserRoles(userRoles);
+            userRoles.clear();
+            source.getUserRoles()
+                    .stream()
+                    .map(userRoleReferenceDto -> DatabaseHelper.getUserRoleDao().getByReferenceDto(userRoleReferenceDto))
+                    .forEach(userRoles::add);
+        }
+
+        target.setRegion(DatabaseHelper.getRegionDao().getByReferenceDto(source.getRegion()));
+        target.setDistrict(DatabaseHelper.getDistrictDao().getByReferenceDto(source.getDistrict()));
+        target.setCommunity(DatabaseHelper.getCommunityDao().getByReferenceDto(source.getCommunity()));
+        target.setHealthFacility(DatabaseHelper.getFacilityDao().getByReferenceDto(source.getHealthFacility()));
+        target.setPointOfEntry(DatabaseHelper.getPointOfEntryDao().getByReferenceDto(source.getPointOfEntry()));
+
+        target.setAssociatedOfficer(DatabaseHelper.getUserDao().getByReferenceDto(source.getAssociatedOfficer()));
+        target.setLimitedDiseases(source.getLimitedDiseases());
+
+        target.setAddress(locationHelper.fillOrCreateFromDto(target.getAddress(), source.getAddress()));
+        target.setPhone(source.getPhone());
+        target.setLanguage(source.getLanguage());
+
+        target.setJurisdictionLevel(source.getJurisdictionLevel());
+    }
+
+    @Override
+    protected void fillInnerFromAdo(UserDto userDto, User user) {
+        // TODO
+        throw new UnsupportedOperationException("Can't change users in app");
+    }
+
+    public static UserReferenceDto toReferenceDto(User ado) {
+        if (ado == null) {
+            return null;
+        }
+        UserReferenceDto dto = new UserReferenceDto(ado.getUuid());
+        return dto;
+    }
+
+    public static Call<String> saveNewPassword(String uuid, String newPassword, String currentPassword) throws NoConnectionException {
+        return RetroProvider.getUserFacade().saveNewPassword(uuid, newPassword, currentPassword);
+    }
+
+    public static Call<String> generatePassword() throws NoConnectionException {
+        return RetroProvider.getUserFacade().generatePassword();
+    }
+
+    public static boolean isRestrictedToAssignEntities(User user) {
+        if (user != null && !user.getUserRoles().isEmpty()) {
+            return user.getUserRoles().stream().allMatch(UserRole::isRestrictAccessToAssignedEntities);
+        }
+        return false;
+    }
 }
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
index 42ca2834da9..7689911a37f 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
@@ -63,19 +63,6 @@ protected void inflateView(Context context, AttributeSet attrs, int defStyle) {
 			throw new RuntimeException("Unable to inflate layout in " + getClass().getName());
 		}
 	}
-	@Override
-	public void setHint(String hint) {
-		this.hint = hint;
-		input.setHint(hint);
-	}
-
-	@Override
-	protected String getFieldValue() {
-		if (input.getText() == null) {
-			return null;
-		}
-		return input.getText().toString();
-	}
 
 	@Override
 	protected void onFinishInflate() {
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index 81e50e720f1..e0eeb8b1802 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -1,20 +1,23 @@
 package de.symeda.sormas.app.login;
 
+
+import static de.symeda.sormas.app.backend.config.ConfigProvider.setNewPassword;
+
 import android.annotation.SuppressLint;
-import android.app.AlertDialog;
-import android.app.ProgressDialog;
 import android.content.Intent;
 import android.graphics.Color;
 import android.os.Build;
 import android.os.Bundle;
 import android.util.Log;
 import android.view.View;
+import android.widget.ProgressBar;
 import android.widget.Toast;
 
 import androidx.annotation.NonNull;
 import androidx.annotation.RequiresApi;
 import androidx.core.app.ActivityCompat;
 import androidx.databinding.DataBindingUtil;
+
 import de.symeda.sormas.api.utils.DataHelper;
 import de.symeda.sormas.app.BaseLocalizedActivity;
 import de.symeda.sormas.app.R;
@@ -36,40 +39,45 @@
 @SuppressLint("ResourceType")
 public class ChangePasswordActivity extends BaseLocalizedActivity implements ActivityCompat.OnRequestPermissionsResultCallback, NotificationContext {
 
+    public static final String TAG = ChangePasswordActivity.class.getSimpleName();
 
     private boolean isAtLeast8 = false, hasUppercase = false, hasNumber = false, hasSymbol = false, isGood = false;
 
     private ActivityChangePasswordLayoutBinding binding;
-    private AlertDialog dialog;
+    private ProgressBar preloader;
+    private View fragmentFrame;
 
     @RequiresApi(api = Build.VERSION_CODES.R)
     @Override
     protected void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
         setContentView(R.layout.activity_change_password_layout);
-        LoginViewModel loginViewModel = new LoginViewModel();
+
+        ChangePasswordViewModel changePasswordViewModel = new ChangePasswordViewModel();
+
         binding = DataBindingUtil.setContentView(this, R.layout.activity_change_password_layout);
-        binding.setData(loginViewModel);
+        binding.setData(changePasswordViewModel);
+
+        binding.changePasswordConfirmPassword.setLiveValidationDisabled(true);
+        binding.changePasswordCurrentPassword.setLiveValidationDisabled(true);
+        binding.changePasswordNewPassword.setLiveValidationDisabled(true);
+
+        preloader = findViewById(R.id.preloader);
+        fragmentFrame = findViewById(R.id.fragment_frame);
+
+        showPreloader();
 
-        AlertDialog.Builder builder = new AlertDialog.Builder(this);
-        builder.setCancelable(false);
-        builder.setView(R.layout.layout_loading_dialog);
-        dialog = builder.create();
     }
 
     @Override
     public void onPause() {
         super.onPause();
-
         SoftKeyboardHelper.hideKeyboard(this, binding.changePasswordCurrentPassword.getWindowToken());
     }
 
     @Override
     protected void onDestroy() {
-        if (dialog != null && dialog.isShowing()) {
-            dialog.dismiss();
-        }
-
+        hidePreloader();
         super.onDestroy();
     }
 
@@ -84,11 +92,6 @@ public void backToSettings(View view) {
         startActivity(intent);
     }
 
-
-
-
-
-
     @SuppressLint("ResourceType")
     public void registrationDataCheck(View view) {
         String newPassword = binding.changePasswordNewPassword.getValue();
@@ -102,11 +105,6 @@ public void registrationDataCheck(View view) {
             binding.actionPasswordStrength.setVisibility(view.getVisibility());
             binding.actionPasswordStrength.setText(R.string.message_password_strong);
             binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.successBackground)));
-        } else if (isAtLeast8 && hasUppercase && hasNumber) {
-            isGood = true;
-            binding.actionPasswordStrength.setVisibility(view.getVisibility());
-            binding.actionPasswordStrength.setText(R.string.message_password_moderate);
-            binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.brightYellow)));
         } else {
             binding.actionPasswordStrength.setVisibility(view.getVisibility());
             binding.actionPasswordStrength.setText(R.string.message_password_weak);
@@ -149,10 +147,6 @@ public View getRootView() {
         return null;
     }
 
-
-
-
-
     private void executeGeneratePasswordCall(Call<String> call) {
         try {
             call.enqueue(new Callback<>() {
@@ -164,7 +158,7 @@ public void onResponse(@NonNull Call<String> call, @NonNull Response<String> res
                     var generatedPassword = response.body();
                     binding.changePasswordNewPassword.setValue(generatedPassword);
                     binding.changePasswordConfirmPassword.setValue(generatedPassword);
-                    Toast.makeText(getApplicationContext(),"Password Generated",Toast.LENGTH_SHORT).show();
+                    Toast.makeText(getApplicationContext(), "Password Generated", Toast.LENGTH_SHORT).show();
                 }
 
                 @Override
@@ -172,29 +166,29 @@ public void onFailure(@NonNull Call<String> call, @NonNull Throwable t) {
                     NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_generate_password);
                 }
             });
-        }catch (Exception e){
+        } catch (Exception e) {
             NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_generate_password);
         }
     }
 
-    private void executeSaveNewPasswordCall(Call<String> call){
+    private void executeSaveNewPasswordCall(Call<String> call) {
         try {
-            dialog.show();
+            showPreloader();
 
             call.enqueue(new Callback<String>() {
                 @Override
                 public void onResponse(Call<String> call, Response<String> response) {
                     if (response.code() != 200) {
                         NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_save_password);
-                        dialog.dismiss();
-                    }else {
+                        hidePreloader();
+
+                    } else {
                         Toast.makeText(getApplicationContext(), "Password Saved", Toast.LENGTH_LONG).show();
                         NotificationHelper.showNotification(binding, NotificationType.SUCCESS, R.string.message_password_changed);
                         finish();
-                        dialog.dismiss();
+                        hidePreloader();
                     }
 
-
                 }
 
                 @Override
@@ -202,8 +196,8 @@ public void onFailure(Call<String> call, Throwable t) {
                     Toast.makeText(getApplicationContext(), "Could not connect to server", Toast.LENGTH_SHORT).show();
                 }
             });
-        }catch (Exception e){
-            Log.d("Call",call.toString());
+        } catch (Exception e) {
+            Log.d("Call", call.toString());
         }
 
     }
@@ -212,35 +206,96 @@ public void onFailure(Call<String> call, Throwable t) {
      * When clicked on submit
      **/
     public void savePassword(View view) {
+        // Disable error states
+        binding.changePasswordNewPassword.disableErrorState();
+        binding.changePasswordCurrentPassword.disableErrorState();
+        binding.changePasswordConfirmPassword.disableErrorState();
+
+        // Check if server URL is configured
         if (DataHelper.isNullOrEmpty(ConfigProvider.getServerRestUrl())) {
             NavigationHelper.goToSettings(this);
             return;
         }
+
+        // Retrieve password values
         String currentPassword = binding.changePasswordCurrentPassword.getValue();
         String newPassword = binding.changePasswordNewPassword.getValue();
         String confirmPassword = binding.changePasswordConfirmPassword.getValue();
-        registrationDataCheck(view);
-        if (!ConfigProvider.getPassword().equals(currentPassword)) {
-            binding.incorrectCurrentPassword.setVisibility(view.getVisibility());
-        } else if (!confirmPassword.equals(newPassword)) {
-            binding.incorrectConfirmPassword.setVisibility(view.getVisibility());
-        } else if (ConfigProvider.getPassword().equals(currentPassword) && confirmPassword.equals(newPassword) && isGood) {
+        String configPassword = ConfigProvider.getPassword();
+
+        // Validate input fields
+        boolean isValid = true;
+        if (currentPassword == null || currentPassword.trim().isEmpty()) {
+            binding.incorrectCurrentPassword.setVisibility(View.VISIBLE);
+            binding.incorrectCurrentPassword.setText("Current password cannot be empty.");
+            isValid = false;
+        }
+        if (newPassword == null || newPassword.trim().isEmpty()) {
+            binding.incorrectNewPassword.setVisibility(View.VISIBLE);
+            binding.incorrectNewPassword.setText("New password cannot be empty.");
+            isValid = false;
+        }
+        if (confirmPassword == null || confirmPassword.trim().isEmpty()) {
+            binding.incorrectConfirmPassword.setVisibility(View.VISIBLE);
+            binding.incorrectConfirmPassword.setText("Confirm password cannot be empty.");
+            isValid = false;
+        }
+        if (!configPassword.equals(currentPassword)) {
+            binding.incorrectCurrentPassword.setVisibility(View.VISIBLE);
+            binding.incorrectCurrentPassword.setText("Current password is incorrect.");
+            isValid = false;
+        }
+        if (!newPassword.equals(confirmPassword)) {
+            binding.incorrectConfirmPassword.setVisibility(View.VISIBLE);
+            binding.incorrectConfirmPassword.setText("Passwords do not match.");
+            isValid = false;
+        }
+
+        // If all validations pass, proceed with the password change
+        System.out.println("isValid: " + isValid);
+        System.out.println("isGood: " + isGood);
+        System.out.println("currentPassword: " + currentPassword);
+        System.out.println("newPassword: " + newPassword);
+        System.out.println("confirmPassword: " + confirmPassword);
+        System.out.println("configPassword: " + configPassword);
+        // Call registrationDataCheck if necessary
+        if (isValid) {
+            registrationDataCheck(view);
+        }
+        
+        if (isValid && isGood) {
             RetroProvider.connectAsyncHandled(this, true, true, result -> {
                 if (Boolean.TRUE.equals(result)) {
                     try {
-
-                        executeSaveNewPasswordCall(UserDtoHelper.saveNewPassword(ConfigProvider.getUser().getUuid(), newPassword,currentPassword));
+                        executeSaveNewPasswordCall(UserDtoHelper.saveNewPassword(ConfigProvider.getUser().getUuid(), newPassword, currentPassword));
+                        // Cache the new password
+                        setNewPassword(newPassword);
                     } catch (Exception e) {
-                        binding.actionPasswordStrength.setVisibility(view.getVisibility());
+                        binding.actionPasswordStrength.setVisibility(View.VISIBLE);
                         binding.actionPasswordStrength.setText(e.toString());
                         binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.brightYellow)));
                     }
                     RetroProvider.disconnect();
-
                 }
             });
         }
+    }
 
+    public void showPreloader() {
+        if (fragmentFrame != null) {
+            fragmentFrame.setVisibility(View.GONE);
+        }
+        if (preloader != null) {
+            preloader.setVisibility(View.VISIBLE);
+        }
+    }
 
+    public void hidePreloader() {
+        if (preloader != null) {
+            preloader.setVisibility(View.GONE);
+        }
+        if (fragmentFrame != null) {
+            fragmentFrame.setVisibility(View.VISIBLE);
+        }
     }
 }
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordViewModel.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordViewModel.java
new file mode 100644
index 00000000000..103f80c0004
--- /dev/null
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordViewModel.java
@@ -0,0 +1,49 @@
+/*
+ * SORMAS® - Surveillance Outbreak Response Management & Analysis System
+ * Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+package de.symeda.sormas.app.login;
+
+import androidx.databinding.BaseObservable;
+
+public class ChangePasswordViewModel extends BaseObservable {
+
+    private String currentPassword;
+    private String newPassword;
+    private String confirmPassword;
+
+    public String getCurrentPassword() {
+        return currentPassword;
+    }
+
+    public void setCurrentPassword(String currentPassword) {
+        this.currentPassword = currentPassword;
+    }
+
+    public String getNewPassword() {
+        return newPassword;
+    }
+
+    public void setNewPassword(String newPassword) {
+        this.newPassword = newPassword;
+    }
+
+    public String getConfirmPassword() {
+        return confirmPassword;
+    }
+
+    public void setConfirmPassword(String confirmPassword) {
+        this.confirmPassword = confirmPassword;
+    }
+}
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java
index 143aa233c43..70c790c3052 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java
@@ -23,26 +23,24 @@
 import retrofit2.http.GET;
 import retrofit2.http.POST;
 import retrofit2.http.Path;
-import retrofit2.http.Query;
 
 /**
  * Created by Martin Wahnschaffe on 07.06.2016.
  */
 public interface UserFacadeRetro {
 
-	@GET("users/all/{since}")
-	Call<List<UserDto>> pullAllSince(@Path("since") long since);
+    @GET("users/all/{since}")
+    Call<List<UserDto>> pullAllSince(@Path("since") long since);
 
-	@POST("users/query")
-	Call<List<UserDto>> pullByUuids(@Body List<String> uuids);
+    @POST("users/query")
+    Call<List<UserDto>> pullByUuids(@Body List<String> uuids);
 
-	@GET("users/uuids")
-	Call<List<String>> pullUuids();
+    @GET("users/uuids")
+    Call<List<String>> pullUuids();
 
+    @POST("users/saveNewPassword/{uuid}/{newPassword}/{currentPassword}")
+    Call<String> saveNewPassword(@Path("uuid") String uuid, @Path("newPassword") String newPassword, @Path("currentPassword") String currentPassword);
 
-	@POST("users/passwordStrength")
-	Call<String> saveNewPassword(@Query("uuid") String uuid,@Query("newPassword") String newPassword, @Query("currentPassword") String currentPassword);
-
-	@GET("users/generatePassword")
-	Call<String> generatePassword();
+    @GET("users/generatePassword")
+    Call<String> generatePassword();
 }
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
index c2e6a8a3286..c2a18a0f0fc 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
@@ -70,267 +70,266 @@
  */
 public class SettingsFragment extends BaseLandingFragment {
 
-	private final int SHOW_DEV_OPTIONS_CLICK_LIMIT = 5;
-
-	private FragmentSettingsLayoutBinding binding;
-	private int versionClickedCount;
-
-	protected boolean isShowDevOptions() {
-		return versionClickedCount >= SHOW_DEV_OPTIONS_CLICK_LIMIT;
-	}
-
-	protected boolean hasServerUrl() {
-		return ConfigProvider.getServerRestUrl() != null;
-	}
-
-	@Override
-	public View onCreateView(LayoutInflater inflater, @Nullable ViewGroup container, @Nullable Bundle savedInstanceState) {
-		super.onCreateView(inflater, container, savedInstanceState);
-		binding = (FragmentSettingsLayoutBinding) rootBinding;
-
-		binding.settingsServerUrl.setValue(ConfigProvider.getServerRestUrl());
-		binding.changePin.setOnClickListener(v -> changePIN());
-		binding.changePassword.setOnClickListener(v -> changePassword());
-		binding.resynchronizeData.setOnClickListener(v -> repullData());
-		binding.showSyncLog.setOnClickListener(v -> openSyncLog());
-		binding.logout.setOnClickListener(v -> logout());
-		binding.kexLbds.setOnClickListener(v -> kexLbds());
-		binding.syncPersonLbds.setOnClickListener(v -> LbdsIntentSender.sendNewCasePersonsLbds(getContext()));
-		binding.syncCaseLbds.setOnClickListener(v -> LbdsIntentSender.sendNewCasesLbds(getContext()));
-		binding.settingsLbdsDebugUrl.setValue(ConfigProvider.getServerLbdsDebugUrl());
-
-		binding.sormasVersion.setText("SORMAS " + InfoProvider.get().getVersion());
-		binding.sormasVersion.setOnClickListener(v -> {
-			versionClickedCount++;
-			if (isShowDevOptions()) {
-				binding.settingsServerUrl.setVisibility(View.VISIBLE);
-				if (isLbdsAppInstalled()) {
-					binding.kexLbds.setVisibility(View.VISIBLE);
-					binding.syncPersonLbds.setVisibility(View.VISIBLE);
-					binding.syncCaseLbds.setVisibility(View.VISIBLE);
-					binding.settingsLbdsDebugUrl.setVisibility(View.VISIBLE);
-				}
-				if (ConfigProvider.getUser() != null) {
-					binding.logout.setVisibility(View.VISIBLE);
-				}
-				getBaseLandingActivity().getSaveMenu().setVisible(true);
-			}
-		});
-
-		binding.setData(ConfigProvider.getUser());
-		Language initialLanguage = binding.getData() != null ? I18nProperties.getUserLanguage() : LocaleManager.getLanguagePref(getContext());
-		ValueChangeListener languageValueChangeListener = e -> {
-			Language currentLanguage = LocaleManager.getLanguagePref(getContext());
-			if (e.getValue() == null) {
-				// This happens e.g. when the user is not logged in
-				e.setValue(LocaleManager.getLanguagePref(getContext()));
-			}
-			Language newLanguage = (Language) e.getValue();
-			if (!LocaleManager.getLanguagePref(getContext()).equals(e.getValue())) {
-				try {
-					User user = ConfigProvider.getUser() != null ? DatabaseHelper.getUserDao().queryUuid(ConfigProvider.getUser().getUuid()) : null;
-					if (user != null) {
-						DatabaseHelper.getUserDao().saveAndSnapshot(user);
-					}
-					if (newLanguage != null) {
-						((SettingsActivity) getActivity()).setNewLocale((AppCompatActivity) getActivity(), newLanguage);
-					}
-				} catch (DaoException ex) {
-					NotificationHelper
-						.showNotification((SettingsActivity) getActivity(), ERROR, getString(R.string.message_language_change_unsuccessful));
-				}
-			}
-		};
-		binding.userLanguage.initializeSpinner(DataUtils.getEnumItems(Language.class, false), initialLanguage, languageValueChangeListener);
-
-		return binding.getRoot();
-	}
-
-	@Override
-	public int getRootLandingLayout() {
-		return R.layout.fragment_settings_layout;
-	}
-
-	@Override
-	public void onResume() {
-		super.onResume();
-
-		boolean hasUser = ConfigProvider.getUser() != null;
-		binding.settingsServerUrlInfo.setVisibility(!hasServerUrl() ? View.VISIBLE : View.GONE);
-		binding.settingsServerUrl.setVisibility(!hasServerUrl() || isShowDevOptions() ? View.VISIBLE : View.GONE);
-		binding.changePin.setVisibility(hasUser ? View.VISIBLE : View.GONE);
-		binding.changePassword.setVisibility(hasUser ? View.VISIBLE : View.GONE);
-		binding.resynchronizeData.setVisibility(hasUser ? View.VISIBLE : View.GONE);
-		binding.showSyncLog.setVisibility(hasUser ? View.VISIBLE : View.GONE);
-		binding.logout.setVisibility(hasUser && isShowDevOptions() ? View.VISIBLE : View.GONE);
-		boolean showLbdsFeatures = isLbdsAppInstalled() && hasUser && isShowDevOptions();
-		binding.kexLbds.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
-		binding.syncPersonLbds.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
-		binding.syncCaseLbds.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
-		binding.settingsLbdsDebugUrl.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
-	}
-
-	@Override
-	public void onPause() {
-		super.onPause();
-
-		SoftKeyboardHelper.hideKeyboard(getActivity(), this);
-	}
-
-	public String getServerUrl() {
-		return binding.settingsServerUrl.getValue();
-	}
-
-	public void changePIN() {
-		Intent intent = new Intent(getActivity(), EnterPinActivity.class);
-		intent.putExtra(EnterPinActivity.CALLED_FROM_SETTINGS, true);
-		startActivity(intent);
-	}
-	public void changePassword() {
-		Intent intent = new Intent(getActivity(), ChangePasswordActivity.class);
-		startActivity(intent);
-	}
-
-
-
-	private void repullData() {
-		checkAndShowUnsynchronizedChangesDialog(() -> showRepullDataConfirmationDialog(), "SYNC");
-	}
-
-	private void checkAndShowUnsynchronizedChangesDialog(Callback confirmedCallback, String wordToType) {
-		if (SynchronizeDataAsync.hasAnyUnsynchronizedData()) {
-			final ConfirmationInputDialog unsynchronizedChangesDialog = new ConfirmationInputDialog(
-				getActivity(),
-				R.string.heading_unsynchronized_changes,
-				R.string.message_unsynchronized_changes_confirmation,
-				wordToType);
-
-			unsynchronizedChangesDialog.setPositiveCallback(confirmedCallback::call);
-
-			unsynchronizedChangesDialog.show();
-		} else {
-			confirmedCallback.call();
-		}
-	}
-
-	private void showRepullDataConfirmationDialog() {
-		final ConfirmationDialog confirmationDialog =
-			new ConfirmationDialog(getActivity(), R.string.heading_confirmation_dialog, R.string.info_resync_duration);
-
-		confirmationDialog.setPositiveCallback(() -> {
-			// Collect unsynchronized changes
-			final List<Case> modifiedCases = DatabaseHelper.getCaseDao().getModifiedEntities();
-			final List<Contact> modifiedContacts = DatabaseHelper.getContactDao().getModifiedEntities();
-			final List<Person> modifiedPersons = DatabaseHelper.getPersonDao().getModifiedEntities();
-			final List<Event> modifiedEvents = DatabaseHelper.getEventDao().getModifiedEntities();
-			final List<EventParticipant> modifiedEventParticipants = DatabaseHelper.getEventParticipantDao().getModifiedEntities();
-			final List<Sample> modifiedSamples = DatabaseHelper.getSampleDao().getModifiedEntities();
-			final List<Visit> modifiedVisits = DatabaseHelper.getVisitDao().getModifiedEntities();
-
-			getBaseActivity().synchronizeData(SynchronizeDataAsync.SyncMode.CompleteAndRepull, true, true, null, new Callback() {
-
-				@Override
-				public void call() {
-					// Add deleted entities that had unsynchronized changes to sync log
-					for (Case caze : modifiedCases) {
-						if (DatabaseHelper.getCaseDao().queryUuidReference(caze.getUuid()) == null) {
-							DatabaseHelper.getSyncLogDao()
-								.createWithParentStack(caze.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
-						}
-					}
-					for (Contact contact : modifiedContacts) {
-						if (DatabaseHelper.getContactDao().queryUuidReference(contact.getUuid()) == null) {
-							DatabaseHelper.getSyncLogDao()
-								.createWithParentStack(contact.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
-						}
-					}
-					for (Person person : modifiedPersons) {
-						if (DatabaseHelper.getPersonDao().queryUuidReference(person.getUuid()) == null) {
-							DatabaseHelper.getSyncLogDao()
-								.createWithParentStack(person.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
-						}
-					}
-					for (Event event : modifiedEvents) {
-						if (DatabaseHelper.getEventDao().queryUuidReference(event.getUuid()) == null) {
-							DatabaseHelper.getSyncLogDao()
-								.createWithParentStack(event.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
-						}
-					}
-					for (EventParticipant eventParticipant : modifiedEventParticipants) {
-						if (DatabaseHelper.getEventParticipantDao().queryUuidReference(eventParticipant.getUuid()) == null) {
-							DatabaseHelper.getSyncLogDao()
-								.createWithParentStack(eventParticipant.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
-						}
-					}
-					for (Sample sample : modifiedSamples) {
-						if (DatabaseHelper.getSampleDao().queryUuidReference(sample.getUuid()) == null) {
-							DatabaseHelper.getSyncLogDao()
-								.createWithParentStack(sample.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
-						}
-					}
-					for (Visit visit : modifiedVisits) {
-						if (DatabaseHelper.getVisitDao().queryUuidReference(visit.getUuid()) == null) {
-							DatabaseHelper.getSyncLogDao()
-								.createWithParentStack(visit.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
-						}
-					}
-				}
-			}, new Callback() {
-
-				@Override
-				public void call() {
-					DatabaseHelper.clearTables(false);
-				}
-			});
-		});
-
-		confirmationDialog.show();
-	}
-
-	public void openSyncLog() {
-		SyncLogDialog syncLogDialog = new SyncLogDialog(this.getActivity());
-		syncLogDialog.show();
-	}
-
-	public void logout() {
-		checkAndShowUnsynchronizedChangesDialog(() -> {
-			ConfigProvider.clearUserLogin();
-			ConfigProvider.clearPin();
-			Intent intent = new Intent(getActivity(), LoginActivity.class);
-			startActivity(intent);
-		}, "LOGOUT");
-	}
-
-	public void kexLbds() {
-		LbdsIntentSender.sendKexLbdsIntent(getContext());
-	}
-
-	private boolean isLbdsAppInstalled() {
-		PackageManager packageManager = getContext().getPackageManager();
-		try {
-			packageManager.getPackageInfo(LbdsRelated.LBDS_SERVICE_APP_PCKG, 0);
-			return true;
-		} catch (PackageManager.NameNotFoundException e) {
-			return false;
-		}
-	}
-
-	public String getLbdsDebugUrl() {
-		return (isLbdsAppInstalled() && isShowDevOptions()) ? binding.settingsLbdsDebugUrl.getValue() : null;
-	}
-
-	@Override
-	public EnumMapDataBinderAdapter createLandingAdapter() {
-		return null;
-	}
-
-	@Override
-	public RecyclerView.LayoutManager createLayoutManager() {
-		return null;
-	}
-
-	@Override
-	public boolean isShowSaveAction() {
-		return !hasServerUrl() || isShowDevOptions();
-	}
+    private final int SHOW_DEV_OPTIONS_CLICK_LIMIT = 5;
+
+    private FragmentSettingsLayoutBinding binding;
+    private int versionClickedCount;
+
+    protected boolean isShowDevOptions() {
+        return versionClickedCount >= SHOW_DEV_OPTIONS_CLICK_LIMIT;
+    }
+
+    protected boolean hasServerUrl() {
+        return ConfigProvider.getServerRestUrl() != null;
+    }
+
+    @Override
+    public View onCreateView(LayoutInflater inflater, @Nullable ViewGroup container, @Nullable Bundle savedInstanceState) {
+        super.onCreateView(inflater, container, savedInstanceState);
+        binding = (FragmentSettingsLayoutBinding) rootBinding;
+
+        binding.settingsServerUrl.setValue(ConfigProvider.getServerRestUrl());
+        binding.changePin.setOnClickListener(v -> changePIN());
+        binding.changePassword.setOnClickListener(v -> changePassword());
+        binding.resynchronizeData.setOnClickListener(v -> repullData());
+        binding.showSyncLog.setOnClickListener(v -> openSyncLog());
+        binding.logout.setOnClickListener(v -> logout());
+        binding.kexLbds.setOnClickListener(v -> kexLbds());
+        binding.syncPersonLbds.setOnClickListener(v -> LbdsIntentSender.sendNewCasePersonsLbds(getContext()));
+        binding.syncCaseLbds.setOnClickListener(v -> LbdsIntentSender.sendNewCasesLbds(getContext()));
+        binding.settingsLbdsDebugUrl.setValue(ConfigProvider.getServerLbdsDebugUrl());
+
+        binding.sormasVersion.setText("SORMAS " + InfoProvider.get().getVersion());
+        binding.sormasVersion.setOnClickListener(v -> {
+            versionClickedCount++;
+            if (isShowDevOptions()) {
+                binding.settingsServerUrl.setVisibility(View.VISIBLE);
+                if (isLbdsAppInstalled()) {
+                    binding.kexLbds.setVisibility(View.VISIBLE);
+                    binding.syncPersonLbds.setVisibility(View.VISIBLE);
+                    binding.syncCaseLbds.setVisibility(View.VISIBLE);
+                    binding.settingsLbdsDebugUrl.setVisibility(View.VISIBLE);
+                }
+                if (ConfigProvider.getUser() != null) {
+                    binding.logout.setVisibility(View.VISIBLE);
+                }
+                getBaseLandingActivity().getSaveMenu().setVisible(true);
+            }
+        });
+
+        binding.setData(ConfigProvider.getUser());
+        Language initialLanguage = binding.getData() != null ? I18nProperties.getUserLanguage() : LocaleManager.getLanguagePref(getContext());
+        ValueChangeListener languageValueChangeListener = e -> {
+            Language currentLanguage = LocaleManager.getLanguagePref(getContext());
+            if (e.getValue() == null) {
+                // This happens e.g. when the user is not logged in
+                e.setValue(LocaleManager.getLanguagePref(getContext()));
+            }
+            Language newLanguage = (Language) e.getValue();
+            if (!LocaleManager.getLanguagePref(getContext()).equals(e.getValue())) {
+                try {
+                    User user = ConfigProvider.getUser() != null ? DatabaseHelper.getUserDao().queryUuid(ConfigProvider.getUser().getUuid()) : null;
+                    if (user != null) {
+                        DatabaseHelper.getUserDao().saveAndSnapshot(user);
+                    }
+                    if (newLanguage != null) {
+                        ((SettingsActivity) getActivity()).setNewLocale((AppCompatActivity) getActivity(), newLanguage);
+                    }
+                } catch (DaoException ex) {
+                    NotificationHelper
+                            .showNotification((SettingsActivity) getActivity(), ERROR, getString(R.string.message_language_change_unsuccessful));
+                }
+            }
+        };
+        binding.userLanguage.initializeSpinner(DataUtils.getEnumItems(Language.class, false), initialLanguage, languageValueChangeListener);
+
+        return binding.getRoot();
+    }
+
+    @Override
+    public int getRootLandingLayout() {
+        return R.layout.fragment_settings_layout;
+    }
+
+    @Override
+    public void onResume() {
+        super.onResume();
+
+        boolean hasUser = ConfigProvider.getUser() != null;
+        binding.settingsServerUrlInfo.setVisibility(!hasServerUrl() ? View.VISIBLE : View.GONE);
+        binding.settingsServerUrl.setVisibility(!hasServerUrl() || isShowDevOptions() ? View.VISIBLE : View.GONE);
+        binding.changePin.setVisibility(hasUser ? View.VISIBLE : View.GONE);
+        binding.changePassword.setVisibility(hasUser ? View.VISIBLE : View.GONE);
+        binding.resynchronizeData.setVisibility(hasUser ? View.VISIBLE : View.GONE);
+        binding.showSyncLog.setVisibility(hasUser ? View.VISIBLE : View.GONE);
+        binding.logout.setVisibility(hasUser && isShowDevOptions() ? View.VISIBLE : View.GONE);
+        boolean showLbdsFeatures = isLbdsAppInstalled() && hasUser && isShowDevOptions();
+        binding.kexLbds.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
+        binding.syncPersonLbds.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
+        binding.syncCaseLbds.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
+        binding.settingsLbdsDebugUrl.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
+    }
+
+    @Override
+    public void onPause() {
+        super.onPause();
+
+        SoftKeyboardHelper.hideKeyboard(getActivity(), this);
+    }
+
+    public String getServerUrl() {
+        return binding.settingsServerUrl.getValue();
+    }
+
+    public void changePIN() {
+        Intent intent = new Intent(getActivity(), EnterPinActivity.class);
+        intent.putExtra(EnterPinActivity.CALLED_FROM_SETTINGS, true);
+        startActivity(intent);
+    }
+
+    public void changePassword() {
+        Intent intent = new Intent(getActivity(), ChangePasswordActivity.class);
+        startActivity(intent);
+    }
+
+    private void repullData() {
+        checkAndShowUnsynchronizedChangesDialog(() -> showRepullDataConfirmationDialog(), "SYNC");
+    }
+
+    private void checkAndShowUnsynchronizedChangesDialog(Callback confirmedCallback, String wordToType) {
+        if (SynchronizeDataAsync.hasAnyUnsynchronizedData()) {
+            final ConfirmationInputDialog unsynchronizedChangesDialog = new ConfirmationInputDialog(
+                    getActivity(),
+                    R.string.heading_unsynchronized_changes,
+                    R.string.message_unsynchronized_changes_confirmation,
+                    wordToType);
+
+            unsynchronizedChangesDialog.setPositiveCallback(confirmedCallback::call);
+
+            unsynchronizedChangesDialog.show();
+        } else {
+            confirmedCallback.call();
+        }
+    }
+
+    private void showRepullDataConfirmationDialog() {
+        final ConfirmationDialog confirmationDialog =
+                new ConfirmationDialog(getActivity(), R.string.heading_confirmation_dialog, R.string.info_resync_duration);
+
+        confirmationDialog.setPositiveCallback(() -> {
+            // Collect unsynchronized changes
+            final List<Case> modifiedCases = DatabaseHelper.getCaseDao().getModifiedEntities();
+            final List<Contact> modifiedContacts = DatabaseHelper.getContactDao().getModifiedEntities();
+            final List<Person> modifiedPersons = DatabaseHelper.getPersonDao().getModifiedEntities();
+            final List<Event> modifiedEvents = DatabaseHelper.getEventDao().getModifiedEntities();
+            final List<EventParticipant> modifiedEventParticipants = DatabaseHelper.getEventParticipantDao().getModifiedEntities();
+            final List<Sample> modifiedSamples = DatabaseHelper.getSampleDao().getModifiedEntities();
+            final List<Visit> modifiedVisits = DatabaseHelper.getVisitDao().getModifiedEntities();
+
+            getBaseActivity().synchronizeData(SynchronizeDataAsync.SyncMode.CompleteAndRepull, true, true, null, new Callback() {
+
+                @Override
+                public void call() {
+                    // Add deleted entities that had unsynchronized changes to sync log
+                    for (Case caze : modifiedCases) {
+                        if (DatabaseHelper.getCaseDao().queryUuidReference(caze.getUuid()) == null) {
+                            DatabaseHelper.getSyncLogDao()
+                                    .createWithParentStack(caze.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
+                        }
+                    }
+                    for (Contact contact : modifiedContacts) {
+                        if (DatabaseHelper.getContactDao().queryUuidReference(contact.getUuid()) == null) {
+                            DatabaseHelper.getSyncLogDao()
+                                    .createWithParentStack(contact.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
+                        }
+                    }
+                    for (Person person : modifiedPersons) {
+                        if (DatabaseHelper.getPersonDao().queryUuidReference(person.getUuid()) == null) {
+                            DatabaseHelper.getSyncLogDao()
+                                    .createWithParentStack(person.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
+                        }
+                    }
+                    for (Event event : modifiedEvents) {
+                        if (DatabaseHelper.getEventDao().queryUuidReference(event.getUuid()) == null) {
+                            DatabaseHelper.getSyncLogDao()
+                                    .createWithParentStack(event.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
+                        }
+                    }
+                    for (EventParticipant eventParticipant : modifiedEventParticipants) {
+                        if (DatabaseHelper.getEventParticipantDao().queryUuidReference(eventParticipant.getUuid()) == null) {
+                            DatabaseHelper.getSyncLogDao()
+                                    .createWithParentStack(eventParticipant.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
+                        }
+                    }
+                    for (Sample sample : modifiedSamples) {
+                        if (DatabaseHelper.getSampleDao().queryUuidReference(sample.getUuid()) == null) {
+                            DatabaseHelper.getSyncLogDao()
+                                    .createWithParentStack(sample.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
+                        }
+                    }
+                    for (Visit visit : modifiedVisits) {
+                        if (DatabaseHelper.getVisitDao().queryUuidReference(visit.getUuid()) == null) {
+                            DatabaseHelper.getSyncLogDao()
+                                    .createWithParentStack(visit.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
+                        }
+                    }
+                }
+            }, new Callback() {
+
+                @Override
+                public void call() {
+                    DatabaseHelper.clearTables(false);
+                }
+            });
+        });
+
+        confirmationDialog.show();
+    }
+
+    public void openSyncLog() {
+        SyncLogDialog syncLogDialog = new SyncLogDialog(this.getActivity());
+        syncLogDialog.show();
+    }
+
+    public void logout() {
+        checkAndShowUnsynchronizedChangesDialog(() -> {
+            ConfigProvider.clearUserLogin();
+            ConfigProvider.clearPin();
+            Intent intent = new Intent(getActivity(), LoginActivity.class);
+            startActivity(intent);
+        }, "LOGOUT");
+    }
+
+    public void kexLbds() {
+        LbdsIntentSender.sendKexLbdsIntent(getContext());
+    }
+
+    private boolean isLbdsAppInstalled() {
+        PackageManager packageManager = getContext().getPackageManager();
+        try {
+            packageManager.getPackageInfo(LbdsRelated.LBDS_SERVICE_APP_PCKG, 0);
+            return true;
+        } catch (PackageManager.NameNotFoundException e) {
+            return false;
+        }
+    }
+
+    public String getLbdsDebugUrl() {
+        return (isLbdsAppInstalled() && isShowDevOptions()) ? binding.settingsLbdsDebugUrl.getValue() : null;
+    }
+
+    @Override
+    public EnumMapDataBinderAdapter createLandingAdapter() {
+        return null;
+    }
+
+    @Override
+    public RecyclerView.LayoutManager createLayoutManager() {
+        return null;
+    }
+
+    @Override
+    public boolean isShowSaveAction() {
+        return !hasServerUrl() || isShowDevOptions();
+    }
 }
diff --git a/sormas-app/app/src/main/res/layout/activity_change_password_layout.xml b/sormas-app/app/src/main/res/layout/activity_change_password_layout.xml
index 884ee4c832b..fb3084fdc6b 100644
--- a/sormas-app/app/src/main/res/layout/activity_change_password_layout.xml
+++ b/sormas-app/app/src/main/res/layout/activity_change_password_layout.xml
@@ -1,5 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!--
+<?xml version="1.0" encoding="utf-8"?><!--
   ~ SORMAS® - Surveillance Outbreak Response Management & Analysis System
   ~ Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
   ~
@@ -17,14 +16,18 @@
   ~ along with this program.  If not, see <https://www.gnu.org/licenses/>.
   -->
 
-<layout
-    xmlns:android="http://schemas.android.com/apk/res/android"
+<layout xmlns:android="http://schemas.android.com/apk/res/android"
     xmlns:app="http://schemas.android.com/apk/res-auto"
     android:descendantFocusability="beforeDescendants"
     android:id="@+id/base_layout">
 
     <data>
-        <variable name="data" type="de.symeda.sormas.app.login.LoginViewModel" />
+
+        <variable
+            name="data"
+            type="de.symeda.sormas.app.login.ChangePasswordViewModel" />
+
+        <import type="de.symeda.sormas.app.component.controls.ControlButtonType" />
     </data>
 
     <ScrollView
@@ -36,27 +39,29 @@
             android:layout_height="wrap_content">
 
             <LinearLayout
-                android:id="@+id/changePasswordLayout"
-                android:layout_height="match_parent"
                 android:layout_width="match_parent"
+                android:layout_height="wrap_content"
+                android:orientation="vertical"
                 android:layout_gravity="center_vertical"
                 android:gravity="center_horizontal"
                 android:paddingLeft="@dimen/parentLayoutHorizontalPadding"
                 android:paddingRight="@dimen/parentLayoutHorizontalPadding"
                 android:focusable="true"
-                android:focusableInTouchMode="true"
-                android:layout_margin="56dp"
-                android:orientation="vertical">
+                android:focusableInTouchMode="true">
+
                 <TextView
+                    android:layout_marginTop="32dp"
                     android:id="@+id/changePasswordHeader"
                     android:layout_width="match_parent"
                     android:layout_height="wrap_content"
                     android:gravity="center"
                     android:text="@string/heading_change_password"
-                    style="@style/LoginSignInText"/>
+                    style="@style/LoginSignInText" />
+
                 <TextView
                     android:id="@+id/signInSubHeader"
                     android:layout_width="match_parent"
+                    android:gravity="center"
                     android:layout_height="wrap_content"
                     android:text="@string/info_change_password"
                     style="@style/LoginSignInTagLineText" />
@@ -67,30 +72,44 @@
                     app:caption="@string/caption_enter_current_password"
                     app:description="@string/caption_enter_current_password"
                     app:required="true"
-                    android:layout_marginBottom="-10dp"
+                    android:layout_marginTop="32dp"
                     app:hint="@string/hint_enter_current_password"
-                    app:labelCaption="@string/caption_enter_current_password" />
+                    app:labelCaption="@string/caption_enter_current_password"
+                    app:value="@={data.currentPassword}"
+
+                    />
                 <!---for error-->
                 <TextView
-                android:id="@+id/incorrect_current_password"
-                android:layout_width="match_parent"
-                android:layout_height="wrap_content"
-                android:visibility="gone"
-                android:layout_marginBottom="10dp"
-                android:text="@string/message_incorrect_password"
-                android:textColor="@color/errorBackground"
-                    />
+                    android:id="@+id/incorrect_current_password"
+                    android:layout_width="match_parent"
+                    android:layout_height="wrap_content"
+                    android:visibility="gone"
+                    android:text="@string/message_incorrect_current_password"
+                    android:textColor="@color/errorBackground" />
 
                 <de.symeda.sormas.app.component.controls.ControlPasswordField
                     android:id="@+id/change_password_new_password"
                     style="@style/ControlSingleColumnStyle"
+                    android:layout_marginTop="10dp"
+
                     android:hint="@string/caption_enter_new_password"
-                    android:onClick="registrationDataCheck"
                     app:caption="@string/caption_enter_new_password"
                     app:description="@string/caption_enter_new_password"
                     app:labelCaption="@string/caption_enter_new_password"
                     app:hint="@string/caption_enter_new_password"
-                    app:required="true" />
+                    app:required="true"
+                    app:value="@={data.newPassword}" />
+
+                <TextView
+                    android:id="@+id/incorrect_new_password"
+                    android:layout_width="match_parent"
+                    android:layout_height="wrap_content"
+                    android:text="@string/message_incorrect_new_password"
+                    android:visibility="gone"
+                    android:textColor="@color/errorBackground" />
+
+                <!--                android:onClick="registrationDataCheck"-->
+
 
                 <de.symeda.sormas.app.component.controls.ControlPasswordField
                     android:id="@+id/change_password_confirm_password"
@@ -101,8 +120,9 @@
                     app:hint="@string/hint_enter_confirm_new_password"
                     app:inputType="textPassword"
                     app:hintEnabled="false"
-                    android:layout_marginBottom="-10dp"
-                    app:labelCaption="@string/caption_confirm_new_password" />
+                    android:layout_marginTop="10dp"
+                    app:labelCaption="@string/caption_confirm_new_password"
+                    app:value="@={data.confirmPassword}" />
                 <!---for error-->
                 <TextView
                     android:id="@+id/incorrect_confirm_password"
@@ -111,53 +131,71 @@
                     android:text="@string/message_not_match_password"
                     android:visibility="gone"
                     android:layout_marginBottom="15dp"
-                    android:textColor="@color/errorBackground"
-                    />
+                    android:textColor="@color/errorBackground" />
+
+                <Button
+                    android:id="@+id/btn_changePassword"
+                    android:layout_width="match_parent"
+                    android:layout_height="wrap_content"
+                    android:text="@string/action_change_password"
+                    style="@style/PrimaryButtonStyle"
+                    android:onClick="savePassword" />
+
                 <RelativeLayout
                     android:layout_width="match_parent"
                     android:layout_height="wrap_content"
+
                     android:orientation="horizontal">
                     <!---for error-->
                     <TextView
+
                         android:id="@+id/action_password_strength"
                         android:visibility="gone"
                         style="@style/LinkButtonStyle"
-                        android:layout_marginTop="-20dp"
                         android:layout_width="match_parent"
                         android:layout_height="match_parent"
-                        android:onClick="registrationDataCheck"
                         android:text="@string/action_strength_password"
                         android:textAlignment="viewStart" />
+                    <!--                    android:onClick="registrationDataCheck"-->
+
+                </RelativeLayout>
+
+                <RelativeLayout
+                    android:layout_width="match_parent"
+                    android:layout_height="wrap_content"
+                    android:orientation="horizontal">
+
+
+                    <!--                <de.symeda.sormas.app.component.controls.ControlButton-->
+                    <!--                    android:id="@+id/btn_changePassword"-->
+                    <!--                    android:layout_width="match_parent"-->
+                    <!--                    android:layout_height="wrap_content"-->
+                    <!--                    android:layout_marginTop="@dimen/buttonControlMarginBottom"-->
+                    <!--                    android:layout_marginBottom="@dimen/buttonControlMarginBottom"-->
+                    <!--                    android:onClick="savePassword"-->
+                    <!--                    android:text="@string/action_change_password"-->
+                    <!--                    app:buttonType="@{ControlButtonType.SECONDARY}"-->
+                    <!--                    app:rounded="true" />-->
 
                     <Button
                         android:id="@+id/action_generatePassword"
-                        style="@style/GenerateButtonStyle"
-                        android:background="@drawable/button_round_edges"
+                        android:layout_alignParentEnd="true"
                         android:layout_width="wrap_content"
                         android:layout_height="wrap_content"
-                        android:layout_alignParentEnd="true"
-                        android:layout_marginBottom="15dp"
-                        android:onClick="generatePassword"
                         android:text="@string/action_generate_password"
-                        android:textAlignment="viewEnd"/>
+                        style="@style/SubtleButtonStyle"
+                        android:onClick="generatePassword" />
 
                 </RelativeLayout>
-                <Button
-                    android:id="@+id/btn_changePassword"
-                    android:layout_width="match_parent"
-                    android:layout_height="wrap_content"
-                    android:layout_marginBottom="@dimen/loginButtonMarginTop"
-                    android:layout_marginTop="@dimen/loginButtonMarginTop"
-                    android:text="@string/action_change_password"
-                    style="@style/PrimaryButtonStyle"
-                    android:onClick="savePassword" />
+
+
                 <LinearLayout
                     android:layout_width="match_parent"
                     android:layout_height="match_parent"
                     android:layout_gravity="bottom"
                     android:layout_marginTop="48dp"
-                    android:orientation="horizontal"
-                    >
+                    android:orientation="horizontal">
+
                     <TextView
                         android:id="@+id/action_backToSettings"
                         style="@style/LinkButtonStyle"
@@ -165,10 +203,12 @@
                         android:layout_height="wrap_content"
                         android:onClick="backToSettings"
                         android:text="@string/action_back_to_settings"
-                        android:textAlignment="viewStart"/>
+                        android:textAlignment="viewStart" />
+
                 </LinearLayout>
 
             </LinearLayout>
+
             <include
                 android:id="@+id/notification_frame"
                 layout="@layout/activity_root_notification_layout"
diff --git a/sormas-app/app/src/main/res/layout/layout_loading_dialog.xml b/sormas-app/app/src/main/res/layout/layout_loading_dialog.xml
deleted file mode 100644
index 0626fe657cc..00000000000
--- a/sormas-app/app/src/main/res/layout/layout_loading_dialog.xml
+++ /dev/null
@@ -1,19 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
-    android:layout_width="match_parent"
-    android:layout_height="wrap_content"
-    android:orientation="horizontal"
-    android:padding="20dp">
-    <ProgressBar
-        android:layout_width="0dp"
-        android:layout_height="wrap_content"
-        android:layout_weight="1" />
-
-    <TextView
-        android:layout_width="0dp"
-        android:layout_height="match_parent"
-        android:layout_weight="4"
-        android:gravity="center"
-        android:text="Please wait! This may take a moment." />
-</LinearLayout>
-
diff --git a/sormas-app/app/src/main/res/values/dimens.xml b/sormas-app/app/src/main/res/values/dimens.xml
index aa51016d4a0..182da1921a1 100644
--- a/sormas-app/app/src/main/res/values/dimens.xml
+++ b/sormas-app/app/src/main/res/values/dimens.xml
@@ -16,7 +16,7 @@
   ~ along with this program.  If not, see <https://www.gnu.org/licenses/>.
   -->
 
-<resources xmlns:tools="http://schemas.android.com/tools" >
+<resources xmlns:tools="http://schemas.android.com/tools">
     <!-- Default screen margins, per the Android Design guidelines. -->
     <!-- Martin -->
     <dimen name="activity_vertical_margin">16dp</dimen>
@@ -60,7 +60,6 @@
     <dimen name="simple_dialog_button_margin">12dp</dimen>
 
 
-
     <dimen name="defaultControlVerticalPadding">16dp</dimen>
     <dimen name="defaultControlHorizontalPadding">16dp</dimen>
     <dimen name="defaultControlRadius">5dp</dimen>
@@ -192,9 +191,6 @@
     <dimen name="drawerNotificationCounterRadius">10dp</dimen>
 
 
-
-
-
     <dimen name="activitySubHeadingHeight">48dp</dimen>
     <dimen name="activitySubHeadingHorizontalPadding">24dp</dimen>
     <dimen name="activitySubHeadingVerticalPadding">0dp</dimen>
@@ -221,7 +217,6 @@
     <dimen name="overflowMenuElevation">4dp</dimen>
 
 
-
     <!-- List Layoutrs -->
     <dimen name="rowListItemPadding">24dp</dimen>
     <dimen name="rowListItemHorizontalMargin">24dp</dimen>
@@ -262,7 +257,6 @@
     <dimen name="navigationNumberTextSize">34sp</dimen>
 
 
-
     <!-- Landing Page Menu -->
     <dimen name="subMenuPadding">1dp</dimen>
     <dimen name="subMenuHeaderHeight">48dp</dimen>
@@ -284,10 +278,6 @@
     <dimen name="subMenuCounterPadding">8dp</dimen>
 
 
-
-
-
-
     <!-- Landing Summary -->
     <dimen name="summaryCellHeight">146dp</dimen>
     <dimen name="summaryCellTitleTextSize">12sp</dimen>
@@ -299,16 +289,12 @@
     <dimen name="summaryVisualizationMarginBottom">16dp</dimen>
 
 
-
-
-
     <dimen name="navigationNumberMarginTop">8dp</dimen>
     <dimen name="navigationNumberMarginBottom">8dp</dimen>
     <dimen name="navigationNumberMarginRight">16dp</dimen>
     <dimen name="navigationTitlePadding">16dp</dimen>
 
 
-
     <!-- Landing Summary: Donut Progress -->
     <dimen name="circularProgressFinishedStrokeWidth">5dp</dimen>
     <dimen name="circularProgressUnfinishedStrokeWidth">5dp</dimen>
@@ -333,9 +319,6 @@
     <dimen name="legendDefaultShapeHeight">5dp</dimen>
 
 
-
-
-
     <dimen name="listActivityRowPrimaryTextSize">16sp</dimen>
     <dimen name="row_entry_secondary_text_size">14sp</dimen>
     <dimen name="listActivityRowSecondaryTextVerticalMargin">8dp</dimen>
@@ -350,7 +333,6 @@
     <dimen name="sectionListRowSelectedStrokeSize">1.5dp</dimen>
 
 
-
     <dimen name="verySmallTextSize">10sp</dimen>
     <dimen name="textSizeNormal">14sp</dimen>
     <dimen name="textSizeLarge">16sp</dimen>
@@ -361,11 +343,6 @@
     <dimen name="readActivitySubListHeadingTextSize">@dimen/h4</dimen>
 
 
-
-
-
-
-
     <dimen name="listGoToIconWidth">36dp</dimen>
     <dimen name="listGoToIconHeight">36dp</dimen>
 
@@ -424,7 +401,5 @@
 
     <dimen name="dashboardPreloaderWidth">50dp</dimen>
     <dimen name="dashboardPreloaderHeight">50dp</dimen>
-    <!-- Default screen margins, per the Android Design guidelines. -->
-    <dimen name="activity_horizontal_margin">16dp</dimen>
 
 </resources>
diff --git a/sormas-app/app/src/main/res/values/strings.xml b/sormas-app/app/src/main/res/values/strings.xml
index 8c139cffe82..659966e733c 100644
--- a/sormas-app/app/src/main/res/values/strings.xml
+++ b/sormas-app/app/src/main/res/values/strings.xml
@@ -288,7 +288,7 @@
     <string name="caption_sync_pushed">%1$s/%2$s pushed</string>
     <string name="caption_sync_deleted">%1$s deleted</string>
     <string name="caption_event_search_field">ID, title, description</string>
-`
+    `
     <string name="confirmation_action">Are you sure you want to do this?</string>
     <string name="confirmation_delete">Are you sure you want to delete this record?</string>
     <string name="confirmation_pick_gps">Are you in this place right now?</string>
@@ -562,8 +562,9 @@
     <string name="message_case_infrastructure_data_changed">You have changed the infrastructure data of this case. Do you want to transfer the case to the new health facility (the hospitalization data will be updated) or do you only want to edit the data to correct a mistake?</string>
     <string name="message_download_app_failed">The download of the new SORMAS version failed. Please make sure you have the best internet connection possible and try again or inform a supervisor if you keep getting this error despite a good internet connection.</string>
     <string name="message_empty_password">Please enter a password.</string>
-    <string name="message_incorrect_password">Please your password is incorrect.</string>
-    <string name="message_not_match_password">Password does not match.</string>
+    <string name="message_incorrect_current_password">Please your Current Password is incorrect.</string>
+    <string name="message_incorrect_new_password">Please your New Password is incorrect.</string>
+    <string name="message_not_match_password">Passwords does not match.</string>
     <string name="message_empty_username">Please enter a username.</string>
     <string name="message_encryption">SORMAS requires device encryption to be activated on your device to ensure data security.\n\nPlease note that you cannot use the application as long as device encryption is disabled.</string>
     <string name="message_enter_person_name">Please enter a first and last name for the new person.</string>
@@ -746,11 +747,11 @@
     <string name="invalid_username">Not a valid username</string>
     <string name="invalid_password">Password must be >5 characters</string>
     <string name="login_failed">"Login failed"</string>
-    <string name="hint_enter_current_password" >"Enter Current Password"</string>
-    <string name="hint_enter_new_password" >"Enter New Password"</string>
-    <string name="hint_enter_confirm_new_password" >"Enter Confirm Password"</string>
-    <string name="caption_enter_current_password" >"Enter Current Password"</string>
-    <string name="caption_enter_new_password" >"Enter new Password"</string>
-    <string name="caption_confirm_new_password" >"Confirm Password"</string>
+    <string name="hint_enter_current_password">"Enter Current Password"</string>
+    <string name="hint_enter_new_password">"Enter New Password"</string>
+    <string name="hint_enter_confirm_new_password">"Enter Confirm Password"</string>
+    <string name="caption_enter_current_password">"Enter Current Password"</string>
+    <string name="caption_enter_new_password">"Enter new Password"</string>
+    <string name="caption_confirm_new_password">"Confirm Password"</string>
 
 </resources>
diff --git a/sormas-app/pom.xml b/sormas-app/pom.xml
index 569d8165952..c2be8875554 100644
--- a/sormas-app/pom.xml
+++ b/sormas-app/pom.xml
@@ -3,7 +3,7 @@
 	<parent>
 		<artifactId>sormas-base</artifactId>
 		<groupId>de.symeda.sormas</groupId>
-		<version>1.97.0-SNAPSHOT</version>
+		<version>1.98.0-SNAPSHOT</version>
 		<relativePath>../sormas-base</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java
index 711af653672..cc60d4035b5 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java
@@ -1,8 +1,10 @@
 package de.symeda.sormas.backend.user;
 
-import static de.symeda.sormas.backend.user.UserHelper.isRestrictedToAssignEntities;
-
-import java.util.Set;
+import de.symeda.sormas.api.audit.AuditIgnore;
+import de.symeda.sormas.api.user.UserRight;
+import de.symeda.sormas.backend.util.ModelConstants;
+import org.hibernate.Hibernate;
+import org.hibernate.proxy.HibernateProxy;
 
 import javax.annotation.Resource;
 import javax.ejb.LocalBean;
@@ -12,142 +14,131 @@
 import javax.persistence.EntityManager;
 import javax.persistence.PersistenceContext;
 import javax.persistence.TypedQuery;
-import javax.persistence.criteria.CriteriaBuilder;
-import javax.persistence.criteria.CriteriaQuery;
-import javax.persistence.criteria.Fetch;
-import javax.persistence.criteria.JoinType;
-import javax.persistence.criteria.ParameterExpression;
-import javax.persistence.criteria.Predicate;
-import javax.persistence.criteria.Root;
+import javax.persistence.criteria.*;
 import javax.transaction.Transactional;
+import java.util.Set;
 
-import org.hibernate.Hibernate;
-import org.hibernate.proxy.HibernateProxy;
-
-import de.symeda.sormas.api.audit.AuditIgnore;
-import de.symeda.sormas.api.user.UserRight;
-import de.symeda.sormas.backend.util.ModelConstants;
+import static de.symeda.sormas.backend.user.UserHelper.isRestrictedToAssignEntities;
 
 @Stateless
 @LocalBean
 @AuditIgnore
 public class CurrentUserService {
 
-	@Resource
-	private SessionContext context;
-
-	@PersistenceContext(unitName = ModelConstants.PERSISTENCE_UNIT_NAME)
-	private EntityManager em;
-
-	private final UserCache userCache;
-
-	public CurrentUserService() {
-		this.userCache = UserCache.getInstance();
-	}
-
-	/**
-	 * Returns the User entity corresponding to the current user.
-	 *
-	 * @TransactionScoped would be better for performance, but is not supported by the CDI based testing framework
-	 */
-	@RequestScoped
-	public User getCurrentUser() {
-		final String currentUsername = context.getCallerPrincipal().getName();
-
-		if (currentUsername == null) {
-			return null;
-		}
-
-		User cachedUser = userCache.get(currentUsername);
-
-		if (cachedUser != null) {
-			return cachedUser;
-		}
-
-		// todo prohibit these names
-		if (currentUsername.equals("ANONYMOUS") || currentUsername.equals("SYSTEM")) {
-			return null;
-		}
-
-		final User currentUser = fetchUser(currentUsername);
-
-		if (currentUser == null) {
-			return null;
-		} else {
-			userCache.put(currentUsername, currentUser);
-			return currentUser;
-		}
-	}
-
-	public boolean hasUserRight(UserRight userRight) {
-		// this only works for user rights that are used in RolesAllowed or DeclareRoles annotations.
-		// return context.isCallerInRole(userRight.name());
-		// We don't want to have to do this for all the user rights, so we check against the user rights of the current user instead
-		if (getCurrentUser() == null || getCurrentUser().getUserRoles() == null) {
-			return false;
-		}
-
-		return getCurrentUser().hasUserRight(userRight); // todo cache this?
-	}
-
-	public boolean hasAnyUserRight(Set<UserRight> userRights) {
-		// this only works for user rights that are used in RolesAllowed or DeclareRoles annotations.
-		// return context.isCallerInRole(userRight.name());
-		// We don't want to have to do this for all the user rights, so we check against the user rights of the current user instead
-		if (getCurrentUser() == null || getCurrentUser().getUserRoles() == null) {
-			return false;
-		}
-
-		return getCurrentUser().hasAnyUserRight(userRights);
-	}
-
-	public boolean isRestrictedToAssignedEntities() {
-		return isRestrictedToAssignEntities(getCurrentUser());
-	}
-
-	// We need a clean transaction as we do not want call potential entity listeners which would lead to recursion
-	@Transactional(Transactional.TxType.REQUIRES_NEW)
-	User fetchUser(String userName) {
-		final CriteriaBuilder cb = em.getCriteriaBuilder();
-		final ParameterExpression<String> userNameParam = cb.parameter(String.class, User.USER_NAME);
-		final CriteriaQuery<User> cq = cb.createQuery(User.class);
-
-		// avoid "Hibernate could not initialize proxy – no Session" Exception
-		// do eager loading in this case
-		final Root<User> user = cq.from(User.class);
-		user.fetch(User.ADDRESS);
-		Fetch<Object, Object> fetch = user.fetch(User.USER_ROLES);
-		fetch.fetch(UserRole.EMAIL_NOTIFICATIONS, JoinType.LEFT);
-		fetch.fetch(UserRole.SMS_NOTIFICATIONS, JoinType.LEFT);
-
-		final Predicate equal = cb.equal(cb.lower(user.get(User.USER_NAME)), userNameParam);
-		cq.select(user).distinct(true);
-		cq.where(equal);
-
-		final TypedQuery<User> q = em.createQuery(cq).setParameter(userNameParam, userName.toLowerCase());
-
-		User currentUser = q.getResultList().stream().findFirst().orElse(null);
-		if (currentUser != null) {
-			unproxy(currentUser.getRegion());
-			unproxy(currentUser.getDistrict());
-			unproxy(currentUser.getCommunity());
-			unproxy(currentUser.getHealthFacility());
-			unproxy(currentUser.getPointOfEntry());
-			unproxy(currentUser.getLaboratory());
-			unproxy(currentUser.getAssociatedOfficer());
-		}
-
-		return currentUser;
-	}
-
-	public static <T> T unproxy(T proxied) {
-		if (proxied instanceof HibernateProxy) {
-			Hibernate.initialize(proxied);
-			@SuppressWarnings("unchecked")
-			T obj = (T) ((HibernateProxy) proxied).getHibernateLazyInitializer().getImplementation();
-			return obj;
-		} else {
-			return proxied;
-		}
-	}
+    @Resource
+    private SessionContext context;
+
+    @PersistenceContext(unitName = ModelConstants.PERSISTENCE_UNIT_NAME)
+    private EntityManager em;
+
+    private final UserCache userCache;
+
+    public CurrentUserService() {
+        this.userCache = UserCache.getInstance();
+    }
+
+    /**
+     * Returns the User entity corresponding to the current user.
+     *
+     * @TransactionScoped would be better for performance, but is not supported by the CDI based testing framework
+     */
+    @RequestScoped
+    public User getCurrentUser() {
+        final String currentUsername = context.getCallerPrincipal().getName();
+
+        if (currentUsername == null) {
+            return null;
+        }
+
+        User cachedUser = userCache.get(currentUsername);
+        if (cachedUser != null) {
+            return cachedUser;
+        }
+
+        // todo prohibit these names
+        if (currentUsername.equals("ANONYMOUS") || currentUsername.equals("SYSTEM")) {
+            return null;
+        }
+
+        final User currentUser = fetchUser(currentUsername);
+
+        if (currentUser == null) {
+            return null;
+        } else {
+            userCache.put(currentUsername, currentUser);
+            return currentUser;
+        }
+    }
+
+    public boolean hasUserRight(UserRight userRight) {
+        // this only works for user rights that are used in RolesAllowed or DeclareRoles annotations.
+        // return context.isCallerInRole(userRight.name());
+        // We don't want to have to do this for all the user rights, so we check against the user rights of the current user instead
+        if (getCurrentUser() == null || getCurrentUser().getUserRoles() == null) {
+            return false;
+        }
+
+        return getCurrentUser().hasUserRight(userRight); // todo cache this?
+    }
+
+    public boolean hasAnyUserRight(Set<UserRight> userRights) {
+        // this only works for user rights that are used in RolesAllowed or DeclareRoles annotations.
+        // return context.isCallerInRole(userRight.name());
+        // We don't want to have to do this for all the user rights, so we check against the user rights of the current user instead
+        if (getCurrentUser() == null || getCurrentUser().getUserRoles() == null) {
+            return false;
+        }
+
+        return getCurrentUser().hasAnyUserRight(userRights);
+    }
+
+    public boolean isRestrictedToAssignedEntities() {
+        return isRestrictedToAssignEntities(getCurrentUser());
+    }
+
+    // We need a clean transaction as we do not want call potential entity listeners which would lead to recursion
+    @Transactional(Transactional.TxType.REQUIRES_NEW)
+    User fetchUser(String userName) {
+        final CriteriaBuilder cb = em.getCriteriaBuilder();
+        final ParameterExpression<String> userNameParam = cb.parameter(String.class, User.USER_NAME);
+        final CriteriaQuery<User> cq = cb.createQuery(User.class);
+
+        // avoid "Hibernate could not initialize proxy – no Session" Exception
+        // do eager loading in this case
+        final Root<User> user = cq.from(User.class);
+        user.fetch(User.ADDRESS);
+        Fetch<Object, Object> fetch = user.fetch(User.USER_ROLES);
+        fetch.fetch(UserRole.EMAIL_NOTIFICATIONS, JoinType.LEFT);
+        fetch.fetch(UserRole.SMS_NOTIFICATIONS, JoinType.LEFT);
+
+        final Predicate equal = cb.equal(cb.lower(user.get(User.USER_NAME)), userNameParam);
+        cq.select(user).distinct(true);
+        cq.where(equal);
+
+        final TypedQuery<User> q = em.createQuery(cq).setParameter(userNameParam, userName.toLowerCase());
+
+        User currentUser = q.getResultList().stream().findFirst().orElse(null);
+        if (currentUser != null) {
+            unproxy(currentUser.getRegion());
+            unproxy(currentUser.getDistrict());
+            unproxy(currentUser.getCommunity());
+            unproxy(currentUser.getHealthFacility());
+            unproxy(currentUser.getPointOfEntry());
+            unproxy(currentUser.getLaboratory());
+            unproxy(currentUser.getAssociatedOfficer());
+        }
+
+        return currentUser;
+    }
+
+    public static <T> T unproxy(T proxied) {
+        if (proxied instanceof HibernateProxy) {
+            Hibernate.initialize(proxied);
+            @SuppressWarnings("unchecked")
+            T obj = (T) ((HibernateProxy) proxied).getHibernateLazyInitializer().getImplementation();
+            return obj;
+        } else {
+            return proxied;
+        }
+    }
 }
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 4e8893a6f61..2d180cc0b18 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -12,55 +12,8 @@
  * You should have received a copy of the GNU General Public License
  * along with this program. If not, see <https://www.gnu.org/licenses/>.
  */
-
 package de.symeda.sormas.backend.user;
 
-import static de.symeda.sormas.api.AuthProvider.KEYCLOAK;
-import static java.util.Objects.isNull;
-
-import java.lang.reflect.InvocationTargetException;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Comparator;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Objects;
-import java.util.Optional;
-import java.util.Set;
-import java.util.stream.Collectors;
-
-import javax.annotation.security.PermitAll;
-import javax.ejb.EJB;
-import javax.ejb.LocalBean;
-import javax.ejb.Stateless;
-import javax.enterprise.event.Event;
-import javax.inject.Inject;
-import javax.persistence.EntityManager;
-import javax.persistence.EntityNotFoundException;
-import javax.persistence.PersistenceContext;
-import javax.persistence.criteria.CriteriaBuilder;
-import javax.persistence.criteria.CriteriaQuery;
-import javax.persistence.criteria.Join;
-import javax.persistence.criteria.JoinType;
-import javax.persistence.criteria.Order;
-import javax.persistence.criteria.Predicate;
-import javax.persistence.criteria.Root;
-import javax.persistence.criteria.Subquery;
-import javax.validation.Valid;
-import javax.validation.ValidationException;
-import javax.ws.rs.ForbiddenException;
-
-import de.symeda.sormas.backend.util.*;
-import org.apache.commons.beanutils.BeanUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.jetbrains.annotations.NotNull;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
 import de.symeda.sormas.api.AuthProvider;
 import de.symeda.sormas.api.Disease;
 import de.symeda.sormas.api.EntityDto;
@@ -84,21 +37,8 @@
 import de.symeda.sormas.api.task.TaskContext;
 import de.symeda.sormas.api.task.TaskContextIndexCriteria;
 import de.symeda.sormas.api.travelentry.TravelEntryReferenceDto;
-import de.symeda.sormas.api.user.JurisdictionLevel;
-import de.symeda.sormas.api.user.UserCriteria;
-import de.symeda.sormas.api.user.UserDto;
-import de.symeda.sormas.api.user.UserFacade;
-import de.symeda.sormas.api.user.UserReferenceDto;
-import de.symeda.sormas.api.user.UserReferenceWithTaskNumbersDto;
-import de.symeda.sormas.api.user.UserRight;
-import de.symeda.sormas.api.user.UserRoleDto;
-import de.symeda.sormas.api.user.UserRoleReferenceDto;
-import de.symeda.sormas.api.user.UserSyncResult;
-import de.symeda.sormas.api.utils.AccessDeniedException;
-import de.symeda.sormas.api.utils.DataHelper;
-import de.symeda.sormas.api.utils.DefaultEntityHelper;
-import de.symeda.sormas.api.utils.PasswordHelper;
-import de.symeda.sormas.api.utils.SortProperty;
+import de.symeda.sormas.api.user.*;
+import de.symeda.sormas.api.utils.*;
 import de.symeda.sormas.backend.FacadeHelper;
 import de.symeda.sormas.backend.caze.Case;
 import de.symeda.sormas.backend.caze.CaseFacadeEjb.CaseFacadeEjbLocal;
@@ -108,11 +48,7 @@
 import de.symeda.sormas.backend.common.AbstractDomainObject;
 import de.symeda.sormas.backend.common.ConfigFacadeEjb.ConfigFacadeEjbLocal;
 import de.symeda.sormas.backend.common.CriteriaBuilderHelper;
-import de.symeda.sormas.backend.contact.Contact;
-import de.symeda.sormas.backend.contact.ContactJoins;
-import de.symeda.sormas.backend.contact.ContactJurisdictionPredicateValidator;
-import de.symeda.sormas.backend.contact.ContactQueryContext;
-import de.symeda.sormas.backend.contact.ContactService;
+import de.symeda.sormas.backend.contact.*;
 import de.symeda.sormas.backend.environment.Environment;
 import de.symeda.sormas.backend.environment.EnvironmentJoins;
 import de.symeda.sormas.backend.environment.EnvironmentJurisdictionPredicateValidator;
@@ -148,1112 +84,1137 @@
 import de.symeda.sormas.backend.user.event.SyncUsersFromProviderEvent;
 import de.symeda.sormas.backend.user.event.UserCreateEvent;
 import de.symeda.sormas.backend.user.event.UserUpdateEvent;
+import de.symeda.sormas.backend.util.*;
+import org.apache.commons.beanutils.BeanUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.annotation.security.PermitAll;
+import javax.ejb.EJB;
+import javax.ejb.LocalBean;
+import javax.ejb.Stateless;
+import javax.enterprise.event.Event;
+import javax.inject.Inject;
+import javax.persistence.EntityManager;
+import javax.persistence.EntityNotFoundException;
+import javax.persistence.PersistenceContext;
+import javax.persistence.criteria.Order;
+import javax.persistence.criteria.*;
+import javax.validation.Valid;
+import javax.validation.ValidationException;
+import javax.ws.rs.ForbiddenException;
+import java.lang.reflect.InvocationTargetException;
+import java.util.*;
+import java.util.stream.Collectors;
+
+import static de.symeda.sormas.api.AuthProvider.KEYCLOAK;
+import static java.util.Objects.isNull;
 
 
 @Stateless(name = "UserFacade")
 public class UserFacadeEjb implements UserFacade {
 
-	@PersistenceContext(unitName = ModelConstants.PERSISTENCE_UNIT_NAME)
-	private EntityManager em;
-
-	private final Logger logger = LoggerFactory.getLogger(getClass());
-
-	@EJB
-	private CurrentUserService currentUserService;
-	@EJB
-	private UserService userService;
-	@EJB
-	private LocationFacadeEjbLocal locationFacade;
-	@EJB
-	private RegionService regionService;
-	@EJB
-	private DistrictService districtService;
-	@EJB
-	private CommunityService communityService;
-	@EJB
-	private FacilityService facilityService;
-	@EJB
-	private CaseFacadeEjbLocal caseFacade;
-	@EJB
-	private TaskFacadeEjb.TaskFacadeEjbLocal taskFacade;
-	@EJB
-	private CaseService caseService;
-	@EJB
-	private ContactService contactService;
-	@EJB
-	private PointOfEntryService pointOfEntryService;
-	@EJB
-	private UserRoleFacadeEjbLocal userRoleFacade;
-	@EJB
-	private FeatureConfigurationFacadeEjbLocal featureConfigurationFacade;
-	@EJB
-	private UserRoleService userRoleService;
-	@EJB
-	private PersonService personService;
-	@EJB
-	private ConfigFacadeEjbLocal configFacade;
-	@Inject
-	private Event<UserCreateEvent> userCreateEvent;
-	@Inject
-	private Event<UserUpdateEvent> userUpdateEvent;
-	@Inject
-	private Event<PasswordResetEvent> passwordResetEvent;
-	@Inject
-	private Event<SyncUsersFromProviderEvent> syncUsersFromProviderEventEvent;
-
-	public static UserDto toDto(User source) {
-
-		if (source == null) {
-			return null;
-		}
-
-		UserDto target = new UserDto();
-		DtoHelper.fillDto(target, source);
-
-		target.setActive(source.isActive());
-		target.setUserName(source.getUserName());
-		target.setFirstName(source.getFirstName());
-		target.setLastName(source.getLastName());
-		target.setUserEmail(source.getUserEmail());
-		target.setPhone(source.getPhone());
-		target.setAddress(LocationFacadeEjb.toDto(source.getAddress()));
-
-		target.setRegion(RegionFacadeEjb.toReferenceDto(source.getRegion()));
-		target.setDistrict(DistrictFacadeEjb.toReferenceDto(source.getDistrict()));
-		target.setCommunity(CommunityFacadeEjb.toReferenceDto(source.getCommunity()));
-		target.setHealthFacility(FacilityFacadeEjb.toReferenceDto(source.getHealthFacility()));
-		target.setAssociatedOfficer(toReferenceDto(source.getAssociatedOfficer()));
-		target.setLaboratory(FacilityFacadeEjb.toReferenceDto(source.getLaboratory()));
-		target.setPointOfEntry(PointOfEntryFacadeEjb.toReferenceDto(source.getPointOfEntry()));
-		target.setLimitedDiseases(source.getLimitedDiseases());
-		target.setLanguage(source.getLanguage());
-		target.setHasConsentedToGdpr(source.isHasConsentedToGdpr());
-
-		target.setUserRoles(source.getUserRoles().stream().map(UserRoleFacadeEjb::toReferenceDto).collect(Collectors.toSet()));
-		target.setJurisdictionLevel(source.getJurisdictionLevel());
-		return target;
-	}
-
-	public static UserReferenceDto toReferenceDto(User entity) {
-		if (entity == null) {
-			return null;
-		}
-		return new UserReferenceDto(entity.getUuid(), entity.getFirstName(), entity.getLastName());
-	}
-
-	public static UserReferenceDto toReferenceDto(UserReference entity) {
-		if (entity == null) {
-			return null;
-		}
-		return new UserReferenceDto(entity.getUuid(), entity.getFirstName(), entity.getLastName());
-	}
-
-	@Override
-	@PermitAll
-	public List<UserReferenceDto> getUsersByRegionAndRights(RegionReferenceDto regionRef, Disease limitedDisease, UserRight... userRights) {
-		return userService
-			.getUserReferences(
-				regionRef != null ? Collections.singletonList(regionRef.getUuid()) : null,
-				null,
-				null,
-				true,
-				limitedDisease,
-				userRights)
-			.stream()
-			.map(UserFacadeEjb::toReferenceDto)
-			.collect(Collectors.toList());
-	}
-
-	/*
-	 * Get all users with the next higher jurisdiction, whose location contains the current users location
-	 * For facility users, this includes district and community users, if their district/community is identical with that of the facility
-	 */
-	@Override
-	@PermitAll
-	public List<UserReferenceDto> getUsersWithSuperiorJurisdiction(UserDto user) {
-		JurisdictionLevel superordinateJurisdiction = InfrastructureHelper.getSuperordinateJurisdiction(user.getJurisdictionLevel());
-
-		List<UserReference> superiorUsersList = Collections.emptyList();
-		switch (superordinateJurisdiction) {
-		case NATION:
-			superiorUsersList =
-				userService.getUserReferencesByJurisdictions(null, null, null, Collections.singletonList(superordinateJurisdiction), null);
-			break;
-		case REGION:
-			superiorUsersList = userService.getUserReferencesByJurisdictions(
-				Collections.singletonList(user.getRegion().getUuid()),
-				null,
-				null,
-				Collections.singletonList(superordinateJurisdiction),
-				null);
-			break;
-		case DISTRICT:
-			// if user is assigned to a facility, but that facility is not assigned to a district, show no superordinate users. Else, show users of the district (and community) in which the facility is located
-
-			District district = null;
-			Community community = null;
-			Set<JurisdictionLevel> superordinateJurisdictions = new HashSet<>();
-			superordinateJurisdictions.add(superordinateJurisdiction);
-			if (user.getDistrict() != null) {
-				district = districtService.getByReferenceDto(user.getDistrict());
-			} else if (user.getHealthFacility() != null) {
-				Facility facility = facilityService.getByReferenceDto(user.getHealthFacility());
-				district = facility.getDistrict();
-				community = facility.getCommunity();
-				superordinateJurisdictions.add(JurisdictionLevel.COMMUNITY);
-			}
-
-			if (community == null) {
-				superiorUsersList = userService
-					.getUserReferencesByJurisdictions(null, Collections.singletonList(district.getUuid()), null, superordinateJurisdictions, null);
-			} else if (district != null) {
-				superiorUsersList = userService.getUserReferencesByJurisdictions(
-					null,
-					Collections.singletonList(district.getUuid()),
-					Collections.singletonList(community.getUuid()),
-					superordinateJurisdictions,
-					null);
-			}
-
-			break;
-		}
-
-		return superiorUsersList.stream().map(UserFacadeEjb::toReferenceDto).collect(Collectors.toList());
-	}
-
-	@Override
-	@PermitAll
-	public List<UserReferenceDto> getUserRefsByDistrict(DistrictReferenceDto districtRef, Disease limitedDisease, UserRight... userRights) {
-
-		return userService
-			.getUserReferences(
-				null,
-				districtRef != null ? Collections.singletonList(districtRef.getUuid()) : null,
-				null,
-				true,
-				limitedDisease,
-				userRights)
-			.stream()
-			.map(UserFacadeEjb::toReferenceDto)
-			.collect(Collectors.toList());
-	}
-
-	@Override
-	@PermitAll
-	public List<UserReferenceDto> getUserRefsByDistrict(
-		DistrictReferenceDto districtRef,
-		boolean excludeLimitedDiseaseUsers,
-		UserRight... userRights) {
-		return userService
-			.getUserReferences(
-				null,
-				districtRef != null ? Collections.singletonList(districtRef.getUuid()) : null,
-				null,
-				true,
-				null,
-				excludeLimitedDiseaseUsers,
-				Arrays.asList(userRights))
-			.stream()
-			.map(UserFacadeEjb::toReferenceDto)
-			.collect(Collectors.toList());
-	}
-
-	@Override
-	@PermitAll
-	public List<UserReferenceDto> getUserRefsByDistricts(List<DistrictReferenceDto> districtRefs, Disease limitedDisease, UserRight... userRights) {
-
-		return userService
-			.getUserReferences(
-				null,
-				districtRefs.stream().map(DistrictReferenceDto::getUuid).collect(Collectors.toList()),
-				null,
-				true,
-				limitedDisease,
-				userRights)
-			.stream()
-			.map(UserFacadeEjb::toReferenceDto)
-			.collect(Collectors.toList());
-	}
-
-	@Override
-	@PermitAll
-	public List<UserReferenceDto> getUserRefsByInfrastructure(
-		InfrastructureDataReferenceDto infrastructure,
-		JurisdictionLevel jurisdictionLevel,
-		JurisdictionLevel allowedJurisdictionLevel,
-		Disease limitedDisease,
-		UserRight... userRights) {
-
-		if (jurisdictionLevel.getOrder() < allowedJurisdictionLevel.getOrder()) {
-			return Collections.emptyList();
-		}
-
-		return userService
-			.getUserRefsByInfrastructure(
-				infrastructure != null ? infrastructure.getUuid() : null,
-				jurisdictionLevel,
-				allowedJurisdictionLevel,
-				limitedDisease,
-				userRights)
-			.stream()
-			.map(UserFacadeEjb::toReferenceDto)
-			.collect(Collectors.toList());
-	}
-
-	@Override
-	@PermitAll
-	public List<UserReferenceDto> getAllUserRefs(boolean includeInactive) {
-
-		return userService.getUserReferences(null, null, !includeInactive).stream().map(UserFacadeEjb::toReferenceDto).collect(Collectors.toList());
-	}
-
-	protected List<UserReferenceDto> getAssignableUsersBasedOnContext(TaskContextIndexCriteria taskContextIndexCriteria) {
-		List<UserReferenceDto> availableUsers = new ArrayList<>();
-		if (taskContextIndexCriteria.getUuid() == null) {
-			taskContextIndexCriteria = new TaskContextIndexCriteria(TaskContext.GENERAL);
-		}
-		switch (taskContextIndexCriteria.getTaskContext()) {
-		case CASE:
-			availableUsers.addAll(getUsersHavingCaseInJurisdiction(new CaseReferenceDto(taskContextIndexCriteria.getUuid())));
-			break;
-		case CONTACT:
-			availableUsers.addAll(getUsersHavingContactInJurisdiction(new ContactReferenceDto(taskContextIndexCriteria.getUuid())));
-			break;
-		case EVENT:
-			availableUsers.addAll(getUsersHavingEventInJurisdiction(new EventReferenceDto(taskContextIndexCriteria.getUuid())));
-			break;
-		case TRAVEL_ENTRY:
-			availableUsers.addAll(getUsersHavingTravelEntryInJurisdiction(new TravelEntryReferenceDto(taskContextIndexCriteria.getUuid())));
-			break;
-		default:
-			availableUsers.addAll(getAllUserRefs(false));
-
-		}
-		return availableUsers;
-	}
-
-	@PermitAll
-	public List<UserReferenceWithTaskNumbersDto> getAssignableUsersWithTaskNumbers(TaskContextIndexCriteria taskContextIndexCriteria) {
-
-		List<UserReferenceDto> availableUsers = getAssignableUsersBasedOnContext(taskContextIndexCriteria);
-		Map<String, Long> userTaskCounts =
-			taskFacade.getPendingTaskCountPerUser(availableUsers.stream().map(UserReferenceDto::getUuid).collect(Collectors.toList()));
-
-		return availableUsers.stream()
-			.map(userReference -> new UserReferenceWithTaskNumbersDto(userReference, userTaskCounts.get(userReference.getUuid())))
-			.collect(Collectors.toList());
-
-	}
-
-	@Override
-	@PermitAll
-	public Set<UserRoleDto> getUserRoles(UserDto userDto) {
-		User user = userService.getByUuid(userDto.getUuid());
-		return user != null ? user.getUserRoles().stream().map(UserRoleFacadeEjb::toDto).collect(Collectors.toSet()) : null;
-	}
-
-	@Override
-	@RightsAllowed({
-		UserRight._WEEKLYREPORT_VIEW,
-		UserRight._WEEKLYREPORT_CREATE })
-	public List<UserDto> getUsersByAssociatedOfficer(UserReferenceDto associatedOfficerRef, UserRight... userRights) {
-
-		User associatedOfficer = userService.getByReferenceDto(associatedOfficerRef);
-		return userService.getAllByAssociatedOfficer(associatedOfficer, userRights).stream().map(UserFacadeEjb::toDto).collect(Collectors.toList());
-	}
-
-	@Override
-	@PermitAll
-	public List<UserReferenceDto> getUsersHavingCaseInJurisdiction(CaseReferenceDto caseReferenceDto) {
-
-		return getUsersHavingEntityInJurisdiction((cb, cq, userRoot) -> {
-
-			final Subquery<Case> caseJurisdictionSubquery = cq.subquery(Case.class);
-			final Root<Case> caseRoot = caseJurisdictionSubquery.from(Case.class);
-			final CaseJurisdictionPredicateValidator caseJurisdictionPredicateValidator =
-				CaseJurisdictionPredicateValidator.of(new CaseQueryContext(cb, cq, caseRoot), userRoot);
-
-			caseJurisdictionSubquery.select(caseRoot)
-				.where(
-					cb.and(
-						cb.equal(caseRoot.get(Case.UUID), caseReferenceDto.getUuid()),
-						cb.isTrue(caseJurisdictionPredicateValidator.inJurisdictionOrOwned()),
-						cb.or(cb.isNull(userRoot.get(User.LIMITED_DISEASES)), caseRoot.get(Case.DISEASE).in(userRoot.get(User.LIMITED_DISEASES)))));
-			return caseJurisdictionSubquery;
-		});
-	}
-
-	@Override
-	@PermitAll
-	public List<UserReferenceDto> getUsersHavingContactInJurisdiction(ContactReferenceDto contactReferenceDto) {
-		return getUsersHavingEntityInJurisdiction((cb, cq, userRoot) -> {
-
-			final Subquery<Contact> contactJurisdictionSubquery = cq.subquery(Contact.class);
-			final Root<Contact> contactRoot = contactJurisdictionSubquery.from(Contact.class);
-			final ContactJurisdictionPredicateValidator contactJurisdictionPredicateValidator =
-				ContactJurisdictionPredicateValidator.of(new ContactQueryContext(cb, cq, new ContactJoins(contactRoot)), userRoot);
-
-			contactJurisdictionSubquery.select(contactRoot)
-				.where(
-					cb.and(
-						cb.equal(contactRoot.get(AbstractDomainObject.UUID), contactReferenceDto.getUuid()),
-						cb.isTrue(contactJurisdictionPredicateValidator.inJurisdictionOrOwned()),
-						cb.or(
-							cb.isNull(userRoot.get(User.LIMITED_DISEASES)),
-							contactRoot.get(Contact.DISEASE).in(userRoot.get(User.LIMITED_DISEASES)))));
-			return contactJurisdictionSubquery;
-		});
-	}
-
-	@Override
-	@PermitAll
-	public List<UserReferenceDto> getUsersHavingEventInJurisdiction(EventReferenceDto eventReferenceDto) {
-
-		return getUsersHavingEntityInJurisdiction((cb, cq, userRoot) -> {
-
-			final Subquery<de.symeda.sormas.backend.event.Event> eventJurisdictionSubquery = cq.subquery(de.symeda.sormas.backend.event.Event.class);
-			final Root<de.symeda.sormas.backend.event.Event> eventRoot = eventJurisdictionSubquery.from(de.symeda.sormas.backend.event.Event.class);
-			final EventJurisdictionPredicateValidator eventJurisdictionPredicateValidator =
-				EventJurisdictionPredicateValidator.of(new EventQueryContext(cb, cq, eventRoot), userRoot);
-
-			eventJurisdictionSubquery.select(eventRoot)
-				.where(
-					cb.and(
-						cb.equal(eventRoot.get(AbstractDomainObject.UUID), eventReferenceDto.getUuid()),
-						cb.isTrue(eventJurisdictionPredicateValidator.inJurisdictionOrOwned()),
-						cb.or(
-							cb.isNull(userRoot.get(User.LIMITED_DISEASES)),
-							eventRoot.get(de.symeda.sormas.backend.event.Event.DISEASE).in(userRoot.get(User.LIMITED_DISEASES)))));
-			return eventJurisdictionSubquery;
-		});
-	}
-
-	@Override
-	@PermitAll
-	public List<UserReferenceDto> getUsersHavingTravelEntryInJurisdiction(TravelEntryReferenceDto travelEntryReferenceDto) {
-
-		return getUsersHavingEntityInJurisdiction((cb, cq, userRoot) -> {
-
-			final Subquery<TravelEntry> travelEntrySubquery = cq.subquery(TravelEntry.class);
-			final Root<TravelEntry> travelEntryRoot = travelEntrySubquery.from(TravelEntry.class);
-			final TravelEntryJurisdictionPredicateValidator travelEntryJurisdictionPredicateValidator =
-				TravelEntryJurisdictionPredicateValidator.of(new TravelEntryQueryContext(cb, cq, new TravelEntryJoins(travelEntryRoot)), userRoot);
-
-			travelEntrySubquery.select(travelEntryRoot)
-				.where(
-					cb.and(
-						cb.equal(travelEntryRoot.get(AbstractDomainObject.UUID), travelEntryReferenceDto.getUuid()),
-						cb.isTrue(travelEntryJurisdictionPredicateValidator.inJurisdictionOrOwned()),
-						cb.or(
-							cb.isNull(userRoot.get(User.LIMITED_DISEASES)),
-							travelEntryRoot.get(TravelEntry.DISEASE).in(userRoot.get(User.LIMITED_DISEASES)))));
-			return travelEntrySubquery;
-		});
-	}
-
-	@Override
-	@PermitAll
-	public List<UserReferenceDto> getUsersHavingEnvironmentInJurisdiction(EnvironmentReferenceDto environmentReferenceDto) {
-
-		return getUsersHavingEntityInJurisdiction((cb, cq, userRoot) -> {
-
-			final Subquery<Environment> environmentSubquery = cq.subquery(Environment.class);
-			final Root<Environment> environmentRoot = environmentSubquery.from(Environment.class);
-			final EnvironmentJurisdictionPredicateValidator environmentJurisdictionPredicateValidator =
-				EnvironmentJurisdictionPredicateValidator.of(new EnvironmentQueryContext(cb, cq, new EnvironmentJoins(environmentRoot)), userRoot);
-
-			environmentSubquery.select(environmentRoot)
-				.where(
-					cb.and(
-						cb.equal(environmentRoot.get(AbstractDomainObject.UUID), environmentReferenceDto.getUuid()),
-						cb.isTrue(environmentJurisdictionPredicateValidator.inJurisdictionOrOwned())));
-			return environmentSubquery;
-		});
-	}
-
-	protected <ADO extends AbstractDomainObject> List<UserReferenceDto> getUsersHavingEntityInJurisdiction(
-			JurisdictionOverEntitySubqueryBuilder<ADO> subqueryBuilder) {
-
-		final CriteriaBuilder cb = em.getCriteriaBuilder();
-		final CriteriaQuery<User> cq = cb.createQuery(User.class);
-		final Root<User> root = cq.from(User.class);
-		cq.select(root);
-
-		cq.where(CriteriaBuilderHelper.and(cb, cb.isTrue(root.get(User.ACTIVE)), cb.exists(subqueryBuilder.buildSubquery(cb, cq, root))));
-
-		cq.distinct(true);
-		cq.orderBy(cb.asc(root.get(AbstractDomainObject.ID)));
-		List<User> resultList = em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
-		return resultList.stream().map(UserFacadeEjb::toReferenceDto).collect(Collectors.toList());
-	}
-
-	@Override
-	@RightsAllowed(UserRight._USER_VIEW)
-	public Page<UserDto> getIndexPage(UserCriteria userCriteria, int offset, int size, List<SortProperty> sortProperties) {
-		List<UserDto> userIndexList = getIndexList(userCriteria, offset, size, sortProperties);
-		long totalElementCount = count(userCriteria);
-		return new Page<>(userIndexList, offset, size, totalElementCount);
-	}
-
-	@Override
-	@PermitAll
-	public List<UserDto> getAllAfter(Date date) {
-		return userService.getAllAfter(date).stream().map(UserFacadeEjb::toDto).collect(Collectors.toList());
-	}
-
-	@Override
-	@PermitAll
-	public List<UserDto> getByUuids(List<String> uuids) {
-		return userService.getByUuids(uuids).stream().map(UserFacadeEjb::toDto).collect(Collectors.toList());
-	}
-
-	@Override
-	@PermitAll
-	public List<String> getAllUuids() {
-
-		if (userService.getCurrentUser() == null) {
-			return Collections.emptyList();
-		}
-
-		return userService.getAllUuids();
-	}
-
-	@Override
-	@PermitAll
-	public UserDto getByUuid(String uuid) {
-		return toDto(userService.getByUuid(uuid));
-	}
-
-	@Override
-	@PermitAll
-	public UserDto getByUserName(String userName) {
-		return toDto(userService.getByUserName(userName));
-	}
-
-	@Override
-	@PermitAll
-	public UserDto saveUser(@Valid UserDto dto, boolean isUserSettingsUpdate) {
-		if ((!userService.hasRight(UserRight.USER_CREATE) && !userService.hasRight(UserRight.USER_EDIT) && !DataHelper.isSame(getCurrentUser(), dto))
-			|| (featureConfigurationFacade.isFeatureEnabled(FeatureType.AUTH_PROVIDER_TO_SORMAS_USER_SYNC)
-				&& !DataHelper.isSame(getCurrentUser(), dto))) {
-			throw new AccessDeniedException(I18nProperties.getString(Strings.errorForbidden));
-		}
-
-		User existingUser = userService.getByUuid(dto.getUuid());
-		// current user should be able to edit itself
-		if (!DataHelper.isSame(userService.getCurrentUser(), dto)) {
-			FacadeHelper.checkCreateAndEditRights(existingUser, userService, UserRight.USER_CREATE, UserRight.USER_EDIT);
-		}
-
-		if (!isLoginUnique(existingUser == null ? null : existingUser.getUuid(), dto.getUserName())) {
-			throw new ValidationException(I18nProperties.getValidationError(Validations.userNameNotUnique));
-		}
-
-		validateUserRoles(dto.getUserRoles(), isUserSettingsUpdate, existingUser, dto.getCreationDate() != null);
-
-		User user = fillOrBuildEntity(dto, existingUser, true);
-		userService.ensurePersisted(user);
-
-		if (existingUser == null) {
-			userCreateEvent.fire(new UserCreateEvent(user));
-		} else {
-			userUpdateEvent.fire(new UserUpdateEvent(existingUser, user));
-		}
-
-		return toDto(user);
-	}
-
-	protected void validateUserRoles(Set<UserRoleReferenceDto> roles, boolean isUserSettingsUpdate, User user, boolean isUserUpdate) {
-		Collection<UserRoleDto> newRoles = userRoleFacade.getByReferences(roles);
-
-		try {
-			userRoleFacade.validateUserRoleCombination(newRoles);
-		} catch (UserRoleDto.UserRoleValidationException e) {
-			throw new ValidationException(e);
-		}
-
-		User oldUser = null;
-		Set<UserRight> oldUserRights = Collections.emptySet();
-		if (isUserUpdate) {
-			try {
-				oldUser = (User) BeanUtils.cloneBean(user);
-				oldUserRights = UserRole.getUserRights(oldUser.getUserRoles());
-			} catch (Exception e) {
-				throw new IllegalArgumentException("Invalid bean access", e);
-			}
-		}
-
-		if (DataHelper.isSame(user, userService.getCurrentUser()) && !isUserSettingsUpdate) {
-			Set<UserRight> newUserRights = UserRoleDto.getUserRights(newRoles);
-
-			if (oldUserRights.contains(UserRight.USER_ROLE_EDIT) && !newUserRights.contains(UserRight.USER_ROLE_EDIT)) {
-				throw new ValidationException(I18nProperties.getValidationError(Validations.removeUserRightEditRightFromOwnUser));
-			} else if (!newUserRights.contains(UserRight.USER_EDIT)) {
-				throw new ValidationException(I18nProperties.getValidationError(Validations.removeUserEditRightFromOwnUser));
-			}
-		}
-	}
-
-	@Override
-	@RightsAllowed(UserRight._USER_EDIT)
-	public UserDto saveUserRolesAndRestrictions(UserDto userDto, Set<UserRoleReferenceDto> userRoles) {
-		User user = userService.getByReferenceDto(userDto.toReference());
-
-		User oldUser;
-		try {
-			oldUser = (User) BeanUtils.cloneBean(user);
-		} catch (IllegalAccessException | InstantiationException | InvocationTargetException | NoSuchMethodException e) {
-			throw new RuntimeException(e);
-		}
-
-		validateUserRoles(userDto.getUserRoles(), false, user, true);
-
-		fillEntityUserRoles(user, userDto);
-
-		user.setRegion(regionService.getByReferenceDto(userDto.getRegion()));
-		user.setDistrict(districtService.getByReferenceDto(userDto.getDistrict()));
-		user.setCommunity(communityService.getByReferenceDto(userDto.getCommunity()));
-		user.setHealthFacility(facilityService.getByReferenceDto(userDto.getHealthFacility()));
-		user.setAssociatedOfficer(userService.getByReferenceDto(userDto.getAssociatedOfficer()));
-		user.setLaboratory(facilityService.getByReferenceDto(userDto.getLaboratory()));
-		user.setPointOfEntry(pointOfEntryService.getByReferenceDto(userDto.getPointOfEntry()));
-		user.setLimitedDiseases(userDto.getLimitedDiseases());
-
-		userService.ensurePersisted(user);
-
-		userUpdateEvent.fire(new UserUpdateEvent(oldUser, user));
-
-		return toDto(user);
-	}
-
-	@Override
-	@RightsAllowed(UserRight._USER_VIEW)
-	public List<UserDto> getIndexList(UserCriteria userCriteria, Integer first, Integer max, List<SortProperty> sortProperties) {
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<User> cq = cb.createQuery(User.class);
-		Root<User> user = cq.from(User.class);
-		Join<User, District> district = user.join(User.DISTRICT, JoinType.LEFT);
-		Join<User, Location> address = user.join(User.ADDRESS, JoinType.LEFT);
-		Join<Location, Region> region = address.join(Location.REGION, JoinType.LEFT);
-		Join<User, Facility> facility = user.join(User.HEALTH_FACILITY, JoinType.LEFT);
-
-		// TODO: We'll need a user filter for users at some point, to make sure that users can edit their own details,
-		// but not those of others
-
-		Predicate filter = null;
-
-		if (userCriteria != null) {
-			filter = userService.buildCriteriaFilter(userCriteria, cb, user);
-		}
-
-		if (userCriteria != null && Boolean.TRUE.equals(userCriteria.getShowOnlyRestrictedAccessToAssignedEntities())) {
-			Join<Object, Object> rolesJoin = user.join(User.USER_ROLES, JoinType.LEFT);
-			filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(rolesJoin.get(UserRole.RESTRICT_ACCESS_TO_ASSIGNED_ENTITIES), true));
-		}
-
-		if (filter != null) {
-			/*
-			 * No preemptive distinct because this does collide with
-			 * ORDER BY User.location.address (which is not part of the SELECT clause).
-			 */
-			cq.where(filter);
-		}
-
-		if (sortProperties != null && !sortProperties.isEmpty()) {
-			List<Order> orderList = new ArrayList<>();
-			for (SortProperty sortProperty : sortProperties) {
-				CriteriaBuilderHelper.OrderBuilder orderBuilder = CriteriaBuilderHelper.createOrderBuilder(cb, sortProperty.ascending);
-				final List<Order> order;
-				switch (sortProperty.propertyName) {
-				case EntityDto.UUID:
-				case UserDto.ACTIVE:
-					order = orderBuilder.build(user.get(sortProperty.propertyName));
-					break;
-				case UserDto.USER_NAME:
-				case UserDto.USER_EMAIL:
-					order = orderBuilder.build(cb.lower(user.get(sortProperty.propertyName)));
-					break;
-				case UserDto.NAME:
-					order = orderBuilder.build(cb.lower(user.get(User.FIRST_NAME)), cb.lower(user.get(User.LAST_NAME)));
-					break;
-				case UserDto.DISTRICT:
-					order = orderBuilder.build(cb.lower(district.get(District.NAME)));
-					break;
-				case UserDto.ADDRESS:
-					order = orderBuilder.build(cb.lower(region.get(Region.NAME)));
-					break;
-				case UserDto.HEALTH_FACILITY:
-					order = orderBuilder.build(cb.lower(facility.get(Facility.NAME)));
-					break;
-				default:
-					throw new IllegalArgumentException(sortProperty.propertyName);
-				}
-				orderList.addAll(order);
-			}
-			cq.orderBy(orderList);
-		} else {
-			cq.orderBy(cb.desc(user.get(AbstractDomainObject.CHANGE_DATE)));
-		}
-
-		cq.select(user);
-
-		final List<UserDto> resultList = QueryHelper.getResultList(em, cq, first, max, UserFacadeEjb::toDto);
-		// because the selection is based on User entity and we need userRole join (we cannot avoid it) which pulls duplicate rows,
-		// and distinct on the query does not work because of sorting (e.g. Address)
-		// we need to deduplicate the list using java code
-		return resultList.stream().distinct().collect(Collectors.toList());
-	}
-
-	@Override
-	@RightsAllowed(UserRight._USER_VIEW)
-	public long count(UserCriteria userCriteria) {
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<Long> cq = cb.createQuery(Long.class);
-		Root<User> root = cq.from(User.class);
-
-		Predicate filter = null;
-
-		if (userCriteria != null) {
-			filter = userService.buildCriteriaFilter(userCriteria, cb, root);
-		}
-
-		if (userCriteria != null && Boolean.TRUE.equals(userCriteria.getShowOnlyRestrictedAccessToAssignedEntities())) {
-			Join<Object, Object> rolesJoin = root.join(User.USER_ROLES, JoinType.LEFT);
-			filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(rolesJoin.get(UserRole.RESTRICT_ACCESS_TO_ASSIGNED_ENTITIES), true));
-		}
-
-		if (filter != null) {
-			cq.where(filter);
-		}
-
-		cq.select(cb.countDistinct(root));
-		return em.createQuery(cq).getSingleResult();
-	}
-
-	protected User fillOrBuildEntity(UserDto source, User target, boolean checkChangeDate) {
-		boolean targetWasNull = isNull(target);
-
-		target = DtoHelper.fillOrBuildEntity(source, target, userService::createUser, checkChangeDate);
-
-		if (targetWasNull) {
-			FacadeHelper.setUuidIfDtoExists(target.getAddress(), source.getAddress());
-		}
-
-		target.setActive(source.isActive());
-		target.setFirstName(source.getFirstName());
-		target.setLastName(source.getLastName());
-		target.setPhone(source.getPhone());
-		target.setAddress(locationFacade.fillOrBuildEntity(source.getAddress(), target.getAddress(), checkChangeDate));
-
-		target.setUserName(source.getUserName());
-		target.setUserEmail(source.getUserEmail());
-
-		target.setRegion(regionService.getByReferenceDto(source.getRegion()));
-		target.setDistrict(districtService.getByReferenceDto(source.getDistrict()));
-		target.setCommunity(communityService.getByReferenceDto(source.getCommunity()));
-		target.setHealthFacility(facilityService.getByReferenceDto(source.getHealthFacility()));
-		target.setAssociatedOfficer(userService.getByReferenceDto(source.getAssociatedOfficer()));
-		target.setLaboratory(facilityService.getByReferenceDto(source.getLaboratory()));
-		target.setPointOfEntry(pointOfEntryService.getByReferenceDto(source.getPointOfEntry()));
-		target.setLimitedDiseases(source.getLimitedDiseases());
-		target.setLanguage(source.getLanguage());
-		target.setHasConsentedToGdpr(source.isHasConsentedToGdpr());
-
-		fillEntityUserRoles(target, source);
-
-		target.updateJurisdictionLevel();
-
-		return target;
-	}
-
-	protected void fillEntityUserRoles(User target, UserDto source) {
-		//Make sure userroles of target are attached
-		Set<UserRole> userRoles = Optional.of(target).map(User::getUserRoles).orElseGet(HashSet::new);
-		target.setUserRoles(userRoles);
-		//Preparation
-		Set<String> targetUserRoleUuids = target.getUserRoles().stream().map(UserRole::getUuid).collect(Collectors.toSet());
-		Set<String> sourceUserRoleUuids = source.getUserRoles().stream().map(UserRoleReferenceDto::getUuid).collect(Collectors.toSet());
-		List<UserRole> newUserRoles = source.getUserRoles()
-			.stream()
-			.filter(userRoleReferenceDto -> !targetUserRoleUuids.contains(userRoleReferenceDto.getUuid()))
-			.map(userRoleReferenceDto -> userRoleService.getByReferenceDto(userRoleReferenceDto))
-			.collect(Collectors.toList());
-		//Add new userroles
-		target.getUserRoles().addAll(newUserRoles);
-		//Remove userroles that were removed
-		target.getUserRoles().removeIf(userRole -> !sourceUserRoleUuids.contains(userRole.getUuid()));
-	}
-
-	@Override
-	@RightsAllowed({
-		UserRight._USER_CREATE,
-		UserRight._USER_EDIT })
-	public boolean isLoginUnique(String uuid, String userName) {
-		return userService.isLoginUnique(uuid, userName);
-	}
-
-	@Override
-	@RightsAllowed({
-		UserRight._USER_CREATE,
-		UserRight._USER_EDIT })
-	public String resetPassword(String uuid) {
-		String resetPassword = userService.resetPassword(uuid);
-		passwordResetEvent.fire(new PasswordResetEvent(userService.getByUuid(uuid)));
-		return resetPassword;
-	}
-
-	@Override
-	@PermitAll
-	@AuditIgnore
-	public UserDto getCurrentUser() {
-		return toDto(userService.getCurrentUser());
-	}
-
-	@PermitAll
-	@AuditIgnore
-	public String updatePassword(String uuid, String password) {
-		String updatePassword = userService.updatePassword(uuid, password);
-		passwordResetEvent.fire(new PasswordResetEvent(userService.getByUuid(uuid)));
-
-		return updatePassword;
-	}
-
-	@PermitAll
-	@Override
-	public String updateUserPassword(String uuid, String password, String currentPassword) {
-		String updatePassword = updatePassword(uuid, password);
-		passwordResetEvent.fire(new PasswordResetEvent(userService.getByUuid(uuid)));
-
-		return updatePassword;
-
-	}
-
-	@PermitAll
-	@Override
-	public String generatePassword() {
-		return userService.generatePassword();
-
-	}
-	
-	@Override
-	@PermitAll
-	public UserReferenceDto getCurrentUserAsReference() {
-		return new UserReferenceDto(userService.getCurrentUser().getUuid());
-	}
-
-	@Override
-	@PermitAll
-	@AuditIgnore
-	public Set<UserRight> getValidLoginRights(String userName, String password) {
-		User user = userService.getByUserName(userName);
-		if (user != null && user.isActive() && DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()))) {
-			return new HashSet<>(UserRole.getUserRights(user.getUserRoles()));
-		}
-		return null;
-	}
-
-	@PermitAll
-	@Override
-	public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
-		User user = userService.getByUserName(userName);
-
-		if (user != null && user.isActive()
-			&& (DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed())))) {
-			return getUserRoles(toDto(user));
-		}
-
-		return Collections.emptySet();
-	}
-	
-	@Override
-	@PermitAll
-	public boolean validatePassword(String uuid, String password) {
-		User user = userService.getCurrentUser();
-
-		if (user != null) {
-			return DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()));
-		}
-
-		return false;
-	}
-
-	public String checkPasswordStrength(String password) {
-		return PasswordValidator.checkPasswordStrength(password);
-	}
-	
-	@Override
-	public boolean isPasswordStrong(String password){
-		return PasswordValidator.isStrongPassword(password);
-	}
-
-	@PermitAll
-	@Override
-	public void removeUserAsSurveillanceAndContactOfficer(String userUuid) {
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<Case> caseQuery = cb.createQuery(Case.class);
-		Root<Case> caseRoot = caseQuery.from(Case.class);
-		Join<Case, User> surveillanceOfficerJoin = caseRoot.join(Case.SURVEILLANCE_OFFICER, JoinType.LEFT);
-
-		caseQuery.where(cb.equal(surveillanceOfficerJoin.get(AbstractDomainObject.UUID), userUuid));
-		List<Case> cases = em.createQuery(caseQuery).getResultList();
-
-		List<User> possibleUsersBasedOnCasesResponsibleDistrict = getPossibleUsersBasedOnCasesResponsibleDistrict(cases);
-		List<User> possibleUsersBasedOnCasesDistrict = getPossibleUsersBasedOnCasesDistrict(cases);
-		Set<User> possibleUsersBasedOnCasesFacility = getPossibleUsersBasedOnCasesFacility(cases);
-
-		cases.forEach(c -> {
-			c.setSurveillanceOfficer(null);
-			caseFacade.setCaseResponsible(
-				c,
-				true,
-				possibleUsersBasedOnCasesResponsibleDistrict,
-				possibleUsersBasedOnCasesDistrict,
-				possibleUsersBasedOnCasesFacility);
-			caseFacade.reassignTasksOfCase(c, true);
-		});
-
-		CriteriaQuery<Contact> contactQuery = cb.createQuery(Contact.class);
-		Root<Contact> contactRoot = contactQuery.from(Contact.class);
-		Join<Contact, User> contactOfficerJoin = contactRoot.join(Contact.CONTACT_OFFICER, JoinType.LEFT);
-
-		contactQuery.where(cb.equal(contactOfficerJoin.get(AbstractDomainObject.UUID), userUuid));
-		List<Contact> contacts = em.createQuery(contactQuery).getResultList();
-		contacts.forEach(c -> {
-			c.setContactOfficer(null);
-			contactService.ensurePersisted(c);
-		});
-	}
-
-	protected List<User> getPossibleUsersBasedOnCasesResponsibleDistrict(List<Case> cases) {
-		List<String> responsibleDistrictsUuidsAmongCases = cases.stream()
-			.map(Case::getResponsibleDistrict)
-			.collect(Collectors.toSet())
-			.stream()
-			.filter(Objects::nonNull)
-			.collect(Collectors.toSet())
-			.stream()
-			.map(District::getUuid)
-			.collect(Collectors.toList());
-
-		List<User> possibleUserForReplacement = getUsersFromCasesByDistricts(responsibleDistrictsUuidsAmongCases);
-
-		return possibleUserForReplacement;
-	}
-
-	protected List<User> getPossibleUsersBasedOnCasesDistrict(List<Case> cases) {
-		List<String> districtsUuidsAmongCases = cases.stream()
-			.map(Case::getDistrict)
-			.collect(Collectors.toSet())
-			.stream()
-			.filter(Objects::nonNull)
-			.collect(Collectors.toSet())
-			.stream()
-			.map(District::getUuid)
-			.collect(Collectors.toList());
-
-		List<User> possibleUserForReplacement = getUsersFromCasesByDistricts(districtsUuidsAmongCases);
-
-		return possibleUserForReplacement;
-	}
-
-	@NotNull
-	private List<User> getUsersFromCasesByDistricts(List<String> districtsUuidsAmongCases) {
-		List<User> possibleUserForReplacement = userService
-			.getUserReferencesByJurisdictions(
-				null,
-				districtsUuidsAmongCases,
-				null,
-				Collections.singletonList(JurisdictionLevel.DISTRICT),
-				Arrays.asList(UserRight.CASE_RESPONSIBLE))
-			.stream()
-			.map(userReference -> userService.getByUuid(userReference.getUuid()))
-			.filter(user -> !UserHelper.isRestrictedToAssignEntities(user))
-			.collect(Collectors.toList());
-		return possibleUserForReplacement;
-	}
-
-	protected Set<User> getPossibleUsersBasedOnCasesFacility(List<Case> cases) {
-		return cases.stream()
-			.map(Case::getHealthFacility)
-			.filter(Objects::nonNull)
-			.filter(f -> f.getType() == FacilityType.HOSPITAL)
-			.distinct()
-			.map(userService::getFacilityUsersOfHospital)
-			.flatMap(Collection::stream)
-			.collect(Collectors.toSet());
-	}
-
-	@Override
-	@RightsAllowed({
-		UserRight._USER_CREATE,
-		UserRight._USER_EDIT })
-	public UserSyncResult syncUser(String uuid) {
-		User user = userService.getByUuid(uuid);
-
-		UserSyncResult userSyncResult = new UserSyncResult();
-		userSyncResult.setSuccess(true);
-
-		UserUpdateEvent event = new UserUpdateEvent(user);
-		event.setExceptionCallback(exceptionMessage -> {
-			userSyncResult.setSuccess(false);
-			userSyncResult.setErrorMessage(exceptionMessage);
-		});
-
-		this.userUpdateEvent.fire(event);
-
-		return userSyncResult;
-	}
-
-	@Override
-	@RightsAllowed({
-		UserRight._USER_CREATE,
-		UserRight._USER_EDIT,
-		UserRight._SYSTEM })
-	public void syncUsersFromAuthenticationProvider() {
-
-		if (!isSyncEnabled()) {
-			throw new ForbiddenException("No default role for new users from authentication provider is configured");
-		}
-
-		String defaultRoleName = configFacade.getAuthenticationProviderSyncedNewUserRole();
-		UserRole defaultRole = userRoleService.getByCaption(defaultRoleName);
-
-		if (defaultRole == null) {
-			throw new ForbiddenException("No default role for new users from authentication provider is configured");
-		}
-
-		List<User> existingUsers = userService.getAll();
-
-		syncUsersFromProviderEventEvent.fire(new SyncUsersFromProviderEvent(existingUsers, (syncedUsers, deletedUsers) -> {
-			syncedUsers.forEach(user -> {
-				if (user.getId() == null) {
-					user.setUuid(DataHelper.createUuid());
-					user.setUserRoles(Collections.singleton(defaultRole));
-					UserService.setNewPassword(user);
-				}
-				userService.ensurePersisted(user);
-			});
-
-			deletedUsers.forEach(user -> {
-				user.setActive(false);
-				userService.ensurePersisted(user);
-			});
-		}));
-	}
-
-	@Override
-	@RightsAllowed({
-		UserRight._USER_CREATE,
-		UserRight._USER_EDIT,
-		UserRight._SYSTEM })
-	public boolean isSyncEnabled() {
-		AuthProvider authProvider = AuthProvider.getProvider(configFacade);
-		return KEYCLOAK.equalsIgnoreCase(authProvider.getName())
-			&& (featureConfigurationFacade.isFeatureDisabled(FeatureType.AUTH_PROVIDER_TO_SORMAS_USER_SYNC)
-				|| StringUtils.isNotBlank(configFacade.getAuthenticationProviderSyncedNewUserRole()));
-
-	}
-
-	@Override
-	// TODO - default password change only for ADMIN??
-	@PermitAll
-	public List<UserDto> getUsersWithDefaultPassword() {
-		if (userService.hasRight(UserRight.USER_EDIT)) {
-			// user is allowed to change all passwords
-			// a list of all users with a default password is returned
-			return userService.getAllDefaultUsers()
-				.stream()
-				.filter(user -> DefaultEntityHelper.usesDefaultPassword(user.getUserName(), user.getPassword(), user.getSeed()))
-				.map(UserFacadeEjb::toDto)
-				.collect(Collectors.toList());
-
-		} else {
-			// user has only access to himself
-			// the list will include him/her or will be empty
-			User currentUser = userService.getCurrentUser();
-			if (DefaultEntityHelper.isDefaultUser(currentUser.getUserName())
-				&& DefaultEntityHelper.usesDefaultPassword(currentUser.getUserName(), currentUser.getPassword(), currentUser.getSeed())) {
-				return Collections.singletonList(UserFacadeEjb.toDto(currentUser));
-			} else {
-				return Collections.emptyList();
-			}
-		}
-	}
-
-	@Override
-	@RightsAllowed(UserRight._USER_EDIT)
-	public List<ProcessedEntity> enableUsers(List<String> userUuids) {
-		return updateActiveState(userUuids, true);
-	}
-
-	@Override
-	@RightsAllowed(UserRight._USER_EDIT)
-	public List<ProcessedEntity> disableUsers(List<String> userUuids) {
-		return updateActiveState(userUuids, false);
-	}
-
-	private List<ProcessedEntity> updateActiveState(List<String> userUuids, boolean active) {
-		List<ProcessedEntity> processedEntities = new ArrayList<>();
-
-		List<User> users = userService.getByUuids(userUuids);
-		for (User user : users) {
-			try {
-				User oldUser = (User) BeanUtils.cloneBean(user);
-				user.setActive(active);
-				userService.ensurePersisted(user);
-
-				userUpdateEvent.fire(new UserUpdateEvent(oldUser, user));
-				processedEntities.add(new ProcessedEntity(user.getUuid(), ProcessedEntityStatus.SUCCESS));
-			} catch (Exception e) {
-				processedEntities.add(new ProcessedEntity(user.getUuid(), ProcessedEntityStatus.INTERNAL_FAILURE));
-				logger.error("The event with uuid {} could not be restored due to an Exception", user.getUuid(), e);
-			}
-		}
-
-		return processedEntities;
-	}
-
-	@Override
-	@RightsAllowed(UserRight._USER_ROLE_VIEW)
-	public long getUserCountHavingRole(UserRoleReferenceDto userRoleRef) {
-		return userService.countWithRole(userRoleRef);
-	}
-
-	@Override
-	@RightsAllowed(UserRight._USER_ROLE_VIEW)
-	public List<UserReferenceDto> getUsersHavingOnlyRole(UserRoleReferenceDto userRoleRef) {
-		return userService.getAllWithOnlyRole(userRoleRef).stream().map(UserFacadeEjb::toReferenceDto).collect(Collectors.toList());
-	}
-
-	@Override
-	@PermitAll
-	public List<UserRight> getUserRights(String userUuid) {
-
-		User user = StringUtils.isBlank(userUuid) ? currentUserService.getCurrentUser() : userService.getByUuid(userUuid);
-
-		if (user != null) {
-			if (getCurrentUser().getUuid().equals(user.getUuid())
-				|| (currentUserService.hasUserRight(UserRight.USER_ROLE_VIEW) && currentUserService.hasUserRight(UserRight.USER_VIEW))) {
-				return UserRole.getUserRights(user.getUserRoles()).stream().sorted(Comparator.comparing(Enum::name)).collect(Collectors.toList());
-			} else {
-				throw new AccessDeniedException(I18nProperties.getString(Strings.errorForbidden));
-			}
-		} else {
-			throw new EntityNotFoundException(I18nProperties.getString(Strings.errorNotFound));
-		}
-	}
-
-
-	public interface JurisdictionOverEntitySubqueryBuilder<ADO extends AbstractDomainObject> {
-
-		Subquery<ADO> buildSubquery(CriteriaBuilder cb, CriteriaQuery<?> cq, Root<User> userRoot);
-	}
-
-	@LocalBean
-	@Stateless
-	public static class UserFacadeEjbLocal extends UserFacadeEjb {
-
-	}
+    @PersistenceContext(unitName = ModelConstants.PERSISTENCE_UNIT_NAME)
+    private EntityManager em;
+
+    private final Logger logger = LoggerFactory.getLogger(getClass());
+
+    @EJB
+    private CurrentUserService currentUserService;
+    @EJB
+    private UserService userService;
+    @EJB
+    private LocationFacadeEjbLocal locationFacade;
+    @EJB
+    private RegionService regionService;
+    @EJB
+    private DistrictService districtService;
+    @EJB
+    private CommunityService communityService;
+    @EJB
+    private FacilityService facilityService;
+    @EJB
+    private CaseFacadeEjbLocal caseFacade;
+    @EJB
+    private TaskFacadeEjb.TaskFacadeEjbLocal taskFacade;
+    @EJB
+    private CaseService caseService;
+    @EJB
+    private ContactService contactService;
+    @EJB
+    private PointOfEntryService pointOfEntryService;
+    @EJB
+    private UserRoleFacadeEjbLocal userRoleFacade;
+    @EJB
+    private FeatureConfigurationFacadeEjbLocal featureConfigurationFacade;
+    @EJB
+    private UserRoleService userRoleService;
+    @EJB
+    private PersonService personService;
+    @EJB
+    private ConfigFacadeEjbLocal configFacade;
+    @Inject
+    private Event<UserCreateEvent> userCreateEvent;
+    @Inject
+    private Event<UserUpdateEvent> userUpdateEvent;
+    @Inject
+    private Event<PasswordResetEvent> passwordResetEvent;
+    @Inject
+    private Event<SyncUsersFromProviderEvent> syncUsersFromProviderEventEvent;
+
+    public static UserDto toDto(User source) {
+
+        if (source == null) {
+            return null;
+        }
+
+        UserDto target = new UserDto();
+        DtoHelper.fillDto(target, source);
+
+        target.setActive(source.isActive());
+        target.setUserName(source.getUserName());
+        target.setFirstName(source.getFirstName());
+        target.setLastName(source.getLastName());
+        target.setUserEmail(source.getUserEmail());
+        target.setPhone(source.getPhone());
+        target.setAddress(LocationFacadeEjb.toDto(source.getAddress()));
+
+        target.setRegion(RegionFacadeEjb.toReferenceDto(source.getRegion()));
+        target.setDistrict(DistrictFacadeEjb.toReferenceDto(source.getDistrict()));
+        target.setCommunity(CommunityFacadeEjb.toReferenceDto(source.getCommunity()));
+        target.setHealthFacility(FacilityFacadeEjb.toReferenceDto(source.getHealthFacility()));
+        target.setAssociatedOfficer(toReferenceDto(source.getAssociatedOfficer()));
+        target.setLaboratory(FacilityFacadeEjb.toReferenceDto(source.getLaboratory()));
+        target.setPointOfEntry(PointOfEntryFacadeEjb.toReferenceDto(source.getPointOfEntry()));
+        target.setLimitedDiseases(source.getLimitedDiseases());
+        target.setLanguage(source.getLanguage());
+        target.setHasConsentedToGdpr(source.isHasConsentedToGdpr());
+
+        target.setUserRoles(source.getUserRoles().stream().map(UserRoleFacadeEjb::toReferenceDto).collect(Collectors.toSet()));
+        target.setJurisdictionLevel(source.getJurisdictionLevel());
+        return target;
+    }
+
+    public static UserReferenceDto toReferenceDto(User entity) {
+        if (entity == null) {
+            return null;
+        }
+        return new UserReferenceDto(entity.getUuid(), entity.getFirstName(), entity.getLastName());
+    }
+
+    public static UserReferenceDto toReferenceDto(UserReference entity) {
+        if (entity == null) {
+            return null;
+        }
+        return new UserReferenceDto(entity.getUuid(), entity.getFirstName(), entity.getLastName());
+    }
+
+    @Override
+    @PermitAll
+    public List<UserReferenceDto> getUsersByRegionAndRights(RegionReferenceDto regionRef, Disease limitedDisease, UserRight... userRights) {
+        return userService
+                .getUserReferences(
+                        regionRef != null ? Collections.singletonList(regionRef.getUuid()) : null,
+                        null,
+                        null,
+                        true,
+                        limitedDisease,
+                        userRights)
+                .stream()
+                .map(UserFacadeEjb::toReferenceDto)
+                .collect(Collectors.toList());
+    }
+
+    /*
+     * Get all users with the next higher jurisdiction, whose location contains the current users location
+     * For facility users, this includes district and community users, if their district/community is identical with that of the facility
+     */
+    @Override
+    @PermitAll
+    public List<UserReferenceDto> getUsersWithSuperiorJurisdiction(UserDto user) {
+        JurisdictionLevel superordinateJurisdiction = InfrastructureHelper.getSuperordinateJurisdiction(user.getJurisdictionLevel());
+
+        List<UserReference> superiorUsersList = Collections.emptyList();
+        switch (superordinateJurisdiction) {
+            case NATION:
+                superiorUsersList =
+                        userService.getUserReferencesByJurisdictions(null, null, null, Collections.singletonList(superordinateJurisdiction), null);
+                break;
+            case REGION:
+                superiorUsersList = userService.getUserReferencesByJurisdictions(
+                        Collections.singletonList(user.getRegion().getUuid()),
+                        null,
+                        null,
+                        Collections.singletonList(superordinateJurisdiction),
+                        null);
+                break;
+            case DISTRICT:
+                // if user is assigned to a facility, but that facility is not assigned to a district, show no superordinate users. Else, show users of the district (and community) in which the facility is located
+
+                District district = null;
+                Community community = null;
+                Set<JurisdictionLevel> superordinateJurisdictions = new HashSet<>();
+                superordinateJurisdictions.add(superordinateJurisdiction);
+                if (user.getDistrict() != null) {
+                    district = districtService.getByReferenceDto(user.getDistrict());
+                } else if (user.getHealthFacility() != null) {
+                    Facility facility = facilityService.getByReferenceDto(user.getHealthFacility());
+                    district = facility.getDistrict();
+                    community = facility.getCommunity();
+                    superordinateJurisdictions.add(JurisdictionLevel.COMMUNITY);
+                }
+
+                if (community == null) {
+                    superiorUsersList = userService
+                            .getUserReferencesByJurisdictions(null, Collections.singletonList(district.getUuid()), null, superordinateJurisdictions, null);
+                } else if (district != null) {
+                    superiorUsersList = userService.getUserReferencesByJurisdictions(
+                            null,
+                            Collections.singletonList(district.getUuid()),
+                            Collections.singletonList(community.getUuid()),
+                            superordinateJurisdictions,
+                            null);
+                }
+
+                break;
+        }
+
+        return superiorUsersList.stream().map(UserFacadeEjb::toReferenceDto).collect(Collectors.toList());
+    }
+
+    @Override
+    @PermitAll
+    public List<UserReferenceDto> getUserRefsByDistrict(DistrictReferenceDto districtRef, Disease limitedDisease, UserRight... userRights) {
+
+        return userService
+                .getUserReferences(
+                        null,
+                        districtRef != null ? Collections.singletonList(districtRef.getUuid()) : null,
+                        null,
+                        true,
+                        limitedDisease,
+                        userRights)
+                .stream()
+                .map(UserFacadeEjb::toReferenceDto)
+                .collect(Collectors.toList());
+    }
+
+    @Override
+    @PermitAll
+    public List<UserReferenceDto> getUserRefsByDistrict(
+            DistrictReferenceDto districtRef,
+            boolean excludeLimitedDiseaseUsers,
+            UserRight... userRights) {
+        return userService
+                .getUserReferences(
+                        null,
+                        districtRef != null ? Collections.singletonList(districtRef.getUuid()) : null,
+                        null,
+                        true,
+                        null,
+                        excludeLimitedDiseaseUsers,
+                        Arrays.asList(userRights))
+                .stream()
+                .map(UserFacadeEjb::toReferenceDto)
+                .collect(Collectors.toList());
+    }
+
+    @Override
+    @PermitAll
+    public List<UserReferenceDto> getUserRefsByDistricts(List<DistrictReferenceDto> districtRefs, Disease limitedDisease, UserRight... userRights) {
+
+        return userService
+                .getUserReferences(
+                        null,
+                        districtRefs.stream().map(DistrictReferenceDto::getUuid).collect(Collectors.toList()),
+                        null,
+                        true,
+                        limitedDisease,
+                        userRights)
+                .stream()
+                .map(UserFacadeEjb::toReferenceDto)
+                .collect(Collectors.toList());
+    }
+
+    @Override
+    @PermitAll
+    public List<UserReferenceDto> getUserRefsByInfrastructure(
+            InfrastructureDataReferenceDto infrastructure,
+            JurisdictionLevel jurisdictionLevel,
+            JurisdictionLevel allowedJurisdictionLevel,
+            Disease limitedDisease,
+            UserRight... userRights) {
+
+        if (jurisdictionLevel.getOrder() < allowedJurisdictionLevel.getOrder()) {
+            return Collections.emptyList();
+        }
+
+        return userService
+                .getUserRefsByInfrastructure(
+                        infrastructure != null ? infrastructure.getUuid() : null,
+                        jurisdictionLevel,
+                        allowedJurisdictionLevel,
+                        limitedDisease,
+                        userRights)
+                .stream()
+                .map(UserFacadeEjb::toReferenceDto)
+                .collect(Collectors.toList());
+    }
+
+    @Override
+    @PermitAll
+    public List<UserReferenceDto> getAllUserRefs(boolean includeInactive) {
+
+        return userService.getUserReferences(null, null, !includeInactive).stream().map(UserFacadeEjb::toReferenceDto).collect(Collectors.toList());
+    }
+
+    protected List<UserReferenceDto> getAssignableUsersBasedOnContext(TaskContextIndexCriteria taskContextIndexCriteria) {
+        List<UserReferenceDto> availableUsers = new ArrayList<>();
+        if (taskContextIndexCriteria.getUuid() == null) {
+            taskContextIndexCriteria = new TaskContextIndexCriteria(TaskContext.GENERAL);
+        }
+        switch (taskContextIndexCriteria.getTaskContext()) {
+            case CASE:
+                availableUsers.addAll(getUsersHavingCaseInJurisdiction(new CaseReferenceDto(taskContextIndexCriteria.getUuid())));
+                break;
+            case CONTACT:
+                availableUsers.addAll(getUsersHavingContactInJurisdiction(new ContactReferenceDto(taskContextIndexCriteria.getUuid())));
+                break;
+            case EVENT:
+                availableUsers.addAll(getUsersHavingEventInJurisdiction(new EventReferenceDto(taskContextIndexCriteria.getUuid())));
+                break;
+            case TRAVEL_ENTRY:
+                availableUsers.addAll(getUsersHavingTravelEntryInJurisdiction(new TravelEntryReferenceDto(taskContextIndexCriteria.getUuid())));
+                break;
+            default:
+                availableUsers.addAll(getAllUserRefs(false));
+
+        }
+        return availableUsers;
+    }
+
+    @PermitAll
+    public List<UserReferenceWithTaskNumbersDto> getAssignableUsersWithTaskNumbers(TaskContextIndexCriteria taskContextIndexCriteria) {
+
+        List<UserReferenceDto> availableUsers = getAssignableUsersBasedOnContext(taskContextIndexCriteria);
+        Map<String, Long> userTaskCounts =
+                taskFacade.getPendingTaskCountPerUser(availableUsers.stream().map(UserReferenceDto::getUuid).collect(Collectors.toList()));
+
+        return availableUsers.stream()
+                .map(userReference -> new UserReferenceWithTaskNumbersDto(userReference, userTaskCounts.get(userReference.getUuid())))
+                .collect(Collectors.toList());
+
+    }
+
+    @Override
+    @PermitAll
+    public Set<UserRoleDto> getUserRoles(UserDto userDto) {
+        User user = userService.getByUuid(userDto.getUuid());
+        return user != null ? user.getUserRoles().stream().map(UserRoleFacadeEjb::toDto).collect(Collectors.toSet()) : null;
+    }
+
+    @Override
+    @RightsAllowed({
+            UserRight._WEEKLYREPORT_VIEW,
+            UserRight._WEEKLYREPORT_CREATE})
+    public List<UserDto> getUsersByAssociatedOfficer(UserReferenceDto associatedOfficerRef, UserRight... userRights) {
+
+        User associatedOfficer = userService.getByReferenceDto(associatedOfficerRef);
+        return userService.getAllByAssociatedOfficer(associatedOfficer, userRights).stream().map(UserFacadeEjb::toDto).collect(Collectors.toList());
+    }
+
+    @Override
+    @PermitAll
+    public List<UserReferenceDto> getUsersHavingCaseInJurisdiction(CaseReferenceDto caseReferenceDto) {
+
+        return getUsersHavingEntityInJurisdiction((cb, cq, userRoot) -> {
+
+            final Subquery<Case> caseJurisdictionSubquery = cq.subquery(Case.class);
+            final Root<Case> caseRoot = caseJurisdictionSubquery.from(Case.class);
+            final CaseJurisdictionPredicateValidator caseJurisdictionPredicateValidator =
+                    CaseJurisdictionPredicateValidator.of(new CaseQueryContext(cb, cq, caseRoot), userRoot);
+
+            caseJurisdictionSubquery.select(caseRoot)
+                    .where(
+                            cb.and(
+                                    cb.equal(caseRoot.get(Case.UUID), caseReferenceDto.getUuid()),
+                                    cb.isTrue(caseJurisdictionPredicateValidator.inJurisdictionOrOwned()),
+                                    cb.or(cb.isNull(userRoot.get(User.LIMITED_DISEASES)), caseRoot.get(Case.DISEASE).in(userRoot.get(User.LIMITED_DISEASES)))));
+            return caseJurisdictionSubquery;
+        });
+    }
+
+    @Override
+    @PermitAll
+    public List<UserReferenceDto> getUsersHavingContactInJurisdiction(ContactReferenceDto contactReferenceDto) {
+        return getUsersHavingEntityInJurisdiction((cb, cq, userRoot) -> {
+
+            final Subquery<Contact> contactJurisdictionSubquery = cq.subquery(Contact.class);
+            final Root<Contact> contactRoot = contactJurisdictionSubquery.from(Contact.class);
+            final ContactJurisdictionPredicateValidator contactJurisdictionPredicateValidator =
+                    ContactJurisdictionPredicateValidator.of(new ContactQueryContext(cb, cq, new ContactJoins(contactRoot)), userRoot);
+
+            contactJurisdictionSubquery.select(contactRoot)
+                    .where(
+                            cb.and(
+                                    cb.equal(contactRoot.get(AbstractDomainObject.UUID), contactReferenceDto.getUuid()),
+                                    cb.isTrue(contactJurisdictionPredicateValidator.inJurisdictionOrOwned()),
+                                    cb.or(
+                                            cb.isNull(userRoot.get(User.LIMITED_DISEASES)),
+                                            contactRoot.get(Contact.DISEASE).in(userRoot.get(User.LIMITED_DISEASES)))));
+            return contactJurisdictionSubquery;
+        });
+    }
+
+    @Override
+    @PermitAll
+    public List<UserReferenceDto> getUsersHavingEventInJurisdiction(EventReferenceDto eventReferenceDto) {
+
+        return getUsersHavingEntityInJurisdiction((cb, cq, userRoot) -> {
+
+            final Subquery<de.symeda.sormas.backend.event.Event> eventJurisdictionSubquery = cq.subquery(de.symeda.sormas.backend.event.Event.class);
+            final Root<de.symeda.sormas.backend.event.Event> eventRoot = eventJurisdictionSubquery.from(de.symeda.sormas.backend.event.Event.class);
+            final EventJurisdictionPredicateValidator eventJurisdictionPredicateValidator =
+                    EventJurisdictionPredicateValidator.of(new EventQueryContext(cb, cq, eventRoot), userRoot);
+
+            eventJurisdictionSubquery.select(eventRoot)
+                    .where(
+                            cb.and(
+                                    cb.equal(eventRoot.get(AbstractDomainObject.UUID), eventReferenceDto.getUuid()),
+                                    cb.isTrue(eventJurisdictionPredicateValidator.inJurisdictionOrOwned()),
+                                    cb.or(
+                                            cb.isNull(userRoot.get(User.LIMITED_DISEASES)),
+                                            eventRoot.get(de.symeda.sormas.backend.event.Event.DISEASE).in(userRoot.get(User.LIMITED_DISEASES)))));
+            return eventJurisdictionSubquery;
+        });
+    }
+
+    @Override
+    @PermitAll
+    public List<UserReferenceDto> getUsersHavingTravelEntryInJurisdiction(TravelEntryReferenceDto travelEntryReferenceDto) {
+
+        return getUsersHavingEntityInJurisdiction((cb, cq, userRoot) -> {
+
+            final Subquery<TravelEntry> travelEntrySubquery = cq.subquery(TravelEntry.class);
+            final Root<TravelEntry> travelEntryRoot = travelEntrySubquery.from(TravelEntry.class);
+            final TravelEntryJurisdictionPredicateValidator travelEntryJurisdictionPredicateValidator =
+                    TravelEntryJurisdictionPredicateValidator.of(new TravelEntryQueryContext(cb, cq, new TravelEntryJoins(travelEntryRoot)), userRoot);
+
+            travelEntrySubquery.select(travelEntryRoot)
+                    .where(
+                            cb.and(
+                                    cb.equal(travelEntryRoot.get(AbstractDomainObject.UUID), travelEntryReferenceDto.getUuid()),
+                                    cb.isTrue(travelEntryJurisdictionPredicateValidator.inJurisdictionOrOwned()),
+                                    cb.or(
+                                            cb.isNull(userRoot.get(User.LIMITED_DISEASES)),
+                                            travelEntryRoot.get(TravelEntry.DISEASE).in(userRoot.get(User.LIMITED_DISEASES)))));
+            return travelEntrySubquery;
+        });
+    }
+
+    @Override
+    @PermitAll
+    public List<UserReferenceDto> getUsersHavingEnvironmentInJurisdiction(EnvironmentReferenceDto environmentReferenceDto) {
+
+        return getUsersHavingEntityInJurisdiction((cb, cq, userRoot) -> {
+
+            final Subquery<Environment> environmentSubquery = cq.subquery(Environment.class);
+            final Root<Environment> environmentRoot = environmentSubquery.from(Environment.class);
+            final EnvironmentJurisdictionPredicateValidator environmentJurisdictionPredicateValidator =
+                    EnvironmentJurisdictionPredicateValidator.of(new EnvironmentQueryContext(cb, cq, new EnvironmentJoins(environmentRoot)), userRoot);
+
+            environmentSubquery.select(environmentRoot)
+                    .where(
+                            cb.and(
+                                    cb.equal(environmentRoot.get(AbstractDomainObject.UUID), environmentReferenceDto.getUuid()),
+                                    cb.isTrue(environmentJurisdictionPredicateValidator.inJurisdictionOrOwned())));
+            return environmentSubquery;
+        });
+    }
+
+    protected <ADO extends AbstractDomainObject> List<UserReferenceDto> getUsersHavingEntityInJurisdiction(
+            JurisdictionOverEntitySubqueryBuilder<ADO> subqueryBuilder) {
+
+        final CriteriaBuilder cb = em.getCriteriaBuilder();
+        final CriteriaQuery<User> cq = cb.createQuery(User.class);
+        final Root<User> root = cq.from(User.class);
+        cq.select(root);
+
+        cq.where(CriteriaBuilderHelper.and(cb, cb.isTrue(root.get(User.ACTIVE)), cb.exists(subqueryBuilder.buildSubquery(cb, cq, root))));
+
+        cq.distinct(true);
+        cq.orderBy(cb.asc(root.get(AbstractDomainObject.ID)));
+        List<User> resultList = em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
+        return resultList.stream().map(UserFacadeEjb::toReferenceDto).collect(Collectors.toList());
+    }
+
+    @Override
+    @RightsAllowed(UserRight._USER_VIEW)
+    public Page<UserDto> getIndexPage(UserCriteria userCriteria, int offset, int size, List<SortProperty> sortProperties) {
+        List<UserDto> userIndexList = getIndexList(userCriteria, offset, size, sortProperties);
+        long totalElementCount = count(userCriteria);
+        return new Page<>(userIndexList, offset, size, totalElementCount);
+    }
+
+    @Override
+    @PermitAll
+    public List<UserDto> getAllAfter(Date date) {
+        return userService.getAllAfter(date).stream().map(UserFacadeEjb::toDto).collect(Collectors.toList());
+    }
+
+    @Override
+    @PermitAll
+    public List<UserDto> getByUuids(List<String> uuids) {
+        return userService.getByUuids(uuids).stream().map(UserFacadeEjb::toDto).collect(Collectors.toList());
+    }
+
+    @Override
+    @PermitAll
+    public List<String> getAllUuids() {
+
+        if (userService.getCurrentUser() == null) {
+            return Collections.emptyList();
+        }
+
+        return userService.getAllUuids();
+    }
+
+    @Override
+    @PermitAll
+    public UserDto getByUuid(String uuid) {
+        return toDto(userService.getByUuid(uuid));
+    }
+
+    @Override
+    @PermitAll
+    public UserDto getByUserName(String userName) {
+        return toDto(userService.getByUserName(userName));
+    }
+
+    @Override
+    @PermitAll
+    public UserDto saveUser(@Valid UserDto dto, boolean isUserSettingsUpdate) {
+        if ((!userService.hasRight(UserRight.USER_CREATE) && !userService.hasRight(UserRight.USER_EDIT) && !DataHelper.isSame(getCurrentUser(), dto))
+                || (featureConfigurationFacade.isFeatureEnabled(FeatureType.AUTH_PROVIDER_TO_SORMAS_USER_SYNC)
+                && !DataHelper.isSame(getCurrentUser(), dto))) {
+            throw new AccessDeniedException(I18nProperties.getString(Strings.errorForbidden));
+        }
+
+        User existingUser = userService.getByUuid(dto.getUuid());
+        // current user should be able to edit itself
+        if (!DataHelper.isSame(userService.getCurrentUser(), dto)) {
+            FacadeHelper.checkCreateAndEditRights(existingUser, userService, UserRight.USER_CREATE, UserRight.USER_EDIT);
+        }
+
+        if (!isLoginUnique(existingUser == null ? null : existingUser.getUuid(), dto.getUserName())) {
+            throw new ValidationException(I18nProperties.getValidationError(Validations.userNameNotUnique));
+        }
+
+        validateUserRoles(dto.getUserRoles(), isUserSettingsUpdate, existingUser, dto.getCreationDate() != null);
+
+        User user = fillOrBuildEntity(dto, existingUser, true);
+        userService.ensurePersisted(user);
+
+        if (existingUser == null) {
+            userCreateEvent.fire(new UserCreateEvent(user));
+        } else {
+            userUpdateEvent.fire(new UserUpdateEvent(existingUser, user));
+        }
+
+        return toDto(user);
+    }
+
+    protected void validateUserRoles(Set<UserRoleReferenceDto> roles, boolean isUserSettingsUpdate, User user, boolean isUserUpdate) {
+        Collection<UserRoleDto> newRoles = userRoleFacade.getByReferences(roles);
+
+        try {
+            userRoleFacade.validateUserRoleCombination(newRoles);
+        } catch (UserRoleDto.UserRoleValidationException e) {
+            throw new ValidationException(e);
+        }
+
+        User oldUser = null;
+        Set<UserRight> oldUserRights = Collections.emptySet();
+        if (isUserUpdate) {
+            try {
+                oldUser = (User) BeanUtils.cloneBean(user);
+                oldUserRights = UserRole.getUserRights(oldUser.getUserRoles());
+            } catch (Exception e) {
+                throw new IllegalArgumentException("Invalid bean access", e);
+            }
+        }
+
+        if (DataHelper.isSame(user, userService.getCurrentUser()) && !isUserSettingsUpdate) {
+            Set<UserRight> newUserRights = UserRoleDto.getUserRights(newRoles);
+
+            if (oldUserRights.contains(UserRight.USER_ROLE_EDIT) && !newUserRights.contains(UserRight.USER_ROLE_EDIT)) {
+                throw new ValidationException(I18nProperties.getValidationError(Validations.removeUserRightEditRightFromOwnUser));
+            } else if (!newUserRights.contains(UserRight.USER_EDIT)) {
+                throw new ValidationException(I18nProperties.getValidationError(Validations.removeUserEditRightFromOwnUser));
+            }
+        }
+    }
+
+    @Override
+    @RightsAllowed(UserRight._USER_EDIT)
+    public UserDto saveUserRolesAndRestrictions(UserDto userDto, Set<UserRoleReferenceDto> userRoles) {
+        User user = userService.getByReferenceDto(userDto.toReference());
+
+        User oldUser;
+        try {
+            oldUser = (User) BeanUtils.cloneBean(user);
+        } catch (IllegalAccessException | InstantiationException | InvocationTargetException |
+                 NoSuchMethodException e) {
+            throw new RuntimeException(e);
+        }
+
+        validateUserRoles(userDto.getUserRoles(), false, user, true);
+
+        fillEntityUserRoles(user, userDto);
+
+        user.setRegion(regionService.getByReferenceDto(userDto.getRegion()));
+        user.setDistrict(districtService.getByReferenceDto(userDto.getDistrict()));
+        user.setCommunity(communityService.getByReferenceDto(userDto.getCommunity()));
+        user.setHealthFacility(facilityService.getByReferenceDto(userDto.getHealthFacility()));
+        user.setAssociatedOfficer(userService.getByReferenceDto(userDto.getAssociatedOfficer()));
+        user.setLaboratory(facilityService.getByReferenceDto(userDto.getLaboratory()));
+        user.setPointOfEntry(pointOfEntryService.getByReferenceDto(userDto.getPointOfEntry()));
+        user.setLimitedDiseases(userDto.getLimitedDiseases());
+
+        userService.ensurePersisted(user);
+
+        userUpdateEvent.fire(new UserUpdateEvent(oldUser, user));
+
+        return toDto(user);
+    }
+
+    @Override
+    @RightsAllowed(UserRight._USER_VIEW)
+    public List<UserDto> getIndexList(UserCriteria userCriteria, Integer first, Integer max, List<SortProperty> sortProperties) {
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<User> cq = cb.createQuery(User.class);
+        Root<User> user = cq.from(User.class);
+        Join<User, District> district = user.join(User.DISTRICT, JoinType.LEFT);
+        Join<User, Location> address = user.join(User.ADDRESS, JoinType.LEFT);
+        Join<Location, Region> region = address.join(Location.REGION, JoinType.LEFT);
+        Join<User, Facility> facility = user.join(User.HEALTH_FACILITY, JoinType.LEFT);
+
+        // TODO: We'll need a user filter for users at some point, to make sure that users can edit their own details,
+        // but not those of others
+
+        Predicate filter = null;
+
+        if (userCriteria != null) {
+            filter = userService.buildCriteriaFilter(userCriteria, cb, user);
+        }
+
+        if (userCriteria != null && Boolean.TRUE.equals(userCriteria.getShowOnlyRestrictedAccessToAssignedEntities())) {
+            Join<Object, Object> rolesJoin = user.join(User.USER_ROLES, JoinType.LEFT);
+            filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(rolesJoin.get(UserRole.RESTRICT_ACCESS_TO_ASSIGNED_ENTITIES), true));
+        }
+
+        if (filter != null) {
+            /*
+             * No preemptive distinct because this does collide with
+             * ORDER BY User.location.address (which is not part of the SELECT clause).
+             */
+            cq.where(filter);
+        }
+
+        if (sortProperties != null && !sortProperties.isEmpty()) {
+            List<Order> orderList = new ArrayList<>();
+            for (SortProperty sortProperty : sortProperties) {
+                CriteriaBuilderHelper.OrderBuilder orderBuilder = CriteriaBuilderHelper.createOrderBuilder(cb, sortProperty.ascending);
+                final List<Order> order;
+                switch (sortProperty.propertyName) {
+                    case EntityDto.UUID:
+                    case UserDto.ACTIVE:
+                        order = orderBuilder.build(user.get(sortProperty.propertyName));
+                        break;
+                    case UserDto.USER_NAME:
+                    case UserDto.USER_EMAIL:
+                        order = orderBuilder.build(cb.lower(user.get(sortProperty.propertyName)));
+                        break;
+                    case UserDto.NAME:
+                        order = orderBuilder.build(cb.lower(user.get(User.FIRST_NAME)), cb.lower(user.get(User.LAST_NAME)));
+                        break;
+                    case UserDto.DISTRICT:
+                        order = orderBuilder.build(cb.lower(district.get(District.NAME)));
+                        break;
+                    case UserDto.ADDRESS:
+                        order = orderBuilder.build(cb.lower(region.get(Region.NAME)));
+                        break;
+                    case UserDto.HEALTH_FACILITY:
+                        order = orderBuilder.build(cb.lower(facility.get(Facility.NAME)));
+                        break;
+                    default:
+                        throw new IllegalArgumentException(sortProperty.propertyName);
+                }
+                orderList.addAll(order);
+            }
+            cq.orderBy(orderList);
+        } else {
+            cq.orderBy(cb.desc(user.get(AbstractDomainObject.CHANGE_DATE)));
+        }
+
+        cq.select(user);
+
+        final List<UserDto> resultList = QueryHelper.getResultList(em, cq, first, max, UserFacadeEjb::toDto);
+        // because the selection is based on User entity and we need userRole join (we cannot avoid it) which pulls duplicate rows,
+        // and distinct on the query does not work because of sorting (e.g. Address)
+        // we need to deduplicate the list using java code
+        return resultList.stream().distinct().collect(Collectors.toList());
+    }
+
+    @Override
+    @RightsAllowed(UserRight._USER_VIEW)
+    public long count(UserCriteria userCriteria) {
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<Long> cq = cb.createQuery(Long.class);
+        Root<User> root = cq.from(User.class);
+
+        Predicate filter = null;
+
+        if (userCriteria != null) {
+            filter = userService.buildCriteriaFilter(userCriteria, cb, root);
+        }
+
+        if (userCriteria != null && Boolean.TRUE.equals(userCriteria.getShowOnlyRestrictedAccessToAssignedEntities())) {
+            Join<Object, Object> rolesJoin = root.join(User.USER_ROLES, JoinType.LEFT);
+            filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(rolesJoin.get(UserRole.RESTRICT_ACCESS_TO_ASSIGNED_ENTITIES), true));
+        }
+
+        if (filter != null) {
+            cq.where(filter);
+        }
+
+        cq.select(cb.countDistinct(root));
+        return em.createQuery(cq).getSingleResult();
+    }
+
+    protected User fillOrBuildEntity(UserDto source, User target, boolean checkChangeDate) {
+        boolean targetWasNull = isNull(target);
+
+        target = DtoHelper.fillOrBuildEntity(source, target, userService::createUser, checkChangeDate);
+
+        if (targetWasNull) {
+            FacadeHelper.setUuidIfDtoExists(target.getAddress(), source.getAddress());
+        }
+
+        target.setActive(source.isActive());
+        target.setFirstName(source.getFirstName());
+        target.setLastName(source.getLastName());
+        target.setPhone(source.getPhone());
+        target.setAddress(locationFacade.fillOrBuildEntity(source.getAddress(), target.getAddress(), checkChangeDate));
+
+        target.setUserName(source.getUserName());
+        target.setUserEmail(source.getUserEmail());
+
+        target.setRegion(regionService.getByReferenceDto(source.getRegion()));
+        target.setDistrict(districtService.getByReferenceDto(source.getDistrict()));
+        target.setCommunity(communityService.getByReferenceDto(source.getCommunity()));
+        target.setHealthFacility(facilityService.getByReferenceDto(source.getHealthFacility()));
+        target.setAssociatedOfficer(userService.getByReferenceDto(source.getAssociatedOfficer()));
+        target.setLaboratory(facilityService.getByReferenceDto(source.getLaboratory()));
+        target.setPointOfEntry(pointOfEntryService.getByReferenceDto(source.getPointOfEntry()));
+        target.setLimitedDiseases(source.getLimitedDiseases());
+        target.setLanguage(source.getLanguage());
+        target.setHasConsentedToGdpr(source.isHasConsentedToGdpr());
+
+        fillEntityUserRoles(target, source);
+
+        target.updateJurisdictionLevel();
+
+        return target;
+    }
+
+    protected void fillEntityUserRoles(User target, UserDto source) {
+        //Make sure userroles of target are attached
+        Set<UserRole> userRoles = Optional.of(target).map(User::getUserRoles).orElseGet(HashSet::new);
+        target.setUserRoles(userRoles);
+        //Preparation
+        Set<String> targetUserRoleUuids = target.getUserRoles().stream().map(UserRole::getUuid).collect(Collectors.toSet());
+        Set<String> sourceUserRoleUuids = source.getUserRoles().stream().map(UserRoleReferenceDto::getUuid).collect(Collectors.toSet());
+        List<UserRole> newUserRoles = source.getUserRoles()
+                .stream()
+                .filter(userRoleReferenceDto -> !targetUserRoleUuids.contains(userRoleReferenceDto.getUuid()))
+                .map(userRoleReferenceDto -> userRoleService.getByReferenceDto(userRoleReferenceDto))
+                .collect(Collectors.toList());
+        //Add new userroles
+        target.getUserRoles().addAll(newUserRoles);
+        //Remove userroles that were removed
+        target.getUserRoles().removeIf(userRole -> !sourceUserRoleUuids.contains(userRole.getUuid()));
+    }
+
+    @Override
+    @RightsAllowed({
+            UserRight._USER_CREATE,
+            UserRight._USER_EDIT})
+    public boolean isLoginUnique(String uuid, String userName) {
+        return userService.isLoginUnique(uuid, userName);
+    }
+
+    @Override
+    @RightsAllowed({
+            UserRight._USER_CREATE,
+            UserRight._USER_EDIT})
+    public String resetPassword(String uuid) {
+        String resetPassword = userService.resetPassword(uuid);
+        passwordResetEvent.fire(new PasswordResetEvent(userService.getByUuid(uuid)));
+        return resetPassword;
+    }
+
+    @Override
+    @PermitAll
+    @AuditIgnore
+    public UserDto getCurrentUser() {
+        return toDto(userService.getCurrentUser());
+    }
+
+    @PermitAll
+    @AuditIgnore
+    public String updatePassword(String uuid, String password) {
+        String updatePassword = userService.updatePassword(uuid, password);
+        passwordResetEvent.fire(new PasswordResetEvent(userService.getByUuid(uuid)));
+
+        return updatePassword;
+    }
+
+    @PermitAll
+    @Override
+    public String updateUserPassword(String uuid, String password, String currentPassword) {
+        String updatePassword = updatePassword(uuid, password);
+        passwordResetEvent.fire(new PasswordResetEvent(userService.getByUuid(uuid)));
+        return updatePassword;
+    }
+
+    @PermitAll
+    @Override
+    public String generatePassword() {
+        return userService.generatePassword();
+    }
+
+    @Override
+    @PermitAll
+    public UserReferenceDto getCurrentUserAsReference() {
+        return new UserReferenceDto(userService.getCurrentUser().getUuid());
+    }
+
+    @Override
+    @PermitAll
+    @AuditIgnore
+    public Set<UserRight> getValidLoginRights(String userName, String password) {
+        User user = userService.getByUserName(userName);
+        if (user != null && user.isActive() && DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()))) {
+            return new HashSet<>(UserRole.getUserRights(user.getUserRoles()));
+        }
+        return null;
+    }
+
+    @PermitAll
+    @Override
+    public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
+        User user = userService.getByUserName(userName);
+
+        if (user != null && user.isActive()
+                && (DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed())))) {
+            return getUserRoles(toDto(user));
+        }
+
+        return Collections.emptySet();
+    }
+
+    @Override
+    @PermitAll
+    public boolean validatePassword(String uuid, String password) {
+        User user = userService.getCurrentUser();
+
+        if (user != null) {
+            return DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()));
+        }
+
+        return false;
+    }
+
+    public String checkPasswordStrength(String password) {
+        return PasswordValidator.checkPasswordStrength(password);
+    }
+
+    @Override
+    public boolean isPasswordStrong(String password) {
+        return PasswordValidator.isStrongPassword(password);
+    }
+
+    @PermitAll
+    @Override
+    public void removeUserAsSurveillanceAndContactOfficer(String userUuid) {
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<Case> caseQuery = cb.createQuery(Case.class);
+        Root<Case> caseRoot = caseQuery.from(Case.class);
+        Join<Case, User> surveillanceOfficerJoin = caseRoot.join(Case.SURVEILLANCE_OFFICER, JoinType.LEFT);
+
+        caseQuery.where(cb.equal(surveillanceOfficerJoin.get(AbstractDomainObject.UUID), userUuid));
+        List<Case> cases = em.createQuery(caseQuery).getResultList();
+
+        List<User> possibleUsersBasedOnCasesResponsibleDistrict = getPossibleUsersBasedOnCasesResponsibleDistrict(cases);
+        List<User> possibleUsersBasedOnCasesDistrict = getPossibleUsersBasedOnCasesDistrict(cases);
+        Set<User> possibleUsersBasedOnCasesFacility = getPossibleUsersBasedOnCasesFacility(cases);
+
+        cases.forEach(c -> {
+            c.setSurveillanceOfficer(null);
+            caseFacade.setCaseResponsible(
+                    c,
+                    true,
+                    possibleUsersBasedOnCasesResponsibleDistrict,
+                    possibleUsersBasedOnCasesDistrict,
+                    possibleUsersBasedOnCasesFacility);
+            caseFacade.reassignTasksOfCase(c, true);
+        });
+
+        CriteriaQuery<Contact> contactQuery = cb.createQuery(Contact.class);
+        Root<Contact> contactRoot = contactQuery.from(Contact.class);
+        Join<Contact, User> contactOfficerJoin = contactRoot.join(Contact.CONTACT_OFFICER, JoinType.LEFT);
+
+        contactQuery.where(cb.equal(contactOfficerJoin.get(AbstractDomainObject.UUID), userUuid));
+        List<Contact> contacts = em.createQuery(contactQuery).getResultList();
+        contacts.forEach(c -> {
+            c.setContactOfficer(null);
+            contactService.ensurePersisted(c);
+        });
+    }
+
+    protected List<User> getPossibleUsersBasedOnCasesResponsibleDistrict(List<Case> cases) {
+        List<String> responsibleDistrictsUuidsAmongCases = cases.stream()
+                .map(Case::getResponsibleDistrict)
+                .collect(Collectors.toSet())
+                .stream()
+                .filter(Objects::nonNull)
+                .collect(Collectors.toSet())
+                .stream()
+                .map(District::getUuid)
+                .collect(Collectors.toList());
+
+        List<User> possibleUserForReplacement = getUsersFromCasesByDistricts(responsibleDistrictsUuidsAmongCases);
+
+        return possibleUserForReplacement;
+    }
+
+    protected List<User> getPossibleUsersBasedOnCasesDistrict(List<Case> cases) {
+        List<String> districtsUuidsAmongCases = cases.stream()
+                .map(Case::getDistrict)
+                .collect(Collectors.toSet())
+                .stream()
+                .filter(Objects::nonNull)
+                .collect(Collectors.toSet())
+                .stream()
+                .map(District::getUuid)
+                .collect(Collectors.toList());
+
+        List<User> possibleUserForReplacement = getUsersFromCasesByDistricts(districtsUuidsAmongCases);
+
+        return possibleUserForReplacement;
+    }
+
+    @NotNull
+    private List<User> getUsersFromCasesByDistricts(List<String> districtsUuidsAmongCases) {
+        List<User> possibleUserForReplacement = userService
+                .getUserReferencesByJurisdictions(
+                        null,
+                        districtsUuidsAmongCases,
+                        null,
+                        Collections.singletonList(JurisdictionLevel.DISTRICT),
+                        Arrays.asList(UserRight.CASE_RESPONSIBLE))
+                .stream()
+                .map(userReference -> userService.getByUuid(userReference.getUuid()))
+                .filter(user -> !UserHelper.isRestrictedToAssignEntities(user))
+                .collect(Collectors.toList());
+        return possibleUserForReplacement;
+    }
+
+    protected Set<User> getPossibleUsersBasedOnCasesFacility(List<Case> cases) {
+        return cases.stream()
+                .map(Case::getHealthFacility)
+                .filter(Objects::nonNull)
+                .filter(f -> f.getType() == FacilityType.HOSPITAL)
+                .distinct()
+                .map(userService::getFacilityUsersOfHospital)
+                .flatMap(Collection::stream)
+                .collect(Collectors.toSet());
+    }
+
+    @Override
+    @RightsAllowed({
+            UserRight._USER_CREATE,
+            UserRight._USER_EDIT})
+    public UserSyncResult syncUser(String uuid) {
+        User user = userService.getByUuid(uuid);
+
+        UserSyncResult userSyncResult = new UserSyncResult();
+        userSyncResult.setSuccess(true);
+
+        UserUpdateEvent event = new UserUpdateEvent(user);
+        event.setExceptionCallback(exceptionMessage -> {
+            userSyncResult.setSuccess(false);
+            userSyncResult.setErrorMessage(exceptionMessage);
+        });
+
+        this.userUpdateEvent.fire(event);
+
+        return userSyncResult;
+    }
+
+    @Override
+    @RightsAllowed({
+            UserRight._USER_CREATE,
+            UserRight._USER_EDIT,
+            UserRight._SYSTEM})
+    public void syncUsersFromAuthenticationProvider() {
+
+        if (!isSyncEnabled()) {
+            throw new ForbiddenException("No default role for new users from authentication provider is configured");
+        }
+
+        String defaultRoleName = configFacade.getAuthenticationProviderSyncedNewUserRole();
+        UserRole defaultRole = userRoleService.getByCaption(defaultRoleName);
+
+        if (defaultRole == null) {
+            throw new ForbiddenException("No default role for new users from authentication provider is configured");
+        }
+
+        List<User> existingUsers = userService.getAll();
+
+        syncUsersFromProviderEventEvent.fire(new SyncUsersFromProviderEvent(existingUsers, (syncedUsers, deletedUsers) -> {
+            syncedUsers.forEach(user -> {
+                if (user.getId() == null) {
+                    user.setUuid(DataHelper.createUuid());
+                    user.setUserRoles(Collections.singleton(defaultRole));
+                    UserService.setNewPassword(user);
+                }
+                userService.ensurePersisted(user);
+            });
+
+            deletedUsers.forEach(user -> {
+                user.setActive(false);
+                userService.ensurePersisted(user);
+            });
+        }));
+    }
+
+    @Override
+    @RightsAllowed({
+            UserRight._USER_CREATE,
+            UserRight._USER_EDIT,
+            UserRight._SYSTEM})
+    public boolean isSyncEnabled() {
+        AuthProvider authProvider = AuthProvider.getProvider(configFacade);
+        return KEYCLOAK.equalsIgnoreCase(authProvider.getName())
+                && (featureConfigurationFacade.isFeatureDisabled(FeatureType.AUTH_PROVIDER_TO_SORMAS_USER_SYNC)
+                || StringUtils.isNotBlank(configFacade.getAuthenticationProviderSyncedNewUserRole()));
+
+    }
+
+    @Override
+    // TODO - default password change only for ADMIN??
+    @PermitAll
+    public List<UserDto> getUsersWithDefaultPassword() {
+        if (userService.hasRight(UserRight.USER_EDIT)) {
+            // user is allowed to change all passwords
+            // a list of all users with a default password is returned
+            return userService.getAllDefaultUsers()
+                    .stream()
+                    .filter(user -> DefaultEntityHelper.usesDefaultPassword(user.getUserName(), user.getPassword(), user.getSeed()))
+                    .map(UserFacadeEjb::toDto)
+                    .collect(Collectors.toList());
+
+        } else {
+            // user has only access to himself
+            // the list will include him/her or will be empty
+            User currentUser = userService.getCurrentUser();
+            if (DefaultEntityHelper.isDefaultUser(currentUser.getUserName())
+                    && DefaultEntityHelper.usesDefaultPassword(currentUser.getUserName(), currentUser.getPassword(), currentUser.getSeed())) {
+                return Collections.singletonList(UserFacadeEjb.toDto(currentUser));
+            } else {
+                return Collections.emptyList();
+            }
+        }
+    }
+
+    @Override
+    @RightsAllowed(UserRight._USER_EDIT)
+    public List<ProcessedEntity> enableUsers(List<String> userUuids) {
+        return updateActiveState(userUuids, true);
+    }
+
+    @Override
+    @RightsAllowed(UserRight._USER_EDIT)
+    public List<ProcessedEntity> disableUsers(List<String> userUuids) {
+        return updateActiveState(userUuids, false);
+    }
+
+    private List<ProcessedEntity> updateActiveState(List<String> userUuids, boolean active) {
+        List<ProcessedEntity> processedEntities = new ArrayList<>();
+
+        List<User> users = userService.getByUuids(userUuids);
+        for (User user : users) {
+            try {
+                User oldUser = (User) BeanUtils.cloneBean(user);
+                user.setActive(active);
+                userService.ensurePersisted(user);
+
+                userUpdateEvent.fire(new UserUpdateEvent(oldUser, user));
+                processedEntities.add(new ProcessedEntity(user.getUuid(), ProcessedEntityStatus.SUCCESS));
+            } catch (Exception e) {
+                processedEntities.add(new ProcessedEntity(user.getUuid(), ProcessedEntityStatus.INTERNAL_FAILURE));
+                logger.error("The event with uuid {} could not be restored due to an Exception", user.getUuid(), e);
+            }
+        }
+
+        return processedEntities;
+    }
+
+    @Override
+    @RightsAllowed(UserRight._USER_ROLE_VIEW)
+    public long getUserCountHavingRole(UserRoleReferenceDto userRoleRef) {
+        return userService.countWithRole(userRoleRef);
+    }
+
+    @Override
+    @RightsAllowed(UserRight._USER_ROLE_VIEW)
+    public List<UserReferenceDto> getUsersHavingOnlyRole(UserRoleReferenceDto userRoleRef) {
+        return userService.getAllWithOnlyRole(userRoleRef).stream().map(UserFacadeEjb::toReferenceDto).collect(Collectors.toList());
+    }
+
+    @Override
+    @PermitAll
+    public List<UserRight> getUserRights(String userUuid) {
+
+        User user = StringUtils.isBlank(userUuid) ? currentUserService.getCurrentUser() : userService.getByUuid(userUuid);
+
+        if (user != null) {
+            if (getCurrentUser().getUuid().equals(user.getUuid())
+                    || (currentUserService.hasUserRight(UserRight.USER_ROLE_VIEW) && currentUserService.hasUserRight(UserRight.USER_VIEW))) {
+                return UserRole.getUserRights(user.getUserRoles()).stream().sorted(Comparator.comparing(Enum::name)).collect(Collectors.toList());
+            } else {
+                throw new AccessDeniedException(I18nProperties.getString(Strings.errorForbidden));
+            }
+        } else {
+            throw new EntityNotFoundException(I18nProperties.getString(Strings.errorNotFound));
+        }
+    }
+
+
+    public interface JurisdictionOverEntitySubqueryBuilder<ADO extends AbstractDomainObject> {
+
+        Subquery<ADO> buildSubquery(CriteriaBuilder cb, CriteriaQuery<?> cq, Root<User> userRoot);
+    }
+
+    @LocalBean
+    @Stateless
+    public static class UserFacadeEjbLocal extends UserFacadeEjb {
+
+    }
 }
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java
index 4af5527f0de..8b4e79a9112 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java
@@ -28,16 +28,14 @@
  */
 public class PasswordResetEvent {
 
-	private final User user;
+    private final User user;
 
-	public PasswordResetEvent(User user) {
-		this.user = user;
-	}
+    public PasswordResetEvent(User user) {
+        this.user = user;
+    }
 
-
-
-	public User getUser() {
-		return user;
-	}
+    public User getUser() {
+        return user;
+    }
 
 }
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
index b503db8d2af..a3efadc6801 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
@@ -14,36 +14,6 @@
  */
 package de.symeda.sormas.backend;
 
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.junit.jupiter.api.Assertions.assertThrows;
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.Mockito.when;
-
-import java.lang.annotation.Annotation;
-import java.security.Principal;
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.function.BiFunction;
-import java.util.function.Consumer;
-import java.util.function.Function;
-import java.util.stream.Collectors;
-
-import javax.naming.InitialContext;
-import javax.naming.NamingException;
-import javax.persistence.EntityManager;
-import javax.persistence.Query;
-
-import org.junit.jupiter.api.AfterEach;
-import org.junit.jupiter.api.BeforeAll;
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.extension.ExtendWith;
-import org.junit.jupiter.api.function.Executable;
-import org.mockito.junit.jupiter.MockitoExtension;
-import org.mockito.junit.jupiter.MockitoSettings;
-import org.mockito.quality.Strictness;
-
 import de.hilling.junit.cdi.CdiTestJunitExtension;
 import de.hilling.junit.cdi.ContextControlWrapper;
 import de.symeda.sormas.api.ConfigFacade;
@@ -173,12 +143,7 @@
 import de.symeda.sormas.backend.externaljournal.ExternalJournalService;
 import de.symeda.sormas.backend.externalmessage.ExternalMessageFacadeEjb.ExternalMessageFacadeEjbLocal;
 import de.symeda.sormas.backend.externalmessage.ExternalMessageService;
-import de.symeda.sormas.backend.externalmessage.labmessage.AutomaticLabMessageProcessor;
-import de.symeda.sormas.backend.externalmessage.labmessage.ExternalMessageProcessingFacadeEjbLocal;
-import de.symeda.sormas.backend.externalmessage.labmessage.SampleReportFacadeEjb;
-import de.symeda.sormas.backend.externalmessage.labmessage.SampleReportService;
-import de.symeda.sormas.backend.externalmessage.labmessage.TestReportFacadeEjb;
-import de.symeda.sormas.backend.externalmessage.labmessage.TestReportService;
+import de.symeda.sormas.backend.externalmessage.labmessage.*;
 import de.symeda.sormas.backend.externalsurveillancetool.ExternalSurveillanceToolGatewayFacadeEjb.ExternalSurveillanceToolGatewayFacadeEjbLocal;
 import de.symeda.sormas.backend.feature.FeatureConfiguration;
 import de.symeda.sormas.backend.feature.FeatureConfigurationFacadeEjb.FeatureConfigurationFacadeEjbLocal;
@@ -264,856 +229,854 @@
 import de.symeda.sormas.backend.therapy.TreatmentService;
 import de.symeda.sormas.backend.travelentry.TravelEntryFacadeEjb;
 import de.symeda.sormas.backend.travelentry.services.TravelEntryService;
-import de.symeda.sormas.backend.user.CurrentUserService;
-import de.symeda.sormas.backend.user.User;
+import de.symeda.sormas.backend.user.*;
 import de.symeda.sormas.backend.user.UserFacadeEjb.UserFacadeEjbLocal;
-import de.symeda.sormas.backend.user.UserRole;
 import de.symeda.sormas.backend.user.UserRoleFacadeEjb.UserRoleFacadeEjbLocal;
-import de.symeda.sormas.backend.user.UserRoleService;
-import de.symeda.sormas.backend.user.UserService;
 import de.symeda.sormas.backend.vaccination.VaccinationFacadeEjb;
 import de.symeda.sormas.backend.vaccination.VaccinationService;
 import de.symeda.sormas.backend.visit.VisitFacadeEjb.VisitFacadeEjbLocal;
 import de.symeda.sormas.backend.visit.VisitService;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.junit.jupiter.api.function.Executable;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.mockito.junit.jupiter.MockitoSettings;
+import org.mockito.quality.Strictness;
+
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+import javax.persistence.EntityManager;
+import javax.persistence.Query;
+import java.lang.annotation.Annotation;
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.function.BiFunction;
+import java.util.function.Consumer;
+import java.util.function.Function;
+import java.util.stream.Collectors;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
 
 @ExtendWith(CdiTestJunitExtension.class)
 @ExtendWith(MockitoExtension.class)
 @MockitoSettings(strictness = Strictness.LENIENT)
 public abstract class AbstractBeanTest {
 
-	protected final TestDataCreator creator = new TestDataCreator(this);
-
-	protected UserDto nationalAdmin;
-
-	@BeforeAll
-	public static void beforeAll() {
-
-	}
-
-	@BeforeEach
-	public void beforeEach() {
-		// so we can override init
-		init();
-	}
-
-	@AfterEach
-	public void afterEach() {
-
-	}
-
-	/**
-	 * Resets mocks to their initial state so that mock configurations are not
-	 * shared between tests.
-	 */
-	public void init() {
-
-		initH2Functions();
-
-		MockProducer.resetMocks();
-
-		// this is used to provide the current user to the ADO Listener taking care of updating the last change user
-		System.setProperty("java.naming.factory.initial", MockProducer.class.getCanonicalName());
-		try {
-			when(InitialContext.doLookup("java:global/sormas-ear/sormas-backend/CurrentUserService")).thenReturn(getCurrentUserService());
-		} catch (NamingException e) {
-			e.printStackTrace();
-		}
-
-		useNationalAdminLogin();
-
-		when(MockProducer.getSessionContext().isCallerInRole(any(String.class))).thenAnswer(invocationOnMock -> {
-			String role = invocationOnMock.getArgument(0);
-			UserRight userRight = UserRight.valueOf(role);
-			return getCurrentUserService().getCurrentUser()
-				.getUserRoles()
-				.stream()
-				.anyMatch(userRole -> userRole.getUserRights().contains(userRight));
-		});
-
-		I18nProperties.setUserLanguage(Language.EN);
-
-		createDiseaseConfigurations();
-	}
-
-	protected void initH2Functions() {
-		executeInTransaction(em -> {
-			Query nativeQuery = em.createNativeQuery("CREATE ALIAS similarity FOR \"de.symeda.sormas.backend.H2Function.similarity\"");
-			nativeQuery.executeUpdate();
-			nativeQuery = em.createNativeQuery("CREATE ALIAS date_part FOR \"de.symeda.sormas.backend.H2Function.date_part\"");
-			nativeQuery.executeUpdate();
-			nativeQuery = em.createNativeQuery("CREATE ALIAS epi_week FOR \"de.symeda.sormas.backend.H2Function.epi_week\"");
-			nativeQuery.executeUpdate();
-			nativeQuery = em.createNativeQuery("CREATE ALIAS epi_year FOR \"de.symeda.sormas.backend.H2Function.epi_year\"");
-			nativeQuery.executeUpdate();
-			nativeQuery = em.createNativeQuery("CREATE ALIAS similarity_operator FOR \"de.symeda.sormas.backend.H2Function.similarity_operator\"");
-			nativeQuery.executeUpdate();
-			nativeQuery = em.createNativeQuery("CREATE ALIAS set_limit FOR \"de.symeda.sormas.backend.H2Function.set_limit\"");
-			nativeQuery.executeUpdate();
-			nativeQuery = em.createNativeQuery("CREATE ALIAS date FOR \"de.symeda.sormas.backend.H2Function.date\"");
-			nativeQuery.executeUpdate();
-			nativeQuery = em
-				.createNativeQuery("CREATE ALIAS timestamp_subtract_14_days FOR \"de.symeda.sormas.backend.H2Function.timestamp_subtract_14_days\"");
-			nativeQuery.executeUpdate();
-			nativeQuery = em.createNativeQuery("CREATE ALIAS at_end_of_day FOR \"de.symeda.sormas.backend.H2Function.at_end_of_day\"");
-			nativeQuery.executeUpdate();
-		});
-	}
-
-	private void createDiseaseConfigurations() {
-		List<DiseaseConfiguration> diseaseConfigurations = getDiseaseConfigurationService().getAll();
-		List<Disease> configuredDiseases = diseaseConfigurations.stream().map(DiseaseConfiguration::getDisease).collect(Collectors.toList());
-		Arrays.stream(Disease.values()).filter(d -> !configuredDiseases.contains(d)).forEach(d -> {
-			DiseaseConfiguration configuration = DiseaseConfiguration.build(d);
-			getDiseaseConfigurationService().ensurePersisted(configuration);
-		});
-	}
-
-	protected <T> T getBean(Class<T> beanClass, Annotation... qualifiers) {
-		return ContextControlWrapper.getInstance().getContextualReference(beanClass, qualifiers);
-	}
-
-	public void executeInTransaction(Consumer<EntityManager> callback) {
-		getBean(TransactionalTestEjb.class).executeInTransaction(callback);
-	}
-
-	public <R> R executeInTransaction(Function<EntityManager, R> callback) {
-		return getBean(TransactionalTestEjb.class).executeInTransaction(callback);
-	}
-
-	public <T, R> R executeInTransaction(BiFunction<EntityManager, T, R> callback, T param) {
-		return getBean(TransactionalTestEjb.class).executeInTransaction(callback, param);
-	}
-
-	/**
-	 * This is private, because the entity manager does not have an active transaction when called from a test method
-	 * and should not be used in test code.
-	 * Use executeInTransaction or getEntityAttached instead!
-	 */
-	private EntityManager getEntityManager() {
-		return getBean(EntityManager.class);
-	}
-
-	/**
-	 * Attaches the entity to the persistence context
-	 * <b>Important</b>: The entity will only be attached until the next ejb call is concluded, which clears the entity manager.
-	 */
-	public <E extends AbstractDomainObject> E mergeToEntityManager(E entity) {
-		return getEntityManager().contains(entity) ? entity : getEntityManager().merge(entity);
-	}
-
-	public UserRole getEagerUserRole(String uuid) {
-		return executeInTransaction(em -> {
-			UserRole userRole = getUserRoleService().getByUuid(uuid);
-			initUserRole(userRole);
-			return userRole;
-		});
-	}
-
-	public User getEagerUser(String uuid) {
-		return executeInTransaction(em -> {
-			User user = getUserService().getByUuid(uuid);
-			for (UserRole userRole : user.getUserRoles()) {
-				initUserRole(userRole);
-			}
-			return user;
-		});
-	}
-
-	/**
-	 * Initializes lazy references.
-	 */
-	private void initUserRole(UserRole userRole) {
-		userRole.getEmailNotificationTypes().size();
-		userRole.getSmsNotificationTypes().size();
-	}
-
-	protected void createDeletionConfigurations() {
-		createDeletionConfigurations(DeletableEntityType.CASE, DeletionReference.CREATION);
-		createDeletionConfigurations(DeletableEntityType.CONTACT, DeletionReference.CREATION);
-		createDeletionConfigurations(DeletableEntityType.EVENT, DeletionReference.CREATION);
-		createDeletionConfigurations(DeletableEntityType.EVENT_PARTICIPANT, DeletionReference.CREATION);
-		createDeletionConfigurations(DeletableEntityType.IMMUNIZATION, DeletionReference.CREATION);
-		createDeletionConfigurations(DeletableEntityType.TRAVEL_ENTRY, DeletionReference.CREATION);
-	}
-
-	protected void createDeletionConfigurations(DeletableEntityType deletableEntityType, DeletionReference automaticDeletionReference) {
-		DeletionConfigurationService deletionConfigurationService = getBean(DeletionConfigurationService.class);
-		deletionConfigurationService.ensurePersisted(DeletionConfiguration.build(deletableEntityType, automaticDeletionReference, 3650));
-		deletionConfigurationService.ensurePersisted(DeletionConfiguration.build(deletableEntityType, DeletionReference.MANUAL_DELETION, 90));
-	}
-
-	protected void createFeatureConfiguration(FeatureType featureType, boolean enabled) {
-		createFeatureConfiguration(featureType, enabled, null);
-	}
-
-	protected void createFeatureConfiguration(FeatureType featureType, boolean enabled, Map<FeatureTypeProperty, Object> properties) {
-		FeatureConfigurationIndexDto featureConfiguration =
-			new FeatureConfigurationIndexDto(DataHelper.createUuid(), null, null, null, null, null, enabled, null);
-		getFeatureConfigurationFacade().saveFeatureConfiguration(featureConfiguration, featureType);
-		if (properties != null) {
-			executeInTransaction(em -> {
-				Query query = em.createQuery("select f from featureconfiguration f where featureType = '" + featureType.name() + "'");
-				FeatureConfiguration singleResult = (FeatureConfiguration) query.getSingleResult();
-				singleResult.setProperties(properties);
-				em.persist(singleResult);
-			});
-		}
-	}
-
-	public ConfigFacade getConfigFacade() {
-		return getBean(ConfigFacadeEjbLocal.class);
-	}
-
-	/**
-	 * Using local bean here to avoid multiple transactions in test.
-	 * 
-	 * @return
-	 */
-	public CaseFacadeEjb getCaseFacade() {
-		return getBean(CaseFacadeEjbLocal.class);
-	}
-
-	public CaseService getCaseService() {
-		return getBean(CaseService.class);
-	}
-
-	public ImmunizationFacadeEjbLocal getImmunizationFacade() {
-		return getBean(ImmunizationFacadeEjbLocal.class);
-	}
-
-	public ImmunizationService getImmunizationService() {
-		return getBean(ImmunizationService.class);
-	}
-
-	public VaccinationFacade getVaccinationFacade() {
-		return getBean(VaccinationFacadeEjb.VaccinationFacadeEjbLocal.class);
-	}
-
-	public VaccinationService getVaccinationService() {
-		return getBean(VaccinationService.class);
-	}
-
-	public TravelEntryFacade getTravelEntryFacade() {
-		return getBean(TravelEntryFacadeEjb.TravelEntryFacadeEjbLocal.class);
-	}
-
-	public TravelEntryService getTravelEntryService() {
-		return getBean(TravelEntryService.class);
-	}
-
-	public CaseStatisticsFacade getCaseStatisticsFacade() {
-		return getBean(CaseStatisticsFacadeEjbLocal.class);
-	}
-
-	public ContactFacadeEjbLocal getContactFacade() {
-		return getBean(ContactFacadeEjbLocal.class);
-	}
-
-	public ContactService getContactService() {
-		return getBean(ContactService.class);
-	}
-
-	public DashboardFacade getDashboardFacade() {
-		return getBean(DashboardFacadeEjb.DashboardFacadeEjbLocal.class);
-	}
-
-	public SampleDashboardFacade getSampleDashboardFacade() {
-		return getBean(SampleDashboardFacadeEjb.SampleDashboardFacadeEjbLocal.class);
-	}
-
-	public DashboardService getDashboardService() {
-		return getBean(DashboardService.class);
-	}
-
-	public EventFacadeEjbLocal getEventFacade() {
-		return getBean(EventFacadeEjbLocal.class);
-	}
-
-	public EventService getEventService() {
-		return getBean(EventService.class);
-	}
-
-	public EventParticipantFacadeEjbLocal getEventParticipantFacade() {
-		return getBean(EventParticipantFacadeEjbLocal.class);
-	}
-
-	public EventParticipantService getEventParticipantService() {
-		return getBean(EventParticipantService.class);
-	}
-
-	public SurveillanceReportFacade getSurveillanceReportFacade() {
-		return getBean(SurveillanceReportFacadeEjb.SurveillanceReportFacadeEjbLocal.class);
-	}
-
-	public SurveillanceReportService getSurveillanceReportService() {
-		return getBean(SurveillanceReportService.class);
-	}
-
-	public ActionFacade getActionFacade() {
-		return getBean(ActionFacadeEjb.ActionFacadeEjbLocal.class);
-	}
-
-	public AggregateReportFacade getAggregateReportFacade() {
-		return getBean(AggregateReportFacadeEjb.AggregateReportFacadeEjbLocal.class);
-	}
-
-	public VisitFacade getVisitFacade() {
-		return getBean(VisitFacadeEjbLocal.class);
-	}
-
-	public VisitService getVisitService() {
-		return getBean(VisitService.class);
-	}
-
-	public PersonFacadeEjbLocal getPersonFacade() {
-		return getBean(PersonFacadeEjbLocal.class);
-	}
+    protected final TestDataCreator creator = new TestDataCreator(this);
+
+    protected UserDto nationalAdmin;
+
+    @BeforeAll
+    public static void beforeAll() {
+
+    }
+
+    @BeforeEach
+    public void beforeEach() {
+        // so we can override init
+        init();
+    }
+
+    @AfterEach
+    public void afterEach() {
+
+    }
+
+    /**
+     * Resets mocks to their initial state so that mock configurations are not
+     * shared between tests.
+     */
+    public void init() {
+
+        initH2Functions();
+
+        MockProducer.resetMocks();
+
+        // this is used to provide the current user to the ADO Listener taking care of updating the last change user
+        System.setProperty("java.naming.factory.initial", MockProducer.class.getCanonicalName());
+        try {
+            when(InitialContext.doLookup("java:global/sormas-ear/sormas-backend/CurrentUserService")).thenReturn(getCurrentUserService());
+        } catch (NamingException e) {
+            e.printStackTrace();
+        }
+
+        useNationalAdminLogin();
+
+        when(MockProducer.getSessionContext().isCallerInRole(any(String.class))).thenAnswer(invocationOnMock -> {
+            String role = invocationOnMock.getArgument(0);
+            UserRight userRight = UserRight.valueOf(role);
+            return getCurrentUserService().getCurrentUser()
+                    .getUserRoles()
+                    .stream()
+                    .anyMatch(userRole -> userRole.getUserRights().contains(userRight));
+        });
+
+        I18nProperties.setUserLanguage(Language.EN);
+
+        createDiseaseConfigurations();
+    }
+
+    protected void initH2Functions() {
+        executeInTransaction(em -> {
+            Query nativeQuery = em.createNativeQuery("CREATE ALIAS similarity FOR \"de.symeda.sormas.backend.H2Function.similarity\"");
+            nativeQuery.executeUpdate();
+            nativeQuery = em.createNativeQuery("CREATE ALIAS date_part FOR \"de.symeda.sormas.backend.H2Function.date_part\"");
+            nativeQuery.executeUpdate();
+            nativeQuery = em.createNativeQuery("CREATE ALIAS epi_week FOR \"de.symeda.sormas.backend.H2Function.epi_week\"");
+            nativeQuery.executeUpdate();
+            nativeQuery = em.createNativeQuery("CREATE ALIAS epi_year FOR \"de.symeda.sormas.backend.H2Function.epi_year\"");
+            nativeQuery.executeUpdate();
+            nativeQuery = em.createNativeQuery("CREATE ALIAS similarity_operator FOR \"de.symeda.sormas.backend.H2Function.similarity_operator\"");
+            nativeQuery.executeUpdate();
+            nativeQuery = em.createNativeQuery("CREATE ALIAS set_limit FOR \"de.symeda.sormas.backend.H2Function.set_limit\"");
+            nativeQuery.executeUpdate();
+            nativeQuery = em.createNativeQuery("CREATE ALIAS date FOR \"de.symeda.sormas.backend.H2Function.date\"");
+            nativeQuery.executeUpdate();
+            nativeQuery = em
+                    .createNativeQuery("CREATE ALIAS timestamp_subtract_14_days FOR \"de.symeda.sormas.backend.H2Function.timestamp_subtract_14_days\"");
+            nativeQuery.executeUpdate();
+            nativeQuery = em.createNativeQuery("CREATE ALIAS at_end_of_day FOR \"de.symeda.sormas.backend.H2Function.at_end_of_day\"");
+            nativeQuery.executeUpdate();
+        });
+    }
+
+    private void createDiseaseConfigurations() {
+        List<DiseaseConfiguration> diseaseConfigurations = getDiseaseConfigurationService().getAll();
+        List<Disease> configuredDiseases = diseaseConfigurations.stream().map(DiseaseConfiguration::getDisease).collect(Collectors.toList());
+        Arrays.stream(Disease.values()).filter(d -> !configuredDiseases.contains(d)).forEach(d -> {
+            DiseaseConfiguration configuration = DiseaseConfiguration.build(d);
+            getDiseaseConfigurationService().ensurePersisted(configuration);
+        });
+    }
+
+    protected <T> T getBean(Class<T> beanClass, Annotation... qualifiers) {
+        return ContextControlWrapper.getInstance().getContextualReference(beanClass, qualifiers);
+    }
+
+    public void executeInTransaction(Consumer<EntityManager> callback) {
+        getBean(TransactionalTestEjb.class).executeInTransaction(callback);
+    }
+
+    public <R> R executeInTransaction(Function<EntityManager, R> callback) {
+        return getBean(TransactionalTestEjb.class).executeInTransaction(callback);
+    }
+
+    public <T, R> R executeInTransaction(BiFunction<EntityManager, T, R> callback, T param) {
+        return getBean(TransactionalTestEjb.class).executeInTransaction(callback, param);
+    }
+
+    /**
+     * This is private, because the entity manager does not have an active transaction when called from a test method
+     * and should not be used in test code.
+     * Use executeInTransaction or getEntityAttached instead!
+     */
+    private EntityManager getEntityManager() {
+        return getBean(EntityManager.class);
+    }
+
+    /**
+     * Attaches the entity to the persistence context
+     * <b>Important</b>: The entity will only be attached until the next ejb call is concluded, which clears the entity manager.
+     */
+    public <E extends AbstractDomainObject> E mergeToEntityManager(E entity) {
+        return getEntityManager().contains(entity) ? entity : getEntityManager().merge(entity);
+    }
+
+    public UserRole getEagerUserRole(String uuid) {
+        return executeInTransaction(em -> {
+            UserRole userRole = getUserRoleService().getByUuid(uuid);
+            initUserRole(userRole);
+            return userRole;
+        });
+    }
+
+    public User getEagerUser(String uuid) {
+        return executeInTransaction(em -> {
+            User user = getUserService().getByUuid(uuid);
+            for (UserRole userRole : user.getUserRoles()) {
+                initUserRole(userRole);
+            }
+            return user;
+        });
+    }
+
+    /**
+     * Initializes lazy references.
+     */
+    private void initUserRole(UserRole userRole) {
+        userRole.getEmailNotificationTypes().size();
+        userRole.getSmsNotificationTypes().size();
+    }
+
+    protected void createDeletionConfigurations() {
+        createDeletionConfigurations(DeletableEntityType.CASE, DeletionReference.CREATION);
+        createDeletionConfigurations(DeletableEntityType.CONTACT, DeletionReference.CREATION);
+        createDeletionConfigurations(DeletableEntityType.EVENT, DeletionReference.CREATION);
+        createDeletionConfigurations(DeletableEntityType.EVENT_PARTICIPANT, DeletionReference.CREATION);
+        createDeletionConfigurations(DeletableEntityType.IMMUNIZATION, DeletionReference.CREATION);
+        createDeletionConfigurations(DeletableEntityType.TRAVEL_ENTRY, DeletionReference.CREATION);
+    }
+
+    protected void createDeletionConfigurations(DeletableEntityType deletableEntityType, DeletionReference automaticDeletionReference) {
+        DeletionConfigurationService deletionConfigurationService = getBean(DeletionConfigurationService.class);
+        deletionConfigurationService.ensurePersisted(DeletionConfiguration.build(deletableEntityType, automaticDeletionReference, 3650));
+        deletionConfigurationService.ensurePersisted(DeletionConfiguration.build(deletableEntityType, DeletionReference.MANUAL_DELETION, 90));
+    }
+
+    protected void createFeatureConfiguration(FeatureType featureType, boolean enabled) {
+        createFeatureConfiguration(featureType, enabled, null);
+    }
+
+    protected void createFeatureConfiguration(FeatureType featureType, boolean enabled, Map<FeatureTypeProperty, Object> properties) {
+        FeatureConfigurationIndexDto featureConfiguration =
+                new FeatureConfigurationIndexDto(DataHelper.createUuid(), null, null, null, null, null, enabled, null);
+        getFeatureConfigurationFacade().saveFeatureConfiguration(featureConfiguration, featureType);
+        if (properties != null) {
+            executeInTransaction(em -> {
+                Query query = em.createQuery("select f from featureconfiguration f where featureType = '" + featureType.name() + "'");
+                FeatureConfiguration singleResult = (FeatureConfiguration) query.getSingleResult();
+                singleResult.setProperties(properties);
+                em.persist(singleResult);
+            });
+        }
+    }
+
+    public ConfigFacade getConfigFacade() {
+        return getBean(ConfigFacadeEjbLocal.class);
+    }
+
+    /**
+     * Using local bean here to avoid multiple transactions in test.
+     *
+     * @return
+     */
+    public CaseFacadeEjb getCaseFacade() {
+        return getBean(CaseFacadeEjbLocal.class);
+    }
+
+    public CaseService getCaseService() {
+        return getBean(CaseService.class);
+    }
+
+    public ImmunizationFacadeEjbLocal getImmunizationFacade() {
+        return getBean(ImmunizationFacadeEjbLocal.class);
+    }
+
+    public ImmunizationService getImmunizationService() {
+        return getBean(ImmunizationService.class);
+    }
+
+    public VaccinationFacade getVaccinationFacade() {
+        return getBean(VaccinationFacadeEjb.VaccinationFacadeEjbLocal.class);
+    }
+
+    public VaccinationService getVaccinationService() {
+        return getBean(VaccinationService.class);
+    }
+
+    public TravelEntryFacade getTravelEntryFacade() {
+        return getBean(TravelEntryFacadeEjb.TravelEntryFacadeEjbLocal.class);
+    }
+
+    public TravelEntryService getTravelEntryService() {
+        return getBean(TravelEntryService.class);
+    }
+
+    public CaseStatisticsFacade getCaseStatisticsFacade() {
+        return getBean(CaseStatisticsFacadeEjbLocal.class);
+    }
+
+    public ContactFacadeEjbLocal getContactFacade() {
+        return getBean(ContactFacadeEjbLocal.class);
+    }
+
+    public ContactService getContactService() {
+        return getBean(ContactService.class);
+    }
+
+    public DashboardFacade getDashboardFacade() {
+        return getBean(DashboardFacadeEjb.DashboardFacadeEjbLocal.class);
+    }
+
+    public SampleDashboardFacade getSampleDashboardFacade() {
+        return getBean(SampleDashboardFacadeEjb.SampleDashboardFacadeEjbLocal.class);
+    }
+
+    public DashboardService getDashboardService() {
+        return getBean(DashboardService.class);
+    }
+
+    public EventFacadeEjbLocal getEventFacade() {
+        return getBean(EventFacadeEjbLocal.class);
+    }
+
+    public EventService getEventService() {
+        return getBean(EventService.class);
+    }
+
+    public EventParticipantFacadeEjbLocal getEventParticipantFacade() {
+        return getBean(EventParticipantFacadeEjbLocal.class);
+    }
+
+    public EventParticipantService getEventParticipantService() {
+        return getBean(EventParticipantService.class);
+    }
+
+    public SurveillanceReportFacade getSurveillanceReportFacade() {
+        return getBean(SurveillanceReportFacadeEjb.SurveillanceReportFacadeEjbLocal.class);
+    }
+
+    public SurveillanceReportService getSurveillanceReportService() {
+        return getBean(SurveillanceReportService.class);
+    }
+
+    public ActionFacade getActionFacade() {
+        return getBean(ActionFacadeEjb.ActionFacadeEjbLocal.class);
+    }
+
+    public AggregateReportFacade getAggregateReportFacade() {
+        return getBean(AggregateReportFacadeEjb.AggregateReportFacadeEjbLocal.class);
+    }
+
+    public VisitFacade getVisitFacade() {
+        return getBean(VisitFacadeEjbLocal.class);
+    }
+
+    public VisitService getVisitService() {
+        return getBean(VisitService.class);
+    }
+
+    public PersonFacadeEjbLocal getPersonFacade() {
+        return getBean(PersonFacadeEjbLocal.class);
+    }
 
-	public PersonService getPersonService() {
-		return getBean(PersonService.class);
-	}
+    public PersonService getPersonService() {
+        return getBean(PersonService.class);
+    }
 
-	public TaskFacade getTaskFacade() {
-		return getBean(TaskFacadeEjbLocal.class);
-	}
+    public TaskFacade getTaskFacade() {
+        return getBean(TaskFacadeEjbLocal.class);
+    }
 
-	public SampleFacade getSampleFacade() {
-		return getBean(SampleFacadeEjbLocal.class);
-	}
+    public SampleFacade getSampleFacade() {
+        return getBean(SampleFacadeEjbLocal.class);
+    }
 
-	public SampleService getSampleService() {
-		return getBean(SampleService.class);
-	}
+    public SampleService getSampleService() {
+        return getBean(SampleService.class);
+    }
 
-	public AdditionalTestFacade getAdditionalTestFacade() {
-		return getBean(AdditionalTestFacadeEjbLocal.class);
-	}
+    public AdditionalTestFacade getAdditionalTestFacade() {
+        return getBean(AdditionalTestFacadeEjbLocal.class);
+    }
 
-	public SymptomsService getSymptomsService() {
-		return getBean(SymptomsService.class);
-	}
+    public SymptomsService getSymptomsService() {
+        return getBean(SymptomsService.class);
+    }
 
-	public PointOfEntryFacade getPointOfEntryFacade() {
-		return getBean(PointOfEntryFacadeEjbLocal.class);
-	}
+    public PointOfEntryFacade getPointOfEntryFacade() {
+        return getBean(PointOfEntryFacadeEjbLocal.class);
+    }
 
-	public PortHealthInfoFacade getPortHealthInfoFacade() {
-		return getBean(PortHealthInfoFacadeEjbLocal.class);
-	}
+    public PortHealthInfoFacade getPortHealthInfoFacade() {
+        return getBean(PortHealthInfoFacadeEjbLocal.class);
+    }
 
-	public FacilityFacade getFacilityFacade() {
-		return getBean(FacilityFacadeEjbLocal.class);
-	}
+    public FacilityFacade getFacilityFacade() {
+        return getBean(FacilityFacadeEjbLocal.class);
+    }
 
-	public ContinentFacade getContinentFacade() {
-		return getBean(ContinentFacadeEjb.ContinentFacadeEjbLocal.class);
-	}
+    public ContinentFacade getContinentFacade() {
+        return getBean(ContinentFacadeEjb.ContinentFacadeEjbLocal.class);
+    }
 
-	public SubcontinentFacade getSubcontinentFacade() {
-		return getBean(SubcontinentFacadeEjb.SubcontinentFacadeEjbLocal.class);
-	}
+    public SubcontinentFacade getSubcontinentFacade() {
+        return getBean(SubcontinentFacadeEjb.SubcontinentFacadeEjbLocal.class);
+    }
 
-	public CountryFacade getCountryFacade() {
-		return getBean(CountryFacadeEjb.CountryFacadeEjbLocal.class);
-	}
+    public CountryFacade getCountryFacade() {
+        return getBean(CountryFacadeEjb.CountryFacadeEjbLocal.class);
+    }
 
-	public RegionFacade getRegionFacade() {
-		return getBean(RegionFacadeEjbLocal.class);
-	}
+    public RegionFacade getRegionFacade() {
+        return getBean(RegionFacadeEjbLocal.class);
+    }
 
-	public DistrictFacade getDistrictFacade() {
-		return getBean(DistrictFacadeEjbLocal.class);
-	}
+    public DistrictFacade getDistrictFacade() {
+        return getBean(DistrictFacadeEjbLocal.class);
+    }
 
-	public CommunityFacade getCommunityFacade() {
-		return getBean(CommunityFacadeEjbLocal.class);
-	}
+    public CommunityFacade getCommunityFacade() {
+        return getBean(CommunityFacadeEjbLocal.class);
+    }
 
-	public UserFacadeEjbLocal getUserFacade() {
-		return getBean(UserFacadeEjbLocal.class);
-	}
+    public UserFacadeEjbLocal getUserFacade() {
+        return getBean(UserFacadeEjbLocal.class);
+    }
 
-	public UserService getUserService() {
-		return getBean(UserService.class);
-	}
+    public UserService getUserService() {
+        return getBean(UserService.class);
+    }
 
-	public UserRoleFacadeEjbLocal getUserRoleFacade() {
-		return getBean(UserRoleFacadeEjbLocal.class);
-	}
+    public UserRoleFacadeEjbLocal getUserRoleFacade() {
+        return getBean(UserRoleFacadeEjbLocal.class);
+    }
 
-	public UserRoleService getUserRoleService() {
-		return getBean(UserRoleService.class);
-	}
+    public UserRoleService getUserRoleService() {
+        return getBean(UserRoleService.class);
+    }
 
-	public WeeklyReportFacade getWeeklyReportFacade() {
-		return getBean(WeeklyReportFacadeEjbLocal.class);
-	}
+    public WeeklyReportFacade getWeeklyReportFacade() {
+        return getBean(WeeklyReportFacadeEjbLocal.class);
+    }
 
-	public GeoShapeProvider getGeoShapeProvider() {
-		return getBean(GeoShapeProviderEjbLocal.class);
-	}
+    public GeoShapeProvider getGeoShapeProvider() {
+        return getBean(GeoShapeProviderEjbLocal.class);
+    }
 
-	public OutbreakFacade getOutbreakFacade() {
-		return getBean(OutbreakFacadeEjbLocal.class);
-	}
+    public OutbreakFacade getOutbreakFacade() {
+        return getBean(OutbreakFacadeEjbLocal.class);
+    }
 
-	public ImportFacade getImportFacade() {
-		return getBean(ImportFacadeEjbLocal.class);
-	}
+    public ImportFacade getImportFacade() {
+        return getBean(ImportFacadeEjbLocal.class);
+    }
 
-	public FacilityService getFacilityService() {
-		return getBean(FacilityService.class);
-	}
+    public FacilityService getFacilityService() {
+        return getBean(FacilityService.class);
+    }
 
-	public PointOfEntryService getPointOfEntryService() {
-		return getBean(PointOfEntryService.class);
-	}
+    public PointOfEntryService getPointOfEntryService() {
+        return getBean(PointOfEntryService.class);
+    }
 
-	public ContinentService getContinentService() {
-		return getBean(ContinentService.class);
-	}
+    public ContinentService getContinentService() {
+        return getBean(ContinentService.class);
+    }
 
-	public SubcontinentService getSubcontinentService() {
-		return getBean(SubcontinentService.class);
-	}
+    public SubcontinentService getSubcontinentService() {
+        return getBean(SubcontinentService.class);
+    }
 
-	public CountryService getCountryService() {
-		return getBean(CountryService.class);
-	}
+    public CountryService getCountryService() {
+        return getBean(CountryService.class);
+    }
 
-	public RegionService getRegionService() {
-		return getBean(RegionService.class);
-	}
+    public RegionService getRegionService() {
+        return getBean(RegionService.class);
+    }
 
-	public DistrictService getDistrictService() {
-		return getBean(DistrictService.class);
-	}
+    public DistrictService getDistrictService() {
+        return getBean(DistrictService.class);
+    }
 
-	public CommunityService getCommunityService() {
-		return getBean(CommunityService.class);
-	}
+    public CommunityService getCommunityService() {
+        return getBean(CommunityService.class);
+    }
 
-	public ClinicalCourseFacade getClinicalCourseFacade() {
-		return getBean(ClinicalCourseFacadeEjbLocal.class);
-	}
+    public ClinicalCourseFacade getClinicalCourseFacade() {
+        return getBean(ClinicalCourseFacadeEjbLocal.class);
+    }
 
-	public ClinicalVisitFacade getClinicalVisitFacade() {
-		return getBean(ClinicalVisitFacadeEjbLocal.class);
-	}
+    public ClinicalVisitFacade getClinicalVisitFacade() {
+        return getBean(ClinicalVisitFacadeEjbLocal.class);
+    }
 
-	public ClinicalVisitService getClinicalVisitService() {
-		return getBean(ClinicalVisitService.class);
-	}
+    public ClinicalVisitService getClinicalVisitService() {
+        return getBean(ClinicalVisitService.class);
+    }
 
-	public TherapyFacade getTherapyFacade() {
-		return getBean(TherapyFacadeEjbLocal.class);
-	}
+    public TherapyFacade getTherapyFacade() {
+        return getBean(TherapyFacadeEjbLocal.class);
+    }
 
-	public PrescriptionFacade getPrescriptionFacade() {
-		return getBean(PrescriptionFacadeEjbLocal.class);
-	}
+    public PrescriptionFacade getPrescriptionFacade() {
+        return getBean(PrescriptionFacadeEjbLocal.class);
+    }
 
-	public PrescriptionService getPrescriptionService() {
-		return getBean(PrescriptionService.class);
-	}
+    public PrescriptionService getPrescriptionService() {
+        return getBean(PrescriptionService.class);
+    }
 
-	public TreatmentFacade getTreatmentFacade() {
-		return getBean(TreatmentFacadeEjbLocal.class);
-	}
+    public TreatmentFacade getTreatmentFacade() {
+        return getBean(TreatmentFacadeEjbLocal.class);
+    }
 
-	public TreatmentService getTreatmentService() {
-		return getBean(TreatmentService.class);
-	}
+    public TreatmentService getTreatmentService() {
+        return getBean(TreatmentService.class);
+    }
 
-	public DiseaseConfigurationFacade getDiseaseConfigurationFacade() {
-		return getBean(DiseaseConfigurationFacadeEjbLocal.class);
-	}
+    public DiseaseConfigurationFacade getDiseaseConfigurationFacade() {
+        return getBean(DiseaseConfigurationFacadeEjbLocal.class);
+    }
 
-	public DiseaseConfigurationService getDiseaseConfigurationService() {
-		return getBean(DiseaseConfigurationService.class);
-	}
+    public DiseaseConfigurationService getDiseaseConfigurationService() {
+        return getBean(DiseaseConfigurationService.class);
+    }
 
-	public PopulationDataFacade getPopulationDataFacade() {
-		return getBean(PopulationDataFacadeEjbLocal.class);
-	}
+    public PopulationDataFacade getPopulationDataFacade() {
+        return getBean(PopulationDataFacadeEjbLocal.class);
+    }
 
-	public FeatureConfigurationFacade getFeatureConfigurationFacade() {
-		return getBean(FeatureConfigurationFacadeEjbLocal.class);
-	}
+    public FeatureConfigurationFacade getFeatureConfigurationFacade() {
+        return getBean(FeatureConfigurationFacadeEjbLocal.class);
+    }
 
-	public PathogenTestFacade getPathogenTestFacade() {
-		return getBean(PathogenTestFacadeEjbLocal.class);
-	}
+    public PathogenTestFacade getPathogenTestFacade() {
+        return getBean(PathogenTestFacadeEjbLocal.class);
+    }
 
-	public CampaignFormMetaFacade getCampaignFormFacade() {
-		return getBean(CampaignFormMetaFacadeEjbLocal.class);
-	}
+    public CampaignFormMetaFacade getCampaignFormFacade() {
+        return getBean(CampaignFormMetaFacadeEjbLocal.class);
+    }
 
-	public SormasToSormasFacadeEjbLocal getSormasToSormasFacade() {
-		return getBean(SormasToSormasFacadeEjbLocal.class);
-	}
+    public SormasToSormasFacadeEjbLocal getSormasToSormasFacade() {
+        return getBean(SormasToSormasFacadeEjbLocal.class);
+    }
 
-	public SormasToSormasOriginInfoFacadeEjbLocal getSormasToSormasOriginInfoFacade() {
-		return getBean(SormasToSormasOriginInfoFacadeEjbLocal.class);
-	}
+    public SormasToSormasOriginInfoFacadeEjbLocal getSormasToSormasOriginInfoFacade() {
+        return getBean(SormasToSormasOriginInfoFacadeEjbLocal.class);
+    }
 
-	public SormasToSormasShareInfoFacadeEjbLocal getSormasToSormasShareInfoFacade() {
-		return getBean(SormasToSormasShareInfoFacadeEjbLocal.class);
-	}
+    public SormasToSormasShareInfoFacadeEjbLocal getSormasToSormasShareInfoFacade() {
+        return getBean(SormasToSormasShareInfoFacadeEjbLocal.class);
+    }
 
-	public SormasToSormasCaseFacade getSormasToSormasCaseFacade() {
-		return getBean(SormasToSormasCaseFacadeEjbLocal.class);
-	}
-
-	public SormasToSormasContactFacade getSormasToSormasContactFacade() {
-		return getBean(SormasToSormasContactFacadeEjbLocal.class);
-	}
-
-	public SormasToSormasEventFacade getSormasToSormasEventFacade() {
-		return getBean(SormasToSormasEventFacadeEjbLocal.class);
-	}
-
-	public ExternalMessageFacade getExternalMessageFacade() {
-		return getBean(ExternalMessageFacadeEjbLocal.class);
-	}
-
-	public ExternalMessageService getExternalMessageService() {
-		return getBean(ExternalMessageService.class);
-	}
-
-	public SormasToSormasExternalMessageFacade getSormasToSormasLabMessageFacade() {
-		return getBean(SormasToSormasExternalMessageFacadeEjbLocal.class);
-	}
-
-	public SormasToSormasShareInfoService getSormasToSormasShareInfoService() {
-		return getBean(SormasToSormasShareInfoService.class);
-	}
-
-	public ShareRequestInfoService getShareRequestInfoService() {
-		return getBean(ShareRequestInfoService.class);
-	}
-
-	public SormasToSormasEncryptionFacade getSormasToSormasEncryptionFacade() {
-		return getBean(SormasToSormasEncryptionFacadeEjb.SormasToSormasEncryptionFacadeEjbLocal.class);
-	}
-
-	public GeocodingService getGeocodingService() {
-		return getBean(GeocodingService.class);
-	}
-
-	public CurrentUserService getCurrentUserService() {
-		return getBean(CurrentUserService.class);
-	}
-
-	public CustomizableEnumValueService getCustomizableEnumValueService() {
-		return getBean(CustomizableEnumValueService.class);
-	}
-
-	public CustomizableEnumFacade getCustomizableEnumFacade() {
-		return getBean(CustomizableEnumFacadeEjb.CustomizableEnumFacadeEjbLocal.class);
-	}
-
-	public ShareDataBuilderHelper getShareDataBuilderHelper() {
-		return getBean(ShareDataBuilderHelper.class);
-	}
-
-	public ReceivedCaseProcessor getReceivedCaseProcessor() {
-		return getBean(ReceivedCaseProcessor.class);
-	}
-
-	public ReceivedContactProcessor getReceivedContactProcessor() {
-		return getBean(ReceivedContactProcessor.class);
-	}
-
-	public ReceivedEventProcessor getReceivedEventProcessor() {
-		return getBean(ReceivedEventProcessor.class);
-	}
-
-	public ReceivedImmunizationProcessor getReceivedImmunizationProcessor() {
-		return getBean(ReceivedImmunizationProcessor.class);
-	}
-
-	public ReceivedSampleProcessor getReceivedSampleProcessor() {
-		return getBean(ReceivedSampleProcessor.class);
-	}
-
-	public CampaignFormDataFacade getCampaignFormDataFacade() {
-		return getBean(CampaignFormDataFacadeEjbLocal.class);
-	}
-
-	public CampaignFacadeEjbLocal getCampaignFacade() {
-		return getBean(CampaignFacadeEjbLocal.class);
-	}
-
-	public CampaignDiagramDefinitionFacade getCampaignDiagramDefinitionFacade() {
-		return getBean(CampaignDiagramDefinitionFacadeEjb.CampaignDiagramDefinitionFacadeEjbLocal.class);
-	}
-
-	protected UserDto loginWith(UserDto user) {
-		when(MockProducer.getPrincipal().getName()).thenReturn(user.getUserName());
-		// load into cache, to work-around CurrentUserService.fetchUser @Transactional annotation not working in tests
-		getCurrentUserService().getCurrentUser();
-
-		return user;
-	}
-
-//	protected UserDto loginWith(UserDto user) {
-//		if (user == null) {
-//			throw new IllegalArgumentException("User cannot be null");
-//		}
-//
-//		String userName = user.getUserName();
-//		if (userName == null) {
-//			throw new IllegalArgumentException("User name cannot be null");
-//		}
-//
-//		// Ensure MockProducer.getPrincipal() is not null
-//		Principal principal = MockProducer.getPrincipal();
-//		if (principal == null) {
-//			throw new IllegalStateException("Principal cannot be null");
-//		}
-//
-//		when(principal.getName()).thenReturn(userName);
-//
-//		// Load into cache, to work-around CurrentUserService.fetchUser @Transactional annotation not working in tests
-//		getCurrentUserService().getCurrentUser();
-//		return user;
-//	}
-
-
-	protected UserDto useNationalUserLogin() {
-		return loginWith(creator.createNationalUser());
-	}
-
-	protected UserDto useNationalAdminLogin() {
-
-		if (nationalAdmin == null) {
-			// we don't use TestDataCreator.createUser here, because we first need any user to have the user right to access backend facades
-			User user = new User();
-			user.setUuid(DataHelper.createUuid());
-			user.setFirstName("ad");
-			user.setLastName("min");
-			user.setUserName("admin");
-			String password = PasswordHelper.createPass(12);
-			user.setSeed(PasswordHelper.createPass(16));
-			user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
-			user.setUserRoles(
-				new HashSet<>(Arrays.asList(creator.getUserRole(DefaultUserRole.ADMIN), creator.getUserRole(DefaultUserRole.NATIONAL_USER))));
-
-			getUserService().persist(user);
-			nationalAdmin = getUserFacade().getByUuid(user.getUuid());
-
-		}
-
-		return loginWith(nationalAdmin);
-	}
-
-	protected UserDto useSurveillanceOfficerLogin(TestDataCreator.RDCF rdcf) {
-		return loginWith(creator.createSurveillanceOfficer(rdcf));
-	}
-
-	protected void useSystemUser() {
-		when(MockProducer.getPrincipal().getName()).thenReturn("SYSTEM");
-	}
-
-	public PathogenTestService getPathogenTestService() {
-		return getBean(PathogenTestService.class);
-	}
-
-	public AdditionalTestService getAdditionalTestService() {
-		return getBean(AdditionalTestService.class);
-	}
-
-	public DocumentTemplateFacade getDocumentTemplateFacade() {
-		return getBean(DocumentTemplateFacadeEjbLocal.class);
-	}
-
-	public QuarantineOrderFacade getQuarantineOrderFacade() {
-		return getBean(QuarantineOrderFacadeEjb.QuarantineOrderFacadeEjbLocal.class);
-	}
-
-	public EventDocumentFacade getEventDocumentFacade() {
-		return getBean(EventDocumentFacadeEjb.class);
-	}
-
-	public BAGExportFacade getBAGExportFacade() {
-		return getBean(BAGExportFacadeEjb.BAGExportFacadeEjbLocal.class);
-	}
-
-	public ExternalJournalService getExternalJournalService() {
-		return getBean(ExternalJournalService.class);
-	}
-
-	public DocumentFacade getDocumentFacade() {
-		return getBean(DocumentFacadeEjb.DocumentFacadeEjbLocal.class);
-	}
-
-	public DocumentService getDocumentService() {
-		return getBean(DocumentService.class);
-	}
-
-	public DocumentRelatedEntityService getDocumentRelatedEntitiesService() {
-		return getBean(DocumentRelatedEntityService.class);
-	}
-
-	public ExportFacade getExportFacade() {
-		return getBean(ExportFacadeEjb.ExportFacadeEjbLocal.class);
-	}
-
-	public SystemEventFacade getSystemEventFacade() {
-		return getBean(SystemEventFacadeEjb.SystemEventFacadeEjbLocal.class);
-	}
-
-	public ExternalSurveillanceToolFacade getExternalSurveillanceToolGatewayFacade() {
-		return getBean(ExternalSurveillanceToolGatewayFacadeEjbLocal.class);
-	}
-
-	public ExternalShareInfoFacade getExternalShareInfoFacade() {
-		return getBean(ExternalShareInfoFacadeEjbLocal.class);
-	}
-
-	public ExternalShareInfoService getExternalShareInfoService() {
-		return getBean(ExternalShareInfoService.class);
-	}
-
-	public SormasToSormasShareRequestFacade getSormasToSormasShareRequestFacade() {
-		return getBean(SormasToSormasShareRequestFacadeEJBLocal.class);
-	}
+    public SormasToSormasCaseFacade getSormasToSormasCaseFacade() {
+        return getBean(SormasToSormasCaseFacadeEjbLocal.class);
+    }
 
-	public SormasToSormasShareRequestService getSormasToSormasShareRequestService() {
-		return getBean(SormasToSormasShareRequestService.class);
-	}
-
-	public TestReportFacade getTestReportFacade() {
-		return getBean(TestReportFacadeEjb.TestReportFacadeEjbLocal.class);
-	}
-
-	public TestReportService getTestReportService() {
-		return getBean(TestReportService.class);
-	}
-
-	public ImportParserService getImportParserService() {
-		return getBean(ImportParserService.class);
-	}
+    public SormasToSormasContactFacade getSormasToSormasContactFacade() {
+        return getBean(SormasToSormasContactFacadeEjbLocal.class);
+    }
+
+    public SormasToSormasEventFacade getSormasToSormasEventFacade() {
+        return getBean(SormasToSormasEventFacadeEjbLocal.class);
+    }
+
+    public ExternalMessageFacade getExternalMessageFacade() {
+        return getBean(ExternalMessageFacadeEjbLocal.class);
+    }
+
+    public ExternalMessageService getExternalMessageService() {
+        return getBean(ExternalMessageService.class);
+    }
+
+    public SormasToSormasExternalMessageFacade getSormasToSormasLabMessageFacade() {
+        return getBean(SormasToSormasExternalMessageFacadeEjbLocal.class);
+    }
+
+    public SormasToSormasShareInfoService getSormasToSormasShareInfoService() {
+        return getBean(SormasToSormasShareInfoService.class);
+    }
+
+    public ShareRequestInfoService getShareRequestInfoService() {
+        return getBean(ShareRequestInfoService.class);
+    }
+
+    public SormasToSormasEncryptionFacade getSormasToSormasEncryptionFacade() {
+        return getBean(SormasToSormasEncryptionFacadeEjb.SormasToSormasEncryptionFacadeEjbLocal.class);
+    }
+
+    public GeocodingService getGeocodingService() {
+        return getBean(GeocodingService.class);
+    }
+
+    public CurrentUserService getCurrentUserService() {
+        return getBean(CurrentUserService.class);
+    }
+
+    public CustomizableEnumValueService getCustomizableEnumValueService() {
+        return getBean(CustomizableEnumValueService.class);
+    }
+
+    public CustomizableEnumFacade getCustomizableEnumFacade() {
+        return getBean(CustomizableEnumFacadeEjb.CustomizableEnumFacadeEjbLocal.class);
+    }
+
+    public ShareDataBuilderHelper getShareDataBuilderHelper() {
+        return getBean(ShareDataBuilderHelper.class);
+    }
+
+    public ReceivedCaseProcessor getReceivedCaseProcessor() {
+        return getBean(ReceivedCaseProcessor.class);
+    }
+
+    public ReceivedContactProcessor getReceivedContactProcessor() {
+        return getBean(ReceivedContactProcessor.class);
+    }
+
+    public ReceivedEventProcessor getReceivedEventProcessor() {
+        return getBean(ReceivedEventProcessor.class);
+    }
+
+    public ReceivedImmunizationProcessor getReceivedImmunizationProcessor() {
+        return getBean(ReceivedImmunizationProcessor.class);
+    }
+
+    public ReceivedSampleProcessor getReceivedSampleProcessor() {
+        return getBean(ReceivedSampleProcessor.class);
+    }
+
+    public CampaignFormDataFacade getCampaignFormDataFacade() {
+        return getBean(CampaignFormDataFacadeEjbLocal.class);
+    }
+
+    public CampaignFacadeEjbLocal getCampaignFacade() {
+        return getBean(CampaignFacadeEjbLocal.class);
+    }
+
+    public CampaignDiagramDefinitionFacade getCampaignDiagramDefinitionFacade() {
+        return getBean(CampaignDiagramDefinitionFacadeEjb.CampaignDiagramDefinitionFacadeEjbLocal.class);
+    }
+
+    protected UserDto loginWith(UserDto user) {
+        when(MockProducer.getPrincipal().getName()).thenReturn(user.getUserName());
+        // load into cache, to work-around CurrentUserService.fetchUser @Transactional annotation not working in tests
+        getCurrentUserService().getCurrentUser();
+        return user;
+    }
+
+    protected UserDto useNationalUserLogin() {
+        return loginWith(creator.createNationalUser());
+    }
+
+    protected UserDto useNationalAdminLogin() {
+
+        if (nationalAdmin == null) {
+            // we don't use TestDataCreator.createUser here, because we first need any user to have the user right to access backend facades
+            User user = new User();
+            user.setUuid(DataHelper.createUuid());
+            user.setFirstName("ad");
+            user.setLastName("min");
+            user.setUserName("admin");
+            String password = PasswordHelper.createPass(12);
+            user.setSeed(PasswordHelper.createPass(16));
+            user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
+            user.setUserRoles(
+                    new HashSet<>(Arrays.asList(creator.getUserRole(DefaultUserRole.ADMIN), creator.getUserRole(DefaultUserRole.NATIONAL_USER))));
+
+            getUserService().persist(user);
+            nationalAdmin = getUserFacade().getByUuid(user.getUuid());
+
+        }
+
+        return loginWith(nationalAdmin);
+    }
+
+    protected UserDto useSurveillanceOfficerLogin(TestDataCreator.RDCF rdcf) {
+        return loginWith(creator.createSurveillanceOfficer(rdcf));
+    }
+
+    protected void useSystemUser() {
+        when(MockProducer.getPrincipal().getName()).thenReturn("SYSTEM");
+    }
+
+    public PathogenTestService getPathogenTestService() {
+        return getBean(PathogenTestService.class);
+    }
+
+    public AdditionalTestService getAdditionalTestService() {
+        return getBean(AdditionalTestService.class);
+    }
+
+    public DocumentTemplateFacade getDocumentTemplateFacade() {
+        return getBean(DocumentTemplateFacadeEjbLocal.class);
+    }
+
+    public QuarantineOrderFacade getQuarantineOrderFacade() {
+        return getBean(QuarantineOrderFacadeEjb.QuarantineOrderFacadeEjbLocal.class);
+    }
+
+    public EventDocumentFacade getEventDocumentFacade() {
+        return getBean(EventDocumentFacadeEjb.class);
+    }
+
+    public BAGExportFacade getBAGExportFacade() {
+        return getBean(BAGExportFacadeEjb.BAGExportFacadeEjbLocal.class);
+    }
+
+    public ExternalJournalService getExternalJournalService() {
+        return getBean(ExternalJournalService.class);
+    }
+
+    public DocumentFacade getDocumentFacade() {
+        return getBean(DocumentFacadeEjb.DocumentFacadeEjbLocal.class);
+    }
+
+    public DocumentService getDocumentService() {
+        return getBean(DocumentService.class);
+    }
+
+    public DocumentRelatedEntityService getDocumentRelatedEntitiesService() {
+        return getBean(DocumentRelatedEntityService.class);
+    }
+
+    public ExportFacade getExportFacade() {
+        return getBean(ExportFacadeEjb.ExportFacadeEjbLocal.class);
+    }
+
+    public SystemEventFacade getSystemEventFacade() {
+        return getBean(SystemEventFacadeEjb.SystemEventFacadeEjbLocal.class);
+    }
+
+    public ExternalSurveillanceToolFacade getExternalSurveillanceToolGatewayFacade() {
+        return getBean(ExternalSurveillanceToolGatewayFacadeEjbLocal.class);
+    }
+
+    public ExternalShareInfoFacade getExternalShareInfoFacade() {
+        return getBean(ExternalShareInfoFacadeEjbLocal.class);
+    }
+
+    public ExternalShareInfoService getExternalShareInfoService() {
+        return getBean(ExternalShareInfoService.class);
+    }
+
+    public SormasToSormasShareRequestFacade getSormasToSormasShareRequestFacade() {
+        return getBean(SormasToSormasShareRequestFacadeEJBLocal.class);
+    }
+
+    public SormasToSormasShareRequestService getSormasToSormasShareRequestService() {
+        return getBean(SormasToSormasShareRequestService.class);
+    }
+
+    public TestReportFacade getTestReportFacade() {
+        return getBean(TestReportFacadeEjb.TestReportFacadeEjbLocal.class);
+    }
+
+    public TestReportService getTestReportService() {
+        return getBean(TestReportService.class);
+    }
+
+    public ImportParserService getImportParserService() {
+        return getBean(ImportParserService.class);
+    }
 
-	public AreaFacade getAreaFacade() {
-		return getBean(AreaFacadeEjbLocal.class);
-	}
+    public AreaFacade getAreaFacade() {
+        return getBean(AreaFacadeEjbLocal.class);
+    }
 
-	public SormasToSormasCaseDtoValidator getSormasToSormasCaseDtoValidator() {
-		return getBean(SormasToSormasCaseDtoValidator.class);
-	}
+    public SormasToSormasCaseDtoValidator getSormasToSormasCaseDtoValidator() {
+        return getBean(SormasToSormasCaseDtoValidator.class);
+    }
 
-	public SormasToSormasContactDtoValidator getSormasToSormasContactDtoValidator() {
-		return getBean(SormasToSormasContactDtoValidator.class);
-	}
+    public SormasToSormasContactDtoValidator getSormasToSormasContactDtoValidator() {
+        return getBean(SormasToSormasContactDtoValidator.class);
+    }
 
-	public SormasToSormasEventDtoValidator getSormasToSormasEventDtoValidator() {
-		return getBean(SormasToSormasEventDtoValidator.class);
-	}
+    public SormasToSormasEventDtoValidator getSormasToSormasEventDtoValidator() {
+        return getBean(SormasToSormasEventDtoValidator.class);
+    }
 
-	public SormasToSormasEventParticipantDtoValidator getSormasToSormasEventParticipantDtoValidator() {
-		return getBean(SormasToSormasEventParticipantDtoValidator.class);
-	}
+    public SormasToSormasEventParticipantDtoValidator getSormasToSormasEventParticipantDtoValidator() {
+        return getBean(SormasToSormasEventParticipantDtoValidator.class);
+    }
 
-	public SormasToSormasImmunizationDtoValidator getSormasToSormasImmunizationDtoValidator() {
-		return getBean(SormasToSormasImmunizationDtoValidator.class);
-	}
+    public SormasToSormasImmunizationDtoValidator getSormasToSormasImmunizationDtoValidator() {
+        return getBean(SormasToSormasImmunizationDtoValidator.class);
+    }
 
-	public SormasToSormasSampleDtoValidator getSormasToSormasSampleDtoValidator() {
-		return getBean(SormasToSormasSampleDtoValidator.class);
-	}
+    public SormasToSormasSampleDtoValidator getSormasToSormasSampleDtoValidator() {
+        return getBean(SormasToSormasSampleDtoValidator.class);
+    }
 
-	public SormasToSormasExternalMessageDtoValidator getSormasToSormasLabMessageDtoValidator() {
-		return getBean(SormasToSormasExternalMessageDtoValidator.class);
-	}
+    public SormasToSormasExternalMessageDtoValidator getSormasToSormasLabMessageDtoValidator() {
+        return getBean(SormasToSormasExternalMessageDtoValidator.class);
+    }
 
-	public SormasToSormasSurveillanceReportDtoValidator getSormasToSormasSurveillanceReportDtoValidator() {
-		return getBean(SormasToSormasSurveillanceReportDtoValidator.class);
-	}
+    public SormasToSormasSurveillanceReportDtoValidator getSormasToSormasSurveillanceReportDtoValidator() {
+        return getBean(SormasToSormasSurveillanceReportDtoValidator.class);
+    }
 
-	public DefaultEntitiesCreator getDefaultEntitiesCreator() {
-		return getBean(DefaultEntitiesCreator.class);
-	}
+    public DefaultEntitiesCreator getDefaultEntitiesCreator() {
+        return getBean(DefaultEntitiesCreator.class);
+    }
 
-	public CoreEntityDeletionService getCoreEntityDeletionService() {
-		return getBean(CoreEntityDeletionService.class);
-	}
+    public CoreEntityDeletionService getCoreEntityDeletionService() {
+        return getBean(CoreEntityDeletionService.class);
+    }
 
-	public DeletionConfigurationService getDeletionConfigurationService() {
-		return getBean(DeletionConfigurationService.class);
-	}
+    public DeletionConfigurationService getDeletionConfigurationService() {
+        return getBean(DeletionConfigurationService.class);
+    }
 
-	public InfoFacade getInfoFacade() {
-		return getBean(InfoFacadeEjb.InfoFacadeEjbLocal.class);
-	}
+    public InfoFacade getInfoFacade() {
+        return getBean(InfoFacadeEjb.InfoFacadeEjbLocal.class);
+    }
 
-	public TaskService getTaskService() {
-		return getBean(TaskService.class);
-	}
+    public TaskService getTaskService() {
+        return getBean(TaskService.class);
+    }
 
-	public SampleReportFacade getSampleReportFacade() {
-		return getBean(SampleReportFacadeEjb.SampleReportFacadeEjbLocal.class);
-	}
+    public SampleReportFacade getSampleReportFacade() {
+        return getBean(SampleReportFacadeEjb.SampleReportFacadeEjbLocal.class);
+    }
 
-	public SampleReportService getSampleReportService() {
-		return getBean(SampleReportService.class);
-	}
+    public SampleReportService getSampleReportService() {
+        return getBean(SampleReportService.class);
+    }
 
-	public <T extends Throwable> void assertThrowsWithMessage(Class<T> expectedType, String expectedMessage, Executable executable) {
-		T throwable = assertThrows(expectedType, executable);
-		assertEquals(expectedMessage, throwable.getMessage());
-	}
-
-	public EnvironmentFacadeEjbLocal getEnvironmentFacade() {
-		return getBean(EnvironmentFacadeEjbLocal.class);
-	}
-
-	public EnvironmentService getEnvironmentService() {
-		return getBean(EnvironmentService.class);
-	}
-
-	public EnvironmentSampleFacade getEnvironmentSampleFacade() {
-		return getBean(EnvironmentSampleFacadeEjbLocal.class);
-	}
-
-	public EnvironmentSampleService getEnvironmentSampleService() {
-		return getBean(EnvironmentSampleService.class);
-	}
-
-	public AutomaticLabMessageProcessor getAutomaticLabMessageProcessingFlow() {
-		return getBean(AutomaticLabMessageProcessor.class);
-	}
-
-	public ExternalMessageProcessingFacade getExternalMessageProcessingFacade() {
-		return getBean(ExternalMessageProcessingFacadeEjbLocal.class);
-	}
-
-	public ExternalEmailFacade getExternalEmailFacade() {
-		return getBean(ExternalEmailFacadeEjbLocal.class);
-	}
-
-	public ManualMessageLogFacade getManualMessageLogFacade() {
-		return getBean(ManualMessageLogFacadeEjbLocal.class);
-	}
-
-	public ManualMessageLogService getManualMessageLogService() {
-		return getBean(ManualMessageLogService.class);
-	}
-
-	public SpecialCaseAccessFacade getSpecialCaseAccessFacade() {
-		return getBean(SpecialCaseAccessFacadeEjbLocal.class);
-	}
-
-	public SpecialCaseAccessService getSpecialCaseAccessService() {
-		return getBean(SpecialCaseAccessService.class);
-	}
-
-	public SelfReportFacadeEjbLocal getSelfReportFacade() {
-		return getBean(SelfReportFacadeEjbLocal.class);
-	}
-
-	public SelfReportService getSelfReportService() {
-		return getBean(SelfReportService.class);
-	}
+    public <T extends Throwable> void assertThrowsWithMessage(Class<T> expectedType, String expectedMessage, Executable executable) {
+        T throwable = assertThrows(expectedType, executable);
+        assertEquals(expectedMessage, throwable.getMessage());
+    }
+
+    public EnvironmentFacadeEjbLocal getEnvironmentFacade() {
+        return getBean(EnvironmentFacadeEjbLocal.class);
+    }
+
+    public EnvironmentService getEnvironmentService() {
+        return getBean(EnvironmentService.class);
+    }
+
+    public EnvironmentSampleFacade getEnvironmentSampleFacade() {
+        return getBean(EnvironmentSampleFacadeEjbLocal.class);
+    }
+
+    public EnvironmentSampleService getEnvironmentSampleService() {
+        return getBean(EnvironmentSampleService.class);
+    }
+
+    public AutomaticLabMessageProcessor getAutomaticLabMessageProcessingFlow() {
+        return getBean(AutomaticLabMessageProcessor.class);
+    }
+
+    public ExternalMessageProcessingFacade getExternalMessageProcessingFacade() {
+        return getBean(ExternalMessageProcessingFacadeEjbLocal.class);
+    }
+
+    public ExternalEmailFacade getExternalEmailFacade() {
+        return getBean(ExternalEmailFacadeEjbLocal.class);
+    }
+
+    public ManualMessageLogFacade getManualMessageLogFacade() {
+        return getBean(ManualMessageLogFacadeEjbLocal.class);
+    }
+
+    public ManualMessageLogService getManualMessageLogService() {
+        return getBean(ManualMessageLogService.class);
+    }
+
+    public SpecialCaseAccessFacade getSpecialCaseAccessFacade() {
+        return getBean(SpecialCaseAccessFacadeEjbLocal.class);
+    }
+
+    public SpecialCaseAccessService getSpecialCaseAccessService() {
+        return getBean(SpecialCaseAccessService.class);
+    }
+
+    public SelfReportFacadeEjbLocal getSelfReportFacade() {
+        return getBean(SelfReportFacadeEjbLocal.class);
+    }
+
+    public SelfReportService getSelfReportService() {
+        return getBean(SelfReportService.class);
+    }
 }
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
index 1e4594d0ab2..c8ac5b63c62 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
@@ -14,27 +14,7 @@
  */
 package de.symeda.sormas.backend;
 
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.function.Consumer;
-import java.util.function.Function;
-import java.util.stream.Collectors;
-
-import javax.annotation.Nullable;
-
-import de.symeda.sormas.api.utils.PasswordHelper;
-import org.jetbrains.annotations.NotNull;
-
 import com.fasterxml.jackson.databind.ObjectMapper;
-
 import de.symeda.sormas.api.Disease;
 import de.symeda.sormas.api.ReferenceDto;
 import de.symeda.sormas.api.VisitOrigin;
@@ -48,13 +28,7 @@
 import de.symeda.sormas.api.campaign.diagram.DiagramType;
 import de.symeda.sormas.api.campaign.form.CampaignFormMetaDto;
 import de.symeda.sormas.api.campaign.form.CampaignFormMetaReferenceDto;
-import de.symeda.sormas.api.caze.CaseClassification;
-import de.symeda.sormas.api.caze.CaseDataDto;
-import de.symeda.sormas.api.caze.CaseReferenceDto;
-import de.symeda.sormas.api.caze.InvestigationStatus;
-import de.symeda.sormas.api.caze.VaccinationInfoSource;
-import de.symeda.sormas.api.caze.Vaccine;
-import de.symeda.sormas.api.caze.VaccineManufacturer;
+import de.symeda.sormas.api.caze.*;
 import de.symeda.sormas.api.caze.surveillancereport.ReportingType;
 import de.symeda.sormas.api.caze.surveillancereport.SurveillanceReportDto;
 import de.symeda.sormas.api.clinicalcourse.ClinicalVisitDto;
@@ -75,13 +49,7 @@
 import de.symeda.sormas.api.environment.environmentsample.EnvironmentSampleReferenceDto;
 import de.symeda.sormas.api.environment.environmentsample.Pathogen;
 import de.symeda.sormas.api.epidata.EpiDataDto;
-import de.symeda.sormas.api.event.EventDto;
-import de.symeda.sormas.api.event.EventInvestigationStatus;
-import de.symeda.sormas.api.event.EventParticipantDto;
-import de.symeda.sormas.api.event.EventParticipantReferenceDto;
-import de.symeda.sormas.api.event.EventReferenceDto;
-import de.symeda.sormas.api.event.EventStatus;
-import de.symeda.sormas.api.event.TypeOfPlace;
+import de.symeda.sormas.api.event.*;
 import de.symeda.sormas.api.exposure.ExposureDto;
 import de.symeda.sormas.api.exposure.ExposureType;
 import de.symeda.sormas.api.exposure.TypeOfAnimal;
@@ -90,11 +58,7 @@
 import de.symeda.sormas.api.externalmessage.ExternalMessageType;
 import de.symeda.sormas.api.externalmessage.labmessage.SampleReportDto;
 import de.symeda.sormas.api.externalmessage.labmessage.TestReportDto;
-import de.symeda.sormas.api.immunization.ImmunizationDto;
-import de.symeda.sormas.api.immunization.ImmunizationManagementStatus;
-import de.symeda.sormas.api.immunization.ImmunizationReferenceDto;
-import de.symeda.sormas.api.immunization.ImmunizationStatus;
-import de.symeda.sormas.api.immunization.MeansOfImmunization;
+import de.symeda.sormas.api.immunization.*;
 import de.symeda.sormas.api.importexport.ExportConfigurationDto;
 import de.symeda.sormas.api.importexport.ExportType;
 import de.symeda.sormas.api.infrastructure.PopulationDataDto;
@@ -109,19 +73,8 @@
 import de.symeda.sormas.api.infrastructure.pointofentry.PointOfEntryType;
 import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
 import de.symeda.sormas.api.location.LocationDto;
-import de.symeda.sormas.api.person.PersonContactDetailDto;
-import de.symeda.sormas.api.person.PersonContactDetailType;
-import de.symeda.sormas.api.person.PersonDto;
-import de.symeda.sormas.api.person.PersonReferenceDto;
-import de.symeda.sormas.api.person.Sex;
-import de.symeda.sormas.api.sample.AdditionalTestDto;
-import de.symeda.sormas.api.sample.PathogenTestDto;
-import de.symeda.sormas.api.sample.PathogenTestResultType;
-import de.symeda.sormas.api.sample.PathogenTestType;
-import de.symeda.sormas.api.sample.SampleDto;
-import de.symeda.sormas.api.sample.SampleMaterial;
-import de.symeda.sormas.api.sample.SamplePurpose;
-import de.symeda.sormas.api.sample.SampleReferenceDto;
+import de.symeda.sormas.api.person.*;
+import de.symeda.sormas.api.sample.*;
 import de.symeda.sormas.api.share.ExternalShareStatus;
 import de.symeda.sormas.api.sormastosormas.SormasToSormasOriginInfoDto;
 import de.symeda.sormas.api.sormastosormas.share.incoming.ShareRequestDataType;
@@ -138,14 +91,9 @@
 import de.symeda.sormas.api.therapy.TreatmentDto;
 import de.symeda.sormas.api.therapy.TreatmentType;
 import de.symeda.sormas.api.travelentry.TravelEntryDto;
-import de.symeda.sormas.api.user.DefaultUserRole;
-import de.symeda.sormas.api.user.JurisdictionLevel;
-import de.symeda.sormas.api.user.UserDto;
-import de.symeda.sormas.api.user.UserReferenceDto;
-import de.symeda.sormas.api.user.UserRight;
-import de.symeda.sormas.api.user.UserRoleDto;
-import de.symeda.sormas.api.user.UserRoleReferenceDto;
+import de.symeda.sormas.api.user.*;
 import de.symeda.sormas.api.utils.DataHelper;
+import de.symeda.sormas.api.utils.PasswordHelper;
 import de.symeda.sormas.api.vaccination.VaccinationDto;
 import de.symeda.sormas.api.visit.VisitDto;
 import de.symeda.sormas.api.visit.VisitStatus;
@@ -163,2401 +111,2406 @@
 import de.symeda.sormas.backend.sormastosormas.share.outgoing.SormasToSormasShareInfo;
 import de.symeda.sormas.backend.user.User;
 import de.symeda.sormas.backend.user.UserRole;
+import org.jetbrains.annotations.NotNull;
 
-public class TestDataCreator {
-
-	private final AbstractBeanTest beanTest;
-	public final Map<DefaultUserRole, UserRoleReferenceDto> userRoleDtoMap = new HashMap<>();
-	public final Map<DefaultUserRole, UserRole> userRoleMap = new HashMap<>();
-
-	public TestDataCreator(AbstractBeanTest beanTest) {
-		this.beanTest = beanTest;
-	}
-
-	private void createUserRoles() {
-		Arrays.stream(DefaultUserRole.values()).forEach(defaultUserRole -> {
-			UserRoleDto userRoleDto =
-				UserRoleDto.build(defaultUserRole.getDefaultUserRights().toArray(new UserRight[defaultUserRole.getDefaultUserRights().size()]));
-			userRoleDto.setCaption(defaultUserRole.toString());
-			userRoleDto.setEnabled(true);
-			userRoleDto.setPortHealthUser(defaultUserRole.isPortHealthUser());
-			userRoleDto.setLinkedDefaultUserRole(defaultUserRole);
-			userRoleDto.setHasAssociatedDistrictUser(defaultUserRole.hasAssociatedDistrictUser());
-			userRoleDto.setHasOptionalHealthFacility(defaultUserRole.hasOptionalHealthFacility());
-			userRoleDto.setEmailNotificationTypes(defaultUserRole.getEmailNotificationTypes());
-			userRoleDto.setSmsNotificationTypes(defaultUserRole.getSmsNotificationTypes());
-			userRoleDto.setJurisdictionLevel(defaultUserRole.getJurisdictionLevel());
-			userRoleDto = beanTest.getUserRoleFacade().saveUserRole(userRoleDto);
-			userRoleDtoMap.put(defaultUserRole, userRoleDto.toReference());
-			UserRole userRole = beanTest.getEagerUserRole(userRoleDto.getUuid());
-			userRoleMap.put(defaultUserRole, userRole);
-		});
-	}
-
-	public UserRoleReferenceDto getUserRoleReference(DefaultUserRole userRole) {
-		if (userRoleDtoMap.isEmpty()) {
-			createUserRoles();
-		}
-		return userRoleDtoMap.get(userRole);
-	}
-
-	public UserRoleReferenceDto createUserRoleWithRestrictedAccessToAssignedEntitiesUsingTemplate(DefaultUserRole templateUserRole) {
-		UserRoleDto userRole = new UserRoleDto();
-		userRole.setCaption(templateUserRole.toString() + "Restricted");
-		userRole.setJurisdictionLevel(templateUserRole.getJurisdictionLevel());
-		userRole.setUserRights(Arrays.stream(templateUserRole.getDefaultUserRights().toArray(new UserRight[0])).collect(Collectors.toSet()));
-		userRole.setRestrictAccessToAssignedEntities(true);
-		return beanTest.getUserRoleFacade().saveUserRole(userRole).toReference();
-	}
-
-	public UserRole getUserRole(DefaultUserRole userRole) {
-		if (userRoleMap.isEmpty()) {
-			createUserRoles();
-		}
-		return userRoleMap.get(userRole);
-	}
-
-	public UserDto createNationalUser() {
-		return createUser("", "", "", "Nat", "Usr", getUserRoleReference(DefaultUserRole.NATIONAL_USER));
-	}
-
-	public UserDto createSurveillanceSupervisor(RDCF rdcf) {
-		if (rdcf == null) {
-			rdcf = createRDCF("Region", "District", "Community", "Facility");
-		}
-
-		return createUser(rdcf.region.getUuid(), null, null, "Surv", "Sup", getUserRoleReference(DefaultUserRole.SURVEILLANCE_SUPERVISOR));
-	}
-
-	public UserDto createSurveillanceOfficer(RDCF rdcf) {
-		if (rdcf == null) {
-			rdcf = createRDCF("Region", "District", "Community", "Facility");
-		}
-
-		return createUser(
-			rdcf.region.getUuid(),
-			rdcf.district.getUuid(),
-			rdcf.facility.getUuid(),
-			"Surv",
-			"Off",
-			getUserRoleReference(DefaultUserRole.SURVEILLANCE_OFFICER));
-	}
-
-	public UserDto createSurveillanceOfficerWithRestrictedAccessToAssignedEntities(RDCF rdcf) {
-		if (rdcf == null) {
-			rdcf = createRDCF("Region", "District", "Community", "Facility");
-		}
-
-		final UserDto user = createUser(
-			rdcf.region.getUuid(),
-			rdcf.district.getUuid(),
-			rdcf.facility.getUuid(),
-			"SurvOff",
-			"RestrictedAccess",
-			createUserRoleWithRestrictedAccessToAssignedEntitiesUsingTemplate(DefaultUserRole.SURVEILLANCE_OFFICER));
-
-		return user;
-	}
-
-	public UserDto createContactOfficer(RDCF rdcf) {
-		if (rdcf == null) {
-			rdcf = createRDCF("Region", "District", "Community", "Facility");
-		}
-
-		return createUser(
-			rdcf.region.getUuid(),
-			rdcf.district.getUuid(),
-			rdcf.facility.getUuid(),
-			"Cont",
-			"Off",
-			getUserRoleReference(DefaultUserRole.CONTACT_OFFICER));
-	}
-
-	public UserDto createUser(RDCF rdcf, UserRoleReferenceDto userRole, Consumer<UserDto> customConfig) {
-
-		UserDto user = UserDto.build();
-		user.setFirstName("User");
-		user.setLastName(userRole.getCaption());
-		user.setUserName(userRole.buildCaption());
-		user.setUserRoles(new HashSet(Arrays.asList(userRole)));
-		user.setRegion(rdcf.region);
-		user.setDistrict(rdcf.district);
-		user.setCommunity(rdcf.community);
-		user.setHealthFacility(rdcf.facility);
-
-		if (customConfig != null) {
-			customConfig.accept(user);
-		}
-
-		return beanTest.getUserFacade().saveUser(user, false);
-	}
-
-	public UserDto createUser(RDCF rdcf, UserRoleReferenceDto... roles) {
-		return createUser(
-			rdcf.region.getUuid(),
-			rdcf.district.getUuid(),
-			rdcf.facility.getUuid(),
-			roles.length > 0 ? roles[0].getCaption() : "First",
-			"User",
-			roles);
-	}
-
-	public UserDto createUser(RDCF rdcf, DefaultUserRole defaultUserRole) {
-		return createUser(rdcf, "User", defaultUserRole);
-	}
-
-	public UserDto createUser(RDCF rdcf, String lastName, DefaultUserRole defaultUserRole) {
-		UserRoleReferenceDto userRole = getUserRoleReference(defaultUserRole);
-		return createUser(rdcf.region.getUuid(), rdcf.district.getUuid(), rdcf.facility.getUuid(), userRole.getCaption(), lastName, userRole);
-	}
-
-	public UserDto createUser(RDCF rdcf, String firstName, String lastName, UserRoleReferenceDto... roles) {
-		return createUser(
-			rdcf.region.getUuid(),
-			rdcf.district.getUuid(),
-			rdcf.community.getUuid(),
-			rdcf.facility.getUuid(),
-			firstName,
-			lastName,
-			roles);
-	}
-
-	public UserDto createUser(
-		String regionUuid,
-		String districtUuid,
-		String facilityUuid,
-		String firstName,
-		String lastName,
-		UserRoleReferenceDto... roles) {
-		return createUser(regionUuid, districtUuid, null, facilityUuid, firstName, lastName, roles);
-	}
-
-	public UserDto createUser(
-		String regionUuid,
-		String districtUuid,
-		String communityUuid,
-		String facilityUuid,
-		String firstName,
-		String lastName,
-		UserRoleReferenceDto... roles) {
-		return createUser(regionUuid, districtUuid, communityUuid, facilityUuid, firstName, lastName, null, roles);
-	}
-
-	public UserDto createUser(RDCF rdcf, String firstName, String lastName, Disease limitedDisease, UserRoleReferenceDto... roles) {
-		return createUser(rdcf.region.getUuid(), rdcf.district.getUuid(), null, rdcf.facility.getUuid(), firstName, lastName, limitedDisease, roles);
-	}
-
-	public UserDto createUser(
-		String regionUuid,
-		String districtUuid,
-		String facilityUuid,
-		String firstName,
-		String lastName,
-		String caption,
-		JurisdictionLevel jurisdictionLevel,
-		UserRight... userRights) {
-		UserRoleReferenceDto userRole = createUserRole(caption, jurisdictionLevel, userRights);
-		return createUser(regionUuid, districtUuid, facilityUuid, firstName, lastName, userRole);
-	}
-
-	private UserDto createUser(
-		String regionUuid,
-		String districtUuid,
-		String communityUuid,
-		String facilityUuid,
-		String firstName,
-		String lastName,
-		Disease limitedDisease,
-		UserRoleReferenceDto... roles) {
-
-		UserDto user = UserDto.build();
-		user.setFirstName(firstName);
-		user.setLastName(lastName);
-		user.setUserName(firstName + lastName);
-		user.setUserRoles(new HashSet<>(Arrays.asList(roles)));
-		if (limitedDisease != null) {
-			user.setLimitedDiseases(Collections.singleton(limitedDisease));
-		}
-		user.setRegion(beanTest.getRegionFacade().getReferenceByUuid(regionUuid));
-		user.setDistrict(beanTest.getDistrictFacade().getReferenceByUuid(districtUuid));
-		user.setCommunity(beanTest.getCommunityFacade().getReferenceByUuid(communityUuid));
-		user.setHealthFacility(beanTest.getFacilityFacade().getReferenceByUuid(facilityUuid));
-		return beanTest.getUserFacade().saveUser(user, false);
-	}
-
-	public UserDto createPointOfEntryUser(RDP rdp) {
-		return createUser(
-			new RDCF(rdp.region, rdp.district, null, null),
-			userRoleDtoMap.get(DefaultUserRole.POE_INFORMANT),
-			user -> user.setPointOfEntry(rdp.pointOfEntry));
-	}
-
-	public UserRoleReferenceDto createUserRole(String caption, JurisdictionLevel jurisdictionLevel, UserRight... userRights) {
-		UserRoleDto userRole = new UserRoleDto();
-		userRole.setCaption(caption);
-		userRole.setJurisdictionLevel(jurisdictionLevel);
-		userRole.setUserRights(Arrays.stream(userRights).collect(Collectors.toSet()));
-		return beanTest.getUserRoleFacade().saveUserRole(userRole).toReference();
-	}
-
-	public UserRoleReferenceDto createUserRoleWithRequiredRights(String caption, JurisdictionLevel jurisdictionLevel, UserRight... userRights) {
-		UserRoleDto userRole = new UserRoleDto();
-		userRole.setCaption(caption);
-		userRole.setJurisdictionLevel(jurisdictionLevel);
-		userRole.setUserRights(UserRight.getWithRequiredUserRights(userRights));
-		return beanTest.getUserRoleFacade().saveUserRole(userRole).toReference();
-	}
-
-	public PersonDto createPerson() {
-		return createPerson("FirstName", "LastName");
-	}
-
-	public PersonDto createPerson(String firstName, String lastName) {
-		return createPerson(firstName, lastName, Sex.UNKNOWN, null);
-	}
-
-	public PersonDto createPerson(String firstName, String lastName, Sex sex) {
-		return createPerson(firstName, lastName, sex, null);
-	}
-
-	public PersonDto createPerson(String firstName, String lastName, Sex sex, Consumer<PersonDto> customConfig) {
-
-		PersonDto person = PersonDto.build();
-		person.setFirstName(firstName);
-		person.setLastName(lastName);
-		person.setSex(sex);
-
-		if (customConfig != null) {
-			customConfig.accept(person);
-		}
-
-		person = beanTest.getPersonFacade().save(person);
-
-		return person;
-	}
-
-	public PersonDto createPerson(String firstName, String lastName, Consumer<PersonDto> customConfig) {
-
-		PersonDto person = PersonDto.build();
-		person.setFirstName(firstName);
-		person.setLastName(lastName);
-		person.setSex(Sex.UNKNOWN);
-
-		if (customConfig != null) {
-			customConfig.accept(person);
-		}
-
-		person = beanTest.getPersonFacade().save(person);
-
-		return person;
-	}
-
-	public PersonDto createPerson(String firstName, String lastName, Sex sex, Integer birthdateYYYY, Integer birthdateMM, Integer birthdateDD) {
-		return createPerson(firstName, lastName, sex, birthdateYYYY, birthdateMM, birthdateDD, null, null, null);
-	}
-
-	public PersonDto createPerson(
-		String firstName,
-		String lastName,
-		Sex sex,
-		Integer birthdateYYYY,
-		Integer birthdateMM,
-		Integer birthdateDD,
-		String passportNr,
-		String nationalHealthId) {
-		return createPerson(firstName, lastName, sex, birthdateYYYY, birthdateMM, birthdateDD, null, passportNr, nationalHealthId);
-	}
-
-	private PersonDto createPerson(
-		String firstName,
-		String lastName,
-		Sex sex,
-		Integer birthdateYYYY,
-		Integer birthdateMM,
-		Integer birthdateDD,
-		LocationDto address,
-		String passportNr,
-		String nationalHealthId) {
-
-		PersonDto person = PersonDto.build();
-		person.setFirstName(firstName);
-		person.setLastName(lastName);
-		person.setSex(sex);
-		person.setBirthdateYYYY(birthdateYYYY);
-		person.setBirthdateMM(birthdateMM);
-		person.setBirthdateDD(birthdateDD);
-		person.setPassportNumber(passportNr);
-		person.setNationalHealthId(nationalHealthId);
-
-		if (address != null) {
-			person.setAddress(address);
-		}
-
-		person = beanTest.getPersonFacade().save(person);
-
-		return person;
-	}
-
-	public PersonDto createPerson(
-		String firstName,
-		String lastName,
-		Sex sex,
-		Integer birthdateYYYY,
-		Integer birthdateMM,
-		Integer birthdateDD,
-		Consumer<PersonDto> customConfig) {
-
-		PersonDto person = PersonDto.build();
-		person.setFirstName(firstName);
-		person.setLastName(lastName);
-		person.setSex(sex);
-		person.setBirthdateYYYY(birthdateYYYY);
-		person.setBirthdateMM(birthdateMM);
-		person.setBirthdateDD(birthdateDD);
-
-		if (customConfig != null) {
-			customConfig.accept(person);
-		}
-
-		person = beanTest.getPersonFacade().save(person);
-
-		return person;
-	}
-
-	public PersonContactDetailDto createPersonContactDetail(
-		PersonReferenceDto person,
-		boolean primaryContact,
-		PersonContactDetailType personContactDetailType,
-		String contactInformation) {
-		PersonContactDetailDto contactDetails =
-			PersonContactDetailDto.build(person, primaryContact, personContactDetailType, null, null, contactInformation, null, false, null, null);
-		return contactDetails;
-	}
-
-	public CaseDataDto createUnclassifiedCase(Disease disease) {
-
-		RDCF rdcf = createRDCF("Region", "District", "Community", "Facility");
-		UserDto user = beanTest.getUserFacade().getByUserName("SurvSup");
-		if (user == null) {
-			user = createSurveillanceSupervisor(rdcf);
-		}
-
-		PersonDto cazePerson = createPerson("Case", "Person", Sex.UNKNOWN);
-		return createCase(
-			user.toReference(),
-			cazePerson.toReference(),
-			disease,
-			CaseClassification.NOT_CLASSIFIED,
-			InvestigationStatus.PENDING,
-			new Date(),
-			rdcf);
-	}
-
-	public CaseDataDto createCase(UserReferenceDto user, RDCF rdcf, Consumer<CaseDataDto> setCustomFields) {
-		return createCase(
-			user,
-			createPerson().toReference(),
-			Disease.EVD,
-			CaseClassification.SUSPECT,
-			InvestigationStatus.PENDING,
-			new Date(),
-			rdcf,
-			setCustomFields);
-	}
-
-	public CaseDataDto createCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf) {
-		return createCase(user, person, Disease.EVD, CaseClassification.SUSPECT, InvestigationStatus.PENDING, new Date(), rdcf);
-	}
-
-	public CaseDataDto createCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf, Consumer<CaseDataDto> setCustomFields) {
-		return createCase(user, person, Disease.EVD, CaseClassification.SUSPECT, InvestigationStatus.PENDING, new Date(), rdcf, setCustomFields);
-	}
-
-	public CaseDataDto createCase(
-		UserReferenceDto user,
-		PersonReferenceDto cazePerson,
-		Disease disease,
-		CaseClassification caseClassification,
-		InvestigationStatus investigationStatus,
-		Date reportAndOnsetDate,
-		RDCF rdcf) {
-
-		return createCase(user, cazePerson, disease, caseClassification, investigationStatus, reportAndOnsetDate, rdcf, null);
-	}
-
-	public CaseDataDto createCase(
-		UserReferenceDto user,
-		PersonReferenceDto cazePerson,
-		Disease disease,
-		CaseClassification caseClassification,
-		InvestigationStatus investigationStatus,
-		Date reportAndOnsetDate,
-		RDCF rdcf,
-		Consumer<CaseDataDto> setCustomFields) {
-
-		CaseDataDto caze = CaseDataDto.build(cazePerson, disease);
-		caze.setReportDate(reportAndOnsetDate);
-		caze.setReportingUser(user);
-		caze.getSymptoms().setOnsetDate(reportAndOnsetDate);
-		caze.setCaseClassification(caseClassification);
-		caze.setInvestigationStatus(investigationStatus);
-		caze.setResponsibleRegion(rdcf.region);
-		caze.setResponsibleDistrict(rdcf.district);
-		caze.setResponsibleCommunity(rdcf.community);
-		caze.setFacilityType(beanTest.getFacilityFacade().getByUuid(rdcf.facility.getUuid()).getType());
-		caze.setHealthFacility(rdcf.facility);
-		caze.setPointOfEntry(rdcf.pointOfEntry);
-
-		if (setCustomFields != null) {
-			setCustomFields.accept(caze);
-		}
-
-		caze = beanTest.getCaseFacade().save(caze);
-
-		return caze;
-	}
-
-	public ImmunizationDto createImmunization(
-		Disease disease,
-		PersonReferenceDto person,
-		UserReferenceDto reportingUser,
-		ImmunizationStatus immunizationStatus,
-		MeansOfImmunization meansOfImmunization,
-		ImmunizationManagementStatus immunizationManagementStatus,
-		RDCF rdcf,
-		Date startDate,
-		Date endDate,
-		Date validFromDate,
-		Date validUntilDate) {
-		ImmunizationDto immunization =
-			createImmunizationDto(disease, person, reportingUser, immunizationStatus, meansOfImmunization, immunizationManagementStatus, rdcf);
-		immunization.setStartDate(startDate);
-		immunization.setEndDate(endDate);
-		immunization.setValidFrom(validFromDate);
-		immunization.setValidUntil(validUntilDate);
-
-		return beanTest.getImmunizationFacade().save(immunization);
-	}
-
-	public ImmunizationDto createImmunization(
-		Disease disease,
-		PersonReferenceDto person,
-		UserReferenceDto reportingUser,
-		ImmunizationStatus immunizationStatus,
-		MeansOfImmunization meansOfImmunization,
-		ImmunizationManagementStatus immunizationManagementStatus,
-		RDCF rdcf) {
-		ImmunizationDto immunization =
-			createImmunizationDto(disease, person, reportingUser, immunizationStatus, meansOfImmunization, immunizationManagementStatus, rdcf);
-
-		return beanTest.getImmunizationFacade().save(immunization);
-	}
-
-	public ImmunizationDto createImmunization(Disease disease, PersonReferenceDto person, UserReferenceDto reportingUser, RDCF rdcf) {
-
-		return createImmunization(disease, person, reportingUser, rdcf, null);
-	}
-
-	public ImmunizationDto createImmunization(
-		Disease disease,
-		PersonReferenceDto person,
-		UserReferenceDto reportingUser,
-		RDCF rdcf,
-		Consumer<ImmunizationDto> extraConfig) {
-
-		ImmunizationDto immunization = createImmunizationDto(
-			disease,
-			person,
-			reportingUser,
-			ImmunizationStatus.PENDING,
-			MeansOfImmunization.VACCINATION,
-			ImmunizationManagementStatus.ONGOING,
-			rdcf);
-
-		if (extraConfig != null) {
-			extraConfig.accept(immunization);
-		}
-
-		return beanTest.getImmunizationFacade().save(immunization);
-	}
-
-	@NotNull
-	public ImmunizationDto createImmunizationDto(
-		Disease disease,
-		PersonReferenceDto person,
-		UserReferenceDto reportingUser,
-		ImmunizationStatus immunizationStatus,
-		MeansOfImmunization meansOfImmunization,
-		ImmunizationManagementStatus immunizationManagementStatus,
-		RDCF rdcf) {
-		ImmunizationDto immunization = new ImmunizationDto();
-		immunization.setUuid(DataHelper.createUuid());
-		immunization.setDisease(disease);
-		immunization.setPerson(person);
-		immunization.setReportingUser(reportingUser);
-		immunization.setImmunizationStatus(immunizationStatus);
-		immunization.setMeansOfImmunization(meansOfImmunization);
-		immunization.setImmunizationManagementStatus(immunizationManagementStatus);
-		immunization.setResponsibleRegion(rdcf.region);
-		immunization.setResponsibleDistrict(rdcf.district);
-		immunization.setResponsibleCommunity(rdcf.community);
-
-		immunization.setReportDate(new Date());
-		return immunization;
-	}
-
-	public VaccinationDto createVaccination(
-		UserReferenceDto reportingUser,
-		ImmunizationReferenceDto immunization,
-		HealthConditionsDto healthConditions) {
-
-		return createVaccination(reportingUser, immunization, healthConditions, new Date(), null, null);
-	}
-
-	public VaccinationDto createVaccination(UserReferenceDto reportingUser, ImmunizationReferenceDto immunization) {
-		return createVaccination(reportingUser, immunization, new HealthConditionsDto());
-	}
-
-	@NotNull
-	public VaccinationDto createVaccinationDto(
-		UserReferenceDto reportingUser,
-		ImmunizationReferenceDto immunization,
-		HealthConditionsDto healthConditions) {
-		VaccinationDto vaccination = new VaccinationDto();
-		vaccination.setUuid(DataHelper.createUuid());
-		vaccination.setReportingUser(reportingUser);
-		vaccination.setReportDate(new Date());
-
-		vaccination.setImmunization(immunization);
-		vaccination.setHealthConditions(healthConditions);
-		return vaccination;
-	}
-
-	public VaccinationDto createVaccinationWithDetails(
-		UserReferenceDto reportingUser,
-		ImmunizationReferenceDto immunization,
-		HealthConditionsDto healthConditions,
-		Date vaccinationDate,
-		Vaccine vaccine,
-		VaccineManufacturer vaccineManufacturer,
-		VaccinationInfoSource infoSource,
-		String vaccineInn,
-		String vaccineBatchNumber,
-		String vaccineAtcCode,
-		String vaccineDose) {
-
-		VaccinationDto vaccinationDto =
-			createVaccination(reportingUser, immunization, healthConditions, vaccinationDate, vaccine, vaccineManufacturer);
-
-		vaccinationDto.setVaccinationInfoSource(infoSource);
-		vaccinationDto.setVaccineInn(vaccineInn);
-		vaccinationDto.setVaccineBatchNumber(vaccineBatchNumber);
-		vaccinationDto.setVaccineAtcCode(vaccineAtcCode);
-		vaccinationDto.setVaccineDose(vaccineDose);
-
-		return beanTest.getVaccinationFacade().save(vaccinationDto);
-	}
-
-	public VaccinationDto createVaccination(
-		UserReferenceDto reportingUser,
-		ImmunizationReferenceDto immunization,
-		HealthConditionsDto healthConditions,
-		Date vaccinationDate,
-		Vaccine vaccine,
-		VaccineManufacturer vaccineManufacturer) {
-
-		VaccinationDto vaccination = new VaccinationDto();
-		vaccination.setUuid(DataHelper.createUuid());
-		vaccination.setReportingUser(reportingUser);
-		vaccination.setReportDate(new Date());
-		vaccination.setVaccinationDate(new Date());
-		vaccination.setVaccineName(vaccine);
-		vaccination.setVaccineManufacturer(vaccineManufacturer);
-
-		vaccination.setVaccinationDate(vaccinationDate);
-		vaccination.setImmunization(immunization);
-		vaccination.setHealthConditions(healthConditions);
-
-		return beanTest.getVaccinationFacade().save(vaccination);
-	}
-
-	public TravelEntryDto createTravelEntry(PersonReferenceDto person, UserReferenceDto reportingUser, RDCF rdcf, Consumer<TravelEntryDto> config) {
-
-		TravelEntryDto travelEntry = TravelEntryDto.build(person);
-		travelEntry.setDisease(Disease.EVD);
-		travelEntry.setReportingUser(reportingUser);
-		travelEntry.setResponsibleRegion(rdcf.region);
-		travelEntry.setResponsibleDistrict(rdcf.district);
-		travelEntry.setPointOfEntry(rdcf.pointOfEntry);
-		travelEntry.setDateOfArrival(new Date());
-
-		if (config != null) {
-			config.accept(travelEntry);
-		}
-
-		return beanTest.getTravelEntryFacade().save(travelEntry);
-	}
-
-	public TravelEntryDto createTravelEntry(
-		PersonReferenceDto person,
-		UserReferenceDto reportingUser,
-		Disease disease,
-		RegionReferenceDto responsibleRegion,
-		DistrictReferenceDto responsibleDistrict,
-		PointOfEntryReferenceDto pointOfEntry) {
-
-		TravelEntryDto travelEntry = TravelEntryDto.build(person);
-		travelEntry.setDisease(disease);
-		travelEntry.setReportingUser(reportingUser);
-		travelEntry.setDateOfArrival(new Date());
-		travelEntry.setResponsibleRegion(responsibleRegion);
-		travelEntry.setResponsibleDistrict(responsibleDistrict);
-		travelEntry.setPointOfEntry(pointOfEntry);
-
-		return beanTest.getTravelEntryFacade().save(travelEntry);
-	}
-
-	public ClinicalVisitDto createClinicalVisit(CaseDataDto caze) {
-		return createClinicalVisit(caze, null);
-	}
-
-	public ClinicalVisitDto createClinicalVisit(CaseDataDto caze, Consumer<ClinicalVisitDto> extraConfig) {
-
-		ClinicalVisitDto clinicalVisit = ClinicalVisitDto.build(caze.getClinicalCourse().toReference(), caze.getDisease());
-
-		if (extraConfig != null) {
-			extraConfig.accept(clinicalVisit);
-		}
-
-		clinicalVisit = beanTest.getClinicalVisitFacade().saveClinicalVisit(clinicalVisit, caze.getUuid());
-		return clinicalVisit;
-	}
-
-	public PrescriptionDto createPrescription(CaseDataDto caze) {
-		return createPrescription(caze, null);
-	}
-
-	public PrescriptionDto createPrescription(CaseDataDto caze, Consumer<PrescriptionDto> customConfig) {
-
-		PrescriptionDto prescription = PrescriptionDto.buildPrescription(caze.getTherapy().toReference());
-		prescription.setPrescriptionType(TreatmentType.BLOOD_TRANSFUSION);
-
-		if (customConfig != null) {
-			customConfig.accept(prescription);
-		}
-
-		prescription = beanTest.getPrescriptionFacade().savePrescription(prescription);
-
-		return prescription;
-	}
-
-	public TreatmentDto createTreatment(CaseDataDto caze) {
-		return createTreatment(caze, null);
-	}
-
-	public TreatmentDto createTreatment(CaseDataDto caze, Consumer<TreatmentDto> customConfig) {
-
-		TreatmentDto treatment = TreatmentDto.build(caze.getTherapy().toReference());
-		treatment.setTreatmentType(TreatmentType.BLOOD_TRANSFUSION);
-
-		if (customConfig != null) {
-			customConfig.accept(treatment);
-		}
-
-		treatment = beanTest.getTreatmentFacade().saveTreatment(treatment);
-
-		return treatment;
-	}
-
-	public ContactDto createContact(RDCF rdcf, UserReferenceDto reportingUser, PersonReferenceDto contactPerson) {
-		return createContact(reportingUser, null, contactPerson, null, new Date(), null, null, rdcf);
-	}
-
-	public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson) {
-		return createContact(reportingUser, null, contactPerson, null, new Date(), null, null, null);
-	}
-
-	public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, Disease disease) {
-		return createContact(reportingUser, null, contactPerson, null, new Date(), null, disease, null);
-	}
-
-	public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, Disease disease, RDCF rdcf) {
-		return createContact(reportingUser, null, contactPerson, null, new Date(), null, disease, null);
-	}
-
-	public ContactDto createContact(
-		UserReferenceDto reportingUser,
-		PersonReferenceDto contactPerson,
-		Disease disease,
-		Consumer<ContactDto> customConfig) {
-		return createContact(reportingUser, null, contactPerson, null, new Date(), null, disease, null, customConfig);
-	}
-
-	public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, Date reportDateTime) {
-		return createContact(reportingUser, null, contactPerson, null, reportDateTime, null, null, null);
-	}
-
-	public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, CaseDataDto caze) {
-		return createContact(reportingUser, null, contactPerson, caze, new Date(), null, null, null);
-	}
-
-	public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, CaseDataDto caze, RDCF rdcf) {
-		return createContact(reportingUser, null, contactPerson, caze, new Date(), null, null, rdcf);
-	}
-
-	public ContactDto createContact(
-		UserReferenceDto reportingUser,
-		UserReferenceDto contactOfficer,
-		PersonReferenceDto contactPerson,
-		CaseDataDto caze,
-		Date reportDateTime,
-		Date lastContactDate,
-		Disease disease) {
-
-		return createContact(reportingUser, contactOfficer, contactPerson, caze, reportDateTime, lastContactDate, disease, null);
-	}
-
-	public ContactDto createContact(
-		UserReferenceDto reportingUser,
-		UserReferenceDto contactOfficer,
-		PersonReferenceDto contactPerson,
-		CaseDataDto caze,
-		Date reportDateTime,
-		Date lastContactDate,
-		Disease disease,
-		RDCF rdcf) {
-		return createContact(reportingUser, contactOfficer, contactPerson, caze, reportDateTime, lastContactDate, disease, rdcf, null);
-	}
-
-	public ContactDto createContact(
-		UserReferenceDto reportingUser,
-		UserReferenceDto contactOfficer,
-		PersonReferenceDto contactPerson,
-		CaseDataDto caze,
-		Date reportDateTime,
-		Date lastContactDate,
-		Disease disease,
-		RDCF rdcf,
-		Consumer<ContactDto> customConfig) {
-		ContactDto contact;
-
-		if (caze != null) {
-			contact = ContactDto.build(caze);
-		} else {
-			contact = ContactDto.build(null, disease != null ? disease : Disease.EVD, null, null);
-			if (rdcf == null) {
-				rdcf = createRDCF();
-			}
-			contact.setRegion(rdcf.region);
-			contact.setDistrict(rdcf.district);
-		}
-		contact.setReportingUser(reportingUser);
-		contact.setContactOfficer(contactOfficer);
-		contact.setPerson(contactPerson);
-		contact.setReportDateTime(reportDateTime);
-		contact.setLastContactDate(lastContactDate);
-		contact.setEpiData(EpiDataDto.build());
-
-		if (customConfig != null) {
-			customConfig.accept(contact);
-		}
-
-		contact = beanTest.getContactFacade().save(contact);
-
-		return contact;
-	}
-
-	public TaskDto createTask(UserReferenceDto assigneeUser) {
-		return createTask(TaskContext.GENERAL, TaskType.OTHER, TaskStatus.PENDING, null, null, null, null, new Date(), assigneeUser);
-	}
-
-	public TaskDto createTask(TaskContext context, ReferenceDto entityRef, Consumer<TaskDto> customConfig) {
-
-		TaskDto task = TaskDto.build(context, entityRef);
-
-		if (customConfig != null) {
-			customConfig.accept(task);
-		}
-
-		task = beanTest.getTaskFacade().saveTask(task);
-
-		return task;
-	}
-
-	public TaskDto createTask(
-		TaskContext context,
-		TaskType type,
-		TaskStatus status,
-		CaseReferenceDto caze,
-		ContactReferenceDto contact,
-		EventReferenceDto event,
-		EnvironmentReferenceDto environment,
-		Date dueDate,
-		UserReferenceDto assigneeUser) {
-
-		ReferenceDto entityRef;
-		switch (context) {
-		case CASE:
-			entityRef = caze;
-			break;
-		case CONTACT:
-			entityRef = contact;
-			break;
-		case EVENT:
-			entityRef = event;
-			break;
-		case ENVIRONMENT:
-			entityRef = environment;
-			break;
-		case GENERAL:
-			entityRef = null;
-			break;
-		default:
-			throw new IllegalArgumentException(context.toString());
-		}
-
-		TaskDto task = TaskDto.build(context, entityRef);
-		task.setTaskType(type);
-		task.setTaskStatus(status);
-		task.setDueDate(dueDate);
-		task.setAssigneeUser(assigneeUser);
-
-		task = beanTest.getTaskFacade().saveTask(task);
-
-		return task;
-	}
-
-	public VisitDto createVisit(PersonReferenceDto person) {
-		return createVisit(Disease.EVD, person);
-	}
-
-	public VisitDto createVisit(Disease disease, PersonReferenceDto person) {
-		return createVisit(disease, person, new Date(), VisitStatus.COOPERATIVE, VisitOrigin.USER);
-	}
-
-	public VisitDto createVisit(Disease disease, PersonReferenceDto person, Date visitDateTime) {
-		return createVisit(disease, person, visitDateTime, VisitStatus.COOPERATIVE, VisitOrigin.USER);
-	}
-
-	public VisitDto createVisit(Disease disease, PersonReferenceDto person, Date visitDateTime, VisitStatus visitStatus, VisitOrigin visitOrigin) {
-		return createVisit(disease, person, visitDateTime, visitStatus, visitOrigin, null);
-	}
-
-	public VisitDto createVisit(
-		Disease disease,
-		PersonReferenceDto person,
-		Date visitDateTime,
-		VisitStatus visitStatus,
-		VisitOrigin visitOrigin,
-		Consumer<VisitDto> customConfig) {
-
-		VisitDto visit = VisitDto.build(person, disease, visitOrigin);
-		visit.setVisitDateTime(visitDateTime);
-		visit.setVisitStatus(visitStatus);
-
-		if (customConfig != null) {
-			customConfig.accept(visit);
-		}
-
-		visit = beanTest.getVisitFacade().save(visit);
-
-		return visit;
-	}
-
-	public EventDto createEvent(UserReferenceDto reportingUser) {
-
-		return createEvent(reportingUser, new Date());
-	}
-
-	public EventDto createEvent(UserReferenceDto reportingUser, EventStatus status) {
-
-		return createEvent(status, EventInvestigationStatus.PENDING, "eventTitle", "description", reportingUser, null, null);
-	}
-
-	public EventDto createEvent(UserReferenceDto reportingUser, Disease disease) {
-		return createEvent(
-			EventStatus.SIGNAL,
-			EventInvestigationStatus.PENDING,
-			"title",
-			"description",
-			"firstname",
-			"lastname",
-			null,
-			null,
-			new Date(),
-			new Date(),
-			reportingUser,
-			null,
-			disease,
-			null);
-	}
-
-	public EventDto createEvent(UserReferenceDto reportingUser, Disease disease, RDCF rdcf) {
-
-		return createEvent(EventStatus.SIGNAL, EventInvestigationStatus.PENDING, "title", "description", reportingUser, rdcf, (event) -> {
-			event.setReportDateTime(new Date());
-			event.setReportingUser(reportingUser);
-			event.setDisease(disease);
-		});
-	}
-
-	public EventDto createEvent(UserReferenceDto reportingUser, Disease disease, Consumer<EventDto> customConfig) {
-
-		return createEvent(EventStatus.SIGNAL, EventInvestigationStatus.PENDING, "title", "description", reportingUser, null, (event) -> {
-			event.setReportDateTime(new Date());
-			event.setReportingUser(reportingUser);
-			event.setDisease(disease);
-
-			customConfig.accept(event);
-		});
-	}
-
-	public EventDto createEvent(UserReferenceDto reportingUser, Date eventDate) {
-
-		return createEvent(
-			EventStatus.SIGNAL,
-			EventInvestigationStatus.PENDING,
-			"title",
-			"Description",
-			"FirstName",
-			"LastName",
-			null,
-			null,
-			eventDate,
-			new Date(),
-			reportingUser,
-			null,
-			null,
-			null);
-	}
-
-	public EventDto createEvent(
-		EventStatus eventStatus,
-		EventInvestigationStatus eventInvestigationStatus,
-		String eventTitle,
-		String eventDesc,
-		String srcFirstName,
-		String srcLastName,
-		String srcTelNo,
-		TypeOfPlace typeOfPlace,
-		Date eventDate,
-		Date reportDateTime,
-		UserReferenceDto reportingUser,
-		UserReferenceDto responsibleUser,
-		Disease disease,
-		RDCF rdcf) {
-
-		return createEvent(eventStatus, eventInvestigationStatus, eventTitle, eventDesc, reportingUser, rdcf, (event) -> {
-			event.setSrcFirstName(srcFirstName);
-			event.setSrcLastName(srcLastName);
-			event.setSrcTelNo(srcTelNo);
-			event.setTypeOfPlace(typeOfPlace);
-			event.setStartDate(eventDate);
-			event.setReportDateTime(reportDateTime);
-			event.setReportingUser(reportingUser);
-			event.setResponsibleUser(responsibleUser);
-			event.setDisease(disease);
-
-		});
-	}
-
-	public EventDto createEvent(
-		EventStatus eventStatus,
-		EventInvestigationStatus eventInvestigationStatus,
-		String eventTitle,
-		String eventDesc,
-		UserReferenceDto reportingUser,
-		RDCF rdcf,
-		Consumer<EventDto> customSettings) {
-
-		EventDto event = EventDto.build();
-		event.setEventStatus(eventStatus);
-		event.setEventInvestigationStatus(eventInvestigationStatus);
-		event.setEventTitle(eventTitle);
-		event.setEventDesc(eventDesc);
-		event.setReportingUser(reportingUser);
-
-		if (rdcf == null) {
-			rdcf = createRDCF();
-		}
-
-		event.getEventLocation().setRegion(rdcf.region);
-		event.getEventLocation().setDistrict(rdcf.district);
-
-		if (customSettings != null) {
-			customSettings.accept(event);
-		}
-
-		event = beanTest.getEventFacade().save(event);
-
-		return event;
-	}
-
-	public EventParticipantDto createEventParticipant(EventReferenceDto event, PersonDto eventPerson, UserReferenceDto reportingUser) {
-		return createEventParticipant(event, eventPerson, "Description", reportingUser, null, null);
-	}
-
-	public EventParticipantDto createEventParticipant(
-		EventReferenceDto event,
-		PersonDto eventPerson,
-		String involvementDescription,
-		UserReferenceDto reportingUser) {
-		return createEventParticipant(event, eventPerson, involvementDescription, reportingUser, null, null);
-	}
-
-	public EventParticipantDto createEventParticipant(
-		EventReferenceDto event,
-		PersonDto eventPerson,
-		String involvementDescription,
-		UserReferenceDto reportingUser,
-		RDCF rdcf) {
-		return createEventParticipant(event, eventPerson, involvementDescription, reportingUser, null, rdcf);
-	}
-
-	public EventParticipantDto createEventParticipant(
-		EventReferenceDto event,
-		PersonDto eventPerson,
-		String involvementDescription,
-		UserReferenceDto reportingUser,
-		Consumer<EventParticipantDto> customSettings,
-		RDCF rdcf) {
-
-		EventParticipantDto eventParticipant = EventParticipantDto.build(event, reportingUser);
-		eventParticipant.setPerson(eventPerson);
-		eventParticipant.setInvolvementDescription(involvementDescription);
-
-		if (customSettings != null) {
-			customSettings.accept(eventParticipant);
-		}
-		if (rdcf != null) {
-			eventParticipant.setRegion(rdcf.region);
-			eventParticipant.setDistrict(rdcf.district);
-		}
-
-		eventParticipant = beanTest.getEventParticipantFacade().save(eventParticipant);
-		return eventParticipant;
-	}
-
-	public SurveillanceReportDto createSurveillanceReport(UserReferenceDto reportingUser, CaseReferenceDto caseReference) {
-		return createSurveillanceReport(reportingUser, ReportingType.DOCTOR, caseReference);
-	}
-
-	public SurveillanceReportDto createSurveillanceReport(
-		UserReferenceDto reportingUser,
-		ReportingType reportingType,
-		CaseReferenceDto caseReference) {
-		return createSurveillanceReport(reportingUser, reportingType, caseReference, null);
-	}
-
-	public SurveillanceReportDto createSurveillanceReport(
-		UserReferenceDto reportingUser,
-		ReportingType reportingType,
-		CaseReferenceDto caseReference,
-		Consumer<SurveillanceReportDto> extraConfig) {
-		SurveillanceReportDto surveillanceReport = SurveillanceReportDto.build(caseReference, reportingUser);
-		surveillanceReport.setReportingType(reportingType);
-		surveillanceReport.setReportDate(new Date());
-
-		if (extraConfig != null) {
-			extraConfig.accept(surveillanceReport);
-		}
-
-		surveillanceReport = beanTest.getSurveillanceReportFacade().save(surveillanceReport);
-
-		return surveillanceReport;
-	}
-
-	public ActionDto createAction(EventReferenceDto event) {
-
-		ActionDto action = ActionDto.build(ActionContext.EVENT, event);
-
-		action = beanTest.getActionFacade().saveAction(action);
-		return action;
-	}
-
-	public SampleDto createSample(CaseReferenceDto associatedCase, UserReferenceDto reportingUser, Facility lab) {
-		return createSample(associatedCase, reportingUser, lab, null);
-	}
-
-	public SampleDto createSample(CaseReferenceDto associatedCase, UserReferenceDto reportingUser, Facility lab, Consumer<SampleDto> customConfig) {
-		return createSample(associatedCase, new Date(), new Date(), reportingUser, SampleMaterial.BLOOD, lab, customConfig);
-	}
-
-	public SampleDto createSample(CaseReferenceDto associatedCase, UserReferenceDto reportingUser, FacilityReferenceDto lab) {
-		return createSample(associatedCase, reportingUser, lab, null);
-	}
-
-	public SampleDto createSample(
-		CaseReferenceDto associatedCase,
-		UserReferenceDto reportingUser,
-		FacilityReferenceDto lab,
-		Consumer<SampleDto> customSettings) {
-
-		SampleDto sample = SampleDto.build(reportingUser, associatedCase);
-		sample.setSampleDateTime(new Date());
-		sample.setReportDateTime(new Date());
-		sample.setSampleMaterial(SampleMaterial.BLOOD);
-		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-		sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
-
-		if (customSettings != null) {
-			customSettings.accept(sample);
-		}
-
-		sample = beanTest.getSampleFacade().saveSample(sample);
-
-		return sample;
-	}
-
-	public SampleDto createSample(
-		CaseReferenceDto associatedCase,
-		Date sampleDateTime,
-		Date reportDateTime,
-		UserReferenceDto reportingUser,
-		SampleMaterial sampleMaterial,
-		Facility lab) {
-		return createSample(associatedCase, sampleDateTime, reportDateTime, reportingUser, sampleMaterial, lab, null);
-	}
-
-	public SampleDto createSample(
-		CaseReferenceDto associatedCase,
-		Date sampleDateTime,
-		Date reportDateTime,
-		UserReferenceDto reportingUser,
-		SampleMaterial sampleMaterial,
-		Facility lab,
-		Consumer<SampleDto> customConfig) {
-		SampleDto sample = SampleDto.build(reportingUser, associatedCase);
-		sample.setSampleDateTime(sampleDateTime);
-		sample.setReportDateTime(reportDateTime);
-		sample.setSampleMaterial(sampleMaterial);
-		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-		sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
-
-		if (customConfig != null) {
-			customConfig.accept(sample);
-		}
-
-		sample = beanTest.getSampleFacade().saveSample(sample);
-
-		return sample;
-	}
-
-	public SampleDto createSample(
-		CaseReferenceDto associatedCase,
-		Date sampleDateTime,
-		Date reportDateTime,
-		UserReferenceDto reportingUser,
-		SampleMaterial sampleMaterial,
-		FacilityReferenceDto lab) {
-
-		SampleDto sample = SampleDto.build(reportingUser, associatedCase);
-		sample.setSampleDateTime(sampleDateTime);
-		sample.setReportDateTime(reportDateTime);
-		sample.setSampleMaterial(sampleMaterial);
-		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-		sample.setLab(lab);
-
-		sample = beanTest.getSampleFacade().saveSample(sample);
-		return sample;
-	}
-
-	@Deprecated
-	public SampleDto createSample(
-		ContactReferenceDto associatedContact,
-		Date sampleDateTime,
-		Date reportDateTime,
-		UserReferenceDto reportingUser,
-		SampleMaterial sampleMaterial,
-		Facility lab) {
-
-		SampleDto sample = SampleDto.build(reportingUser, associatedContact);
-		sample.setSampleDateTime(sampleDateTime);
-		sample.setReportDateTime(reportDateTime);
-		sample.setSampleMaterial(sampleMaterial);
-		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-		sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
-
-		sample = beanTest.getSampleFacade().saveSample(sample);
-		return sample;
-	}
-
-	public SampleDto createSample(
-		ContactReferenceDto associatedContact,
-		Date sampleDateTime,
-		Date reportDateTime,
-		UserReferenceDto reportingUser,
-		SampleMaterial sampleMaterial,
-		FacilityReferenceDto lab) {
-
-		SampleDto sample = SampleDto.build(reportingUser, associatedContact);
-		sample.setSampleDateTime(sampleDateTime);
-		sample.setReportDateTime(reportDateTime);
-		sample.setSampleMaterial(sampleMaterial);
-		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-		sample.setLab(lab);
-
-		sample = beanTest.getSampleFacade().saveSample(sample);
-		return sample;
-	}
-
-	public SampleDto createSample(
-		ContactReferenceDto associatedContact,
-		UserReferenceDto reportingUser,
-		FacilityReferenceDto lab,
-		Consumer<SampleDto> customSettings) {
-
-		SampleDto sample = SampleDto.build(reportingUser, associatedContact);
-		sample.setSampleDateTime(new Date());
-		sample.setReportDateTime(new Date());
-		sample.setSampleMaterial(SampleMaterial.BLOOD);
-		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-		sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
-
-		if (customSettings != null) {
-			customSettings.accept(sample);
-		}
-
-		sample = beanTest.getSampleFacade().saveSample(sample);
-
-		return sample;
-	}
-
-	public SampleDto createSample(EventParticipantReferenceDto associatedEventParticipant, UserReferenceDto reportingUser, FacilityReferenceDto lab) {
-		return createSample(associatedEventParticipant, new Date(), new Date(), reportingUser, SampleMaterial.BLOOD, lab);
-	}
-
-	public SampleDto createSample(
-		EventParticipantReferenceDto associatedEventParticipant,
-		UserReferenceDto reportingUser,
-		FacilityReferenceDto lab,
-		Consumer<SampleDto> customConfig) {
-		return createSample(associatedEventParticipant, new Date(), new Date(), reportingUser, SampleMaterial.BLOOD, lab, customConfig);
-	}
-
-	public SampleDto createSample(
-		EventParticipantReferenceDto associatedEventParticipant,
-		Date sampleDateTime,
-		Date reportDateTime,
-		UserReferenceDto reportingUser,
-		SampleMaterial sampleMaterial,
-		FacilityReferenceDto lab) {
-
-		SampleDto sample = SampleDto.build(reportingUser, associatedEventParticipant);
-		sample.setSampleDateTime(sampleDateTime);
-		sample.setReportDateTime(reportDateTime);
-		sample.setSampleMaterial(sampleMaterial);
-		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-		sample.setLab(lab);
-
-		sample = beanTest.getSampleFacade().saveSample(sample);
-		return sample;
-	}
-
-	public SampleDto createSample(
-		EventParticipantReferenceDto associatedEventParticipant,
-		Date sampleDateTime,
-		Date reportDateTime,
-		UserReferenceDto reportingUser,
-		SampleMaterial sampleMaterial,
-		FacilityReferenceDto lab,
-		Consumer<SampleDto> customConfig) {
-
-		SampleDto sample = SampleDto.build(reportingUser, associatedEventParticipant);
-		sample.setSampleDateTime(sampleDateTime);
-		sample.setReportDateTime(reportDateTime);
-		sample.setSampleMaterial(sampleMaterial);
-		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-		sample.setLab(lab);
-
-		if (customConfig != null) {
-			customConfig.accept(sample);
-		}
-
-		sample = beanTest.getSampleFacade().saveSample(sample);
-		return sample;
-	}
-
-	public PathogenTestDto createPathogenTest(
-		SampleReferenceDto sample,
-		PathogenTestType testType,
-		Disease testedDisease,
-		Date testDateTime,
-		FacilityReferenceDto lab,
-		UserReferenceDto labUser,
-		PathogenTestResultType testResult,
-		String testResultText,
-		boolean verified) {
-		return createPathogenTest(sample, testType, testedDisease, testDateTime, lab, labUser, testResult, testResultText, verified, null);
-	}
-
-	public PathogenTestDto createPathogenTest(SampleReferenceDto sample, UserReferenceDto labUser, Consumer<PathogenTestDto> extraConfig) {
-		return createPathogenTest(
-			sample,
-			PathogenTestType.ANTIGEN_DETECTION,
-			null,
-			new Date(),
-			(FacilityReferenceDto) null,
-			labUser,
-			PathogenTestResultType.PENDING,
-			null,
-			true,
-			extraConfig);
-	}
-
-	public PathogenTestDto createPathogenTest(
-		SampleReferenceDto sample,
-		PathogenTestType testType,
-		Disease testedDisease,
-		Date testDateTime,
-		Facility lab,
-		UserReferenceDto labUser,
-		PathogenTestResultType testResult,
-		String testResultText,
-		boolean verified,
-		Consumer<PathogenTestDto> extraConfig) {
-
-		PathogenTestDto sampleTest = PathogenTestDto.build(sample, labUser);
-		sampleTest.setTestedDisease(testedDisease);
-		sampleTest.setTestType(testType);
-		sampleTest.setTestDateTime(testDateTime);
-		sampleTest.setLab(lab != null ? beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()) : null);
-		sampleTest.setTestResult(testResult);
-		sampleTest.setTestResultText(testResultText);
-		sampleTest.setTestResultVerified(verified);
-
-		if (extraConfig != null) {
-			extraConfig.accept(sampleTest);
-		}
-
-		sampleTest = beanTest.getPathogenTestFacade().savePathogenTest(sampleTest);
-		return sampleTest;
-	}
-
-	public PathogenTestDto createPathogenTest(
-		EnvironmentSampleReferenceDto sample,
-		PathogenTestType testType,
-		Pathogen testedPathogen,
-		FacilityReferenceDto lab,
-		UserReferenceDto labUser,
-		PathogenTestResultType testResult,
-		Consumer<PathogenTestDto> extraConfig) {
-
-		PathogenTestDto sampleTest = PathogenTestDto.build(sample, labUser);
-		sampleTest.setTestType(testType);
-		sampleTest.setLab(lab);
-		sampleTest.setTestedPathogen(testedPathogen);
-		sampleTest.setTestResult(testResult);
-		sampleTest.setTestResultVerified(true);
-		sampleTest.setTestDateTime(new Date());
-
-		if (extraConfig != null) {
-			extraConfig.accept(sampleTest);
-		}
-
-		sampleTest = beanTest.getPathogenTestFacade().savePathogenTest(sampleTest);
-		return sampleTest;
-	}
-
-	public PathogenTestDto createPathogenTest(
-		SampleReferenceDto sample,
-		PathogenTestType testType,
-		Disease testedDisease,
-		Date testDateTime,
-		FacilityReferenceDto lab,
-		UserReferenceDto labUser,
-		PathogenTestResultType testResult,
-		String testResultText,
-		boolean verified,
-		Consumer<PathogenTestDto> extraConfig) {
-
-		PathogenTestDto sampleTest = PathogenTestDto.build(sample, labUser);
-		sampleTest.setTestedDisease(testedDisease);
-		sampleTest.setTestType(testType);
-		sampleTest.setTestDateTime(testDateTime);
-		sampleTest.setLab(lab);
-		sampleTest.setTestResult(testResult);
-		sampleTest.setTestResultText(testResultText);
-		sampleTest.setTestResultVerified(verified);
-
-		if (extraConfig != null) {
-			extraConfig.accept(sampleTest);
-		}
-
-		sampleTest = beanTest.getPathogenTestFacade().savePathogenTest(sampleTest);
-		return sampleTest;
-	}
-
-	public PathogenTestDto createPathogenTest(CaseDataDto associatedCase, PathogenTestType testType, PathogenTestResultType resultType) {
-		return createPathogenTest(associatedCase, Disease.CORONAVIRUS, testType, resultType);
-	}
-
-	public PathogenTestDto createPathogenTest(SampleReferenceDto sample, CaseDataDto associatedCase) {
-		RDCF rdcf = createRDCF("LabRegion", "LabDistrict", "LabCommunity", "LabFacilty");
-
-		return createPathogenTest(
-			sample,
-			PathogenTestType.ANTIGEN_DETECTION,
-			associatedCase.getDisease(),
-			new Date(),
-			rdcf.facility,
-			associatedCase.getReportingUser(),
-			PathogenTestResultType.PENDING,
-			"",
-			false);
-	}
-
-	public PathogenTestDto createPathogenTest(
-		CaseDataDto associatedCase,
-		Disease testedDisease,
-		PathogenTestType testType,
-		PathogenTestResultType resultType) {
-
-		RDCF rdcf = createRDCF("Region", "District", "Community", "Facility");
-		SampleDto sample = createSample(
-			new CaseReferenceDto(associatedCase.getUuid()),
-			new Date(),
-			new Date(),
-			associatedCase.getReportingUser(),
-			SampleMaterial.BLOOD,
-			rdcf.facility);
-		return createPathogenTest(
-			new SampleReferenceDto(sample.getUuid()),
-			testType,
-			testedDisease,
-			new Date(),
-			rdcf.facility,
-			associatedCase.getReportingUser(),
-			resultType,
-			"",
-			true);
-	}
-
-	public PathogenTestDto buildPathogenTestDto(RDCF rdcf, UserDto user, SampleDto sample, Disease disease, Date testDateTime) {
-
-		final PathogenTestDto newPathogenTest = new PathogenTestDto();
-
-		newPathogenTest.setSample(sample.toReference());
-		newPathogenTest.setTestedDisease(disease);
-		newPathogenTest.setTestType(PathogenTestType.ISOLATION);
-
-		newPathogenTest.setTestDateTime(testDateTime);
-		newPathogenTest.setLab(new FacilityReferenceDto(rdcf.facility.getUuid(), null, null));
-		newPathogenTest.setLabUser(user.toReference());
-		newPathogenTest.setTestResult(PathogenTestResultType.PENDING);
-		newPathogenTest.setTestResultText("all bad!");
-		newPathogenTest.setTestResultVerified(false);
-		return newPathogenTest;
-	}
-
-	public AdditionalTestDto createAdditionalTest(SampleReferenceDto sample) {
-
-		AdditionalTestDto test = AdditionalTestDto.build(sample);
-		test.setTestDateTime(new Date());
-
-		test = beanTest.getAdditionalTestFacade().saveAdditionalTest(test);
-		return test;
-	}
-
-	public ExposureDto buildAnimalContactExposure(TypeOfAnimal typeOfAnimal) {
-
-		ExposureDto exposure = ExposureDto.build(ExposureType.ANIMAL_CONTACT);
-		exposure.setTypeOfAnimal(typeOfAnimal);
-		return exposure;
-	}
-
-	public CampaignDto createCampaign(UserDto user) {
-
-		CampaignDto campaign = CampaignDto.build();
-		campaign.setCreatingUser(user.toReference());
-		campaign.setName("CampaignName");
-		campaign.setDescription("Campaign description");
-
-		campaign = beanTest.getCampaignFacade().save(campaign);
-
-		return campaign;
-	}
-
-	public CampaignDiagramDefinitionDto createCampaignDiagramDefinition(String diagramId, String diagramCaption) {
-		CampaignDiagramDefinitionDto campaignDiagramDefinition = CampaignDiagramDefinitionDto.build();
-		campaignDiagramDefinition.setDiagramType(DiagramType.COLUMN);
-		campaignDiagramDefinition.setDiagramId(diagramId);
-		campaignDiagramDefinition.setDiagramCaption(diagramCaption);
-
-		return campaignDiagramDefinition;
-	}
-
-	public CampaignFormMetaDto createCampaignForm(CampaignDto campaign) throws IOException {
-
-		CampaignFormMetaDto campaignForm;
-
-		String schema =
-			"[{\"type\": \"text\",\"id\": \"teamNumber\",\"caption\": \"Team number\",\"styles\": [\"first\"]},{\"type\": \"text\",\"id\": "
-				+ "\"namesOfTeamMembers\",\"caption\": \"Names of team members\",\"styles\": [\"col-8\"]},{\"type\": \"text\",\"id\": "
-				+ "\"monitorName\",\"caption\": \"Name of monitor\",\"styles\": [\"first\"]},{\"type\": \"text\",\"id\": \"agencyName\",\"caption\": "
-				+ "\"Agency\"},{\"type\": \"section\",\"id\": \"questionsSection\"},{\"type\": \"label\",\"id\": \"questionsLabel\",\"caption\": \"<h2>Questions</h2>\"}"
-				+ ",{\"type\": \"yes-no\",\"id\": \"oneMemberResident\",\"caption\": \"1) At least one team member is resident of same area (villages)?\"},{\"type\": "
-				+ "\"yes-no\",\"id\": \"vaccinatorsTrained\",\"caption\": \"2) Both vaccinators trained before this campaign?\"},{\"type\": \"section\","
-				+ " \"id\": \"questionsSection2\"},{\"type\": \"label\",\"id\": \"q8To12Label\",\"caption\": \"Q 8-12: Based on observation of team only.\"},"
-				+ "{\"type\": \"yes-no\",\"id\": \"askingAboutMonthOlds\",\"caption\": \"8) Is team specially asking about 0-11 months children?\"},"
-				+ "{\"type\": \"section\", \"id\": \"questionsSection3\"},{\"type\": \"yes-no\",\"id\": \"atLeastOneMemberChw\","
-				+ "\"caption\": \"13) Is at least one member of the team CHW?\"},{\"type\": \"number\",\"id\": "
-				+ "\"numberOfChw\",\"caption\": \"No. of CHW\",\"styles\": [\"row\"],\"dependingOn\": \"atLeastOneMemberChw\",\"dependingOnValues\": [\"YES\"]},"
-				+ "{\"type\": \"yes-no\",\"id\": \"anyMemberFemale\",\"caption\": \"14) Is any member of the team female?\"},{\"type\": \"yes-no\","
-				+ "\"id\": \"accompaniedBySocialMobilizer\",\"caption\": \"15) Does social mobilizer accompany the vaccination team in the field?\"},"
-				+ "{\"type\": \"text\",\"id\": \"comments\",\"caption\": \"Comments\",\"styles\": [\"col-12\"]}]";
-		String translations =
-			"[{\"languageCode\": \"de-DE\", \"translations\": [{\"elementId\": \"teamNumber\", \"caption\": \"Teamnummer\"}, {\"elementId\": \"namesOfTeamMembers\","
-				+ " \"caption\": \"Namen der Teammitglieder\"}]}, {\"languageCode\": \"fr-FR\", \"translations\": [{\"elementId\": \"teamNumber\", "
-				+ "\"caption\": \"Numéro de l'équipe\"}]}]";
-
-		campaignForm = beanTest.getCampaignFormFacade().buildCampaignFormMetaFromJson("testForm", null, schema, translations);
-
-		campaignForm = beanTest.getCampaignFormFacade().saveCampaignFormMeta(campaignForm);
-
-		return campaignForm;
-	}
-
-	public String getCampaignFormData() {
-		return "[{\"id\": \"teamNumber\",\"value\": \"12\"},{\"id\": \"namesOfTeamMembers\", \"value\": \"Waldemar Stricker\"},"
-			+ "{\"id\": \"monitorName\", \"value\": \"Josef Saks\"},{\"id\": \"agencyName\",\"value\": \"HZI Institut\"},"
-			+ "{\"id\": \"oneMemberResident\", \"value\": \"yes\"},{\"id\": \"vaccinatorsTrained\",\"value\": \"no\"},"
-			+ "{\"id\": \"askingAboutMonthOlds\",\"value\": \"yes\"},{\"id\": \"atLeastOneMemberChw\",\"value\": \"yes\"},"
-			+ "{\"id\": \"numberOfChw\",\"value\": \"7\"},{\"id\": \"anyMemberFemale\",\"value\": \"yes\"},{\"id\": \"accompaniedBySocialMobilizer\",\"value\": \"no\"},"
-			+ "{\"id\": \"comments\",\"value\": \"other comments\"}]";
-	}
-
-	public CampaignFormDataDto buildCampaignFormDataDto(CampaignDto campaign, CampaignFormMetaDto campaignForm, RDCF rdcf, String formData) {
-		CampaignReferenceDto campaignReferenceDto = new CampaignReferenceDto(campaign.getUuid());
-		CampaignFormMetaReferenceDto campaignFormMetaReferenceDto = new CampaignFormMetaReferenceDto(campaignForm.getUuid());
-
-		CampaignFormDataDto campaignFormData =
-			CampaignFormDataDto.build(campaignReferenceDto, campaignFormMetaReferenceDto, rdcf.region, rdcf.district, rdcf.community);
-
-		try {
-			ObjectMapper mapper = new ObjectMapper();
-			campaignFormData.setFormValues(Arrays.asList(mapper.readValue(formData, CampaignFormDataEntry[].class)));
-			return campaignFormData;
-		} catch (IOException e) {
-			throw new RuntimeException(e);
-		}
-	}
-
-	public CampaignFormDataDto createCampaignFormData(CampaignDto campaign, CampaignFormMetaDto campaignForm, RDCF rdcf, String formData) {
-
-		CampaignFormDataDto campaignFormData = buildCampaignFormDataDto(campaign, campaignForm, rdcf, formData);
-
-		campaignFormData = beanTest.getCampaignFormDataFacade().saveCampaignFormData(campaignFormData);
-
-		return campaignFormData;
-	}
-
-	public RDCF createRDCF() {
-		return createRDCF("Region", "District", "Community", "Facility", FacilityType.HOSPITAL, "PointOfEntry", false);
-	}
-
-	public RDCF createRDCF(boolean deafultRdcf) {
-		return createRDCF("Region", "District", "Community", "Facility", FacilityType.HOSPITAL, "PointOfEntry", false, deafultRdcf);
-	}
-
-	public RDCF createRDCF(String regionName, String districtName, String communityName, String facilityName) {
-		return createRDCF(regionName, districtName, communityName, facilityName, FacilityType.HOSPITAL, null, false);
-	}
-
-	public RDCF createRDCF(String regionName, String districtName, String communityName, String facilityName, String pointOfEntryName) {
-		return createRDCF(regionName, districtName, communityName, facilityName, FacilityType.HOSPITAL, pointOfEntryName, false);
-	}
-
-	public RDCF createRDCF(
-		String regionName,
-		String districtName,
-		String communityName,
-		String facilityName,
-		FacilityType facilityType,
-		String pointOfEntryName,
-		boolean withExternalIds) {
-		return createRDCF(regionName, districtName, communityName, facilityName, facilityType, pointOfEntryName, withExternalIds, false);
-	}
-
-	public RDCF createRDCF(
-		String regionName,
-		String districtName,
-		String communityName,
-		String facilityName,
-		FacilityType facilityType,
-		String pointOfEntryName,
-		boolean withExternalIds,
-		boolean defaultRdcf) {
-
-		Region region = createRegion(regionName, withExternalIds ? regionName + "_externalId" : null, defaultRdcf);
-		District district = createDistrict(districtName, region, withExternalIds ? districtName + "_externalId" : null, defaultRdcf);
-		Community community = createCommunity(communityName, district, withExternalIds ? communityName + "_externalId" : null, defaultRdcf);
-		Facility facility =
-			createFacility(facilityName, facilityType, region, district, community, withExternalIds ? facilityName + "_externalId" : null);
-
-		PointOfEntry pointOfEntry = null;
-		if (pointOfEntryName != null) {
-			pointOfEntry = createPointOfEntry(pointOfEntryName, region, district);
-		}
-
-		return new RDCF(
-			new RegionReferenceDto(region.getUuid(), region.getName(), region.getExternalID()),
-			new DistrictReferenceDto(district.getUuid(), district.getName(), district.getExternalID()),
-			new CommunityReferenceDto(community.getUuid(), community.getName(), community.getExternalID()),
-			new FacilityReferenceDto(facility.getUuid(), facility.getName(), facility.getExternalID()),
-			pointOfEntry != null
-				? new PointOfEntryReferenceDto(
-					pointOfEntry.getUuid(),
-					pointOfEntry.getName(),
-					pointOfEntry.getPointOfEntryType(),
-					pointOfEntry.getExternalID())
-				: null);
-	}
-
-	public RDCFEntities createRDCFEntities() {
-		return createRDCFEntities("Region", "District", "Community", "Facility");
-	}
-
-	public RDCFEntities createRDCFEntities(String regionName, String districtName, String communityName, String facilityName) {
-
-		Region region = createRegion(regionName);
-		District district = createDistrict(districtName, region);
-		Community community = createCommunity(communityName, district);
-		Facility facility = createFacility(facilityName, region, district, community);
-
-		return new RDCFEntities(region, district, community, facility);
-	}
-
-	public RDP createRDP() {
-
-		var region = createRegion("Region");
-		var district = createDistrict("District", region);
-		var pointOfEntry = createPointOfEntry("POE", region, district);
-
-		return new RDP(
-			new RegionReferenceDto(region.getUuid(), region.getName(), region.getExternalID()),
-			new DistrictReferenceDto(district.getUuid(), district.getName(), district.getExternalID()),
-			new PointOfEntryReferenceDto(
-				pointOfEntry.getUuid(),
-				pointOfEntry.getName(),
-				pointOfEntry.getPointOfEntryType(),
-				pointOfEntry.getExternalID()));
-	}
-
-	public Continent createContinent(String name) {
-		Continent continent = new Continent();
-		continent.setUuid(DataHelper.createUuid());
-		continent.setDefaultName(name);
-		beanTest.getContinentService().persist(continent);
-
-		return continent;
-	}
-
-	public Country createCountry(String countryName, String isoCode, String unoCode) {
-		Country country = new Country();
-		country.setUuid(DataHelper.createUuid());
-		country.setDefaultName(countryName);
-		country.setIsoCode(isoCode);
-		country.setUnoCode(unoCode);
-		beanTest.getCountryService().persist(country);
-
-		return country;
-	}
-
-	public Region createRegion(String regionName) {
-		return createRegion(regionName, null, false);
-	}
-
-	public Region createRegion(String regionName, String externalId, boolean deafultRegion) {
-		Region region = getRegion(regionName, externalId);
-		region.setDefaultInfrastructure(deafultRegion);
-		beanTest.getRegionService().persist(region);
-		return region;
-	}
-
-	public Region createRegionCentrally(String regionName, String externalId) {
-		Region region = getRegion(regionName, externalId);
-		region.setCentrallyManaged(true);
-		beanTest.getRegionService().persist(region);
-		return region;
-	}
-
-	@NotNull
-	private Region getRegion(String regionName, String externalId) {
-		Region region = new Region();
-		region.setUuid(DataHelper.createUuid());
-		region.setName(regionName);
-		region.setEpidCode("COU-REG");
-		region.setExternalID(externalId);
-		return region;
-	}
-
-	public District createDistrict(String districtName, Region region) {
-		return createDistrict(districtName, region, null, false);
-	}
-
-	public District createDistrict(String districtName, Region region, String externalId, boolean defaultDistrict) {
-		District district = getDistrict(districtName, region, externalId);
-		district.setDefaultInfrastructure(defaultDistrict);
-		beanTest.getDistrictService().persist(district);
-		return district;
-	}
-
-	public District createDistrictCentrally(String districtName, Region region, String externalId) {
-		District district = getDistrict(districtName, region, externalId);
-		district.setCentrallyManaged(true);
-		beanTest.getDistrictService().persist(district);
-		return district;
-	}
-
-	@NotNull
-	private District getDistrict(String districtName, Region region, String externalId) {
-		District district = new District();
-		district.setUuid(DataHelper.createUuid());
-		district.setName(districtName);
-		district.setRegion(region);
-		district.setEpidCode("DIS");
-		district.setExternalID(externalId);
-		return district;
-	}
-
-	public Community createCommunity(String communityName, District district) {
-		return createCommunity(communityName, district, null, false);
-	}
-
-	public Community createCommunity(String communityName, District district, String externalId, boolean defaultCommunity) {
-		Community community = getCommunity(communityName, district, externalId);
-		community.setDefaultInfrastructure(defaultCommunity);
-		beanTest.getCommunityService().persist(community);
-		return community;
-	}
-
-	public Community createCommunityCentrally(String communityName, District district, String externalId) {
-		Community community = getCommunity(communityName, district, externalId);
-		community.setCentrallyManaged(true);
-		beanTest.getCommunityService().persist(community);
-		return community;
-
-	}
-
-	@NotNull
-	private Community getCommunity(String communityName, District district, String externalId) {
-		Community community = new Community();
-		community.setUuid(DataHelper.createUuid());
-		community.setName(communityName);
-		community.setDistrict(district);
-		community.setExternalID(externalId);
-		return community;
-	}
-
-	public CommunityDto createCommunity(String communityName, DistrictReferenceDto district) {
-		CommunityDto community = CommunityDto.build();
-		community.setName(communityName);
-		community.setDistrict(district);
-		beanTest.getCommunityFacade().save(community);
-		return community;
-	}
-
-	public Facility createFacility(String facilityName, Region region, District district, Community community) {
-		return createFacility(facilityName, FacilityType.HOSPITAL, region, district, community);
-	}
-
-	public Facility createFacility(String facilityName, FacilityType type, Region region, District district, Community community) {
-		return createFacility(facilityName, type, region, district, community, null);
-	}
-
-	public Facility createFacility(String facilityName, FacilityType type, Region region, District district, Community community, String externalId) {
-		Facility facility = new Facility();
-		facility.setUuid(DataHelper.createUuid());
-		facility.setName(facilityName);
-		facility.setCommunity(community);
-		facility.setDistrict(district);
-		facility.setRegion(region);
-		facility.setType(type);
-		facility.setExternalID(externalId);
-
-		beanTest.getFacilityService().persist(facility);
-
-		return facility;
-	}
-
-	public FacilityDto createFacility(
-		String facilityName,
-		RegionReferenceDto region,
-		DistrictReferenceDto district,
-		CommunityReferenceDto community) {
-		return createFacility(facilityName, region, district, community, null);
-	}
-
-	public FacilityDto createFacility(
-		String facilityName,
-		RegionReferenceDto region,
-		DistrictReferenceDto district,
-		CommunityReferenceDto community,
-		FacilityType type) {
-
-		FacilityDto facility = FacilityDto.build();
-		facility.setName(facilityName);
-		facility.setType(type == null ? FacilityType.HOSPITAL : type);
-		facility.setCommunity(community);
-		facility.setDistrict(district);
-		facility.setRegion(region);
-		beanTest.getFacilityFacade().save(facility);
-		return facility;
-	}
-
-	public FacilityDto createFacility(
-		String facilityName,
-		RegionReferenceDto region,
-		DistrictReferenceDto district,
-		Consumer<FacilityDto> extraConfig) {
-
-		FacilityDto facility = FacilityDto.build();
-		facility.setName(facilityName);
-		facility.setRegion(region);
-		facility.setDistrict(district);
-		facility.setType(FacilityType.HOSPITAL);
-
-		if (extraConfig != null) {
-			extraConfig.accept(facility);
-		}
-
-		beanTest.getFacilityFacade().save(facility);
-		return facility;
-	}
-
-	public PointOfEntry createPointOfEntry(String pointOfEntryName, Region region, District district) {
-		return createPointOfEntry(pointOfEntryName, region, district, null);
-	}
-
-	public PointOfEntry createPointOfEntry(String pointOfEntryName, Region region, District district, String externalId) {
-		PointOfEntry pointOfEntry = new PointOfEntry();
-		pointOfEntry.setUuid(DataHelper.createUuid());
-		pointOfEntry.setPointOfEntryType(PointOfEntryType.AIRPORT);
-		pointOfEntry.setName(pointOfEntryName);
-		pointOfEntry.setDistrict(district);
-		pointOfEntry.setRegion(region);
-		pointOfEntry.setExternalID(externalId);
-
-		beanTest.getPointOfEntryService().persist(pointOfEntry);
-
-		return pointOfEntry;
-	}
-
-	public PointOfEntryDto createPointOfEntry(String pointOfEntryName, RegionReferenceDto region, DistrictReferenceDto district) {
-		PointOfEntryDto pointOfEntry = PointOfEntryDto.build();
-		pointOfEntry.setUuid(DataHelper.createUuid());
-		pointOfEntry.setPointOfEntryType(PointOfEntryType.AIRPORT);
-		pointOfEntry.setName(pointOfEntryName);
-		pointOfEntry.setDistrict(district);
-		pointOfEntry.setRegion(region);
-		beanTest.getPointOfEntryFacade().save(pointOfEntry);
-
-		return pointOfEntry;
-	}
-
-	public PopulationDataDto createPopulationData(RegionReferenceDto region, DistrictReferenceDto district, Integer population, Date collectionDate) {
-		PopulationDataDto populationData = PopulationDataDto.build(collectionDate);
-		populationData.setRegion(region);
-		populationData.setDistrict(district);
-		populationData.setPopulation(population);
-		beanTest.getPopulationDataFacade().savePopulationData(Arrays.asList(populationData));
-		return populationData;
-	}
-
-	public void updateDiseaseConfiguration(
-		Disease disease,
-		Boolean active,
-		Boolean primary,
-		Boolean caseSurveillance,
-		Boolean aggregateReporting,
-		List<String> ageGroups) {
-		updateDiseaseConfiguration(disease, active, primary, caseSurveillance, aggregateReporting, ageGroups, null);
-	}
-
-	public void updateDiseaseConfiguration(
-		Disease disease,
-		Boolean active,
-		Boolean primary,
-		Boolean caseSurveillance,
-		Boolean aggregateReporting,
-		List<String> ageGroups,
-		Integer automaticSampleAssignmentThreshold) {
-		DiseaseConfigurationDto config =
-			DiseaseConfigurationFacadeEjbLocal.toDto(beanTest.getDiseaseConfigurationService().getDiseaseConfiguration(disease));
-		config.setActive(active);
-		config.setPrimaryDisease(primary);
-		config.setCaseSurveillanceEnabled(caseSurveillance);
-		config.setAggregateReportingEnabled(aggregateReporting);
-		config.setAgeGroups(ageGroups);
-		config.setAutomaticSampleAssignmentThreshold(automaticSampleAssignmentThreshold);
-		beanTest.getDiseaseConfigurationFacade().saveDiseaseConfiguration(config);
-	}
-
-	public DocumentDto createDocument(
-		UserReferenceDto uploadingUser,
-		String name,
-		String contentType,
-		long size,
-		EventReferenceDto event,
-		byte[] content)
-		throws IOException {
-		return createDocument(uploadingUser, name, contentType, size, DocumentRelatedEntityType.EVENT, event.getUuid(), content);
-	}
-
-	public DocumentDto createDocument(
-		UserReferenceDto uploadingUser,
-		String name,
-		String contentType,
-		long size,
-		DocumentRelatedEntityType relatedEntityType,
-		String relatedEntityUuid,
-		byte[] content)
-		throws IOException {
-		DocumentDto document = DocumentDto.build();
-		document.setUploadingUser(uploadingUser);
-		document.setName(name);
-		document.setMimeType(contentType);
-		document.setSize(size);
-		DocumentRelatedEntityDto documentRelatedEntities = DocumentRelatedEntityDto.build(relatedEntityType, relatedEntityUuid);
-
-		return beanTest.getDocumentFacade().saveDocument(document, content, Collections.singletonList(documentRelatedEntities));
-	}
-
-	public ExportConfigurationDto createExportConfiguration(String name, ExportType exportType, Set<String> properites, UserReferenceDto user) {
-		ExportConfigurationDto exportConfiguration = ExportConfigurationDto.build(user, exportType);
-		exportConfiguration.setName(name);
-		exportConfiguration.setProperties(properites);
-
-		beanTest.getExportFacade().saveExportConfiguration(exportConfiguration);
-
-		return exportConfiguration;
-	}
-
-	public SystemEventDto createSystemEvent(SystemEventType type, Date startDate, SystemEventStatus status) {
-		return createSystemEvent(type, startDate, new Date(startDate.getTime() + 1000), status, "Generated for test purposes");
-	}
-
-	public SystemEventDto createSystemEvent(SystemEventType type, Date startDate, Date endDate, SystemEventStatus status, String additionalInfo) {
-		SystemEventDto systemEvent = SystemEventDto.build();
-		systemEvent.setType(type);
-		systemEvent.setStartDate(startDate);
-		systemEvent.setEndDate(endDate);
-		systemEvent.setStatus(status);
-		systemEvent.setAdditionalInfo(additionalInfo);
-		return systemEvent;
-	}
-
-	public ExternalMessageDto createExternalMessage(Consumer<ExternalMessageDto> customSettings) {
-		ExternalMessageDto message = ExternalMessageDto.build();
-
-		if (customSettings != null) {
-			customSettings.accept(message);
-		}
-
-		beanTest.getExternalMessageFacade().save(message);
-
-		return message;
-	}
-
-	public ExternalMessageDto createLabMessageWithTestReportAndSurveillanceReport(
-		UserReferenceDto user,
-		CaseReferenceDto caze,
-		SampleReferenceDto sample) {
-		SurveillanceReportDto surveillanceReportDto = createSurveillanceReport(user, ReportingType.LABORATORY, caze);
-		ExternalMessageDto labMessage = createExternalMessage(lm -> {
-			lm.setType(ExternalMessageType.LAB_MESSAGE);
-			lm.setSurveillanceReport(surveillanceReportDto.toReference());
-			lm.setStatus(ExternalMessageStatus.PROCESSED);
-		});
-		SampleReportDto sampleReport = createSampleReport(labMessage, sample);
-		createTestReport(sampleReport);
-		return labMessage;
-
-	}
-
-	public ExternalMessageDto createLabMessageWithSurveillanceReport(UserReferenceDto user, CaseReferenceDto caze) {
-		SurveillanceReportDto surveillanceReportDto = createSurveillanceReport(user, ReportingType.LABORATORY, caze);
-		ExternalMessageDto labMessage = createExternalMessage(lm -> {
-			lm.setType(ExternalMessageType.LAB_MESSAGE);
-			lm.setSurveillanceReport(surveillanceReportDto.toReference());
-			lm.setStatus(ExternalMessageStatus.PROCESSED);
-		});
-
-		return labMessage;
-
-	}
-
-	public ExternalMessageDto createLabMessageWithTestReport(SampleReferenceDto sample) {
-		ExternalMessageDto labMessage = createExternalMessage(lm -> lm.setType(ExternalMessageType.LAB_MESSAGE));
-		SampleReportDto sampleReport = createSampleReport(labMessage, sample);
-		createTestReport(sampleReport);
-		return labMessage;
-
-	}
-
-	public SampleReportDto createSampleReport(ExternalMessageDto labMessage, SampleReferenceDto sample) {
-		SampleReportDto sampleReport = createSampleReport(labMessage);
-		sampleReport.setSample(sample);
-		sampleReport.setChangeDate(new Date());
-		beanTest.getSampleReportFacade().saveSampleReport(sampleReport);
-		return sampleReport;
-	}
-
-	public SampleReportDto createSampleReport(ExternalMessageDto labMessage) {
-		SampleReportDto sampleReport = SampleReportDto.build();
-		labMessage.addSampleReport(sampleReport);
-		beanTest.getSampleReportFacade().saveSampleReport(sampleReport);
-		labMessage.setChangeDate(new Date());
-		beanTest.getExternalMessageFacade().save(labMessage);
-		return sampleReport;
-	}
-
-	public TestReportDto createTestReport(SampleReportDto sampleReport) {
-		TestReportDto testReport = TestReportDto.build();
-		sampleReport.addTestReport(testReport);
-
-		beanTest.getTestReportFacade().saveTestReport(testReport);
-		sampleReport.setChangeDate(new Date());
-		beanTest.getSampleReportFacade().saveSampleReport(sampleReport);
-
-		return testReport;
-	}
-
-	public DiseaseVariant createDiseaseVariant(String name, Disease disease) {
-
-		CustomizableEnumValue diseaseVariant = new CustomizableEnumValue();
-		diseaseVariant.setDataType(CustomizableEnumType.DISEASE_VARIANT);
-		diseaseVariant.setValue("BF.1.2");
-		Set<Disease> diseases = new HashSet<>();
-		diseases.add(disease);
-		diseaseVariant.setDiseases(diseases);
-		diseaseVariant.setCaption(name + " variant");
-		diseaseVariant.setActive(true);
-
-		beanTest.getCustomizableEnumValueService().ensurePersisted(diseaseVariant);
-
-		return beanTest.getCustomizableEnumFacade().getEnumValue(CustomizableEnumType.DISEASE_VARIANT, name);
-	}
-
-	public Pathogen createPathogen(String value, String caption) {
-
-		CustomizableEnumValue pathogen = new CustomizableEnumValue();
-		pathogen.setDataType(CustomizableEnumType.PATHOGEN);
-		pathogen.setValue(value);
-		pathogen.setCaption(caption);
-		pathogen.setActive(true);
-
-		beanTest.getCustomizableEnumValueService().ensurePersisted(pathogen);
-
-		beanTest.getCustomizableEnumFacade().loadData();
-
-		return beanTest.getCustomizableEnumFacade().getEnumValue(CustomizableEnumType.PATHOGEN, value);
-	}
-
-	public ExternalShareInfo createExternalShareInfo(
-		CaseReferenceDto caze,
-		UserReferenceDto sender,
-		ExternalShareStatus status,
-		Consumer<ExternalShareInfo> customConfig) {
-		ExternalShareInfo shareInfo = new ExternalShareInfo();
-		shareInfo.setUuid(DataHelper.createUuid());
-		shareInfo.setCaze(beanTest.getCaseService().getByUuid(caze.getUuid()));
-		shareInfo.setSender(beanTest.getUserService().getByUuid(sender.getUuid()));
-		shareInfo.setStatus(status);
-
-		if (customConfig != null) {
-			customConfig.accept(shareInfo);
-		}
-
-		beanTest.getExternalShareInfoService().ensurePersisted(shareInfo);
-
-		return shareInfo;
-	}
-
-	public ExternalShareInfo createExternalShareInfo(EventReferenceDto event, UserReferenceDto sender, ExternalShareStatus status) {
-		ExternalShareInfo shareInfo = new ExternalShareInfo();
-		shareInfo.setUuid(DataHelper.createUuid());
-		shareInfo.setEvent(beanTest.getEventService().getByUuid(event.getUuid()));
-		shareInfo.setSender(beanTest.getUserService().getByUuid(sender.getUuid()));
-		shareInfo.setStatus(status);
-
-		beanTest.getExternalShareInfoService().ensurePersisted(shareInfo);
-
-		return shareInfo;
-	}
-
-	/**
-	 * Creates a list with {@code count} values of type {@code T}.
-	 * The list index is given to the {@code valueSupplier} for each value to create.
-	 */
-	public static <T> List<T> createValuesList(int count, Function<Integer, T> valueSupplier) {
-
-		List<T> values = new ArrayList<>(count);
-		for (int i = 0; i < count; i++) {
-			values.add(valueSupplier.apply(i));
-		}
-		return values;
-	}
-
-	public SormasToSormasOriginInfoDto createSormasToSormasOriginInfo(
-		String serverId,
-		boolean ownershipHandedOver,
-		Consumer<SormasToSormasOriginInfoDto> extraConfig) {
-		SormasToSormasOriginInfoDto originInfo = new SormasToSormasOriginInfoDto();
-		originInfo.setUuid(DataHelper.createUuid());
-		originInfo.setSenderName("Test Name");
-		originInfo.setSenderEmail("test@email.com");
-		originInfo.setOrganizationId(serverId);
-		originInfo.setOwnershipHandedOver(ownershipHandedOver);
-
-		if (extraConfig != null) {
-			extraConfig.accept(originInfo);
-		}
-
-		return beanTest.getSormasToSormasOriginInfoFacade().saveOriginInfo(originInfo);
-	}
-
-	public CaseDataDto createReceivedCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf, boolean ownershipHandedOver) {
-		return createCase(
-			user,
-			person,
-			rdcf,
-			(c) -> c.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", ownershipHandedOver, null)));
-	}
-
-	public CaseDataDto createSharedCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf, boolean ownershipHandedOver) {
-		CaseDataDto caze = createCase(user, person, rdcf, null);
-
-		createShareRequestInfo(
-			ShareRequestDataType.CASE,
-			beanTest.getUserService().getByReferenceDto(user),
-			"target_id",
-			ownershipHandedOver,
-			ShareRequestStatus.ACCEPTED,
-			(s) -> s.setCaze(beanTest.getCaseService().getByReferenceDto(caze.toReference())));
-
-		return caze;
-	}
-
-	public ContactDto createReceivedContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, boolean ownershipHandedOver) {
-		return createContact(
-			reportingUser,
-			contactPerson,
-			Disease.CORONAVIRUS,
-			(c) -> c.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", ownershipHandedOver, null)));
-	}
-
-	public ContactDto createSharedContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, boolean ownershipHandedOver) {
-		ContactDto contact = createContact(reportingUser, contactPerson, Disease.CORONAVIRUS);
-		createShareRequestInfo(
-			ShareRequestDataType.CONTACT,
-			beanTest.getUserService().getByReferenceDto(reportingUser),
-			"target_id",
-			ownershipHandedOver,
-			ShareRequestStatus.ACCEPTED,
-			(s) -> s.setContact(beanTest.getContactService().getByReferenceDto(contact.toReference())));
-
-		return contact;
-	}
-
-	public EventParticipantDto createReceivedEventParticipant(PersonDto eventPerson, UserReferenceDto reportingUser, RDCF rdcf) {
-		return createEventParticipant(createEvent(reportingUser).toReference(), eventPerson, "Test involvment", reportingUser, e -> {
-			e.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", true, null));
-		}, rdcf);
-	}
-
-	public ImmunizationDto createReceivedImmunization(PersonReferenceDto person, UserReferenceDto reportingUser, RDCF rdcf) {
-		return createImmunization(Disease.CORONAVIRUS, person, reportingUser, rdcf, i -> {
-			i.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", true, null));
-		});
-	}
-
-	public ShareRequestInfo createShareRequestInfo(
-		ShareRequestDataType dataType,
-		User sender,
-		String serverId,
-		boolean ownershipHandedOver,
-		ShareRequestStatus status,
-		Consumer<SormasToSormasShareInfo> setTarget) {
-
-		SormasToSormasShareInfo shareInfo = new SormasToSormasShareInfo();
-		shareInfo.setOwnershipHandedOver(ownershipHandedOver);
-		shareInfo.setOrganizationId(serverId);
-		setTarget.accept(shareInfo);
-
-		ShareRequestInfo requestInfo = new ShareRequestInfo();
-		requestInfo.setUuid(DataHelper.createUuid());
-		requestInfo.setDataType(dataType);
-		requestInfo.setSender(sender);
-		requestInfo.setRequestStatus(status);
-		requestInfo.setShares(new ArrayList<>());
-		requestInfo.getShares().add(shareInfo);
-
-		beanTest.getShareRequestInfoService().persist(requestInfo);
-
-		return requestInfo;
-	}
-
-	public EnvironmentDto createEnvironment(
-		String name,
-		EnvironmentMedia environmentMedia,
-		UserReferenceDto reportingUser,
-		RDCF rdcf,
-		Consumer<EnvironmentDto> extraConfig) {
-		EnvironmentDto environment = EnvironmentDto.build();
-		environment.setEnvironmentName(name);
-		environment.setEnvironmentMedia(environmentMedia);
-		environment.setReportDate(new Date());
-		environment.setReportingUser(reportingUser);
-
-		LocationDto location = environment.getLocation();
-		location.setLongitude(1.0);
-		location.setLatitude(1.0);
-		if (rdcf != null) {
-			location.setRegion(rdcf.region);
-			location.setDistrict(rdcf.district);
-			location.setCommunity(rdcf.community);
-		}
-
-		if (extraConfig != null) {
-			extraConfig.accept(environment);
-		}
-
-		environment = beanTest.getEnvironmentFacade().save(environment);
-
-		return environment;
-
-	}
-
-	public EnvironmentDto createEnvironment(String name, EnvironmentMedia environmentMedia, UserReferenceDto reportingUser, RDCF rdcf) {
-		return createEnvironment(name, environmentMedia, reportingUser, rdcf, null);
-	}
-
-	public EnvironmentSampleDto createEnvironmentSample(
-		EnvironmentReferenceDto environment,
-		UserReferenceDto reportingUser,
-		RDCF rdcf,
-		FacilityReferenceDto lab,
-		@Nullable Consumer<EnvironmentSampleDto> extraConfig) {
-		EnvironmentSampleDto sample = EnvironmentSampleDto.build(environment, reportingUser);
-		sample.setSampleMaterial(EnvironmentSampleMaterial.WATER);
-		sample.getLocation().setRegion(rdcf.region);
-		sample.getLocation().setDistrict(rdcf.district);
-		sample.getLocation().setLatitude(1.0);
-		sample.getLocation().setLongitude(1.0);
-		sample.setLaboratory(lab);
-
-		if (extraConfig != null) {
-			extraConfig.accept(sample);
-		}
-
-		return beanTest.getEnvironmentSampleFacade().save(sample);
-	}
-
-	public SpecialCaseAccessDto createSpecialCaseAccess(
-		CaseReferenceDto caze,
-		UserReferenceDto assignedBy,
-		UserReferenceDto assignedTo,
-		Date endDateTime) {
-		SpecialCaseAccessDto specialCaseAccess = SpecialCaseAccessDto.build(caze, assignedBy);
-		specialCaseAccess.setAssignedTo(assignedTo);
-		specialCaseAccess.setEndDateTime(endDateTime);
-
-		return beanTest.getSpecialCaseAccessFacade().save(specialCaseAccess);
-	}
-
-	/**
-	 * @author MartinWahnschaffe
-	 * @deprecated Use RDCF instead
-	 */
-	@Deprecated
-	public static class RDCFEntities {
-
-		public Region region;
-		public District district;
-		public Community community;
-		public Facility facility;
-
-		public RDCFEntities(Region region, District district, Community community, Facility facility) {
-			this.region = region;
-			this.district = district;
-			this.community = community;
-			this.facility = facility;
-		}
-	}
-
-	public static class RDCF {
-
-		public RegionReferenceDto region;
-		public DistrictReferenceDto district;
-		public CommunityReferenceDto community;
-		public FacilityReferenceDto facility;
-		public PointOfEntryReferenceDto pointOfEntry;
-
-		public RDCF(RegionReferenceDto region, DistrictReferenceDto district, CommunityReferenceDto community, FacilityReferenceDto facility) {
-			this(region, district, community, facility, null);
-		}
-
-		public RDCF(
-			RegionReferenceDto region,
-			DistrictReferenceDto district,
-			CommunityReferenceDto community,
-			FacilityReferenceDto facility,
-			PointOfEntryReferenceDto pointOfEntry) {
-			this.region = region;
-			this.district = district;
-			this.community = community;
-			this.facility = facility;
-			this.pointOfEntry = pointOfEntry;
-		}
-
-		public RDCF(RDCFEntities rdcfEntities) {
-			this.region = new RegionReferenceDto(rdcfEntities.region.getUuid(), rdcfEntities.region.getName(), rdcfEntities.region.getExternalID());
-			this.district =
-				new DistrictReferenceDto(rdcfEntities.district.getUuid(), rdcfEntities.district.getName(), rdcfEntities.district.getExternalID());
-			this.community =
-				new CommunityReferenceDto(rdcfEntities.community.getUuid(), rdcfEntities.community.getName(), rdcfEntities.community.getExternalID());
-			this.facility =
-				new FacilityReferenceDto(rdcfEntities.facility.getUuid(), rdcfEntities.facility.getName(), rdcfEntities.facility.getExternalID());
-		}
-	}
-
-	public static class RDP {
-
-		public RegionReferenceDto region;
-		public DistrictReferenceDto district;
-		public PointOfEntryReferenceDto pointOfEntry;
-
-		public RDP(RegionReferenceDto region, DistrictReferenceDto district, PointOfEntryReferenceDto pointOfEntry) {
-			this.region = region;
-			this.district = district;
-			this.pointOfEntry = pointOfEntry;
-		}
-	}
-
-
-	public User createTestUser() {
-		User user = new User();
-		user.setUserName("testuser");
-		user.setFirstName("Test");
-		user.setLastName("User");
-		user.setUuid(DataHelper.createUuid());
-		String password = "password";
-		String seed = "seed";
-		String encodedPassword = PasswordHelper.encodePassword(password, seed); // Assume PasswordHelper is the correct utility for encoding
-		user.setPassword(encodedPassword);
-		user.setSeed(seed);
-		user.setActive(true);
-		user.setUserRoles(
-				new HashSet<>(Arrays.asList(
-						getUserRole(DefaultUserRole.ADMIN),
-						getUserRole(DefaultUserRole.NATIONAL_USER))));
-
-		beanTest.getUserService().persist(user);
-		return user;
-	}
+import javax.annotation.Nullable;
+import java.io.IOException;
+import java.util.*;
+import java.util.function.Consumer;
+import java.util.function.Function;
+import java.util.stream.Collectors;
 
+public class TestDataCreator {
 
+    private final AbstractBeanTest beanTest;
+    public final Map<DefaultUserRole, UserRoleReferenceDto> userRoleDtoMap = new HashMap<>();
+    public final Map<DefaultUserRole, UserRole> userRoleMap = new HashMap<>();
+
+    public TestDataCreator(AbstractBeanTest beanTest) {
+        this.beanTest = beanTest;
+    }
+
+    private void createUserRoles() {
+        Arrays.stream(DefaultUserRole.values()).forEach(defaultUserRole -> {
+            UserRoleDto userRoleDto =
+                    UserRoleDto.build(defaultUserRole.getDefaultUserRights().toArray(new UserRight[defaultUserRole.getDefaultUserRights().size()]));
+            userRoleDto.setCaption(defaultUserRole.toString());
+            userRoleDto.setEnabled(true);
+            userRoleDto.setPortHealthUser(defaultUserRole.isPortHealthUser());
+            userRoleDto.setLinkedDefaultUserRole(defaultUserRole);
+            userRoleDto.setHasAssociatedDistrictUser(defaultUserRole.hasAssociatedDistrictUser());
+            userRoleDto.setHasOptionalHealthFacility(defaultUserRole.hasOptionalHealthFacility());
+            userRoleDto.setEmailNotificationTypes(defaultUserRole.getEmailNotificationTypes());
+            userRoleDto.setSmsNotificationTypes(defaultUserRole.getSmsNotificationTypes());
+            userRoleDto.setJurisdictionLevel(defaultUserRole.getJurisdictionLevel());
+            userRoleDto = beanTest.getUserRoleFacade().saveUserRole(userRoleDto);
+            userRoleDtoMap.put(defaultUserRole, userRoleDto.toReference());
+            UserRole userRole = beanTest.getEagerUserRole(userRoleDto.getUuid());
+            userRoleMap.put(defaultUserRole, userRole);
+        });
+    }
+
+    public UserRoleReferenceDto getUserRoleReference(DefaultUserRole userRole) {
+        if (userRoleDtoMap.isEmpty()) {
+            createUserRoles();
+        }
+        return userRoleDtoMap.get(userRole);
+    }
+
+    public UserRoleReferenceDto createUserRoleWithRestrictedAccessToAssignedEntitiesUsingTemplate(DefaultUserRole templateUserRole) {
+        UserRoleDto userRole = new UserRoleDto();
+        userRole.setCaption(templateUserRole.toString() + "Restricted");
+        userRole.setJurisdictionLevel(templateUserRole.getJurisdictionLevel());
+        userRole.setUserRights(Arrays.stream(templateUserRole.getDefaultUserRights().toArray(new UserRight[0])).collect(Collectors.toSet()));
+        userRole.setRestrictAccessToAssignedEntities(true);
+        return beanTest.getUserRoleFacade().saveUserRole(userRole).toReference();
+    }
+
+    public UserRole getUserRole(DefaultUserRole userRole) {
+        if (userRoleMap.isEmpty()) {
+            createUserRoles();
+        }
+        return userRoleMap.get(userRole);
+    }
+
+    public UserDto createNationalUser() {
+        return createUser("", "", "", "Nat", "Usr", getUserRoleReference(DefaultUserRole.NATIONAL_USER));
+    }
+
+    public UserDto createSurveillanceSupervisor(RDCF rdcf) {
+        if (rdcf == null) {
+            rdcf = createRDCF("Region", "District", "Community", "Facility");
+        }
+
+        return createUser(rdcf.region.getUuid(), null, null, "Surv", "Sup", getUserRoleReference(DefaultUserRole.SURVEILLANCE_SUPERVISOR));
+    }
+
+    public UserDto createSurveillanceOfficer(RDCF rdcf) {
+        if (rdcf == null) {
+            rdcf = createRDCF("Region", "District", "Community", "Facility");
+        }
+
+        return createUser(
+                rdcf.region.getUuid(),
+                rdcf.district.getUuid(),
+                rdcf.facility.getUuid(),
+                "Surv",
+                "Off",
+                getUserRoleReference(DefaultUserRole.SURVEILLANCE_OFFICER));
+    }
+
+    public UserDto createSurveillanceOfficerWithRestrictedAccessToAssignedEntities(RDCF rdcf) {
+        if (rdcf == null) {
+            rdcf = createRDCF("Region", "District", "Community", "Facility");
+        }
+
+        final UserDto user = createUser(
+                rdcf.region.getUuid(),
+                rdcf.district.getUuid(),
+                rdcf.facility.getUuid(),
+                "SurvOff",
+                "RestrictedAccess",
+                createUserRoleWithRestrictedAccessToAssignedEntitiesUsingTemplate(DefaultUserRole.SURVEILLANCE_OFFICER));
+
+        return user;
+    }
+
+    public UserDto createContactOfficer(RDCF rdcf) {
+        if (rdcf == null) {
+            rdcf = createRDCF("Region", "District", "Community", "Facility");
+        }
+
+        return createUser(
+                rdcf.region.getUuid(),
+                rdcf.district.getUuid(),
+                rdcf.facility.getUuid(),
+                "Cont",
+                "Off",
+                getUserRoleReference(DefaultUserRole.CONTACT_OFFICER));
+    }
+
+    public UserDto createUser(RDCF rdcf, UserRoleReferenceDto userRole, Consumer<UserDto> customConfig) {
+
+        UserDto user = UserDto.build();
+        user.setFirstName("User");
+        user.setLastName(userRole.getCaption());
+        user.setUserName(userRole.buildCaption());
+        user.setUserRoles(new HashSet(Arrays.asList(userRole)));
+        user.setRegion(rdcf.region);
+        user.setDistrict(rdcf.district);
+        user.setCommunity(rdcf.community);
+        user.setHealthFacility(rdcf.facility);
+
+        if (customConfig != null) {
+            customConfig.accept(user);
+        }
+
+        return beanTest.getUserFacade().saveUser(user, false);
+    }
+
+    public UserDto createUser(RDCF rdcf, UserRoleReferenceDto... roles) {
+        return createUser(
+                rdcf.region.getUuid(),
+                rdcf.district.getUuid(),
+                rdcf.facility.getUuid(),
+                roles.length > 0 ? roles[0].getCaption() : "First",
+                "User",
+                roles);
+    }
+
+    public UserDto createUser(RDCF rdcf, DefaultUserRole defaultUserRole) {
+        return createUser(rdcf, "User", defaultUserRole);
+    }
+
+    public UserDto createUser(RDCF rdcf, String lastName, DefaultUserRole defaultUserRole) {
+        UserRoleReferenceDto userRole = getUserRoleReference(defaultUserRole);
+        return createUser(rdcf.region.getUuid(), rdcf.district.getUuid(), rdcf.facility.getUuid(), userRole.getCaption(), lastName, userRole);
+    }
+
+    public UserDto createUser(RDCF rdcf, String firstName, String lastName, UserRoleReferenceDto... roles) {
+        return createUser(
+                rdcf.region.getUuid(),
+                rdcf.district.getUuid(),
+                rdcf.community.getUuid(),
+                rdcf.facility.getUuid(),
+                firstName,
+                lastName,
+                roles);
+    }
+
+    public UserDto createUser(
+            String regionUuid,
+            String districtUuid,
+            String facilityUuid,
+            String firstName,
+            String lastName,
+            UserRoleReferenceDto... roles) {
+        return createUser(regionUuid, districtUuid, null, facilityUuid, firstName, lastName, roles);
+    }
+
+    public UserDto createUser(
+            String regionUuid,
+            String districtUuid,
+            String communityUuid,
+            String facilityUuid,
+            String firstName,
+            String lastName,
+            UserRoleReferenceDto... roles) {
+        return createUser(regionUuid, districtUuid, communityUuid, facilityUuid, firstName, lastName, null, roles);
+    }
+
+    public UserDto createUser(RDCF rdcf, String firstName, String lastName, Disease limitedDisease, UserRoleReferenceDto... roles) {
+        return createUser(rdcf.region.getUuid(), rdcf.district.getUuid(), null, rdcf.facility.getUuid(), firstName, lastName, limitedDisease, roles);
+    }
+
+    public UserDto createUser(
+            String regionUuid,
+            String districtUuid,
+            String facilityUuid,
+            String firstName,
+            String lastName,
+            String caption,
+            JurisdictionLevel jurisdictionLevel,
+            UserRight... userRights) {
+        UserRoleReferenceDto userRole = createUserRole(caption, jurisdictionLevel, userRights);
+        return createUser(regionUuid, districtUuid, facilityUuid, firstName, lastName, userRole);
+    }
+
+    private UserDto createUser(
+            String regionUuid,
+            String districtUuid,
+            String communityUuid,
+            String facilityUuid,
+            String firstName,
+            String lastName,
+            Disease limitedDisease,
+            UserRoleReferenceDto... roles) {
+
+        UserDto user = UserDto.build();
+        user.setFirstName(firstName);
+        user.setLastName(lastName);
+        user.setUserName(firstName + lastName);
+        user.setUserRoles(new HashSet<>(Arrays.asList(roles)));
+        if (limitedDisease != null) {
+            user.setLimitedDiseases(Collections.singleton(limitedDisease));
+        }
+        user.setRegion(beanTest.getRegionFacade().getReferenceByUuid(regionUuid));
+        user.setDistrict(beanTest.getDistrictFacade().getReferenceByUuid(districtUuid));
+        user.setCommunity(beanTest.getCommunityFacade().getReferenceByUuid(communityUuid));
+        user.setHealthFacility(beanTest.getFacilityFacade().getReferenceByUuid(facilityUuid));
+        return beanTest.getUserFacade().saveUser(user, false);
+    }
+
+    public UserDto createPointOfEntryUser(RDP rdp) {
+        return createUser(
+                new RDCF(rdp.region, rdp.district, null, null),
+                userRoleDtoMap.get(DefaultUserRole.POE_INFORMANT),
+                user -> user.setPointOfEntry(rdp.pointOfEntry));
+    }
+
+    public UserRoleReferenceDto createUserRole(String caption, JurisdictionLevel jurisdictionLevel, UserRight... userRights) {
+        UserRoleDto userRole = new UserRoleDto();
+        userRole.setCaption(caption);
+        userRole.setJurisdictionLevel(jurisdictionLevel);
+        userRole.setUserRights(Arrays.stream(userRights).collect(Collectors.toSet()));
+        return beanTest.getUserRoleFacade().saveUserRole(userRole).toReference();
+    }
+
+    public UserRoleReferenceDto createUserRoleWithRequiredRights(String caption, JurisdictionLevel jurisdictionLevel, UserRight... userRights) {
+        UserRoleDto userRole = new UserRoleDto();
+        userRole.setCaption(caption);
+        userRole.setJurisdictionLevel(jurisdictionLevel);
+        userRole.setUserRights(UserRight.getWithRequiredUserRights(userRights));
+        return beanTest.getUserRoleFacade().saveUserRole(userRole).toReference();
+    }
+
+    public PersonDto createPerson() {
+        return createPerson("FirstName", "LastName");
+    }
+
+    public PersonDto createPerson(String firstName, String lastName) {
+        return createPerson(firstName, lastName, Sex.UNKNOWN, null);
+    }
+
+    public PersonDto createPerson(String firstName, String lastName, Sex sex) {
+        return createPerson(firstName, lastName, sex, null);
+    }
+
+    public PersonDto createPerson(String firstName, String lastName, Sex sex, Consumer<PersonDto> customConfig) {
+
+        PersonDto person = PersonDto.build();
+        person.setFirstName(firstName);
+        person.setLastName(lastName);
+        person.setSex(sex);
+
+        if (customConfig != null) {
+            customConfig.accept(person);
+        }
+
+        person = beanTest.getPersonFacade().save(person);
+
+        return person;
+    }
+
+    public PersonDto createPerson(String firstName, String lastName, Consumer<PersonDto> customConfig) {
+
+        PersonDto person = PersonDto.build();
+        person.setFirstName(firstName);
+        person.setLastName(lastName);
+        person.setSex(Sex.UNKNOWN);
+
+        if (customConfig != null) {
+            customConfig.accept(person);
+        }
+
+        person = beanTest.getPersonFacade().save(person);
+
+        return person;
+    }
+
+    public PersonDto createPerson(String firstName, String lastName, Sex sex, Integer birthdateYYYY, Integer birthdateMM, Integer birthdateDD) {
+        return createPerson(firstName, lastName, sex, birthdateYYYY, birthdateMM, birthdateDD, null, null, null);
+    }
+
+    public PersonDto createPerson(
+            String firstName,
+            String lastName,
+            Sex sex,
+            Integer birthdateYYYY,
+            Integer birthdateMM,
+            Integer birthdateDD,
+            String passportNr,
+            String nationalHealthId) {
+        return createPerson(firstName, lastName, sex, birthdateYYYY, birthdateMM, birthdateDD, null, passportNr, nationalHealthId);
+    }
+
+    private PersonDto createPerson(
+            String firstName,
+            String lastName,
+            Sex sex,
+            Integer birthdateYYYY,
+            Integer birthdateMM,
+            Integer birthdateDD,
+            LocationDto address,
+            String passportNr,
+            String nationalHealthId) {
+
+        PersonDto person = PersonDto.build();
+        person.setFirstName(firstName);
+        person.setLastName(lastName);
+        person.setSex(sex);
+        person.setBirthdateYYYY(birthdateYYYY);
+        person.setBirthdateMM(birthdateMM);
+        person.setBirthdateDD(birthdateDD);
+        person.setPassportNumber(passportNr);
+        person.setNationalHealthId(nationalHealthId);
+
+        if (address != null) {
+            person.setAddress(address);
+        }
+
+        person = beanTest.getPersonFacade().save(person);
+
+        return person;
+    }
+
+    public PersonDto createPerson(
+            String firstName,
+            String lastName,
+            Sex sex,
+            Integer birthdateYYYY,
+            Integer birthdateMM,
+            Integer birthdateDD,
+            Consumer<PersonDto> customConfig) {
+
+        PersonDto person = PersonDto.build();
+        person.setFirstName(firstName);
+        person.setLastName(lastName);
+        person.setSex(sex);
+        person.setBirthdateYYYY(birthdateYYYY);
+        person.setBirthdateMM(birthdateMM);
+        person.setBirthdateDD(birthdateDD);
+
+        if (customConfig != null) {
+            customConfig.accept(person);
+        }
+
+        person = beanTest.getPersonFacade().save(person);
+
+        return person;
+    }
+
+    public PersonContactDetailDto createPersonContactDetail(
+            PersonReferenceDto person,
+            boolean primaryContact,
+            PersonContactDetailType personContactDetailType,
+            String contactInformation) {
+        PersonContactDetailDto contactDetails =
+                PersonContactDetailDto.build(person, primaryContact, personContactDetailType, null, null, contactInformation, null, false, null, null);
+        return contactDetails;
+    }
+
+    public CaseDataDto createUnclassifiedCase(Disease disease) {
+
+        RDCF rdcf = createRDCF("Region", "District", "Community", "Facility");
+        UserDto user = beanTest.getUserFacade().getByUserName("SurvSup");
+        if (user == null) {
+            user = createSurveillanceSupervisor(rdcf);
+        }
+
+        PersonDto cazePerson = createPerson("Case", "Person", Sex.UNKNOWN);
+        return createCase(
+                user.toReference(),
+                cazePerson.toReference(),
+                disease,
+                CaseClassification.NOT_CLASSIFIED,
+                InvestigationStatus.PENDING,
+                new Date(),
+                rdcf);
+    }
+
+    public CaseDataDto createCase(UserReferenceDto user, RDCF rdcf, Consumer<CaseDataDto> setCustomFields) {
+        return createCase(
+                user,
+                createPerson().toReference(),
+                Disease.EVD,
+                CaseClassification.SUSPECT,
+                InvestigationStatus.PENDING,
+                new Date(),
+                rdcf,
+                setCustomFields);
+    }
+
+    public CaseDataDto createCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf) {
+        return createCase(user, person, Disease.EVD, CaseClassification.SUSPECT, InvestigationStatus.PENDING, new Date(), rdcf);
+    }
+
+    public CaseDataDto createCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf, Consumer<CaseDataDto> setCustomFields) {
+        return createCase(user, person, Disease.EVD, CaseClassification.SUSPECT, InvestigationStatus.PENDING, new Date(), rdcf, setCustomFields);
+    }
+
+    public CaseDataDto createCase(
+            UserReferenceDto user,
+            PersonReferenceDto cazePerson,
+            Disease disease,
+            CaseClassification caseClassification,
+            InvestigationStatus investigationStatus,
+            Date reportAndOnsetDate,
+            RDCF rdcf) {
+
+        return createCase(user, cazePerson, disease, caseClassification, investigationStatus, reportAndOnsetDate, rdcf, null);
+    }
+
+    public CaseDataDto createCase(
+            UserReferenceDto user,
+            PersonReferenceDto cazePerson,
+            Disease disease,
+            CaseClassification caseClassification,
+            InvestigationStatus investigationStatus,
+            Date reportAndOnsetDate,
+            RDCF rdcf,
+            Consumer<CaseDataDto> setCustomFields) {
+
+        CaseDataDto caze = CaseDataDto.build(cazePerson, disease);
+        caze.setReportDate(reportAndOnsetDate);
+        caze.setReportingUser(user);
+        caze.getSymptoms().setOnsetDate(reportAndOnsetDate);
+        caze.setCaseClassification(caseClassification);
+        caze.setInvestigationStatus(investigationStatus);
+        caze.setResponsibleRegion(rdcf.region);
+        caze.setResponsibleDistrict(rdcf.district);
+        caze.setResponsibleCommunity(rdcf.community);
+        caze.setFacilityType(beanTest.getFacilityFacade().getByUuid(rdcf.facility.getUuid()).getType());
+        caze.setHealthFacility(rdcf.facility);
+        caze.setPointOfEntry(rdcf.pointOfEntry);
+
+        if (setCustomFields != null) {
+            setCustomFields.accept(caze);
+        }
+
+        caze = beanTest.getCaseFacade().save(caze);
+
+        return caze;
+    }
+
+    public ImmunizationDto createImmunization(
+            Disease disease,
+            PersonReferenceDto person,
+            UserReferenceDto reportingUser,
+            ImmunizationStatus immunizationStatus,
+            MeansOfImmunization meansOfImmunization,
+            ImmunizationManagementStatus immunizationManagementStatus,
+            RDCF rdcf,
+            Date startDate,
+            Date endDate,
+            Date validFromDate,
+            Date validUntilDate) {
+        ImmunizationDto immunization =
+                createImmunizationDto(disease, person, reportingUser, immunizationStatus, meansOfImmunization, immunizationManagementStatus, rdcf);
+        immunization.setStartDate(startDate);
+        immunization.setEndDate(endDate);
+        immunization.setValidFrom(validFromDate);
+        immunization.setValidUntil(validUntilDate);
+
+        return beanTest.getImmunizationFacade().save(immunization);
+    }
+
+    public ImmunizationDto createImmunization(
+            Disease disease,
+            PersonReferenceDto person,
+            UserReferenceDto reportingUser,
+            ImmunizationStatus immunizationStatus,
+            MeansOfImmunization meansOfImmunization,
+            ImmunizationManagementStatus immunizationManagementStatus,
+            RDCF rdcf) {
+        ImmunizationDto immunization =
+                createImmunizationDto(disease, person, reportingUser, immunizationStatus, meansOfImmunization, immunizationManagementStatus, rdcf);
+
+        return beanTest.getImmunizationFacade().save(immunization);
+    }
+
+    public ImmunizationDto createImmunization(Disease disease, PersonReferenceDto person, UserReferenceDto reportingUser, RDCF rdcf) {
+
+        return createImmunization(disease, person, reportingUser, rdcf, null);
+    }
+
+    public ImmunizationDto createImmunization(
+            Disease disease,
+            PersonReferenceDto person,
+            UserReferenceDto reportingUser,
+            RDCF rdcf,
+            Consumer<ImmunizationDto> extraConfig) {
+
+        ImmunizationDto immunization = createImmunizationDto(
+                disease,
+                person,
+                reportingUser,
+                ImmunizationStatus.PENDING,
+                MeansOfImmunization.VACCINATION,
+                ImmunizationManagementStatus.ONGOING,
+                rdcf);
+
+        if (extraConfig != null) {
+            extraConfig.accept(immunization);
+        }
+
+        return beanTest.getImmunizationFacade().save(immunization);
+    }
+
+    @NotNull
+    public ImmunizationDto createImmunizationDto(
+            Disease disease,
+            PersonReferenceDto person,
+            UserReferenceDto reportingUser,
+            ImmunizationStatus immunizationStatus,
+            MeansOfImmunization meansOfImmunization,
+            ImmunizationManagementStatus immunizationManagementStatus,
+            RDCF rdcf) {
+        ImmunizationDto immunization = new ImmunizationDto();
+        immunization.setUuid(DataHelper.createUuid());
+        immunization.setDisease(disease);
+        immunization.setPerson(person);
+        immunization.setReportingUser(reportingUser);
+        immunization.setImmunizationStatus(immunizationStatus);
+        immunization.setMeansOfImmunization(meansOfImmunization);
+        immunization.setImmunizationManagementStatus(immunizationManagementStatus);
+        immunization.setResponsibleRegion(rdcf.region);
+        immunization.setResponsibleDistrict(rdcf.district);
+        immunization.setResponsibleCommunity(rdcf.community);
+
+        immunization.setReportDate(new Date());
+        return immunization;
+    }
+
+    public VaccinationDto createVaccination(
+            UserReferenceDto reportingUser,
+            ImmunizationReferenceDto immunization,
+            HealthConditionsDto healthConditions) {
+
+        return createVaccination(reportingUser, immunization, healthConditions, new Date(), null, null);
+    }
+
+    public VaccinationDto createVaccination(UserReferenceDto reportingUser, ImmunizationReferenceDto immunization) {
+        return createVaccination(reportingUser, immunization, new HealthConditionsDto());
+    }
+
+    @NotNull
+    public VaccinationDto createVaccinationDto(
+            UserReferenceDto reportingUser,
+            ImmunizationReferenceDto immunization,
+            HealthConditionsDto healthConditions) {
+        VaccinationDto vaccination = new VaccinationDto();
+        vaccination.setUuid(DataHelper.createUuid());
+        vaccination.setReportingUser(reportingUser);
+        vaccination.setReportDate(new Date());
+
+        vaccination.setImmunization(immunization);
+        vaccination.setHealthConditions(healthConditions);
+        return vaccination;
+    }
+
+    public VaccinationDto createVaccinationWithDetails(
+            UserReferenceDto reportingUser,
+            ImmunizationReferenceDto immunization,
+            HealthConditionsDto healthConditions,
+            Date vaccinationDate,
+            Vaccine vaccine,
+            VaccineManufacturer vaccineManufacturer,
+            VaccinationInfoSource infoSource,
+            String vaccineInn,
+            String vaccineBatchNumber,
+            String vaccineAtcCode,
+            String vaccineDose) {
+
+        VaccinationDto vaccinationDto =
+                createVaccination(reportingUser, immunization, healthConditions, vaccinationDate, vaccine, vaccineManufacturer);
+
+        vaccinationDto.setVaccinationInfoSource(infoSource);
+        vaccinationDto.setVaccineInn(vaccineInn);
+        vaccinationDto.setVaccineBatchNumber(vaccineBatchNumber);
+        vaccinationDto.setVaccineAtcCode(vaccineAtcCode);
+        vaccinationDto.setVaccineDose(vaccineDose);
+
+        return beanTest.getVaccinationFacade().save(vaccinationDto);
+    }
+
+    public VaccinationDto createVaccination(
+            UserReferenceDto reportingUser,
+            ImmunizationReferenceDto immunization,
+            HealthConditionsDto healthConditions,
+            Date vaccinationDate,
+            Vaccine vaccine,
+            VaccineManufacturer vaccineManufacturer) {
+
+        VaccinationDto vaccination = new VaccinationDto();
+        vaccination.setUuid(DataHelper.createUuid());
+        vaccination.setReportingUser(reportingUser);
+        vaccination.setReportDate(new Date());
+        vaccination.setVaccinationDate(new Date());
+        vaccination.setVaccineName(vaccine);
+        vaccination.setVaccineManufacturer(vaccineManufacturer);
+
+        vaccination.setVaccinationDate(vaccinationDate);
+        vaccination.setImmunization(immunization);
+        vaccination.setHealthConditions(healthConditions);
+
+        return beanTest.getVaccinationFacade().save(vaccination);
+    }
+
+    public TravelEntryDto createTravelEntry(PersonReferenceDto person, UserReferenceDto reportingUser, RDCF rdcf, Consumer<TravelEntryDto> config) {
+
+        TravelEntryDto travelEntry = TravelEntryDto.build(person);
+        travelEntry.setDisease(Disease.EVD);
+        travelEntry.setReportingUser(reportingUser);
+        travelEntry.setResponsibleRegion(rdcf.region);
+        travelEntry.setResponsibleDistrict(rdcf.district);
+        travelEntry.setPointOfEntry(rdcf.pointOfEntry);
+        travelEntry.setDateOfArrival(new Date());
+
+        if (config != null) {
+            config.accept(travelEntry);
+        }
+
+        return beanTest.getTravelEntryFacade().save(travelEntry);
+    }
+
+    public TravelEntryDto createTravelEntry(
+            PersonReferenceDto person,
+            UserReferenceDto reportingUser,
+            Disease disease,
+            RegionReferenceDto responsibleRegion,
+            DistrictReferenceDto responsibleDistrict,
+            PointOfEntryReferenceDto pointOfEntry) {
+
+        TravelEntryDto travelEntry = TravelEntryDto.build(person);
+        travelEntry.setDisease(disease);
+        travelEntry.setReportingUser(reportingUser);
+        travelEntry.setDateOfArrival(new Date());
+        travelEntry.setResponsibleRegion(responsibleRegion);
+        travelEntry.setResponsibleDistrict(responsibleDistrict);
+        travelEntry.setPointOfEntry(pointOfEntry);
+
+        return beanTest.getTravelEntryFacade().save(travelEntry);
+    }
+
+    public ClinicalVisitDto createClinicalVisit(CaseDataDto caze) {
+        return createClinicalVisit(caze, null);
+    }
+
+    public ClinicalVisitDto createClinicalVisit(CaseDataDto caze, Consumer<ClinicalVisitDto> extraConfig) {
+
+        ClinicalVisitDto clinicalVisit = ClinicalVisitDto.build(caze.getClinicalCourse().toReference(), caze.getDisease());
+
+        if (extraConfig != null) {
+            extraConfig.accept(clinicalVisit);
+        }
+
+        clinicalVisit = beanTest.getClinicalVisitFacade().saveClinicalVisit(clinicalVisit, caze.getUuid());
+        return clinicalVisit;
+    }
+
+    public PrescriptionDto createPrescription(CaseDataDto caze) {
+        return createPrescription(caze, null);
+    }
+
+    public PrescriptionDto createPrescription(CaseDataDto caze, Consumer<PrescriptionDto> customConfig) {
+
+        PrescriptionDto prescription = PrescriptionDto.buildPrescription(caze.getTherapy().toReference());
+        prescription.setPrescriptionType(TreatmentType.BLOOD_TRANSFUSION);
+
+        if (customConfig != null) {
+            customConfig.accept(prescription);
+        }
+
+        prescription = beanTest.getPrescriptionFacade().savePrescription(prescription);
+
+        return prescription;
+    }
+
+    public TreatmentDto createTreatment(CaseDataDto caze) {
+        return createTreatment(caze, null);
+    }
+
+    public TreatmentDto createTreatment(CaseDataDto caze, Consumer<TreatmentDto> customConfig) {
+
+        TreatmentDto treatment = TreatmentDto.build(caze.getTherapy().toReference());
+        treatment.setTreatmentType(TreatmentType.BLOOD_TRANSFUSION);
+
+        if (customConfig != null) {
+            customConfig.accept(treatment);
+        }
+
+        treatment = beanTest.getTreatmentFacade().saveTreatment(treatment);
+
+        return treatment;
+    }
+
+    public ContactDto createContact(RDCF rdcf, UserReferenceDto reportingUser, PersonReferenceDto contactPerson) {
+        return createContact(reportingUser, null, contactPerson, null, new Date(), null, null, rdcf);
+    }
+
+    public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson) {
+        return createContact(reportingUser, null, contactPerson, null, new Date(), null, null, null);
+    }
+
+    public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, Disease disease) {
+        return createContact(reportingUser, null, contactPerson, null, new Date(), null, disease, null);
+    }
+
+    public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, Disease disease, RDCF rdcf) {
+        return createContact(reportingUser, null, contactPerson, null, new Date(), null, disease, null);
+    }
+
+    public ContactDto createContact(
+            UserReferenceDto reportingUser,
+            PersonReferenceDto contactPerson,
+            Disease disease,
+            Consumer<ContactDto> customConfig) {
+        return createContact(reportingUser, null, contactPerson, null, new Date(), null, disease, null, customConfig);
+    }
+
+    public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, Date reportDateTime) {
+        return createContact(reportingUser, null, contactPerson, null, reportDateTime, null, null, null);
+    }
+
+    public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, CaseDataDto caze) {
+        return createContact(reportingUser, null, contactPerson, caze, new Date(), null, null, null);
+    }
+
+    public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, CaseDataDto caze, RDCF rdcf) {
+        return createContact(reportingUser, null, contactPerson, caze, new Date(), null, null, rdcf);
+    }
+
+    public ContactDto createContact(
+            UserReferenceDto reportingUser,
+            UserReferenceDto contactOfficer,
+            PersonReferenceDto contactPerson,
+            CaseDataDto caze,
+            Date reportDateTime,
+            Date lastContactDate,
+            Disease disease) {
+
+        return createContact(reportingUser, contactOfficer, contactPerson, caze, reportDateTime, lastContactDate, disease, null);
+    }
+
+    public ContactDto createContact(
+            UserReferenceDto reportingUser,
+            UserReferenceDto contactOfficer,
+            PersonReferenceDto contactPerson,
+            CaseDataDto caze,
+            Date reportDateTime,
+            Date lastContactDate,
+            Disease disease,
+            RDCF rdcf) {
+        return createContact(reportingUser, contactOfficer, contactPerson, caze, reportDateTime, lastContactDate, disease, rdcf, null);
+    }
+
+    public ContactDto createContact(
+            UserReferenceDto reportingUser,
+            UserReferenceDto contactOfficer,
+            PersonReferenceDto contactPerson,
+            CaseDataDto caze,
+            Date reportDateTime,
+            Date lastContactDate,
+            Disease disease,
+            RDCF rdcf,
+            Consumer<ContactDto> customConfig) {
+        ContactDto contact;
+
+        if (caze != null) {
+            contact = ContactDto.build(caze);
+        } else {
+            contact = ContactDto.build(null, disease != null ? disease : Disease.EVD, null, null);
+            if (rdcf == null) {
+                rdcf = createRDCF();
+            }
+            contact.setRegion(rdcf.region);
+            contact.setDistrict(rdcf.district);
+        }
+        contact.setReportingUser(reportingUser);
+        contact.setContactOfficer(contactOfficer);
+        contact.setPerson(contactPerson);
+        contact.setReportDateTime(reportDateTime);
+        contact.setLastContactDate(lastContactDate);
+        contact.setEpiData(EpiDataDto.build());
+
+        if (customConfig != null) {
+            customConfig.accept(contact);
+        }
+
+        contact = beanTest.getContactFacade().save(contact);
+
+        return contact;
+    }
+
+    public TaskDto createTask(UserReferenceDto assigneeUser) {
+        return createTask(TaskContext.GENERAL, TaskType.OTHER, TaskStatus.PENDING, null, null, null, null, new Date(), assigneeUser);
+    }
+
+    public TaskDto createTask(TaskContext context, ReferenceDto entityRef, Consumer<TaskDto> customConfig) {
+
+        TaskDto task = TaskDto.build(context, entityRef);
+
+        if (customConfig != null) {
+            customConfig.accept(task);
+        }
+
+        task = beanTest.getTaskFacade().saveTask(task);
+
+        return task;
+    }
+
+    public TaskDto createTask(
+            TaskContext context,
+            TaskType type,
+            TaskStatus status,
+            CaseReferenceDto caze,
+            ContactReferenceDto contact,
+            EventReferenceDto event,
+            EnvironmentReferenceDto environment,
+            Date dueDate,
+            UserReferenceDto assigneeUser) {
+
+        ReferenceDto entityRef;
+        switch (context) {
+            case CASE:
+                entityRef = caze;
+                break;
+            case CONTACT:
+                entityRef = contact;
+                break;
+            case EVENT:
+                entityRef = event;
+                break;
+            case ENVIRONMENT:
+                entityRef = environment;
+                break;
+            case GENERAL:
+                entityRef = null;
+                break;
+            default:
+                throw new IllegalArgumentException(context.toString());
+        }
+
+        TaskDto task = TaskDto.build(context, entityRef);
+        task.setTaskType(type);
+        task.setTaskStatus(status);
+        task.setDueDate(dueDate);
+        task.setAssigneeUser(assigneeUser);
+
+        task = beanTest.getTaskFacade().saveTask(task);
+
+        return task;
+    }
+
+    public VisitDto createVisit(PersonReferenceDto person) {
+        return createVisit(Disease.EVD, person);
+    }
+
+    public VisitDto createVisit(Disease disease, PersonReferenceDto person) {
+        return createVisit(disease, person, new Date(), VisitStatus.COOPERATIVE, VisitOrigin.USER);
+    }
+
+    public VisitDto createVisit(Disease disease, PersonReferenceDto person, Date visitDateTime) {
+        return createVisit(disease, person, visitDateTime, VisitStatus.COOPERATIVE, VisitOrigin.USER);
+    }
+
+    public VisitDto createVisit(Disease disease, PersonReferenceDto person, Date visitDateTime, VisitStatus visitStatus, VisitOrigin visitOrigin) {
+        return createVisit(disease, person, visitDateTime, visitStatus, visitOrigin, null);
+    }
+
+    public VisitDto createVisit(
+            Disease disease,
+            PersonReferenceDto person,
+            Date visitDateTime,
+            VisitStatus visitStatus,
+            VisitOrigin visitOrigin,
+            Consumer<VisitDto> customConfig) {
+
+        VisitDto visit = VisitDto.build(person, disease, visitOrigin);
+        visit.setVisitDateTime(visitDateTime);
+        visit.setVisitStatus(visitStatus);
+
+        if (customConfig != null) {
+            customConfig.accept(visit);
+        }
+
+        visit = beanTest.getVisitFacade().save(visit);
+
+        return visit;
+    }
+
+    public EventDto createEvent(UserReferenceDto reportingUser) {
+
+        return createEvent(reportingUser, new Date());
+    }
+
+    public EventDto createEvent(UserReferenceDto reportingUser, EventStatus status) {
+
+        return createEvent(status, EventInvestigationStatus.PENDING, "eventTitle", "description", reportingUser, null, null);
+    }
+
+    public EventDto createEvent(UserReferenceDto reportingUser, Disease disease) {
+        return createEvent(
+                EventStatus.SIGNAL,
+                EventInvestigationStatus.PENDING,
+                "title",
+                "description",
+                "firstname",
+                "lastname",
+                null,
+                null,
+                new Date(),
+                new Date(),
+                reportingUser,
+                null,
+                disease,
+                null);
+    }
+
+    public EventDto createEvent(UserReferenceDto reportingUser, Disease disease, RDCF rdcf) {
+
+        return createEvent(EventStatus.SIGNAL, EventInvestigationStatus.PENDING, "title", "description", reportingUser, rdcf, (event) -> {
+            event.setReportDateTime(new Date());
+            event.setReportingUser(reportingUser);
+            event.setDisease(disease);
+        });
+    }
+
+    public EventDto createEvent(UserReferenceDto reportingUser, Disease disease, Consumer<EventDto> customConfig) {
+
+        return createEvent(EventStatus.SIGNAL, EventInvestigationStatus.PENDING, "title", "description", reportingUser, null, (event) -> {
+            event.setReportDateTime(new Date());
+            event.setReportingUser(reportingUser);
+            event.setDisease(disease);
+
+            customConfig.accept(event);
+        });
+    }
+
+    public EventDto createEvent(UserReferenceDto reportingUser, Date eventDate) {
+
+        return createEvent(
+                EventStatus.SIGNAL,
+                EventInvestigationStatus.PENDING,
+                "title",
+                "Description",
+                "FirstName",
+                "LastName",
+                null,
+                null,
+                eventDate,
+                new Date(),
+                reportingUser,
+                null,
+                null,
+                null);
+    }
+
+    public EventDto createEvent(
+            EventStatus eventStatus,
+            EventInvestigationStatus eventInvestigationStatus,
+            String eventTitle,
+            String eventDesc,
+            String srcFirstName,
+            String srcLastName,
+            String srcTelNo,
+            TypeOfPlace typeOfPlace,
+            Date eventDate,
+            Date reportDateTime,
+            UserReferenceDto reportingUser,
+            UserReferenceDto responsibleUser,
+            Disease disease,
+            RDCF rdcf) {
+
+        return createEvent(eventStatus, eventInvestigationStatus, eventTitle, eventDesc, reportingUser, rdcf, (event) -> {
+            event.setSrcFirstName(srcFirstName);
+            event.setSrcLastName(srcLastName);
+            event.setSrcTelNo(srcTelNo);
+            event.setTypeOfPlace(typeOfPlace);
+            event.setStartDate(eventDate);
+            event.setReportDateTime(reportDateTime);
+            event.setReportingUser(reportingUser);
+            event.setResponsibleUser(responsibleUser);
+            event.setDisease(disease);
+
+        });
+    }
+
+    public EventDto createEvent(
+            EventStatus eventStatus,
+            EventInvestigationStatus eventInvestigationStatus,
+            String eventTitle,
+            String eventDesc,
+            UserReferenceDto reportingUser,
+            RDCF rdcf,
+            Consumer<EventDto> customSettings) {
+
+        EventDto event = EventDto.build();
+        event.setEventStatus(eventStatus);
+        event.setEventInvestigationStatus(eventInvestigationStatus);
+        event.setEventTitle(eventTitle);
+        event.setEventDesc(eventDesc);
+        event.setReportingUser(reportingUser);
+
+        if (rdcf == null) {
+            rdcf = createRDCF();
+        }
+
+        event.getEventLocation().setRegion(rdcf.region);
+        event.getEventLocation().setDistrict(rdcf.district);
+
+        if (customSettings != null) {
+            customSettings.accept(event);
+        }
+
+        event = beanTest.getEventFacade().save(event);
+
+        return event;
+    }
+
+    public EventParticipantDto createEventParticipant(EventReferenceDto event, PersonDto eventPerson, UserReferenceDto reportingUser) {
+        return createEventParticipant(event, eventPerson, "Description", reportingUser, null, null);
+    }
+
+    public EventParticipantDto createEventParticipant(
+            EventReferenceDto event,
+            PersonDto eventPerson,
+            String involvementDescription,
+            UserReferenceDto reportingUser) {
+        return createEventParticipant(event, eventPerson, involvementDescription, reportingUser, null, null);
+    }
+
+    public EventParticipantDto createEventParticipant(
+            EventReferenceDto event,
+            PersonDto eventPerson,
+            String involvementDescription,
+            UserReferenceDto reportingUser,
+            RDCF rdcf) {
+        return createEventParticipant(event, eventPerson, involvementDescription, reportingUser, null, rdcf);
+    }
+
+    public EventParticipantDto createEventParticipant(
+            EventReferenceDto event,
+            PersonDto eventPerson,
+            String involvementDescription,
+            UserReferenceDto reportingUser,
+            Consumer<EventParticipantDto> customSettings,
+            RDCF rdcf) {
+
+        EventParticipantDto eventParticipant = EventParticipantDto.build(event, reportingUser);
+        eventParticipant.setPerson(eventPerson);
+        eventParticipant.setInvolvementDescription(involvementDescription);
+
+        if (customSettings != null) {
+            customSettings.accept(eventParticipant);
+        }
+        if (rdcf != null) {
+            eventParticipant.setRegion(rdcf.region);
+            eventParticipant.setDistrict(rdcf.district);
+        }
+
+        eventParticipant = beanTest.getEventParticipantFacade().save(eventParticipant);
+        return eventParticipant;
+    }
+
+    public SurveillanceReportDto createSurveillanceReport(UserReferenceDto reportingUser, CaseReferenceDto caseReference) {
+        return createSurveillanceReport(reportingUser, ReportingType.DOCTOR, caseReference);
+    }
+
+    public SurveillanceReportDto createSurveillanceReport(
+            UserReferenceDto reportingUser,
+            ReportingType reportingType,
+            CaseReferenceDto caseReference) {
+        return createSurveillanceReport(reportingUser, reportingType, caseReference, null);
+    }
+
+    public SurveillanceReportDto createSurveillanceReport(
+            UserReferenceDto reportingUser,
+            ReportingType reportingType,
+            CaseReferenceDto caseReference,
+            Consumer<SurveillanceReportDto> extraConfig) {
+        SurveillanceReportDto surveillanceReport = SurveillanceReportDto.build(caseReference, reportingUser);
+        surveillanceReport.setReportingType(reportingType);
+        surveillanceReport.setReportDate(new Date());
+
+        if (extraConfig != null) {
+            extraConfig.accept(surveillanceReport);
+        }
+
+        surveillanceReport = beanTest.getSurveillanceReportFacade().save(surveillanceReport);
+
+        return surveillanceReport;
+    }
+
+    public ActionDto createAction(EventReferenceDto event) {
+
+        ActionDto action = ActionDto.build(ActionContext.EVENT, event);
+
+        action = beanTest.getActionFacade().saveAction(action);
+        return action;
+    }
+
+    public SampleDto createSample(CaseReferenceDto associatedCase, UserReferenceDto reportingUser, Facility lab) {
+        return createSample(associatedCase, reportingUser, lab, null);
+    }
+
+    public SampleDto createSample(CaseReferenceDto associatedCase, UserReferenceDto reportingUser, Facility lab, Consumer<SampleDto> customConfig) {
+        return createSample(associatedCase, new Date(), new Date(), reportingUser, SampleMaterial.BLOOD, lab, customConfig);
+    }
+
+    public SampleDto createSample(CaseReferenceDto associatedCase, UserReferenceDto reportingUser, FacilityReferenceDto lab) {
+        return createSample(associatedCase, reportingUser, lab, null);
+    }
+
+    public SampleDto createSample(
+            CaseReferenceDto associatedCase,
+            UserReferenceDto reportingUser,
+            FacilityReferenceDto lab,
+            Consumer<SampleDto> customSettings) {
+
+        SampleDto sample = SampleDto.build(reportingUser, associatedCase);
+        sample.setSampleDateTime(new Date());
+        sample.setReportDateTime(new Date());
+        sample.setSampleMaterial(SampleMaterial.BLOOD);
+        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+        sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
+
+        if (customSettings != null) {
+            customSettings.accept(sample);
+        }
+
+        sample = beanTest.getSampleFacade().saveSample(sample);
+
+        return sample;
+    }
+
+    public SampleDto createSample(
+            CaseReferenceDto associatedCase,
+            Date sampleDateTime,
+            Date reportDateTime,
+            UserReferenceDto reportingUser,
+            SampleMaterial sampleMaterial,
+            Facility lab) {
+        return createSample(associatedCase, sampleDateTime, reportDateTime, reportingUser, sampleMaterial, lab, null);
+    }
+
+    public SampleDto createSample(
+            CaseReferenceDto associatedCase,
+            Date sampleDateTime,
+            Date reportDateTime,
+            UserReferenceDto reportingUser,
+            SampleMaterial sampleMaterial,
+            Facility lab,
+            Consumer<SampleDto> customConfig) {
+        SampleDto sample = SampleDto.build(reportingUser, associatedCase);
+        sample.setSampleDateTime(sampleDateTime);
+        sample.setReportDateTime(reportDateTime);
+        sample.setSampleMaterial(sampleMaterial);
+        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+        sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
+
+        if (customConfig != null) {
+            customConfig.accept(sample);
+        }
+
+        sample = beanTest.getSampleFacade().saveSample(sample);
+
+        return sample;
+    }
+
+    public SampleDto createSample(
+            CaseReferenceDto associatedCase,
+            Date sampleDateTime,
+            Date reportDateTime,
+            UserReferenceDto reportingUser,
+            SampleMaterial sampleMaterial,
+            FacilityReferenceDto lab) {
+
+        SampleDto sample = SampleDto.build(reportingUser, associatedCase);
+        sample.setSampleDateTime(sampleDateTime);
+        sample.setReportDateTime(reportDateTime);
+        sample.setSampleMaterial(sampleMaterial);
+        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+        sample.setLab(lab);
+
+        sample = beanTest.getSampleFacade().saveSample(sample);
+        return sample;
+    }
+
+    @Deprecated
+    public SampleDto createSample(
+            ContactReferenceDto associatedContact,
+            Date sampleDateTime,
+            Date reportDateTime,
+            UserReferenceDto reportingUser,
+            SampleMaterial sampleMaterial,
+            Facility lab) {
+
+        SampleDto sample = SampleDto.build(reportingUser, associatedContact);
+        sample.setSampleDateTime(sampleDateTime);
+        sample.setReportDateTime(reportDateTime);
+        sample.setSampleMaterial(sampleMaterial);
+        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+        sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
+
+        sample = beanTest.getSampleFacade().saveSample(sample);
+        return sample;
+    }
+
+    public SampleDto createSample(
+            ContactReferenceDto associatedContact,
+            Date sampleDateTime,
+            Date reportDateTime,
+            UserReferenceDto reportingUser,
+            SampleMaterial sampleMaterial,
+            FacilityReferenceDto lab) {
+
+        SampleDto sample = SampleDto.build(reportingUser, associatedContact);
+        sample.setSampleDateTime(sampleDateTime);
+        sample.setReportDateTime(reportDateTime);
+        sample.setSampleMaterial(sampleMaterial);
+        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+        sample.setLab(lab);
+
+        sample = beanTest.getSampleFacade().saveSample(sample);
+        return sample;
+    }
+
+    public SampleDto createSample(
+            ContactReferenceDto associatedContact,
+            UserReferenceDto reportingUser,
+            FacilityReferenceDto lab,
+            Consumer<SampleDto> customSettings) {
+
+        SampleDto sample = SampleDto.build(reportingUser, associatedContact);
+        sample.setSampleDateTime(new Date());
+        sample.setReportDateTime(new Date());
+        sample.setSampleMaterial(SampleMaterial.BLOOD);
+        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+        sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
+
+        if (customSettings != null) {
+            customSettings.accept(sample);
+        }
+
+        sample = beanTest.getSampleFacade().saveSample(sample);
+
+        return sample;
+    }
+
+    public SampleDto createSample(EventParticipantReferenceDto associatedEventParticipant, UserReferenceDto reportingUser, FacilityReferenceDto lab) {
+        return createSample(associatedEventParticipant, new Date(), new Date(), reportingUser, SampleMaterial.BLOOD, lab);
+    }
+
+    public SampleDto createSample(
+            EventParticipantReferenceDto associatedEventParticipant,
+            UserReferenceDto reportingUser,
+            FacilityReferenceDto lab,
+            Consumer<SampleDto> customConfig) {
+        return createSample(associatedEventParticipant, new Date(), new Date(), reportingUser, SampleMaterial.BLOOD, lab, customConfig);
+    }
+
+    public SampleDto createSample(
+            EventParticipantReferenceDto associatedEventParticipant,
+            Date sampleDateTime,
+            Date reportDateTime,
+            UserReferenceDto reportingUser,
+            SampleMaterial sampleMaterial,
+            FacilityReferenceDto lab) {
+
+        SampleDto sample = SampleDto.build(reportingUser, associatedEventParticipant);
+        sample.setSampleDateTime(sampleDateTime);
+        sample.setReportDateTime(reportDateTime);
+        sample.setSampleMaterial(sampleMaterial);
+        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+        sample.setLab(lab);
+
+        sample = beanTest.getSampleFacade().saveSample(sample);
+        return sample;
+    }
+
+    public SampleDto createSample(
+            EventParticipantReferenceDto associatedEventParticipant,
+            Date sampleDateTime,
+            Date reportDateTime,
+            UserReferenceDto reportingUser,
+            SampleMaterial sampleMaterial,
+            FacilityReferenceDto lab,
+            Consumer<SampleDto> customConfig) {
+
+        SampleDto sample = SampleDto.build(reportingUser, associatedEventParticipant);
+        sample.setSampleDateTime(sampleDateTime);
+        sample.setReportDateTime(reportDateTime);
+        sample.setSampleMaterial(sampleMaterial);
+        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+        sample.setLab(lab);
+
+        if (customConfig != null) {
+            customConfig.accept(sample);
+        }
+
+        sample = beanTest.getSampleFacade().saveSample(sample);
+        return sample;
+    }
+
+    public PathogenTestDto createPathogenTest(
+            SampleReferenceDto sample,
+            PathogenTestType testType,
+            Disease testedDisease,
+            Date testDateTime,
+            FacilityReferenceDto lab,
+            UserReferenceDto labUser,
+            PathogenTestResultType testResult,
+            String testResultText,
+            boolean verified) {
+        return createPathogenTest(sample, testType, testedDisease, testDateTime, lab, labUser, testResult, testResultText, verified, null);
+    }
+
+    public PathogenTestDto createPathogenTest(SampleReferenceDto sample, UserReferenceDto labUser, Consumer<PathogenTestDto> extraConfig) {
+        return createPathogenTest(
+                sample,
+                PathogenTestType.ANTIGEN_DETECTION,
+                null,
+                new Date(),
+                (FacilityReferenceDto) null,
+                labUser,
+                PathogenTestResultType.PENDING,
+                null,
+                true,
+                extraConfig);
+    }
+
+    public PathogenTestDto createPathogenTest(
+            SampleReferenceDto sample,
+            PathogenTestType testType,
+            Disease testedDisease,
+            Date testDateTime,
+            Facility lab,
+            UserReferenceDto labUser,
+            PathogenTestResultType testResult,
+            String testResultText,
+            boolean verified,
+            Consumer<PathogenTestDto> extraConfig) {
+
+        PathogenTestDto sampleTest = PathogenTestDto.build(sample, labUser);
+        sampleTest.setTestedDisease(testedDisease);
+        sampleTest.setTestType(testType);
+        sampleTest.setTestDateTime(testDateTime);
+        sampleTest.setLab(lab != null ? beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()) : null);
+        sampleTest.setTestResult(testResult);
+        sampleTest.setTestResultText(testResultText);
+        sampleTest.setTestResultVerified(verified);
+
+        if (extraConfig != null) {
+            extraConfig.accept(sampleTest);
+        }
+
+        sampleTest = beanTest.getPathogenTestFacade().savePathogenTest(sampleTest);
+        return sampleTest;
+    }
+
+    public PathogenTestDto createPathogenTest(
+            EnvironmentSampleReferenceDto sample,
+            PathogenTestType testType,
+            Pathogen testedPathogen,
+            FacilityReferenceDto lab,
+            UserReferenceDto labUser,
+            PathogenTestResultType testResult,
+            Consumer<PathogenTestDto> extraConfig) {
+
+        PathogenTestDto sampleTest = PathogenTestDto.build(sample, labUser);
+        sampleTest.setTestType(testType);
+        sampleTest.setLab(lab);
+        sampleTest.setTestedPathogen(testedPathogen);
+        sampleTest.setTestResult(testResult);
+        sampleTest.setTestResultVerified(true);
+        sampleTest.setTestDateTime(new Date());
+
+        if (extraConfig != null) {
+            extraConfig.accept(sampleTest);
+        }
+
+        sampleTest = beanTest.getPathogenTestFacade().savePathogenTest(sampleTest);
+        return sampleTest;
+    }
+
+    public PathogenTestDto createPathogenTest(
+            SampleReferenceDto sample,
+            PathogenTestType testType,
+            Disease testedDisease,
+            Date testDateTime,
+            FacilityReferenceDto lab,
+            UserReferenceDto labUser,
+            PathogenTestResultType testResult,
+            String testResultText,
+            boolean verified,
+            Consumer<PathogenTestDto> extraConfig) {
+
+        PathogenTestDto sampleTest = PathogenTestDto.build(sample, labUser);
+        sampleTest.setTestedDisease(testedDisease);
+        sampleTest.setTestType(testType);
+        sampleTest.setTestDateTime(testDateTime);
+        sampleTest.setLab(lab);
+        sampleTest.setTestResult(testResult);
+        sampleTest.setTestResultText(testResultText);
+        sampleTest.setTestResultVerified(verified);
+
+        if (extraConfig != null) {
+            extraConfig.accept(sampleTest);
+        }
+
+        sampleTest = beanTest.getPathogenTestFacade().savePathogenTest(sampleTest);
+        return sampleTest;
+    }
+
+    public PathogenTestDto createPathogenTest(CaseDataDto associatedCase, PathogenTestType testType, PathogenTestResultType resultType) {
+        return createPathogenTest(associatedCase, Disease.CORONAVIRUS, testType, resultType);
+    }
+
+    public PathogenTestDto createPathogenTest(SampleReferenceDto sample, CaseDataDto associatedCase) {
+        RDCF rdcf = createRDCF("LabRegion", "LabDistrict", "LabCommunity", "LabFacilty");
+
+        return createPathogenTest(
+                sample,
+                PathogenTestType.ANTIGEN_DETECTION,
+                associatedCase.getDisease(),
+                new Date(),
+                rdcf.facility,
+                associatedCase.getReportingUser(),
+                PathogenTestResultType.PENDING,
+                "",
+                false);
+    }
+
+    public PathogenTestDto createPathogenTest(
+            CaseDataDto associatedCase,
+            Disease testedDisease,
+            PathogenTestType testType,
+            PathogenTestResultType resultType) {
+
+        RDCF rdcf = createRDCF("Region", "District", "Community", "Facility");
+        SampleDto sample = createSample(
+                new CaseReferenceDto(associatedCase.getUuid()),
+                new Date(),
+                new Date(),
+                associatedCase.getReportingUser(),
+                SampleMaterial.BLOOD,
+                rdcf.facility);
+        return createPathogenTest(
+                new SampleReferenceDto(sample.getUuid()),
+                testType,
+                testedDisease,
+                new Date(),
+                rdcf.facility,
+                associatedCase.getReportingUser(),
+                resultType,
+                "",
+                true);
+    }
+
+    public PathogenTestDto buildPathogenTestDto(RDCF rdcf, UserDto user, SampleDto sample, Disease disease, Date testDateTime) {
+
+        final PathogenTestDto newPathogenTest = new PathogenTestDto();
+
+        newPathogenTest.setSample(sample.toReference());
+        newPathogenTest.setTestedDisease(disease);
+        newPathogenTest.setTestType(PathogenTestType.ISOLATION);
+
+        newPathogenTest.setTestDateTime(testDateTime);
+        newPathogenTest.setLab(new FacilityReferenceDto(rdcf.facility.getUuid(), null, null));
+        newPathogenTest.setLabUser(user.toReference());
+        newPathogenTest.setTestResult(PathogenTestResultType.PENDING);
+        newPathogenTest.setTestResultText("all bad!");
+        newPathogenTest.setTestResultVerified(false);
+        return newPathogenTest;
+    }
+
+    public AdditionalTestDto createAdditionalTest(SampleReferenceDto sample) {
+
+        AdditionalTestDto test = AdditionalTestDto.build(sample);
+        test.setTestDateTime(new Date());
+
+        test = beanTest.getAdditionalTestFacade().saveAdditionalTest(test);
+        return test;
+    }
+
+    public ExposureDto buildAnimalContactExposure(TypeOfAnimal typeOfAnimal) {
+
+        ExposureDto exposure = ExposureDto.build(ExposureType.ANIMAL_CONTACT);
+        exposure.setTypeOfAnimal(typeOfAnimal);
+        return exposure;
+    }
+
+    public CampaignDto createCampaign(UserDto user) {
+
+        CampaignDto campaign = CampaignDto.build();
+        campaign.setCreatingUser(user.toReference());
+        campaign.setName("CampaignName");
+        campaign.setDescription("Campaign description");
+
+        campaign = beanTest.getCampaignFacade().save(campaign);
+
+        return campaign;
+    }
+
+    public CampaignDiagramDefinitionDto createCampaignDiagramDefinition(String diagramId, String diagramCaption) {
+        CampaignDiagramDefinitionDto campaignDiagramDefinition = CampaignDiagramDefinitionDto.build();
+        campaignDiagramDefinition.setDiagramType(DiagramType.COLUMN);
+        campaignDiagramDefinition.setDiagramId(diagramId);
+        campaignDiagramDefinition.setDiagramCaption(diagramCaption);
+
+        return campaignDiagramDefinition;
+    }
+
+    public CampaignFormMetaDto createCampaignForm(CampaignDto campaign) throws IOException {
+
+        CampaignFormMetaDto campaignForm;
+
+        String schema =
+                "[{\"type\": \"text\",\"id\": \"teamNumber\",\"caption\": \"Team number\",\"styles\": [\"first\"]},{\"type\": \"text\",\"id\": "
+                        + "\"namesOfTeamMembers\",\"caption\": \"Names of team members\",\"styles\": [\"col-8\"]},{\"type\": \"text\",\"id\": "
+                        + "\"monitorName\",\"caption\": \"Name of monitor\",\"styles\": [\"first\"]},{\"type\": \"text\",\"id\": \"agencyName\",\"caption\": "
+                        + "\"Agency\"},{\"type\": \"section\",\"id\": \"questionsSection\"},{\"type\": \"label\",\"id\": \"questionsLabel\",\"caption\": \"<h2>Questions</h2>\"}"
+                        + ",{\"type\": \"yes-no\",\"id\": \"oneMemberResident\",\"caption\": \"1) At least one team member is resident of same area (villages)?\"},{\"type\": "
+                        + "\"yes-no\",\"id\": \"vaccinatorsTrained\",\"caption\": \"2) Both vaccinators trained before this campaign?\"},{\"type\": \"section\","
+                        + " \"id\": \"questionsSection2\"},{\"type\": \"label\",\"id\": \"q8To12Label\",\"caption\": \"Q 8-12: Based on observation of team only.\"},"
+                        + "{\"type\": \"yes-no\",\"id\": \"askingAboutMonthOlds\",\"caption\": \"8) Is team specially asking about 0-11 months children?\"},"
+                        + "{\"type\": \"section\", \"id\": \"questionsSection3\"},{\"type\": \"yes-no\",\"id\": \"atLeastOneMemberChw\","
+                        + "\"caption\": \"13) Is at least one member of the team CHW?\"},{\"type\": \"number\",\"id\": "
+                        + "\"numberOfChw\",\"caption\": \"No. of CHW\",\"styles\": [\"row\"],\"dependingOn\": \"atLeastOneMemberChw\",\"dependingOnValues\": [\"YES\"]},"
+                        + "{\"type\": \"yes-no\",\"id\": \"anyMemberFemale\",\"caption\": \"14) Is any member of the team female?\"},{\"type\": \"yes-no\","
+                        + "\"id\": \"accompaniedBySocialMobilizer\",\"caption\": \"15) Does social mobilizer accompany the vaccination team in the field?\"},"
+                        + "{\"type\": \"text\",\"id\": \"comments\",\"caption\": \"Comments\",\"styles\": [\"col-12\"]}]";
+        String translations =
+                "[{\"languageCode\": \"de-DE\", \"translations\": [{\"elementId\": \"teamNumber\", \"caption\": \"Teamnummer\"}, {\"elementId\": \"namesOfTeamMembers\","
+                        + " \"caption\": \"Namen der Teammitglieder\"}]}, {\"languageCode\": \"fr-FR\", \"translations\": [{\"elementId\": \"teamNumber\", "
+                        + "\"caption\": \"Numéro de l'équipe\"}]}]";
+
+        campaignForm = beanTest.getCampaignFormFacade().buildCampaignFormMetaFromJson("testForm", null, schema, translations);
+
+        campaignForm = beanTest.getCampaignFormFacade().saveCampaignFormMeta(campaignForm);
+
+        return campaignForm;
+    }
+
+    public String getCampaignFormData() {
+        return "[{\"id\": \"teamNumber\",\"value\": \"12\"},{\"id\": \"namesOfTeamMembers\", \"value\": \"Waldemar Stricker\"},"
+                + "{\"id\": \"monitorName\", \"value\": \"Josef Saks\"},{\"id\": \"agencyName\",\"value\": \"HZI Institut\"},"
+                + "{\"id\": \"oneMemberResident\", \"value\": \"yes\"},{\"id\": \"vaccinatorsTrained\",\"value\": \"no\"},"
+                + "{\"id\": \"askingAboutMonthOlds\",\"value\": \"yes\"},{\"id\": \"atLeastOneMemberChw\",\"value\": \"yes\"},"
+                + "{\"id\": \"numberOfChw\",\"value\": \"7\"},{\"id\": \"anyMemberFemale\",\"value\": \"yes\"},{\"id\": \"accompaniedBySocialMobilizer\",\"value\": \"no\"},"
+                + "{\"id\": \"comments\",\"value\": \"other comments\"}]";
+    }
+
+    public CampaignFormDataDto buildCampaignFormDataDto(CampaignDto campaign, CampaignFormMetaDto campaignForm, RDCF rdcf, String formData) {
+        CampaignReferenceDto campaignReferenceDto = new CampaignReferenceDto(campaign.getUuid());
+        CampaignFormMetaReferenceDto campaignFormMetaReferenceDto = new CampaignFormMetaReferenceDto(campaignForm.getUuid());
+
+        CampaignFormDataDto campaignFormData =
+                CampaignFormDataDto.build(campaignReferenceDto, campaignFormMetaReferenceDto, rdcf.region, rdcf.district, rdcf.community);
+
+        try {
+            ObjectMapper mapper = new ObjectMapper();
+            campaignFormData.setFormValues(Arrays.asList(mapper.readValue(formData, CampaignFormDataEntry[].class)));
+            return campaignFormData;
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    public CampaignFormDataDto createCampaignFormData(CampaignDto campaign, CampaignFormMetaDto campaignForm, RDCF rdcf, String formData) {
+
+        CampaignFormDataDto campaignFormData = buildCampaignFormDataDto(campaign, campaignForm, rdcf, formData);
+
+        campaignFormData = beanTest.getCampaignFormDataFacade().saveCampaignFormData(campaignFormData);
+
+        return campaignFormData;
+    }
+
+    public RDCF createRDCF() {
+        return createRDCF("Region", "District", "Community", "Facility", FacilityType.HOSPITAL, "PointOfEntry", false);
+    }
+
+    public RDCF createRDCF(boolean deafultRdcf) {
+        return createRDCF("Region", "District", "Community", "Facility", FacilityType.HOSPITAL, "PointOfEntry", false, deafultRdcf);
+    }
+
+    public RDCF createRDCF(String regionName, String districtName, String communityName, String facilityName) {
+        return createRDCF(regionName, districtName, communityName, facilityName, FacilityType.HOSPITAL, null, false);
+    }
+
+    public RDCF createRDCF(String regionName, String districtName, String communityName, String facilityName, String pointOfEntryName) {
+        return createRDCF(regionName, districtName, communityName, facilityName, FacilityType.HOSPITAL, pointOfEntryName, false);
+    }
+
+    public RDCF createRDCF(
+            String regionName,
+            String districtName,
+            String communityName,
+            String facilityName,
+            FacilityType facilityType,
+            String pointOfEntryName,
+            boolean withExternalIds) {
+        return createRDCF(regionName, districtName, communityName, facilityName, facilityType, pointOfEntryName, withExternalIds, false);
+    }
+
+    public RDCF createRDCF(
+            String regionName,
+            String districtName,
+            String communityName,
+            String facilityName,
+            FacilityType facilityType,
+            String pointOfEntryName,
+            boolean withExternalIds,
+            boolean defaultRdcf) {
+
+        Region region = createRegion(regionName, withExternalIds ? regionName + "_externalId" : null, defaultRdcf);
+        District district = createDistrict(districtName, region, withExternalIds ? districtName + "_externalId" : null, defaultRdcf);
+        Community community = createCommunity(communityName, district, withExternalIds ? communityName + "_externalId" : null, defaultRdcf);
+        Facility facility =
+                createFacility(facilityName, facilityType, region, district, community, withExternalIds ? facilityName + "_externalId" : null);
+
+        PointOfEntry pointOfEntry = null;
+        if (pointOfEntryName != null) {
+            pointOfEntry = createPointOfEntry(pointOfEntryName, region, district);
+        }
+
+        return new RDCF(
+                new RegionReferenceDto(region.getUuid(), region.getName(), region.getExternalID()),
+                new DistrictReferenceDto(district.getUuid(), district.getName(), district.getExternalID()),
+                new CommunityReferenceDto(community.getUuid(), community.getName(), community.getExternalID()),
+                new FacilityReferenceDto(facility.getUuid(), facility.getName(), facility.getExternalID()),
+                pointOfEntry != null
+                        ? new PointOfEntryReferenceDto(
+                        pointOfEntry.getUuid(),
+                        pointOfEntry.getName(),
+                        pointOfEntry.getPointOfEntryType(),
+                        pointOfEntry.getExternalID())
+                        : null);
+    }
+
+    public RDCFEntities createRDCFEntities() {
+        return createRDCFEntities("Region", "District", "Community", "Facility");
+    }
+
+    public RDCFEntities createRDCFEntities(String regionName, String districtName, String communityName, String facilityName) {
+
+        Region region = createRegion(regionName);
+        District district = createDistrict(districtName, region);
+        Community community = createCommunity(communityName, district);
+        Facility facility = createFacility(facilityName, region, district, community);
+
+        return new RDCFEntities(region, district, community, facility);
+    }
+
+    public RDP createRDP() {
+
+        var region = createRegion("Region");
+        var district = createDistrict("District", region);
+        var pointOfEntry = createPointOfEntry("POE", region, district);
+
+        return new RDP(
+                new RegionReferenceDto(region.getUuid(), region.getName(), region.getExternalID()),
+                new DistrictReferenceDto(district.getUuid(), district.getName(), district.getExternalID()),
+                new PointOfEntryReferenceDto(
+                        pointOfEntry.getUuid(),
+                        pointOfEntry.getName(),
+                        pointOfEntry.getPointOfEntryType(),
+                        pointOfEntry.getExternalID()));
+    }
+
+    public Continent createContinent(String name) {
+        Continent continent = new Continent();
+        continent.setUuid(DataHelper.createUuid());
+        continent.setDefaultName(name);
+        beanTest.getContinentService().persist(continent);
+
+        return continent;
+    }
+
+    public Country createCountry(String countryName, String isoCode, String unoCode) {
+        Country country = new Country();
+        country.setUuid(DataHelper.createUuid());
+        country.setDefaultName(countryName);
+        country.setIsoCode(isoCode);
+        country.setUnoCode(unoCode);
+        beanTest.getCountryService().persist(country);
+
+        return country;
+    }
+
+    public Region createRegion(String regionName) {
+        return createRegion(regionName, null, false);
+    }
+
+    public Region createRegion(String regionName, String externalId, boolean deafultRegion) {
+        Region region = getRegion(regionName, externalId);
+        region.setDefaultInfrastructure(deafultRegion);
+        beanTest.getRegionService().persist(region);
+        return region;
+    }
+
+    public Region createRegionCentrally(String regionName, String externalId) {
+        Region region = getRegion(regionName, externalId);
+        region.setCentrallyManaged(true);
+        beanTest.getRegionService().persist(region);
+        return region;
+    }
+
+    @NotNull
+    private Region getRegion(String regionName, String externalId) {
+        Region region = new Region();
+        region.setUuid(DataHelper.createUuid());
+        region.setName(regionName);
+        region.setEpidCode("COU-REG");
+        region.setExternalID(externalId);
+        return region;
+    }
+
+    public District createDistrict(String districtName, Region region) {
+        return createDistrict(districtName, region, null, false);
+    }
+
+    public District createDistrict(String districtName, Region region, String externalId, boolean defaultDistrict) {
+        District district = getDistrict(districtName, region, externalId);
+        district.setDefaultInfrastructure(defaultDistrict);
+        beanTest.getDistrictService().persist(district);
+        return district;
+    }
+
+    public District createDistrictCentrally(String districtName, Region region, String externalId) {
+        District district = getDistrict(districtName, region, externalId);
+        district.setCentrallyManaged(true);
+        beanTest.getDistrictService().persist(district);
+        return district;
+    }
+
+    @NotNull
+    private District getDistrict(String districtName, Region region, String externalId) {
+        District district = new District();
+        district.setUuid(DataHelper.createUuid());
+        district.setName(districtName);
+        district.setRegion(region);
+        district.setEpidCode("DIS");
+        district.setExternalID(externalId);
+        return district;
+    }
+
+    public Community createCommunity(String communityName, District district) {
+        return createCommunity(communityName, district, null, false);
+    }
+
+    public Community createCommunity(String communityName, District district, String externalId, boolean defaultCommunity) {
+        Community community = getCommunity(communityName, district, externalId);
+        community.setDefaultInfrastructure(defaultCommunity);
+        beanTest.getCommunityService().persist(community);
+        return community;
+    }
+
+    public Community createCommunityCentrally(String communityName, District district, String externalId) {
+        Community community = getCommunity(communityName, district, externalId);
+        community.setCentrallyManaged(true);
+        beanTest.getCommunityService().persist(community);
+        return community;
+
+    }
+
+    @NotNull
+    private Community getCommunity(String communityName, District district, String externalId) {
+        Community community = new Community();
+        community.setUuid(DataHelper.createUuid());
+        community.setName(communityName);
+        community.setDistrict(district);
+        community.setExternalID(externalId);
+        return community;
+    }
+
+    public CommunityDto createCommunity(String communityName, DistrictReferenceDto district) {
+        CommunityDto community = CommunityDto.build();
+        community.setName(communityName);
+        community.setDistrict(district);
+        beanTest.getCommunityFacade().save(community);
+        return community;
+    }
+
+    public Facility createFacility(String facilityName, Region region, District district, Community community) {
+        return createFacility(facilityName, FacilityType.HOSPITAL, region, district, community);
+    }
+
+    public Facility createFacility(String facilityName, FacilityType type, Region region, District district, Community community) {
+        return createFacility(facilityName, type, region, district, community, null);
+    }
+
+    public Facility createFacility(String facilityName, FacilityType type, Region region, District district, Community community, String externalId) {
+        Facility facility = new Facility();
+        facility.setUuid(DataHelper.createUuid());
+        facility.setName(facilityName);
+        facility.setCommunity(community);
+        facility.setDistrict(district);
+        facility.setRegion(region);
+        facility.setType(type);
+        facility.setExternalID(externalId);
+
+        beanTest.getFacilityService().persist(facility);
+
+        return facility;
+    }
+
+    public FacilityDto createFacility(
+            String facilityName,
+            RegionReferenceDto region,
+            DistrictReferenceDto district,
+            CommunityReferenceDto community) {
+        return createFacility(facilityName, region, district, community, null);
+    }
+
+    public FacilityDto createFacility(
+            String facilityName,
+            RegionReferenceDto region,
+            DistrictReferenceDto district,
+            CommunityReferenceDto community,
+            FacilityType type) {
+
+        FacilityDto facility = FacilityDto.build();
+        facility.setName(facilityName);
+        facility.setType(type == null ? FacilityType.HOSPITAL : type);
+        facility.setCommunity(community);
+        facility.setDistrict(district);
+        facility.setRegion(region);
+        beanTest.getFacilityFacade().save(facility);
+        return facility;
+    }
+
+    public FacilityDto createFacility(
+            String facilityName,
+            RegionReferenceDto region,
+            DistrictReferenceDto district,
+            Consumer<FacilityDto> extraConfig) {
+
+        FacilityDto facility = FacilityDto.build();
+        facility.setName(facilityName);
+        facility.setRegion(region);
+        facility.setDistrict(district);
+        facility.setType(FacilityType.HOSPITAL);
+
+        if (extraConfig != null) {
+            extraConfig.accept(facility);
+        }
+
+        beanTest.getFacilityFacade().save(facility);
+        return facility;
+    }
+
+    public PointOfEntry createPointOfEntry(String pointOfEntryName, Region region, District district) {
+        return createPointOfEntry(pointOfEntryName, region, district, null);
+    }
+
+    public PointOfEntry createPointOfEntry(String pointOfEntryName, Region region, District district, String externalId) {
+        PointOfEntry pointOfEntry = new PointOfEntry();
+        pointOfEntry.setUuid(DataHelper.createUuid());
+        pointOfEntry.setPointOfEntryType(PointOfEntryType.AIRPORT);
+        pointOfEntry.setName(pointOfEntryName);
+        pointOfEntry.setDistrict(district);
+        pointOfEntry.setRegion(region);
+        pointOfEntry.setExternalID(externalId);
+
+        beanTest.getPointOfEntryService().persist(pointOfEntry);
+
+        return pointOfEntry;
+    }
+
+    public PointOfEntryDto createPointOfEntry(String pointOfEntryName, RegionReferenceDto region, DistrictReferenceDto district) {
+        PointOfEntryDto pointOfEntry = PointOfEntryDto.build();
+        pointOfEntry.setUuid(DataHelper.createUuid());
+        pointOfEntry.setPointOfEntryType(PointOfEntryType.AIRPORT);
+        pointOfEntry.setName(pointOfEntryName);
+        pointOfEntry.setDistrict(district);
+        pointOfEntry.setRegion(region);
+        beanTest.getPointOfEntryFacade().save(pointOfEntry);
+
+        return pointOfEntry;
+    }
+
+    public PopulationDataDto createPopulationData(RegionReferenceDto region, DistrictReferenceDto district, Integer population, Date collectionDate) {
+        PopulationDataDto populationData = PopulationDataDto.build(collectionDate);
+        populationData.setRegion(region);
+        populationData.setDistrict(district);
+        populationData.setPopulation(population);
+        beanTest.getPopulationDataFacade().savePopulationData(Arrays.asList(populationData));
+        return populationData;
+    }
+
+    public void updateDiseaseConfiguration(
+            Disease disease,
+            Boolean active,
+            Boolean primary,
+            Boolean caseSurveillance,
+            Boolean aggregateReporting,
+            List<String> ageGroups) {
+        updateDiseaseConfiguration(disease, active, primary, caseSurveillance, aggregateReporting, ageGroups, null);
+    }
+
+    public void updateDiseaseConfiguration(
+            Disease disease,
+            Boolean active,
+            Boolean primary,
+            Boolean caseSurveillance,
+            Boolean aggregateReporting,
+            List<String> ageGroups,
+            Integer automaticSampleAssignmentThreshold) {
+        DiseaseConfigurationDto config =
+                DiseaseConfigurationFacadeEjbLocal.toDto(beanTest.getDiseaseConfigurationService().getDiseaseConfiguration(disease));
+        config.setActive(active);
+        config.setPrimaryDisease(primary);
+        config.setCaseSurveillanceEnabled(caseSurveillance);
+        config.setAggregateReportingEnabled(aggregateReporting);
+        config.setAgeGroups(ageGroups);
+        config.setAutomaticSampleAssignmentThreshold(automaticSampleAssignmentThreshold);
+        beanTest.getDiseaseConfigurationFacade().saveDiseaseConfiguration(config);
+    }
+
+    public DocumentDto createDocument(
+            UserReferenceDto uploadingUser,
+            String name,
+            String contentType,
+            long size,
+            EventReferenceDto event,
+            byte[] content)
+            throws IOException {
+        return createDocument(uploadingUser, name, contentType, size, DocumentRelatedEntityType.EVENT, event.getUuid(), content);
+    }
+
+    public DocumentDto createDocument(
+            UserReferenceDto uploadingUser,
+            String name,
+            String contentType,
+            long size,
+            DocumentRelatedEntityType relatedEntityType,
+            String relatedEntityUuid,
+            byte[] content)
+            throws IOException {
+        DocumentDto document = DocumentDto.build();
+        document.setUploadingUser(uploadingUser);
+        document.setName(name);
+        document.setMimeType(contentType);
+        document.setSize(size);
+        DocumentRelatedEntityDto documentRelatedEntities = DocumentRelatedEntityDto.build(relatedEntityType, relatedEntityUuid);
+
+        return beanTest.getDocumentFacade().saveDocument(document, content, Collections.singletonList(documentRelatedEntities));
+    }
+
+    public ExportConfigurationDto createExportConfiguration(String name, ExportType exportType, Set<String> properites, UserReferenceDto user) {
+        ExportConfigurationDto exportConfiguration = ExportConfigurationDto.build(user, exportType);
+        exportConfiguration.setName(name);
+        exportConfiguration.setProperties(properites);
+
+        beanTest.getExportFacade().saveExportConfiguration(exportConfiguration);
+
+        return exportConfiguration;
+    }
+
+    public SystemEventDto createSystemEvent(SystemEventType type, Date startDate, SystemEventStatus status) {
+        return createSystemEvent(type, startDate, new Date(startDate.getTime() + 1000), status, "Generated for test purposes");
+    }
+
+    public SystemEventDto createSystemEvent(SystemEventType type, Date startDate, Date endDate, SystemEventStatus status, String additionalInfo) {
+        SystemEventDto systemEvent = SystemEventDto.build();
+        systemEvent.setType(type);
+        systemEvent.setStartDate(startDate);
+        systemEvent.setEndDate(endDate);
+        systemEvent.setStatus(status);
+        systemEvent.setAdditionalInfo(additionalInfo);
+        return systemEvent;
+    }
+
+    public ExternalMessageDto createExternalMessage(Consumer<ExternalMessageDto> customSettings) {
+        ExternalMessageDto message = ExternalMessageDto.build();
+
+        if (customSettings != null) {
+            customSettings.accept(message);
+        }
+
+        beanTest.getExternalMessageFacade().save(message);
+
+        return message;
+    }
+
+    public ExternalMessageDto createLabMessageWithTestReportAndSurveillanceReport(
+            UserReferenceDto user,
+            CaseReferenceDto caze,
+            SampleReferenceDto sample) {
+        SurveillanceReportDto surveillanceReportDto = createSurveillanceReport(user, ReportingType.LABORATORY, caze);
+        ExternalMessageDto labMessage = createExternalMessage(lm -> {
+            lm.setType(ExternalMessageType.LAB_MESSAGE);
+            lm.setSurveillanceReport(surveillanceReportDto.toReference());
+            lm.setStatus(ExternalMessageStatus.PROCESSED);
+        });
+        SampleReportDto sampleReport = createSampleReport(labMessage, sample);
+        createTestReport(sampleReport);
+        return labMessage;
+
+    }
+
+    public ExternalMessageDto createLabMessageWithSurveillanceReport(UserReferenceDto user, CaseReferenceDto caze) {
+        SurveillanceReportDto surveillanceReportDto = createSurveillanceReport(user, ReportingType.LABORATORY, caze);
+        ExternalMessageDto labMessage = createExternalMessage(lm -> {
+            lm.setType(ExternalMessageType.LAB_MESSAGE);
+            lm.setSurveillanceReport(surveillanceReportDto.toReference());
+            lm.setStatus(ExternalMessageStatus.PROCESSED);
+        });
+
+        return labMessage;
+
+    }
+
+    public ExternalMessageDto createLabMessageWithTestReport(SampleReferenceDto sample) {
+        ExternalMessageDto labMessage = createExternalMessage(lm -> lm.setType(ExternalMessageType.LAB_MESSAGE));
+        SampleReportDto sampleReport = createSampleReport(labMessage, sample);
+        createTestReport(sampleReport);
+        return labMessage;
+
+    }
+
+    public SampleReportDto createSampleReport(ExternalMessageDto labMessage, SampleReferenceDto sample) {
+        SampleReportDto sampleReport = createSampleReport(labMessage);
+        sampleReport.setSample(sample);
+        sampleReport.setChangeDate(new Date());
+        beanTest.getSampleReportFacade().saveSampleReport(sampleReport);
+        return sampleReport;
+    }
+
+    public SampleReportDto createSampleReport(ExternalMessageDto labMessage) {
+        SampleReportDto sampleReport = SampleReportDto.build();
+        labMessage.addSampleReport(sampleReport);
+        beanTest.getSampleReportFacade().saveSampleReport(sampleReport);
+        labMessage.setChangeDate(new Date());
+        beanTest.getExternalMessageFacade().save(labMessage);
+        return sampleReport;
+    }
+
+    public TestReportDto createTestReport(SampleReportDto sampleReport) {
+        TestReportDto testReport = TestReportDto.build();
+        sampleReport.addTestReport(testReport);
+
+        beanTest.getTestReportFacade().saveTestReport(testReport);
+        sampleReport.setChangeDate(new Date());
+        beanTest.getSampleReportFacade().saveSampleReport(sampleReport);
+
+        return testReport;
+    }
+
+    public DiseaseVariant createDiseaseVariant(String name, Disease disease) {
+
+        CustomizableEnumValue diseaseVariant = new CustomizableEnumValue();
+        diseaseVariant.setDataType(CustomizableEnumType.DISEASE_VARIANT);
+        diseaseVariant.setValue("BF.1.2");
+        Set<Disease> diseases = new HashSet<>();
+        diseases.add(disease);
+        diseaseVariant.setDiseases(diseases);
+        diseaseVariant.setCaption(name + " variant");
+        diseaseVariant.setActive(true);
+
+        beanTest.getCustomizableEnumValueService().ensurePersisted(diseaseVariant);
+
+        return beanTest.getCustomizableEnumFacade().getEnumValue(CustomizableEnumType.DISEASE_VARIANT, name);
+    }
+
+    public Pathogen createPathogen(String value, String caption) {
+
+        CustomizableEnumValue pathogen = new CustomizableEnumValue();
+        pathogen.setDataType(CustomizableEnumType.PATHOGEN);
+        pathogen.setValue(value);
+        pathogen.setCaption(caption);
+        pathogen.setActive(true);
+
+        beanTest.getCustomizableEnumValueService().ensurePersisted(pathogen);
+
+        beanTest.getCustomizableEnumFacade().loadData();
+
+        return beanTest.getCustomizableEnumFacade().getEnumValue(CustomizableEnumType.PATHOGEN, value);
+    }
+
+    public ExternalShareInfo createExternalShareInfo(
+            CaseReferenceDto caze,
+            UserReferenceDto sender,
+            ExternalShareStatus status,
+            Consumer<ExternalShareInfo> customConfig) {
+        ExternalShareInfo shareInfo = new ExternalShareInfo();
+        shareInfo.setUuid(DataHelper.createUuid());
+        shareInfo.setCaze(beanTest.getCaseService().getByUuid(caze.getUuid()));
+        shareInfo.setSender(beanTest.getUserService().getByUuid(sender.getUuid()));
+        shareInfo.setStatus(status);
+
+        if (customConfig != null) {
+            customConfig.accept(shareInfo);
+        }
+
+        beanTest.getExternalShareInfoService().ensurePersisted(shareInfo);
+
+        return shareInfo;
+    }
+
+    public ExternalShareInfo createExternalShareInfo(EventReferenceDto event, UserReferenceDto sender, ExternalShareStatus status) {
+        ExternalShareInfo shareInfo = new ExternalShareInfo();
+        shareInfo.setUuid(DataHelper.createUuid());
+        shareInfo.setEvent(beanTest.getEventService().getByUuid(event.getUuid()));
+        shareInfo.setSender(beanTest.getUserService().getByUuid(sender.getUuid()));
+        shareInfo.setStatus(status);
+
+        beanTest.getExternalShareInfoService().ensurePersisted(shareInfo);
+
+        return shareInfo;
+    }
+
+    /**
+     * Creates a list with {@code count} values of type {@code T}.
+     * The list index is given to the {@code valueSupplier} for each value to create.
+     */
+    public static <T> List<T> createValuesList(int count, Function<Integer, T> valueSupplier) {
+
+        List<T> values = new ArrayList<>(count);
+        for (int i = 0; i < count; i++) {
+            values.add(valueSupplier.apply(i));
+        }
+        return values;
+    }
+
+    public SormasToSormasOriginInfoDto createSormasToSormasOriginInfo(
+            String serverId,
+            boolean ownershipHandedOver,
+            Consumer<SormasToSormasOriginInfoDto> extraConfig) {
+        SormasToSormasOriginInfoDto originInfo = new SormasToSormasOriginInfoDto();
+        originInfo.setUuid(DataHelper.createUuid());
+        originInfo.setSenderName("Test Name");
+        originInfo.setSenderEmail("test@email.com");
+        originInfo.setOrganizationId(serverId);
+        originInfo.setOwnershipHandedOver(ownershipHandedOver);
+
+        if (extraConfig != null) {
+            extraConfig.accept(originInfo);
+        }
+
+        return beanTest.getSormasToSormasOriginInfoFacade().saveOriginInfo(originInfo);
+    }
+
+    public CaseDataDto createReceivedCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf, boolean ownershipHandedOver) {
+        return createCase(
+                user,
+                person,
+                rdcf,
+                (c) -> c.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", ownershipHandedOver, null)));
+    }
+
+    public CaseDataDto createSharedCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf, boolean ownershipHandedOver) {
+        CaseDataDto caze = createCase(user, person, rdcf, null);
+
+        createShareRequestInfo(
+                ShareRequestDataType.CASE,
+                beanTest.getUserService().getByReferenceDto(user),
+                "target_id",
+                ownershipHandedOver,
+                ShareRequestStatus.ACCEPTED,
+                (s) -> s.setCaze(beanTest.getCaseService().getByReferenceDto(caze.toReference())));
+
+        return caze;
+    }
+
+    public ContactDto createReceivedContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, boolean ownershipHandedOver) {
+        return createContact(
+                reportingUser,
+                contactPerson,
+                Disease.CORONAVIRUS,
+                (c) -> c.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", ownershipHandedOver, null)));
+    }
+
+    public ContactDto createSharedContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, boolean ownershipHandedOver) {
+        ContactDto contact = createContact(reportingUser, contactPerson, Disease.CORONAVIRUS);
+        createShareRequestInfo(
+                ShareRequestDataType.CONTACT,
+                beanTest.getUserService().getByReferenceDto(reportingUser),
+                "target_id",
+                ownershipHandedOver,
+                ShareRequestStatus.ACCEPTED,
+                (s) -> s.setContact(beanTest.getContactService().getByReferenceDto(contact.toReference())));
+
+        return contact;
+    }
+
+    public EventParticipantDto createReceivedEventParticipant(PersonDto eventPerson, UserReferenceDto reportingUser, RDCF rdcf) {
+        return createEventParticipant(createEvent(reportingUser).toReference(), eventPerson, "Test involvment", reportingUser, e -> {
+            e.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", true, null));
+        }, rdcf);
+    }
+
+    public ImmunizationDto createReceivedImmunization(PersonReferenceDto person, UserReferenceDto reportingUser, RDCF rdcf) {
+        return createImmunization(Disease.CORONAVIRUS, person, reportingUser, rdcf, i -> {
+            i.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", true, null));
+        });
+    }
+
+    public ShareRequestInfo createShareRequestInfo(
+            ShareRequestDataType dataType,
+            User sender,
+            String serverId,
+            boolean ownershipHandedOver,
+            ShareRequestStatus status,
+            Consumer<SormasToSormasShareInfo> setTarget) {
+
+        SormasToSormasShareInfo shareInfo = new SormasToSormasShareInfo();
+        shareInfo.setOwnershipHandedOver(ownershipHandedOver);
+        shareInfo.setOrganizationId(serverId);
+        setTarget.accept(shareInfo);
+
+        ShareRequestInfo requestInfo = new ShareRequestInfo();
+        requestInfo.setUuid(DataHelper.createUuid());
+        requestInfo.setDataType(dataType);
+        requestInfo.setSender(sender);
+        requestInfo.setRequestStatus(status);
+        requestInfo.setShares(new ArrayList<>());
+        requestInfo.getShares().add(shareInfo);
+
+        beanTest.getShareRequestInfoService().persist(requestInfo);
+
+        return requestInfo;
+    }
+
+    public EnvironmentDto createEnvironment(
+            String name,
+            EnvironmentMedia environmentMedia,
+            UserReferenceDto reportingUser,
+            RDCF rdcf,
+            Consumer<EnvironmentDto> extraConfig) {
+        EnvironmentDto environment = EnvironmentDto.build();
+        environment.setEnvironmentName(name);
+        environment.setEnvironmentMedia(environmentMedia);
+        environment.setReportDate(new Date());
+        environment.setReportingUser(reportingUser);
+
+        LocationDto location = environment.getLocation();
+        location.setLongitude(1.0);
+        location.setLatitude(1.0);
+        if (rdcf != null) {
+            location.setRegion(rdcf.region);
+            location.setDistrict(rdcf.district);
+            location.setCommunity(rdcf.community);
+        }
+
+        if (extraConfig != null) {
+            extraConfig.accept(environment);
+        }
+
+        environment = beanTest.getEnvironmentFacade().save(environment);
+
+        return environment;
+
+    }
+
+    public EnvironmentDto createEnvironment(String name, EnvironmentMedia environmentMedia, UserReferenceDto reportingUser, RDCF rdcf) {
+        return createEnvironment(name, environmentMedia, reportingUser, rdcf, null);
+    }
+
+    public EnvironmentSampleDto createEnvironmentSample(
+            EnvironmentReferenceDto environment,
+            UserReferenceDto reportingUser,
+            RDCF rdcf,
+            FacilityReferenceDto lab,
+            @Nullable Consumer<EnvironmentSampleDto> extraConfig) {
+        EnvironmentSampleDto sample = EnvironmentSampleDto.build(environment, reportingUser);
+        sample.setSampleMaterial(EnvironmentSampleMaterial.WATER);
+        sample.getLocation().setRegion(rdcf.region);
+        sample.getLocation().setDistrict(rdcf.district);
+        sample.getLocation().setLatitude(1.0);
+        sample.getLocation().setLongitude(1.0);
+        sample.setLaboratory(lab);
+
+        if (extraConfig != null) {
+            extraConfig.accept(sample);
+        }
+
+        return beanTest.getEnvironmentSampleFacade().save(sample);
+    }
+
+    public SpecialCaseAccessDto createSpecialCaseAccess(
+            CaseReferenceDto caze,
+            UserReferenceDto assignedBy,
+            UserReferenceDto assignedTo,
+            Date endDateTime) {
+        SpecialCaseAccessDto specialCaseAccess = SpecialCaseAccessDto.build(caze, assignedBy);
+        specialCaseAccess.setAssignedTo(assignedTo);
+        specialCaseAccess.setEndDateTime(endDateTime);
+
+        return beanTest.getSpecialCaseAccessFacade().save(specialCaseAccess);
+    }
+
+    /**
+     * @author MartinWahnschaffe
+     * @deprecated Use RDCF instead
+     */
+    @Deprecated
+    public static class RDCFEntities {
+
+        public Region region;
+        public District district;
+        public Community community;
+        public Facility facility;
+
+        public RDCFEntities(Region region, District district, Community community, Facility facility) {
+            this.region = region;
+            this.district = district;
+            this.community = community;
+            this.facility = facility;
+        }
+    }
+
+    public static class RDCF {
+
+        public RegionReferenceDto region;
+        public DistrictReferenceDto district;
+        public CommunityReferenceDto community;
+        public FacilityReferenceDto facility;
+        public PointOfEntryReferenceDto pointOfEntry;
+
+        public RDCF(RegionReferenceDto region, DistrictReferenceDto district, CommunityReferenceDto community, FacilityReferenceDto facility) {
+            this(region, district, community, facility, null);
+        }
+
+        public RDCF(
+                RegionReferenceDto region,
+                DistrictReferenceDto district,
+                CommunityReferenceDto community,
+                FacilityReferenceDto facility,
+                PointOfEntryReferenceDto pointOfEntry) {
+            this.region = region;
+            this.district = district;
+            this.community = community;
+            this.facility = facility;
+            this.pointOfEntry = pointOfEntry;
+        }
+
+        public RDCF(RDCFEntities rdcfEntities) {
+            this.region = new RegionReferenceDto(rdcfEntities.region.getUuid(), rdcfEntities.region.getName(), rdcfEntities.region.getExternalID());
+            this.district =
+                    new DistrictReferenceDto(rdcfEntities.district.getUuid(), rdcfEntities.district.getName(), rdcfEntities.district.getExternalID());
+            this.community =
+                    new CommunityReferenceDto(rdcfEntities.community.getUuid(), rdcfEntities.community.getName(), rdcfEntities.community.getExternalID());
+            this.facility =
+                    new FacilityReferenceDto(rdcfEntities.facility.getUuid(), rdcfEntities.facility.getName(), rdcfEntities.facility.getExternalID());
+        }
+    }
+
+    public static class RDP {
+
+        public RegionReferenceDto region;
+        public DistrictReferenceDto district;
+        public PointOfEntryReferenceDto pointOfEntry;
+
+        public RDP(RegionReferenceDto region, DistrictReferenceDto district, PointOfEntryReferenceDto pointOfEntry) {
+            this.region = region;
+            this.district = district;
+            this.pointOfEntry = pointOfEntry;
+        }
+    }
+
+    public User createTestUser() {
+        User user = new User();
+        user.setUserName("testuser");
+        user.setFirstName("Test");
+        user.setLastName("User");
+        user.setUuid(DataHelper.createUuid());
+        String password = "password";
+        String seed = "seed";
+        String encodedPassword = PasswordHelper.encodePassword(password, seed);
+        user.setPassword(encodedPassword);
+        user.setSeed(seed);
+        user.setActive(true);
+        user.setUserRoles(
+                new HashSet<>(Arrays.asList(
+                        getUserRole(DefaultUserRole.ADMIN),
+                        getUserRole(DefaultUserRole.NATIONAL_USER))));
+
+        beanTest.getUserService().persist(user);
+        return user;
+    }
 
 }
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
index b3ec30f298f..abae3bb81f0 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
@@ -15,13 +15,6 @@
 
 package de.symeda.sormas.backend.environment.environmentsample;
 
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.is;
-
-import org.apache.commons.lang3.NotImplementedException;
-import org.junit.jupiter.api.Assertions;
-import org.junit.jupiter.api.Test;
-
 import de.symeda.sormas.api.environment.EnvironmentDto;
 import de.symeda.sormas.api.environment.EnvironmentMedia;
 import de.symeda.sormas.api.environment.environmentsample.EnvironmentSampleDto;
@@ -31,112 +24,119 @@
 import de.symeda.sormas.api.user.UserDto;
 import de.symeda.sormas.backend.AbstractBeanTest;
 import de.symeda.sormas.backend.TestDataCreator;
+import org.apache.commons.lang3.NotImplementedException;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.is;
 
 public class EnvironmentSampleServiceTest extends AbstractBeanTest {
 
-	@Test
-	public void testJurisdiction() {
-		TestDataCreator.RDCF rdcf1 = creator.createRDCF();
-		FacilityDto lab1 = creator.createFacility("Lab", rdcf1.region, rdcf1.district, rdcf1.community, FacilityType.LABORATORY);
-		UserDto ownerUser = creator.createUser(rdcf1, "Env", "Surv", creator.getUserRoleReference(DefaultUserRole.ENVIRONMENTAL_SURVEILLANCE_USER));
-		EnvironmentDto environment = creator.createEnvironment("Test env", EnvironmentMedia.WATER, ownerUser.toReference(), rdcf1);
-
-		UserDto environmentUser2 =
-			creator.createUser(rdcf1, "Env", "Surv2", creator.getUserRoleReference(DefaultUserRole.ENVIRONMENTAL_SURVEILLANCE_USER));
-
-		TestDataCreator.RDCF rdcf2 = creator.createRDCF();
-
-		UserDto natUser = creator.createUser(rdcf1, "Nat", "User", creator.getUserRoleReference(DefaultUserRole.NATIONAL_USER));
-		UserDto adminUser = creator.createUser(rdcf1, "Admin", "User", creator.getUserRoleReference(DefaultUserRole.ADMIN));
-
-		UserDto survSupUser = creator.createUser(rdcf1, "Surv", "Sup", creator.getUserRoleReference(DefaultUserRole.SURVEILLANCE_SUPERVISOR));
-		UserDto commOffUser = creator.createUser(rdcf1, "Comm", "Off", creator.getUserRoleReference(DefaultUserRole.COMMUNITY_OFFICER));
-		UserDto hospInfUser = creator.createUser(rdcf2, "Hosp", "Inf", creator.getUserRoleReference(DefaultUserRole.HOSPITAL_INFORMANT));
-		UserDto poeInfUser = creator.createUser(rdcf2, "Poe", "Inf", creator.getUserRoleReference(DefaultUserRole.POE_INFORMANT));
-
-		UserDto labUser = creator.createUser(rdcf1, creator.getUserRoleReference(DefaultUserRole.LAB_USER), u -> {
-			u.setFirstName("Lab");
-			u.setLastName("User");
-			u.setUserName("LabUser");
-			u.setLaboratory(lab1.toReference());
-		});
-		FacilityDto lab2 = creator.createFacility("Lab2", rdcf1.region, rdcf1.district, rdcf1.community, FacilityType.LABORATORY);
-		UserDto labUserOtherLab = creator.createUser(rdcf1, creator.getUserRoleReference(DefaultUserRole.LAB_USER), u -> {
-			u.setFirstName("Lab");
-			u.setLastName("User");
-			u.setUserName("LabUser2");
-
-			u.setLaboratory(lab2.toReference());
-		});
-
-		// owners should be able to see all samples
-		loginWith(ownerUser);
-
-		EnvironmentSampleDto sampleDtoRdcf1 =
-			creator.createEnvironmentSample(environment.toReference(), ownerUser.toReference(), rdcf1, lab1.toReference(), s -> {
-				s.getLocation().setCommunity(rdcf1.community);
-			});
-		EnvironmentSample samploRdcf1 = getEnvironmentSampleService().getByUuid(sampleDtoRdcf1.getUuid());
-
-		EnvironmentSampleDto sampleDtoRdcf2 =
-			creator.createEnvironmentSample(environment.toReference(), ownerUser.toReference(), rdcf2, lab1.toReference(), s -> {
-				s.getLocation().setCommunity(rdcf2.community);
-			});
-		EnvironmentSample samploRdcf2 = getEnvironmentSampleService().getByUuid(sampleDtoRdcf2.getUuid());
-
-		// owner should have access to all samples
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(true));
-
-		// user from RDCF1 should have access to sample in RDCF1 but not in RDCF2
-		loginWith(environmentUser2);
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
-
-
-		// national user should have access to all samples
-		loginWith(natUser);
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(true));
-
-		// admin user should have no access to all samples
-		loginWith(adminUser);
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(false));
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(false));
-
-		// surveillance supervisor from RDCF1 should have access to sample in RDCF1 but not in RDCF2
-		loginWith(survSupUser);
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
-
-		// community officer from RDCF1 should have access to sample in RDCF1 but not in RDCF2
-		loginWith(commOffUser);
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
-
-		// hospital informant is not yet supported
-		loginWith(hospInfUser);
-		Assertions.assertThrowsExactly(
-			NotImplementedException.class,
-			() -> getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1),
-			"Facility is not supported for environment samples");
-
-		// point of entry informant is not yet supported
-		loginWith(poeInfUser);
-		Assertions.assertThrowsExactly(
-			NotImplementedException.class,
-			() -> getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1),
-			"Point of entry is not supported for environment samples");
-
-		// lab user from same lab should have access to all samples
-		loginWith(labUser);
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(true));
-
-		// lab user from different lab should have no access to the samples
-		loginWith(labUserOtherLab);
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(false));
-		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
-
-	}
+    @Test
+    public void testJurisdiction() {
+        TestDataCreator.RDCF rdcf1 = creator.createRDCF();
+        FacilityDto lab1 = creator.createFacility("Lab", rdcf1.region, rdcf1.district, rdcf1.community, FacilityType.LABORATORY);
+        UserDto ownerUser = creator.createUser(rdcf1, "Env", "Surv", creator.getUserRoleReference(DefaultUserRole.ENVIRONMENTAL_SURVEILLANCE_USER));
+        EnvironmentDto environment = creator.createEnvironment("Test env", EnvironmentMedia.WATER, ownerUser.toReference(), rdcf1);
+
+        UserDto environmentUser2 =
+                creator.createUser(rdcf1, "Env", "Surv2", creator.getUserRoleReference(DefaultUserRole.ENVIRONMENTAL_SURVEILLANCE_USER));
+
+        TestDataCreator.RDCF rdcf2 = creator.createRDCF();
+
+        UserDto natUser = creator.createUser(rdcf1, "Nat", "User", creator.getUserRoleReference(DefaultUserRole.NATIONAL_USER));
+        UserDto adminUser = creator.createUser(rdcf1, "Admin", "User", creator.getUserRoleReference(DefaultUserRole.ADMIN));
+
+        UserDto survSupUser = creator.createUser(rdcf1, "Surv", "Sup", creator.getUserRoleReference(DefaultUserRole.SURVEILLANCE_SUPERVISOR));
+        UserDto commOffUser = creator.createUser(rdcf1, "Comm", "Off", creator.getUserRoleReference(DefaultUserRole.COMMUNITY_OFFICER));
+        UserDto hospInfUser = creator.createUser(rdcf2, "Hosp", "Inf", creator.getUserRoleReference(DefaultUserRole.HOSPITAL_INFORMANT));
+        UserDto poeInfUser = creator.createUser(rdcf2, "Poe", "Inf", creator.getUserRoleReference(DefaultUserRole.POE_INFORMANT));
+
+        UserDto labUser = creator.createUser(rdcf1, creator.getUserRoleReference(DefaultUserRole.LAB_USER), u -> {
+            u.setFirstName("Lab");
+            u.setLastName("User");
+            u.setUserName("LabUser");
+
+            u.setLaboratory(lab1.toReference());
+        });
+        FacilityDto lab2 = creator.createFacility("Lab2", rdcf1.region, rdcf1.district, rdcf1.community, FacilityType.LABORATORY);
+        UserDto labUserOtherLab = creator.createUser(rdcf1, creator.getUserRoleReference(DefaultUserRole.LAB_USER), u -> {
+            u.setFirstName("Lab");
+            u.setLastName("User");
+            u.setUserName("LabUser2");
+
+            u.setLaboratory(lab2.toReference());
+        });
+
+        // owners should be able to see all samples
+        loginWith(ownerUser);
+
+        EnvironmentSampleDto sampleDtoRdcf1 =
+                creator.createEnvironmentSample(environment.toReference(), ownerUser.toReference(), rdcf1, lab1.toReference(), s -> {
+                    s.getLocation().setCommunity(rdcf1.community);
+                });
+        EnvironmentSample samploRdcf1 = getEnvironmentSampleService().getByUuid(sampleDtoRdcf1.getUuid());
+
+        EnvironmentSampleDto sampleDtoRdcf2 =
+                creator.createEnvironmentSample(environment.toReference(), ownerUser.toReference(), rdcf2, lab1.toReference(), s -> {
+                    s.getLocation().setCommunity(rdcf2.community);
+                });
+        EnvironmentSample samploRdcf2 = getEnvironmentSampleService().getByUuid(sampleDtoRdcf2.getUuid());
+
+        // owner should have access to all samples
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(true));
+
+        // user from RDCF1 should have access to sample in RDCF1 but not in RDCF2
+        loginWith(environmentUser2);
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
+
+
+        // national user should have access to all samples
+        loginWith(natUser);
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(true));
+
+        // admin user should have no access to all samples
+        loginWith(adminUser);
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(false));
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(false));
+
+        // surveillance supervisor from RDCF1 should have access to sample in RDCF1 but not in RDCF2
+        loginWith(survSupUser);
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
+
+        // community officer from RDCF1 should have access to sample in RDCF1 but not in RDCF2
+        loginWith(commOffUser);
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
+
+        // hospital informant is not yet supported
+        loginWith(hospInfUser);
+        Assertions.assertThrowsExactly(
+                NotImplementedException.class,
+                () -> getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1),
+                "Facility is not supported for environment samples");
+
+        // point of entry informant is not yet supported
+        loginWith(poeInfUser);
+        Assertions.assertThrowsExactly(
+                NotImplementedException.class,
+                () -> getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1),
+                "Point of entry is not supported for environment samples");
+
+        // lab user from same lab should have access to all samples
+        loginWith(labUser);
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(true));
+
+        // lab user from different lab should have no access to the samples
+        loginWith(labUserOtherLab);
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(false));
+        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
+
+    }
 }
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
index 949b08edbc3..aad3cde1cbf 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
@@ -1,47 +1,10 @@
 package de.symeda.sormas.backend.user;
 
-import static de.symeda.sormas.api.user.DefaultUserRole.ADMIN_SUPERVISOR;
-import static de.symeda.sormas.api.user.DefaultUserRole.CASE_OFFICER;
-import static de.symeda.sormas.api.user.DefaultUserRole.CONTACT_OFFICER;
-import static de.symeda.sormas.api.user.DefaultUserRole.CONTACT_SUPERVISOR;
-import static de.symeda.sormas.api.user.DefaultUserRole.DISTRICT_OBSERVER;
-import static de.symeda.sormas.api.user.DefaultUserRole.NATIONAL_USER;
-import static de.symeda.sormas.api.user.DefaultUserRole.POE_INFORMANT;
-import static de.symeda.sormas.api.user.DefaultUserRole.REST_EXTERNAL_VISITS_USER;
-import static de.symeda.sormas.api.user.DefaultUserRole.SURVEILLANCE_OFFICER;
-import static de.symeda.sormas.api.user.DefaultUserRole.SURVEILLANCE_SUPERVISOR;
-import static org.hamcrest.CoreMatchers.equalTo;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.contains;
-import static org.hamcrest.Matchers.containsInAnyOrder;
-import static org.hamcrest.Matchers.hasItem;
-import static org.hamcrest.Matchers.hasItems;
-import static org.hamcrest.Matchers.hasSize;
-import static org.hamcrest.Matchers.is;
-import static org.hamcrest.Matchers.not;
-import static org.hamcrest.Matchers.nullValue;
-import static org.junit.jupiter.api.Assertions.*;
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.Mockito.*;
-
-import java.util.*;
-import java.util.stream.Collectors;
-
-
-import javax.persistence.EntityNotFoundException;
-
-import javax.validation.ValidationException;
-
-import de.symeda.sormas.api.user.*;
-
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Test;
-import org.mockito.*;
-
 import de.symeda.sormas.api.AuthProvider;
 import de.symeda.sormas.api.Disease;
 import de.symeda.sormas.api.EntityDto;
 import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
+import de.symeda.sormas.api.user.*;
 import de.symeda.sormas.api.utils.AccessDeniedException;
 import de.symeda.sormas.api.utils.SortProperty;
 import de.symeda.sormas.backend.AbstractBeanTest;
@@ -49,522 +12,532 @@
 import de.symeda.sormas.backend.infrastructure.region.Region;
 import de.symeda.sormas.backend.infrastructure.region.RegionFacadeEjb;
 import de.symeda.sormas.backend.infrastructure.region.RegionService;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.mockito.MockedStatic;
+import org.mockito.MockitoAnnotations;
 
-public class UserFacadeEjbTest extends AbstractBeanTest {
-
-	@BeforeEach
-	public void setUp() {
-		MockitoAnnotations.initMocks(this);
-	}
-
-	@Test
-	public void testGetUsersByRegionAndRights() {
-		RDCF rdcf = creator.createRDCF();
-		RegionReferenceDto region = rdcf.region;
-
-		// given region and right
-		List<UserReferenceDto> result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW);
-
-		assertTrue(result.isEmpty());
-
-		UserDto natUser = creator.createUser(rdcf, creator.getUserRoleReference(NATIONAL_USER)); // Has LAB_MASSAGES and TRAVEL_ENTRY_MANAGEMENT_ACCESS rights
-		UserDto poeUser = creator.createUser(rdcf, "Some", "User", creator.getUserRoleReference(POE_INFORMANT)); // Does not have LAB_MASSAGES right, but has TRAVEL_ENTRY_MANAGEMENT_ACCESS.
-		creator.createUser(rdcf, creator.getUserRoleReference(REST_EXTERNAL_VISITS_USER)); // Has neither LAB_MASSAGES nor TRAVEL_ENTRY_MANAGEMENT_ACCESS right
-		result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW);
-
-		assertThat(result, hasSize(1));
-		assertThat(result, contains(equalTo(natUser.toReference())));
-
-		UserDto natUser2 = creator.createUser(rdcf, "Nat", "User2", creator.getUserRoleReference(NATIONAL_USER)); // Has LAB_MASSAGES right
-		result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW);
-
-		assertThat(result, hasSize(2));
-		assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference())));
-
-		// given different region and right
-		Region region2 = creator.createRegion("region2");
-		result = getUserFacade().getUsersByRegionAndRights(RegionFacadeEjb.toReferenceDto(region2), null, UserRight.EXTERNAL_MESSAGE_VIEW);
-
-		assertTrue(result.isEmpty());
-
-		// given no region and right
-		result = getUserFacade().getUsersByRegionAndRights(null, null, UserRight.EXTERNAL_MESSAGE_VIEW);
-
-		assertThat(result, hasSize(3)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
-		assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference())));
-
-		// given region and multiple rights
-		result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
-
-		assertThat(result, hasSize(3));
-		assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference()), equalTo(poeUser.toReference())));
-
-		// given different region and multiple rights
-		result = getUserFacade().getUsersByRegionAndRights(
-			RegionFacadeEjb.toReferenceDto(region2),
-			null,
-			UserRight.EXTERNAL_MESSAGE_VIEW,
-			UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
-
-		assertTrue(result.isEmpty());
-
-		// given no region and multiple rights
-		result = getUserFacade().getUsersByRegionAndRights(null, null, UserRight.EXTERNAL_MESSAGE_VIEW, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
-
-		assertThat(result, hasSize(4)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
-		assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference()), equalTo(poeUser.toReference())));
-
-	}
-
-	/**
-	 * Testing with some users that might not be selected DISTINCT because of 1:n relations.
-	 */
-	@Test
-	public void testGetIndexList() {
-
-		// 1 region, 2 districts
-		RDCF rdcf = creator.createRDCF();
-		Region region = getBean(RegionService.class).getByUuid(rdcf.region.getUuid());
-		creator.createDistrict("district 2", region);
-
-		// user with a 2 districts region, 2 user roles
-		creator.createUser(rdcf, "my", "User", creator.getUserRoleReference(CASE_OFFICER), creator.getUserRoleReference(CONTACT_OFFICER));
-
-		// some other users to be filtered out
-		creator.createUser(
-			rdcf,
-			"Some",
-			"User",
-			creator.getUserRoleReference(SURVEILLANCE_SUPERVISOR),
-			creator.getUserRoleReference(CONTACT_SUPERVISOR));
-		creator
-			.createUser(rdcf, "Other", "User", creator.getUserRoleReference(SURVEILLANCE_OFFICER), creator.getUserRoleReference(DISTRICT_OBSERVER));
-
-		List<UserDto> result;
-
-		// 1. Check that query works without filter: All 3 distinct users are found (+ admin by default)
-		result = getUserFacade().getIndexList(new UserCriteria(), 0, 100, null);
-		assertThat(result, hasSize(4));
-		assertThat(result.stream().map(EntityDto::getUuid).collect(Collectors.toSet()), hasSize(4));
-
-		// 2. Check that only the expected user is found
-		result = getUserFacade().getIndexList(new UserCriteria().freeText("myUser"), 0, 100, null);
-		assertThat(result, hasSize(1));
-		assertThat(result.get(0).getUserName(), equalTo("myUser"));
-	}
-
-	/**
-	 * Test that the filtering on text fields and sorting be Location.address do not cause a database exception.
-	 */
-	@Test
-	public void testGetIndexListFilteredAndOrderedByAddress() {
-		final UserCriteria userCriteria = new UserCriteria().freeText("min");
-		List<UserDto> result = getUserFacade().getIndexList(userCriteria, 0, 100, Collections.singletonList(new SortProperty(UserDto.ADDRESS)));
-
-		final long count = getUserFacade().count(userCriteria);
-
-		assertThat(result, hasSize(1));
-		assertThat(count, is(1L));
-		assertThat(result.get(0).getUserName(), equalTo("admin"));
-	}
-
-	@Test
-	public void testGetValidLoginRoles() {
-		AuthProvider authProvider = mock(AuthProvider.class);
-
-		MockedStatic<AuthProvider> mockAuthProvider = mockStatic(AuthProvider.class);
-		when(AuthProvider.getProvider(any())).thenReturn(authProvider);
-
-		RDCF rdcf = creator.createRDCF();
-		UserDto user = creator.createUser(rdcf, creator.getUserRoleReference(SURVEILLANCE_SUPERVISOR));
-		String password = getUserFacade().resetPassword(user.getUuid());
-
-		Set<UserRight> validLoginRights = getUserFacade().getValidLoginRights(user.getUserName(), password);
-		assertThat(
-			validLoginRights,
-			containsInAnyOrder(
-				UserRole.getUserRights(Collections.singletonList(creator.getUserRole(SURVEILLANCE_SUPERVISOR))).toArray(new UserRight[] {})));
-
-		user.setActive(false);
-		getUserFacade().saveUser(user, false);
-
-		validLoginRights = getUserFacade().getValidLoginRights(user.getUserName(), password);
-		assertThat(validLoginRights, nullValue());
-
-		//Important: release static mock.
-		mockAuthProvider.closeOnDemand();
-	}
-
-	@Test
-	public void testGetExistentDefaultUsers() {
-		Set<User> defaultUsers = UserTestHelper.generateDefaultUsers(true, creator);
-		Set<User> randomUsers = UserTestHelper.generateRandomUsers(3, creator);
-
-		List<User> testUsers = new ArrayList<>();
-		testUsers.addAll(defaultUsers);
-		testUsers.addAll(randomUsers);
-
-		for (User user : testUsers) {
-			getUserService().persist(user);
-		}
-
-		for (User user : testUsers) {
-			loginWith(getUserFacade().toDto(user));
-			List<UserDto> persistedDefaultUsers = getUserFacade().getUsersWithDefaultPassword();
-
-			if (user.hasUserRight(UserRight.USER_EDIT)) {
-				assertEquals(defaultUsers.size(), persistedDefaultUsers.size());
-				for (User defUser : defaultUsers) {
-					assertThat(persistedDefaultUsers, hasItem(getUserFacade().toDto(defUser)));
-				}
-				for (User randomUser : randomUsers) {
-					assertThat(persistedDefaultUsers, not(hasItem(getUserFacade().toDto(randomUser))));
-				}
-			} else if (defaultUsers.contains(user)) {
-				assertEquals(1, persistedDefaultUsers.size());
-				assertEquals(getUserFacade().toDto(user), persistedDefaultUsers.get(0));
-			} else {
-				assertEquals(0, persistedDefaultUsers.size());
-			}
-		}
-	}
-
-	@Test
-	public void testGetExistentDefaultUsersUpperCase() {
-		Set<User> defaultUsers = UserTestHelper.generateDefaultUsers(true, creator);
-		for (User user : defaultUsers) {
-			user.setUserName(user.getUserName().toUpperCase());
-			getUserService().persist(user);
-		}
-		assertEquals(0, getUserFacade().getUsersWithDefaultPassword().size());
-	}
-
-	@Test
-	public void testGetByUserName() {
-		final UserFacade userFacade = getUserFacade();
-		assertNull(userFacade.getByUserName("HansPeter"));
-
-		RDCF rdcf = creator.createRDCF();
-		UserDto user = creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER));
-
-		assertEquals(user, userFacade.getByUserName("HANSPETER"));
-		assertEquals(user, userFacade.getByUserName("hanspeter"));
-		assertEquals(user, userFacade.getByUserName("HansPeter"));
-		assertEquals(user, userFacade.getByUserName("hansPETER"));
-	}
-
-	@Test
-	public void testLoginUnique() {
-		final UserFacade userFacade = getUserFacade();
-		assertNull(userFacade.getByUserName("HansPeter"));
-
-		RDCF rdcf = creator.createRDCF();
-		creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER));
-
-		assertTrue(userFacade.isLoginUnique(String.valueOf(UUID.randomUUID()), "MarieLisa"));
-		assertFalse(userFacade.isLoginUnique(String.valueOf(UUID.randomUUID()), "HansPeter"));
-		assertFalse(userFacade.isLoginUnique(String.valueOf(UUID.randomUUID()), "hanspeter"));
-	}
-
-	@Test
-	public void testFailOnSavingDuplicateUser() {
-		final UserFacade userFacade = getUserFacade();
-		assertNull(userFacade.getByUserName("HansPeter"));
-
-		RDCF rdcf = creator.createRDCF();
-		creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER));
-		assertThrows(ValidationException.class, () -> creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER)));
-		assertThrows(ValidationException.class, () -> creator.createUser(rdcf, "hans", "peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER)));
-		assertThrows(ValidationException.class, () -> creator.createUser(rdcf, "HANS", "PETER", creator.getUserRoleReference(SURVEILLANCE_OFFICER)));
-	}
-
-	@Test
-	public void testGetUserRefsByDistrictsWithLimitedDiseaseUsers() {
-
-		RDCF rdcf = creator.createRDCF();
-
-		UserDto generalSurveillanceOfficer = creator.createSurveillanceOfficer(rdcf);
-		UserDto limitedSurveillanceOfficer =
-			creator.createUser(rdcf, "Limited Dengue", "SURVEILLANCE_OFFICER", Disease.DENGUE, creator.getUserRoleReference(SURVEILLANCE_OFFICER));
-
-		List<UserReferenceDto> userReferenceDtos = getUserFacade().getUserRefsByDistricts(Arrays.asList(rdcf.district), Disease.CORONAVIRUS);
+import javax.persistence.EntityNotFoundException;
+import javax.validation.ValidationException;
+import java.util.*;
+import java.util.stream.Collectors;
 
-		assertNotNull(userReferenceDtos);
-		assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
-		assertFalse(userReferenceDtos.contains(limitedSurveillanceOfficer));
+import static de.symeda.sormas.api.user.DefaultUserRole.*;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.contains;
+import static org.hamcrest.Matchers.*;
+import static org.junit.jupiter.api.Assertions.*;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.*;
 
-	}
+public class UserFacadeEjbTest extends AbstractBeanTest {
 
-	@Test
-	public void testGetUserRefsByDistrictsForResponsibleSurveillanceOfficer() {
-		RDCF rdcf = creator.createRDCF();
-		RDCF rdcfOther = creator.createRDCF("otherRegion", "oderDistrict", "otherCommunity", "otherFacility");
+    @BeforeEach
+    public void setUp() {
+        MockitoAnnotations.initMocks(this);
+    }
 
-		UserDto surveilanceOfficerDefault = creator.createSurveillanceOfficer(rdcf);
-		UserDto surveilanceSupervisorDefault = creator.createSurveillanceSupervisor(rdcf);
-		UserDto adminSupervisorDefault = creator.createUser(rdcf, "Admin", "Supervisor", creator.getUserRoleReference(ADMIN_SUPERVISOR));
-		UserDto adminSupervisorOther = creator.createUser(rdcfOther, "Admin", "Supervisor Other", creator.getUserRoleReference(ADMIN_SUPERVISOR));
+    @Test
+    public void testGetUsersByRegionAndRights() {
+        RDCF rdcf = creator.createRDCF();
+        RegionReferenceDto region = rdcf.region;
 
-		List<UserReferenceDto> userReferenceDtos = getUserFacade().getUserRefsByDistricts(Arrays.asList(rdcf.district), Disease.CORONAVIRUS);
-		assertNotNull(userReferenceDtos);
-		assertEquals(3, userReferenceDtos.size());
-		List<String> userReferenceUUIDs = userReferenceDtos.stream().map(u -> u.getUuid()).collect(Collectors.toList());
-		assertTrue(userReferenceUUIDs.contains(surveilanceOfficerDefault.getUuid()));
-		assertTrue(userReferenceUUIDs.contains(surveilanceSupervisorDefault.getUuid()));
-		assertTrue(userReferenceUUIDs.contains(adminSupervisorDefault.getUuid()));
-		assertFalse(userReferenceUUIDs.contains(adminSupervisorOther.getUuid()));
-	}
+        // given region and right
+        List<UserReferenceDto> result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-	@Test
-	public void testGetUserRefsByDistrictsWithLimitedDiseaseUsersSingleDistrict() {
+        assertTrue(result.isEmpty());
 
-		RDCF rdcf = creator.createRDCF();
+        UserDto natUser = creator.createUser(rdcf, creator.getUserRoleReference(NATIONAL_USER)); // Has LAB_MASSAGES and TRAVEL_ENTRY_MANAGEMENT_ACCESS rights
+        UserDto poeUser = creator.createUser(rdcf, "Some", "User", creator.getUserRoleReference(POE_INFORMANT)); // Does not have LAB_MASSAGES right, but has TRAVEL_ENTRY_MANAGEMENT_ACCESS.
+        creator.createUser(rdcf, creator.getUserRoleReference(REST_EXTERNAL_VISITS_USER)); // Has neither LAB_MASSAGES nor TRAVEL_ENTRY_MANAGEMENT_ACCESS right
+        result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-		UserDto generalSurveillanceOfficer = creator.createSurveillanceOfficer(rdcf); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS, but not the EXTERNAL_MESSAGES right
-		UserDto limitedSurveillanceOfficer =
-			creator.createUser(rdcf, "Limited Dengue", "SURVEILLANCE_OFFICER", Disease.DENGUE, creator.getUserRoleReference(SURVEILLANCE_OFFICER)); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS, but not the EXTERNAL_MESSAGES right
+        assertThat(result, hasSize(1));
+        assertThat(result, contains(equalTo(natUser.toReference())));
 
-		// given district and disease
-		List<UserReferenceDto> userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, Disease.CORONAVIRUS);
+        UserDto natUser2 = creator.createUser(rdcf, "Nat", "User2", creator.getUserRoleReference(NATIONAL_USER)); // Has LAB_MASSAGES right
+        result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-		assertThat(userReferenceDtos, hasSize(1));
-		assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
+        assertThat(result, hasSize(2));
+        assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference())));
 
-		// given disease
-		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, Disease.CORONAVIRUS);
+        // given different region and right
+        Region region2 = creator.createRegion("region2");
+        result = getUserFacade().getUsersByRegionAndRights(RegionFacadeEjb.toReferenceDto(region2), null, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-		assertThat(userReferenceDtos, hasSize(2)); // there is an admin user created at the init of the AbstractBeanTest
-		assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
+        assertTrue(result.isEmpty());
 
-		// given only null parameters
-		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, null);
+        // given no region and right
+        result = getUserFacade().getUsersByRegionAndRights(null, null, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-		assertThat(userReferenceDtos, hasSize(3)); // there is an admin user created at the init of the AbstractBeanTest
-		assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
+        assertThat(result, hasSize(3)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
+        assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference())));
 
-		// given district, disease and right
-		userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, Disease.CORONAVIRUS, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+        // given region and multiple rights
+        result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-		assertThat(userReferenceDtos, hasSize(1));
-		assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
+        assertThat(result, hasSize(3));
+        assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference()), equalTo(poeUser.toReference())));
 
-		userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, Disease.CORONAVIRUS, UserRight.EXTERNAL_MESSAGE_VIEW);
+        // given different region and multiple rights
+        result = getUserFacade().getUsersByRegionAndRights(
+                RegionFacadeEjb.toReferenceDto(region2),
+                null,
+                UserRight.EXTERNAL_MESSAGE_VIEW,
+                UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-		assertTrue(userReferenceDtos.isEmpty());
+        assertTrue(result.isEmpty());
 
-		// given disease and right
-		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, Disease.CORONAVIRUS, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+        // given no region and multiple rights
+        result = getUserFacade().getUsersByRegionAndRights(null, null, UserRight.EXTERNAL_MESSAGE_VIEW, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-		assertThat(userReferenceDtos, hasSize(2)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
-		assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
+        assertThat(result, hasSize(4)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
+        assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference()), equalTo(poeUser.toReference())));
 
-		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, Disease.CORONAVIRUS, UserRight.EXTERNAL_MESSAGE_VIEW);
+    }
 
-		assertThat(userReferenceDtos, hasSize(1)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
+    /**
+     * Testing with some users that might not be selected DISTINCT because of 1:n relations.
+     */
+    @Test
+    public void testGetIndexList() {
+
+        // 1 region, 2 districts
+        RDCF rdcf = creator.createRDCF();
+        Region region = getBean(RegionService.class).getByUuid(rdcf.region.getUuid());
+        creator.createDistrict("district 2", region);
+
+        // user with a 2 districts region, 2 user roles
+        creator.createUser(rdcf, "my", "User", creator.getUserRoleReference(CASE_OFFICER), creator.getUserRoleReference(CONTACT_OFFICER));
+
+        // some other users to be filtered out
+        creator.createUser(
+                rdcf,
+                "Some",
+                "User",
+                creator.getUserRoleReference(SURVEILLANCE_SUPERVISOR),
+                creator.getUserRoleReference(CONTACT_SUPERVISOR));
+        creator
+                .createUser(rdcf, "Other", "User", creator.getUserRoleReference(SURVEILLANCE_OFFICER), creator.getUserRoleReference(DISTRICT_OBSERVER));
+
+        List<UserDto> result;
+
+        // 1. Check that query works without filter: All 3 distinct users are found (+ admin by default)
+        result = getUserFacade().getIndexList(new UserCriteria(), 0, 100, null);
+        assertThat(result, hasSize(4));
+        assertThat(result.stream().map(EntityDto::getUuid).collect(Collectors.toSet()), hasSize(4));
+
+        // 2. Check that only the expected user is found
+        result = getUserFacade().getIndexList(new UserCriteria().freeText("myUser"), 0, 100, null);
+        assertThat(result, hasSize(1));
+        assertThat(result.get(0).getUserName(), equalTo("myUser"));
+    }
+
+    /**
+     * Test that the filtering on text fields and sorting be Location.address do not cause a database exception.
+     */
+    @Test
+    public void testGetIndexListFilteredAndOrderedByAddress() {
+        final UserCriteria userCriteria = new UserCriteria().freeText("min");
+        List<UserDto> result = getUserFacade().getIndexList(userCriteria, 0, 100, Collections.singletonList(new SortProperty(UserDto.ADDRESS)));
+
+        final long count = getUserFacade().count(userCriteria);
+
+        assertThat(result, hasSize(1));
+        assertThat(count, is(1L));
+        assertThat(result.get(0).getUserName(), equalTo("admin"));
+    }
+
+    @Test
+    public void testGetValidLoginRoles() {
+        AuthProvider authProvider = mock(AuthProvider.class);
+
+        MockedStatic<AuthProvider> mockAuthProvider = mockStatic(AuthProvider.class);
+        when(AuthProvider.getProvider(any())).thenReturn(authProvider);
+
+        RDCF rdcf = creator.createRDCF();
+        UserDto user = creator.createUser(rdcf, creator.getUserRoleReference(SURVEILLANCE_SUPERVISOR));
+        String password = getUserFacade().resetPassword(user.getUuid());
+
+        Set<UserRight> validLoginRights = getUserFacade().getValidLoginRights(user.getUserName(), password);
+        assertThat(
+                validLoginRights,
+                containsInAnyOrder(
+                        UserRole.getUserRights(Collections.singletonList(creator.getUserRole(SURVEILLANCE_SUPERVISOR))).toArray(new UserRight[]{})));
+
+        user.setActive(false);
+        getUserFacade().saveUser(user, false);
+
+        validLoginRights = getUserFacade().getValidLoginRights(user.getUserName(), password);
+        assertThat(validLoginRights, nullValue());
+
+        //Important: release static mock.
+        mockAuthProvider.closeOnDemand();
+    }
+
+    @Test
+    public void testGetExistentDefaultUsers() {
+        Set<User> defaultUsers = UserTestHelper.generateDefaultUsers(true, creator);
+        Set<User> randomUsers = UserTestHelper.generateRandomUsers(3, creator);
+
+        List<User> testUsers = new ArrayList<>();
+        testUsers.addAll(defaultUsers);
+        testUsers.addAll(randomUsers);
+
+        for (User user : testUsers) {
+            getUserService().persist(user);
+        }
+
+        for (User user : testUsers) {
+            loginWith(getUserFacade().toDto(user));
+            List<UserDto> persistedDefaultUsers = getUserFacade().getUsersWithDefaultPassword();
+
+            if (user.hasUserRight(UserRight.USER_EDIT)) {
+                assertEquals(defaultUsers.size(), persistedDefaultUsers.size());
+                for (User defUser : defaultUsers) {
+                    assertThat(persistedDefaultUsers, hasItem(getUserFacade().toDto(defUser)));
+                }
+                for (User randomUser : randomUsers) {
+                    assertThat(persistedDefaultUsers, not(hasItem(getUserFacade().toDto(randomUser))));
+                }
+            } else if (defaultUsers.contains(user)) {
+                assertEquals(1, persistedDefaultUsers.size());
+                assertEquals(getUserFacade().toDto(user), persistedDefaultUsers.get(0));
+            } else {
+                assertEquals(0, persistedDefaultUsers.size());
+            }
+        }
+    }
+
+    @Test
+    public void testGetExistentDefaultUsersUpperCase() {
+        Set<User> defaultUsers = UserTestHelper.generateDefaultUsers(true, creator);
+        for (User user : defaultUsers) {
+            user.setUserName(user.getUserName().toUpperCase());
+            getUserService().persist(user);
+        }
+        assertEquals(0, getUserFacade().getUsersWithDefaultPassword().size());
+    }
+
+    @Test
+    public void testGetByUserName() {
+        final UserFacade userFacade = getUserFacade();
+        assertNull(userFacade.getByUserName("HansPeter"));
+
+        RDCF rdcf = creator.createRDCF();
+        UserDto user = creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER));
+
+        assertEquals(user, userFacade.getByUserName("HANSPETER"));
+        assertEquals(user, userFacade.getByUserName("hanspeter"));
+        assertEquals(user, userFacade.getByUserName("HansPeter"));
+        assertEquals(user, userFacade.getByUserName("hansPETER"));
+    }
+
+    @Test
+    public void testLoginUnique() {
+        final UserFacade userFacade = getUserFacade();
+        assertNull(userFacade.getByUserName("HansPeter"));
+
+        RDCF rdcf = creator.createRDCF();
+        creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER));
+
+        assertTrue(userFacade.isLoginUnique(String.valueOf(UUID.randomUUID()), "MarieLisa"));
+        assertFalse(userFacade.isLoginUnique(String.valueOf(UUID.randomUUID()), "HansPeter"));
+        assertFalse(userFacade.isLoginUnique(String.valueOf(UUID.randomUUID()), "hanspeter"));
+    }
+
+    @Test
+    public void testFailOnSavingDuplicateUser() {
+        final UserFacade userFacade = getUserFacade();
+        assertNull(userFacade.getByUserName("HansPeter"));
 
-		// given only null parameters except for right
-		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, null, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+        RDCF rdcf = creator.createRDCF();
+        creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER));
+        assertThrows(ValidationException.class, () -> creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER)));
+        assertThrows(ValidationException.class, () -> creator.createUser(rdcf, "hans", "peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER)));
+        assertThrows(ValidationException.class, () -> creator.createUser(rdcf, "HANS", "PETER", creator.getUserRoleReference(SURVEILLANCE_OFFICER)));
+    }
 
-		assertThat(userReferenceDtos, hasSize(3)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
-		assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
+    @Test
+    public void testGetUserRefsByDistrictsWithLimitedDiseaseUsers() {
 
-		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, null, UserRight.EXTERNAL_MESSAGE_VIEW);
+        RDCF rdcf = creator.createRDCF();
 
-		assertThat(userReferenceDtos, hasSize(1)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
+        UserDto generalSurveillanceOfficer = creator.createSurveillanceOfficer(rdcf);
+        UserDto limitedSurveillanceOfficer =
+                creator.createUser(rdcf, "Limited Dengue", "SURVEILLANCE_OFFICER", Disease.DENGUE, creator.getUserRoleReference(SURVEILLANCE_OFFICER));
 
-	}
+        List<UserReferenceDto> userReferenceDtos = getUserFacade().getUserRefsByDistricts(Arrays.asList(rdcf.district), Disease.CORONAVIRUS);
 
-	@Test
-	public void testGetUserRefsByDistrictsWithExcludeLimitedDiseaseUsersAndSingleDistrict() {
+        assertNotNull(userReferenceDtos);
+        assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
+        assertFalse(userReferenceDtos.contains(limitedSurveillanceOfficer));
 
-		RDCF rdcf = creator.createRDCF();
+    }
 
-		UserDto generalSurveillanceOfficer = creator.createSurveillanceOfficer(rdcf); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS
-		UserDto limitedSurveillanceOfficer =
-			creator.createUser(rdcf, "Limited Dengue", "SURVEILLANCE_OFFICER", Disease.DENGUE, creator.getUserRoleReference(SURVEILLANCE_OFFICER)); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS
-		UserDto generalRestUser = creator.createUser(rdcf, "REST", "USER", creator.getUserRoleReference(REST_EXTERNAL_VISITS_USER)); // does not have TRAVEL_ENTRY_MANAGEMENT_ACCESS
+    @Test
+    public void testGetUserRefsByDistrictsForResponsibleSurveillanceOfficer() {
+        RDCF rdcf = creator.createRDCF();
+        RDCF rdcfOther = creator.createRDCF("otherRegion", "oderDistrict", "otherCommunity", "otherFacility");
 
-		// given district and one right
-		List<UserReferenceDto> userReferenceDtos =
-			getUserFacade().getUserRefsByDistrict(rdcf.district, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+        UserDto surveilanceOfficerDefault = creator.createSurveillanceOfficer(rdcf);
+        UserDto surveilanceSupervisorDefault = creator.createSurveillanceSupervisor(rdcf);
+        UserDto adminSupervisorDefault = creator.createUser(rdcf, "Admin", "Supervisor", creator.getUserRoleReference(ADMIN_SUPERVISOR));
+        UserDto adminSupervisorOther = creator.createUser(rdcfOther, "Admin", "Supervisor Other", creator.getUserRoleReference(ADMIN_SUPERVISOR));
 
-		assertThat(userReferenceDtos, hasSize(1));
-		assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
+        List<UserReferenceDto> userReferenceDtos = getUserFacade().getUserRefsByDistricts(Arrays.asList(rdcf.district), Disease.CORONAVIRUS);
+        assertNotNull(userReferenceDtos);
+        assertEquals(3, userReferenceDtos.size());
+        List<String> userReferenceUUIDs = userReferenceDtos.stream().map(u -> u.getUuid()).collect(Collectors.toList());
+        assertTrue(userReferenceUUIDs.contains(surveilanceOfficerDefault.getUuid()));
+        assertTrue(userReferenceUUIDs.contains(surveilanceSupervisorDefault.getUuid()));
+        assertTrue(userReferenceUUIDs.contains(adminSupervisorDefault.getUuid()));
+        assertFalse(userReferenceUUIDs.contains(adminSupervisorOther.getUuid()));
+    }
 
-		userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+    @Test
+    public void testGetUserRefsByDistrictsWithLimitedDiseaseUsersSingleDistrict() {
 
-		assertThat(userReferenceDtos, hasSize(2));
-		assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
+        RDCF rdcf = creator.createRDCF();
 
-		// given no district and one right
-		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+        UserDto generalSurveillanceOfficer = creator.createSurveillanceOfficer(rdcf); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS, but not the EXTERNAL_MESSAGES right
+        UserDto limitedSurveillanceOfficer =
+                creator.createUser(rdcf, "Limited Dengue", "SURVEILLANCE_OFFICER", Disease.DENGUE, creator.getUserRoleReference(SURVEILLANCE_OFFICER)); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS, but not the EXTERNAL_MESSAGES right
 
-		assertThat(userReferenceDtos, hasSize(2)); // there is an admin user created at the init of the AbstractBeanTest
-		assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
+        // given district and disease
+        List<UserReferenceDto> userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, Disease.CORONAVIRUS);
 
-		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+        assertThat(userReferenceDtos, hasSize(1));
+        assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
 
-		assertThat(userReferenceDtos, hasSize(3)); // there is an admin user created at the init of the AbstractBeanTest
-		assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
+        // given disease
+        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, Disease.CORONAVIRUS);
 
-		// given district and multiple rights
-		userReferenceDtos =
-			getUserFacade().getUserRefsByDistrict(rdcf.district, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
+        assertThat(userReferenceDtos, hasSize(2)); // there is an admin user created at the init of the AbstractBeanTest
+        assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
 
-		assertThat(userReferenceDtos, hasSize(2));
-		assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(generalRestUser.toReference())));
+        // given only null parameters
+        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, null);
 
-		userReferenceDtos =
-			getUserFacade().getUserRefsByDistrict(rdcf.district, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
+        assertThat(userReferenceDtos, hasSize(3)); // there is an admin user created at the init of the AbstractBeanTest
+        assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
 
-		assertThat(userReferenceDtos, hasSize(3));
-		assertThat(
-			userReferenceDtos,
-			hasItems(
-				equalTo(generalSurveillanceOfficer.toReference()),
-				equalTo(limitedSurveillanceOfficer.toReference()),
-				equalTo(generalRestUser.toReference())));
+        // given district, disease and right
+        userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, Disease.CORONAVIRUS, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-		// given no district and multiple rights
-		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
+        assertThat(userReferenceDtos, hasSize(1));
+        assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
 
-		assertThat(userReferenceDtos, hasSize(3)); // there is an admin user created at the init of the AbstractBeanTest
-		assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(generalRestUser.toReference())));
+        userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, Disease.CORONAVIRUS, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
+        assertTrue(userReferenceDtos.isEmpty());
 
-		assertThat(userReferenceDtos, hasSize(4)); // there is an admin user created at the init of the AbstractBeanTest
-		assertThat(
-			userReferenceDtos,
-			hasItems(
-				equalTo(generalSurveillanceOfficer.toReference()),
-				equalTo(limitedSurveillanceOfficer.toReference()),
-				equalTo(generalRestUser.toReference())));
+        // given disease and right
+        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, Disease.CORONAVIRUS, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-	}
+        assertThat(userReferenceDtos, hasSize(2)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
+        assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
 
+        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, Disease.CORONAVIRUS, UserRight.EXTERNAL_MESSAGE_VIEW);
 
+        assertThat(userReferenceDtos, hasSize(1)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
 
+        // given only null parameters except for right
+        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, null, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-	@Test
-	void getUserRights() {
+        assertThat(userReferenceDtos, hasSize(3)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
+        assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
 
-		RDCF rdcf = creator.createRDCF();
-		UserDto userWithoutAccess = creator.createSurveillanceOfficer(rdcf);
-		UserRight[] surveillanceOfficerRights =
-			UserRole.getUserRights(Collections.singletonList(creator.getUserRole(SURVEILLANCE_OFFICER))).toArray(new UserRight[] {});
+        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, null, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-		// Successfully retrieve user rights of other user
-		loginWith(nationalAdmin);
-		List<UserRight> userRights = getUserFacade().getUserRights(userWithoutAccess.getUuid());
-		assertThat(userRights, containsInAnyOrder(surveillanceOfficerRights));
-		// Successfully retrieve own user rights with user without access to the USER_VIEW and USERROLE_VIEW rights
-		loginWith(userWithoutAccess);
-		userRights = getUserFacade().getUserRights(null);
-		assertThat(userRights, containsInAnyOrder(surveillanceOfficerRights));
-		// Prevent users without access from retrieving user rights of other users
-		assertThrows(AccessDeniedException.class, () -> getUserFacade().getUserRights(nationalAdmin.getUuid()));
+        assertThat(userReferenceDtos, hasSize(1)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
 
-		// Uuid which does not exist in the system
-		loginWith(nationalAdmin);
-		assertThrows(EntityNotFoundException.class, () -> getUserFacade().getUserRights("12345"));
-	}
+    }
 
+    @Test
+    public void testGetUserRefsByDistrictsWithExcludeLimitedDiseaseUsersAndSingleDistrict() {
 
-		@Test
-		public void testUpdateUserPassword() {
-			// Arrange
-			User testUser =creator.createTestUser();
+        RDCF rdcf = creator.createRDCF();
 
-			String newPassword="newPassword";
-			String currentPassword=testUser.getPassword();
-			String uuid=testUser.getUuid();
-			String result = getUserFacade().updateUserPassword(uuid, newPassword , currentPassword);
+        UserDto generalSurveillanceOfficer = creator.createSurveillanceOfficer(rdcf); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS
+        UserDto limitedSurveillanceOfficer =
+                creator.createUser(rdcf, "Limited Dengue", "SURVEILLANCE_OFFICER", Disease.DENGUE, creator.getUserRoleReference(SURVEILLANCE_OFFICER)); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS
+        UserDto generalRestUser = creator.createUser(rdcf, "REST", "USER", creator.getUserRoleReference(REST_EXTERNAL_VISITS_USER)); // does not have TRAVEL_ENTRY_MANAGEMENT_ACCESS
 
-			// Assert
-			assertEquals(newPassword, result);
+        // given district and one right
+        List<UserReferenceDto> userReferenceDtos =
+                getUserFacade().getUserRefsByDistrict(rdcf.district, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-			// Verify the password was updated in the database
-			User updatedUser = getUserService().getByUuid(uuid);
+        assertThat(userReferenceDtos, hasSize(1));
+        assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
 
-			assertNotEquals(currentPassword, updatedUser.getPassword()); // Password should be different
-			UserDto updatedUserDto = getUserFacade().getByUuid(uuid);
+        userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-			loginWith(updatedUserDto); // Login again with changed password
-			assertTrue(getUserFacade().validatePassword(uuid,newPassword)); // Validate the new password
+        assertThat(userReferenceDtos, hasSize(2));
+        assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
 
-		}
+        // given no district and one right
+        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
+        assertThat(userReferenceDtos, hasSize(2)); // there is an admin user created at the init of the AbstractBeanTest
+        assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
 
-	@Test
-	public void testGeneratePassword() {
-		// Act
-		String result = getUserFacade().generatePassword();
+        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-		// Assert
-		assertNotNull(result);
-		assertFalse(result.isEmpty());
-	}
+        assertThat(userReferenceDtos, hasSize(3)); // there is an admin user created at the init of the AbstractBeanTest
+        assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
 
-	@Test
-	void testGetValidLoginRolesValidUser() {
-		// Arrange
-		User user = creator.createTestUser();
+        // given district and multiple rights
+        userReferenceDtos =
+                getUserFacade().getUserRefsByDistrict(rdcf.district, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
 
-		// Act
-		Set<UserRoleDto> result = getUserFacade().getValidLoginRoles(user.getUserName(), "password");
+        assertThat(userReferenceDtos, hasSize(2));
+        assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(generalRestUser.toReference())));
 
-		// Assert
-		assertNotNull(result);
-		assertFalse(result.isEmpty());
-	}
+        userReferenceDtos =
+                getUserFacade().getUserRefsByDistrict(rdcf.district, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
 
-	@Test
-	void testGetValidLoginRolesInvalidUser() {
-		// Act
-		Set<UserRoleDto> result = getUserFacade().getValidLoginRoles("testuser", "password");
+        assertThat(userReferenceDtos, hasSize(3));
+        assertThat(
+                userReferenceDtos,
+                hasItems(
+                        equalTo(generalSurveillanceOfficer.toReference()),
+                        equalTo(limitedSurveillanceOfficer.toReference()),
+                        equalTo(generalRestUser.toReference())));
 
-		// Assert
-		assertNotNull(result);
-		assertTrue(result.isEmpty());
-	}
+        // given no district and multiple rights
+        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
 
+        assertThat(userReferenceDtos, hasSize(3)); // there is an admin user created at the init of the AbstractBeanTest
+        assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(generalRestUser.toReference())));
 
-	@Test
-	void testValidatePasswordValid() {
-		// Arrange
+        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
 
-		User user= creator.createTestUser();
-		// Act
-		UserDto loggedInUser = getUserFacade().getByUuid(user.getUuid());
-		loginWith(loggedInUser);
-		boolean result = getUserFacade().validatePassword(loggedInUser.getUuid(), "password"); // Use plain password for validation
+        assertThat(userReferenceDtos, hasSize(4)); // there is an admin user created at the init of the AbstractBeanTest
+        assertThat(
+                userReferenceDtos,
+                hasItems(
+                        equalTo(generalSurveillanceOfficer.toReference()),
+                        equalTo(limitedSurveillanceOfficer.toReference()),
+                        equalTo(generalRestUser.toReference())));
 
-		// Assert
-		assertTrue(result);
-	}
+    }
 
-	@Test
-	void testValidatePasswordInvalid() {
-		// Act
-		boolean result = getUserFacade().validatePassword("uuid", "password");
+    @Test
+    void getUserRights() {
 
-		// Assert
-		assertFalse(result);
-	}
+        RDCF rdcf = creator.createRDCF();
+        UserDto userWithoutAccess = creator.createSurveillanceOfficer(rdcf);
+        UserRight[] surveillanceOfficerRights =
+                UserRole.getUserRights(Collections.singletonList(creator.getUserRole(SURVEILLANCE_OFFICER))).toArray(new UserRight[]{});
 
+        // Successfully retrieve user rights of other user
+        loginWith(nationalAdmin);
+        List<UserRight> userRights = getUserFacade().getUserRights(userWithoutAccess.getUuid());
+        assertThat(userRights, containsInAnyOrder(surveillanceOfficerRights));
+        // Successfully retrieve own user rights with user without access to the USER_VIEW and USERROLE_VIEW rights
+        loginWith(userWithoutAccess);
+        userRights = getUserFacade().getUserRights(null);
+        assertThat(userRights, containsInAnyOrder(surveillanceOfficerRights));
+        // Prevent users without access from retrieving user rights of other users
+        assertThrows(AccessDeniedException.class, () -> getUserFacade().getUserRights(nationalAdmin.getUuid()));
 
-	@Test
-	void testCheckPasswordStrengthStrong() {
-		String result = getUserFacade().checkPasswordStrength("Verystrongassword134$");
-		assertEquals("Password Strength is Strong", result);
-	}
+        // Uuid which does not exist in the system
+        loginWith(nationalAdmin);
+        assertThrows(EntityNotFoundException.class, () -> getUserFacade().getUserRights("12345"));
+    }
 
-	@Test
-	void testCheckPasswordStrengthWeak() {
-		String result = getUserFacade().checkPasswordStrength("weak");
-		assertEquals("Password Strength is Weak", result);
-	}
+    @Test
+    public void testUpdateUserPassword() {
+        // Arrange
+        User testUser = creator.createTestUser();
 
+        String newPassword = "newPassword";
+        String currentPassword = testUser.getPassword();
+        String uuid = testUser.getUuid();
+        String result = getUserFacade().updateUserPassword(uuid, newPassword, currentPassword);
+
+        // Assert
+        assertEquals(newPassword, result);
+
+        // Verify the password was updated in the database
+        User updatedUser = getUserService().getByUuid(uuid);
+
+        assertNotEquals(currentPassword, updatedUser.getPassword()); // Password should be different
+        UserDto updatedUserDto = getUserFacade().getByUuid(uuid);
+
+        loginWith(updatedUserDto); // Login again with changed password
+        assertTrue(getUserFacade().validatePassword(uuid, newPassword)); // Validate the new password
+
+    }
+
+    @Test
+    public void testGeneratePassword() {
+        // Act
+        String result = getUserFacade().generatePassword();
+
+        // Assert
+        assertNotNull(result);
+        assertFalse(result.isEmpty());
+    }
+
+    @Test
+    void testGetValidLoginRolesValidUser() {
+        // Arrange
+        User user = creator.createTestUser();
+
+        // Act
+        Set<UserRoleDto> result = getUserFacade().getValidLoginRoles(user.getUserName(), "password");
+
+        // Assert
+        assertNotNull(result);
+        assertFalse(result.isEmpty());
+    }
+
+    @Test
+    void testGetValidLoginRolesInvalidUser() {
+        // Act
+        Set<UserRoleDto> result = getUserFacade().getValidLoginRoles("testuser", "password");
+
+        // Assert
+        assertNotNull(result);
+        assertTrue(result.isEmpty());
+    }
+
+    @Test
+    void testValidatePasswordValid() {
+        // Arrange
+
+        User user = creator.createTestUser();
+        // Act
+        UserDto loggedInUser = getUserFacade().getByUuid(user.getUuid());
+        loginWith(loggedInUser);
+        boolean result = getUserFacade().validatePassword(loggedInUser.getUuid(), "password"); // Use plain password for validation
+
+        // Assert
+        assertTrue(result);
+    }
+
+    @Test
+    void testValidatePasswordInvalid() {
+        // Act
+        boolean result = getUserFacade().validatePassword("uuid", "password");
+
+        // Assert
+        assertFalse(result);
+    }
+
+    @Test
+    void testCheckPasswordStrengthStrong() {
+        String result = getUserFacade().checkPasswordStrength("Verystrongassword134$");
+        assertEquals("Password Strength is Strong", result);
+    }
+
+    @Test
+    void testCheckPasswordStrengthWeak() {
+        String result = getUserFacade().checkPasswordStrength("weak");
+        assertEquals("Password Strength is Weak", result);
+    }
 
 }
diff --git a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
index 5db33920f80..577a3ee0dc0 100644
--- a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
+++ b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
@@ -15,18 +15,6 @@
 
 package de.symeda.sormas.rest.resources;
 
-import java.util.Date;
-import java.util.List;
-
-import javax.ws.rs.Consumes;
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.MediaType;
-
 import de.symeda.sormas.api.FacadeProvider;
 import de.symeda.sormas.api.caze.CriteriaWithSorting;
 import de.symeda.sormas.api.common.Page;
@@ -37,80 +25,84 @@
 import de.symeda.sormas.api.user.UserRight;
 import io.swagger.v3.oas.annotations.parameters.RequestBody;
 
+import javax.ws.rs.*;
+import javax.ws.rs.core.MediaType;
+import java.util.Date;
+import java.util.List;
+
 /**
  * @see <a href="https://jersey.java.net/documentation/latest/">Jersey documentation</a>
  * @see <a href="https://jersey.java.net/documentation/latest/jaxrs-resources.html#d0e2051">Jersey documentation HTTP Methods</a>
- *
  */
 @Path("/users")
 @Produces(MediaType.APPLICATION_JSON + "; charset=UTF-8")
 @Consumes(MediaType.APPLICATION_JSON + "; charset=UTF-8")
 public class UserResource {
 
-	@GET
-	@Path("/all/{since}")
-	public List<UserDto> getAll(@PathParam("since") long since) {
-		return FacadeProvider.getUserFacade().getAllAfter(new Date(since));
-	}
-
-	@POST
-	@Path("/query")
-	public List<UserDto> getByUuids(List<String> uuids) {
-		return FacadeProvider.getUserFacade().getByUuids(uuids);
-	}
-
-	@GET
-	@Path("/uuids")
-	public List<String> getAllUuids() {
-		return FacadeProvider.getUserFacade().getAllUuids();
-	}
-
-	@POST
-	@Path("/indexList")
-	public Page<UserDto> getIndexList(
-		@RequestBody CriteriaWithSorting<UserCriteria> criteriaWithSorting,
-		@QueryParam("offset") int offset,
-		@QueryParam("size") int size) {
-		return FacadeProvider.getUserFacade().getIndexPage(criteriaWithSorting.getCriteria(), offset, size, criteriaWithSorting.getSortProperties());
-	}
-
-	@GET
-	@Path("/{uuid}")
-	public UserDto getByUuid(@PathParam("uuid") String uuid) {
-		return FacadeProvider.getUserFacade().getByUuid(uuid);
-	}
-
-	@POST
-	@Path("/userReferenceWithNoOfTask")
-	public List<UserReferenceWithTaskNumbersDto> getUsersWithTaskNumbers(@RequestBody TaskContextIndexCriteria taskContextIndexCriteria) {
-		return FacadeProvider.getUserFacade().getAssignableUsersWithTaskNumbers(taskContextIndexCriteria);
-	}
-
-	@GET
-	@Path("/rights")
-	public List<UserRight> getUserRightsForCurrentUser() {
-		return FacadeProvider.getUserFacade().getUserRights(null);
-	}
-
-	@GET
-	@Path("/rights/{uuid}")
-	public List<UserRight> getUserRights(@PathParam("uuid") String uuid) {
-		return FacadeProvider.getUserFacade().getUserRights(uuid);
-	}
-
-	@POST
-	@Path("/passwordStrength")
-	public String saveNewPassword(
-		@QueryParam("uuid") String uuid,
-		@QueryParam("newPassword") String newPassword,
-		@QueryParam("currentPassword") String currentPassword) {
-		return FacadeProvider.getUserFacade().updateUserPassword(uuid, newPassword, currentPassword);
-	}
-
-	@GET
-	@Path("/generatePassword")
-	public String generatePassword() {
-		return FacadeProvider.getUserFacade().generatePassword();
-	}
+    @GET
+    @Path("/all/{since}")
+    public List<UserDto> getAll(@PathParam("since") long since) {
+        return FacadeProvider.getUserFacade().getAllAfter(new Date(since));
+    }
+
+    @POST
+    @Path("/query")
+    public List<UserDto> getByUuids(List<String> uuids) {
+        return FacadeProvider.getUserFacade().getByUuids(uuids);
+    }
+
+    @GET
+    @Path("/uuids")
+    public List<String> getAllUuids() {
+        return FacadeProvider.getUserFacade().getAllUuids();
+    }
+
+    @POST
+    @Path("/indexList")
+    public Page<UserDto> getIndexList(
+            @RequestBody CriteriaWithSorting<UserCriteria> criteriaWithSorting,
+            @QueryParam("offset") int offset,
+            @QueryParam("size") int size) {
+        return FacadeProvider.getUserFacade().getIndexPage(criteriaWithSorting.getCriteria(), offset, size, criteriaWithSorting.getSortProperties());
+    }
+
+    @GET
+    @Path("/{uuid}")
+    public UserDto getByUuid(@PathParam("uuid") String uuid) {
+        return FacadeProvider.getUserFacade().getByUuid(uuid);
+    }
+
+    @POST
+    @Path("/userReferenceWithNoOfTask")
+    public List<UserReferenceWithTaskNumbersDto> getUsersWithTaskNumbers(@RequestBody TaskContextIndexCriteria taskContextIndexCriteria) {
+        return FacadeProvider.getUserFacade().getAssignableUsersWithTaskNumbers(taskContextIndexCriteria);
+    }
+
+    @GET
+    @Path("/rights")
+    public List<UserRight> getUserRightsForCurrentUser() {
+        return FacadeProvider.getUserFacade().getUserRights(null);
+    }
+
+    @GET
+    @Path("/rights/{uuid}")
+    public List<UserRight> getUserRights(@PathParam("uuid") String uuid) {
+        return FacadeProvider.getUserFacade().getUserRights(uuid);
+    }
+
+    @POST
+    @Path("/saveNewPassword/{uuid}/{newPassword}/{currentPassword}")
+    public String saveNewPassword(
+            @PathParam("uuid") String uuid,
+            @PathParam("newPassword") String newPassword,
+            @PathParam("currentPassword") String currentPassword) {
+        return FacadeProvider.getUserFacade().updateUserPassword(uuid, newPassword, currentPassword);
+    }
+
+    @GET
+    @Path("/generatePassword")
+    public String generatePassword() {
+        return FacadeProvider.getUserFacade().generatePassword();
+    }
 
 }
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
index c55c965a010..e0ffa76961c 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
@@ -17,36 +17,19 @@
  *******************************************************************************/
 package de.symeda.sormas.ui;
 
-import java.nio.file.Path;
-import java.nio.file.Paths;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.commons.lang3.StringUtils;
-
 import com.vaadin.icons.VaadinIcons;
 import com.vaadin.navigator.Navigator;
 import com.vaadin.navigator.View;
 import com.vaadin.server.FileResource;
 import com.vaadin.server.Resource;
 import com.vaadin.server.ThemeResource;
-import com.vaadin.ui.Alignment;
-import com.vaadin.ui.Button;
-import com.vaadin.ui.CssLayout;
-import com.vaadin.ui.HorizontalLayout;
-import com.vaadin.ui.Image;
-import com.vaadin.ui.Label;
-import com.vaadin.ui.MenuBar;
+import com.vaadin.ui.*;
 import com.vaadin.ui.MenuBar.Command;
-import com.vaadin.ui.UI;
-import com.vaadin.ui.Window;
 import com.vaadin.ui.themes.ValoTheme;
-
 import de.symeda.sormas.api.FacadeProvider;
 import de.symeda.sormas.api.i18n.Captions;
 import de.symeda.sormas.api.i18n.I18nProperties;
 import de.symeda.sormas.api.i18n.Strings;
-import de.symeda.sormas.api.user.UserDto;
 import de.symeda.sormas.ui.dashboard.surveillance.SurveillanceDashboardView;
 import de.symeda.sormas.ui.login.LoginHelper;
 import de.symeda.sormas.ui.user.UserSettingsForm;
@@ -54,6 +37,12 @@
 import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent;
 import de.symeda.sormas.ui.utils.CssStyles;
 import de.symeda.sormas.ui.utils.VaadinUiUtil;
+import org.apache.commons.lang3.StringUtils;
+
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.HashMap;
+import java.util.Map;
 
 /**
  * Responsive navigation menu presenting a list of available views to the user.
@@ -61,172 +50,161 @@
 @SuppressWarnings("serial")
 public class Menu extends CssLayout {
 
-	private static final String VALO_MENUITEMS = "valo-menuitems";
-	private static final String VALO_MENU_TOGGLE = "valo-menu-toggle";
-	private static final String VALO_MENU_VISIBLE = "valo-menu-visible";
-	private Navigator navigator;
-	private Map<String, Button> viewButtons = new HashMap<String, Button>();
-
-	private CssLayout menuItemsLayout;
-	private CssLayout menuPart;
-	private UserDto user;
-
-	public Menu(Navigator navigator) {
-
-		this.navigator = navigator;
-		setPrimaryStyleName(ValoTheme.MENU_ROOT);
-		menuPart = new CssLayout();
-		menuPart.addStyleName(ValoTheme.MENU_PART);
-		user = UserProvider.getCurrent().getUser();
-		// header of the menu
-		final HorizontalLayout top = new HorizontalLayout();
-		top.setDefaultComponentAlignment(Alignment.MIDDLE_CENTER);
-		top.addStyleName(ValoTheme.MENU_TITLE);
-		top.setSpacing(true);
-		Label title = new Label(FacadeProvider.getConfigFacade().getSormasInstanceName());
-		title.setSizeUndefined();
-
-		Image image;
-		if (FacadeProvider.getConfigFacade().isCustomBranding()
-			&& StringUtils.isNotBlank(FacadeProvider.getConfigFacade().getCustomBrandingLogoPath())) {
-			Path logoPath = Paths.get(FacadeProvider.getConfigFacade().getCustomBrandingLogoPath());
-			image = new Image(null, new FileResource(logoPath.toFile()));
-		} else {
-			image = new Image(null, new ThemeResource("img/sormas-logo.png"));
-		}
-		CssStyles.style(image, ValoTheme.MENU_LOGO, ValoTheme.BUTTON_LINK);
-		top.addComponent(image);
-		top.addComponent(title);
-		top.addLayoutClickListener(listener -> SormasUI.get().getNavigator().navigateTo(SurveillanceDashboardView.VIEW_NAME));
-		menuPart.addComponent(top);
-
-		// button for toggling the visibility of the menu when on a small screen
-		final Button showMenu = ButtonHelper.createIconButton(Captions.menu, VaadinIcons.MENU, event -> {
-			if (menuPart.getStyleName().contains(VALO_MENU_VISIBLE)) {
-				menuPart.removeStyleName(VALO_MENU_VISIBLE);
-			} else {
-				menuPart.addStyleName(VALO_MENU_VISIBLE);
-			}
-		}, ValoTheme.BUTTON_PRIMARY, VALO_MENU_TOGGLE);
-
-		menuPart.addComponent(showMenu);
-
-		// container for the navigation buttons, which are added by addView()
-		menuItemsLayout = new CssLayout();
-		menuItemsLayout.setPrimaryStyleName(VALO_MENUITEMS);
-		menuPart.addComponent(menuItemsLayout);
-
-		// settings menu item
-		MenuBar settingsMenu = new MenuBar();
-		settingsMenu.setId(Captions.actionSettings);
-		settingsMenu.addItem(I18nProperties.getCaption(Captions.actionSettings), VaadinIcons.COG, (Command) selectedItem -> showSettingsPopup());
-
-		settingsMenu.addStyleNames("user-menu", "settings-menu");
-		menuPart.addComponent(settingsMenu);
-
-		// logout menu item
-		MenuBar logoutMenu = new MenuBar();
-		logoutMenu.setId(Captions.actionLogout);
-		logoutMenu.addItem(
-			I18nProperties.getCaption(Captions.actionLogout) + " (" + UiUtil.getUserName() + ")",
-			VaadinIcons.SIGN_OUT,
-			(Command) selectedItem -> LoginHelper.logout());
-
-		logoutMenu.addStyleNames("user-menu", "logout-menu");
-		menuPart.addComponent(logoutMenu);
-
-		addComponent(menuPart);
-	}
-
-	private void showSettingsPopup() {
-
-		Window window = VaadinUiUtil.createPopupWindow();
-		window.setCaption(I18nProperties.getString(Strings.headingUserSettings));
-		window.setModal(true);
-
-		CommitDiscardWrapperComponent<UserSettingsForm> component =
-			ControllerProvider.getUserController().getUserSettingsComponent(() -> window.close());
-		Button resetPasswordButton = ControllerProvider.getUserController().createUpdatePasswordButton();
-		component.getButtonsPanel().addComponent(resetPasswordButton, 0);
-		window.setContent(component);
-		UI.getCurrent().addWindow(window);
-	}
-
-	/**
-	 * Register a pre-created view instance in the navigation menu and in the
-	 * {@link Navigator}.
-	 *
-	 * @see Navigator#addView(String, View)
-	 *
-	 * @param view
-	 *            view instance to register
-	 * @param name
-	 *            view name
-	 * @param caption
-	 *            view caption in the menu
-	 * @param icon
-	 *            view icon in the menu
-	 */
-	public void addView(View view, final String name, String caption, Resource icon) {
-
-		navigator.addView(name, view);
-		createViewButton(name, caption, icon);
-	}
-
-	/**
-	 * Register a view in the navigation menu and in the {@link Navigator} based
-	 * on a view class.
-	 *
-	 * @see Navigator#addView(String, Class)
-	 *
-	 * @param viewClass
-	 *            class of the views to create
-	 * @param name
-	 *            view name
-	 * @param caption
-	 *            view caption in the menu
-	 * @param icon
-	 *            view icon in the menu
-	 */
-	public void addView(Class<? extends View> viewClass, final String name, String caption, Resource icon) {
-
-		navigator.addView(name, viewClass);
-		createViewButton(name, caption, icon);
-	}
-
-	private void createViewButton(final String name, String caption, Resource icon) {
-
-		Button button = ButtonHelper.createIconButtonWithCaption(name, caption, icon, event -> navigator.navigateTo(name));
-		button.setPrimaryStyleName(ValoTheme.MENU_ITEM);
-
-		menuItemsLayout.addComponent(button);
-		viewButtons.put(name, button);
-	}
-
-	/**
-	 * Highlights a view navigation button as the currently active view in the
-	 * menu. This method does not perform the actual navigation.
-	 *
-	 * @param viewName
-	 *            the name of the view to show as active
-	 */
-	public void setActiveView(String viewName) {
-
-		for (Button button : viewButtons.values()) {
-			button.removeStyleName("selected");
-		}
-
-		Button selected = viewButtons.get(viewName);
-		if (selected == null && viewName.contains("/")) {
-			// might be a sub-view
-			viewName = viewName.substring(0, viewName.indexOf('/'));
-			selected = viewButtons.get(viewName);
-		}
-
-		if (selected != null) {
-			selected.addStyleName("selected");
-		}
-
-		menuPart.removeStyleName(VALO_MENU_VISIBLE);
-	}
+    private static final String VALO_MENUITEMS = "valo-menuitems";
+    private static final String VALO_MENU_TOGGLE = "valo-menu-toggle";
+    private static final String VALO_MENU_VISIBLE = "valo-menu-visible";
+    private Navigator navigator;
+    private Map<String, Button> viewButtons = new HashMap<String, Button>();
+
+    private CssLayout menuItemsLayout;
+    private CssLayout menuPart;
+
+    public Menu(Navigator navigator) {
+
+        this.navigator = navigator;
+        setPrimaryStyleName(ValoTheme.MENU_ROOT);
+        menuPart = new CssLayout();
+        menuPart.addStyleName(ValoTheme.MENU_PART);
+        // header of the menu
+        final HorizontalLayout top = new HorizontalLayout();
+        top.setDefaultComponentAlignment(Alignment.MIDDLE_CENTER);
+        top.addStyleName(ValoTheme.MENU_TITLE);
+        top.setSpacing(true);
+        Label title = new Label(FacadeProvider.getConfigFacade().getSormasInstanceName());
+        title.setSizeUndefined();
+
+        Image image;
+        if (FacadeProvider.getConfigFacade().isCustomBranding()
+                && StringUtils.isNotBlank(FacadeProvider.getConfigFacade().getCustomBrandingLogoPath())) {
+            Path logoPath = Paths.get(FacadeProvider.getConfigFacade().getCustomBrandingLogoPath());
+            image = new Image(null, new FileResource(logoPath.toFile()));
+        } else {
+            image = new Image(null, new ThemeResource("img/sormas-logo.png"));
+        }
+        CssStyles.style(image, ValoTheme.MENU_LOGO, ValoTheme.BUTTON_LINK);
+        top.addComponent(image);
+        top.addComponent(title);
+        top.addLayoutClickListener(listener -> SormasUI.get().getNavigator().navigateTo(SurveillanceDashboardView.VIEW_NAME));
+        menuPart.addComponent(top);
+
+        // button for toggling the visibility of the menu when on a small screen
+        final Button showMenu = ButtonHelper.createIconButton(Captions.menu, VaadinIcons.MENU, event -> {
+            if (menuPart.getStyleName().contains(VALO_MENU_VISIBLE)) {
+                menuPart.removeStyleName(VALO_MENU_VISIBLE);
+            } else {
+                menuPart.addStyleName(VALO_MENU_VISIBLE);
+            }
+        }, ValoTheme.BUTTON_PRIMARY, VALO_MENU_TOGGLE);
+
+        menuPart.addComponent(showMenu);
+
+        // container for the navigation buttons, which are added by addView()
+        menuItemsLayout = new CssLayout();
+        menuItemsLayout.setPrimaryStyleName(VALO_MENUITEMS);
+        menuPart.addComponent(menuItemsLayout);
+
+        // settings menu item
+        MenuBar settingsMenu = new MenuBar();
+        settingsMenu.setId(Captions.actionSettings);
+        settingsMenu.addItem(I18nProperties.getCaption(Captions.actionSettings), VaadinIcons.COG, (Command) selectedItem -> showSettingsPopup());
+
+        settingsMenu.addStyleNames("user-menu", "settings-menu");
+        menuPart.addComponent(settingsMenu);
+
+        // logout menu item
+        MenuBar logoutMenu = new MenuBar();
+        logoutMenu.setId(Captions.actionLogout);
+        logoutMenu.addItem(
+                I18nProperties.getCaption(Captions.actionLogout) + " (" + UiUtil.getUserName() + ")",
+                VaadinIcons.SIGN_OUT,
+                (Command) selectedItem -> LoginHelper.logout());
+
+        logoutMenu.addStyleNames("user-menu", "logout-menu");
+        menuPart.addComponent(logoutMenu);
+
+        addComponent(menuPart);
+    }
+
+    private void showSettingsPopup() {
+
+        Window window = VaadinUiUtil.createPopupWindow();
+        window.setCaption(I18nProperties.getString(Strings.headingUserSettings));
+        window.setModal(true);
+
+        CommitDiscardWrapperComponent<UserSettingsForm> component =
+                ControllerProvider.getUserController().getUserSettingsComponent(() -> window.close());
+
+        Button resetPasswordButton = ControllerProvider.getUserController().createUpdatePasswordButton();
+        component.getButtonsPanel().addComponent(resetPasswordButton, 0);
+
+        window.setContent(component);
+        UI.getCurrent().addWindow(window);
+    }
+
+    /**
+     * Register a pre-created view instance in the navigation menu and in the
+     * {@link Navigator}.
+     *
+     * @param view    view instance to register
+     * @param name    view name
+     * @param caption view caption in the menu
+     * @param icon    view icon in the menu
+     * @see Navigator#addView(String, View)
+     */
+    public void addView(View view, final String name, String caption, Resource icon) {
+
+        navigator.addView(name, view);
+        createViewButton(name, caption, icon);
+    }
+
+    /**
+     * Register a view in the navigation menu and in the {@link Navigator} based
+     * on a view class.
+     *
+     * @param viewClass class of the views to create
+     * @param name      view name
+     * @param caption   view caption in the menu
+     * @param icon      view icon in the menu
+     * @see Navigator#addView(String, Class)
+     */
+    public void addView(Class<? extends View> viewClass, final String name, String caption, Resource icon) {
+
+        navigator.addView(name, viewClass);
+        createViewButton(name, caption, icon);
+    }
+
+    private void createViewButton(final String name, String caption, Resource icon) {
+
+        Button button = ButtonHelper.createIconButtonWithCaption(name, caption, icon, event -> navigator.navigateTo(name));
+        button.setPrimaryStyleName(ValoTheme.MENU_ITEM);
+
+        menuItemsLayout.addComponent(button);
+        viewButtons.put(name, button);
+    }
+
+    /**
+     * Highlights a view navigation button as the currently active view in the
+     * menu. This method does not perform the actual navigation.
+     *
+     * @param viewName the name of the view to show as active
+     */
+    public void setActiveView(String viewName) {
+
+        for (Button button : viewButtons.values()) {
+            button.removeStyleName("selected");
+        }
+
+        Button selected = viewButtons.get(viewName);
+        if (selected == null && viewName.contains("/")) {
+            // might be a sub-view
+            viewName = viewName.substring(0, viewName.indexOf('/'));
+            selected = viewButtons.get(viewName);
+        }
+
+        if (selected != null) {
+            selected.addStyleName("selected");
+        }
+
+        menuPart.removeStyleName(VALO_MENU_VISIBLE);
+    }
 }
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java
index b1d075f1331..e74aaaab9cc 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java
@@ -1,57 +1,48 @@
 package de.symeda.sormas.ui.user;
 
-import static de.symeda.sormas.ui.utils.LayoutUtil.fluidRowLocs;
-import static de.symeda.sormas.ui.utils.LayoutUtil.loc;
-
-import com.vaadin.server.Page;
-import com.vaadin.ui.Notification;
 import com.vaadin.v7.ui.PasswordField;
-
 import de.symeda.sormas.api.user.UserDto;
 import de.symeda.sormas.ui.utils.AbstractEditForm;
 
+import static de.symeda.sormas.ui.utils.LayoutUtil.fluidRowLocs;
+import static de.symeda.sormas.ui.utils.LayoutUtil.loc;
+
 public class UpdatePasswordForm extends AbstractEditForm<UserDto> {
 
-	private static final long serialVersionUID = 1L;
-	private static final String OLD_PASSWORD = "oldPassword";
-	private static final String NEW_PASSWORD = "newPassword";
-	private static final String CONFIRM_PASSWORD = "updateConfirmPassword";
-
-	//@formater:off
-	private static final String HTML_LAYOUT = loc(OLD_PASSWORD)
-		+ fluidRowLocs(UserDto.PASSWORD)
-		+ loc(NEW_PASSWORD)
-		+ fluidRowLocs(UserDto.NEW_PASSWORD)
-		+ loc(CONFIRM_PASSWORD)
-		+ fluidRowLocs(UserDto.CONFIRM_PASSWORD);
-
-	//@formatter:off
-	PasswordField currentPassword;
-	PasswordField newPassword;
-	PasswordField confirmPassword;
-	public UpdatePasswordForm(){
-		super(UserDto.class, UserDto.I18N_PREFIX);
-
-		setWidth(480, Unit.PIXELS);
-	}
-	public void showNotification(Notification notification) {
-		// keep the notification visible a little while after moving the
-		// mouse, or until clicked
-		notification.setDelayMsec(2000);
-		notification.show(Page.getCurrent());
-	}
-	@Override
-	protected void addFields() {
-		currentPassword = addField(UserDto.PASSWORD, PasswordField.class);
-		newPassword = addField(UserDto.NEW_PASSWORD, PasswordField.class);
-		confirmPassword = addField(UserDto.CONFIRM_PASSWORD, PasswordField.class);
-		setRequired(true,UserDto.PASSWORD,UserDto.NEW_PASSWORD,UserDto.CONFIRM_PASSWORD);
-	}
-
-
-
-	@Override
-	protected String createHtmlLayout() {
-		return HTML_LAYOUT;
-	}
+    private static final long serialVersionUID = 1L;
+    private static final String OLD_PASSWORD = "oldPassword";
+    private static final String NEW_PASSWORD = "newPassword";
+    private static final String CONFIRM_PASSWORD = "updateConfirmPassword";
+
+    //@formater:off
+    private static final String HTML_LAYOUT = loc(OLD_PASSWORD)
+            + fluidRowLocs(UserDto.PASSWORD)
+            + loc(NEW_PASSWORD)
+            + fluidRowLocs(UserDto.NEW_PASSWORD)
+            + loc(CONFIRM_PASSWORD)
+            + fluidRowLocs(UserDto.CONFIRM_PASSWORD);
+
+    //@formatter:on
+    PasswordField currentPassword;
+    PasswordField newPassword;
+    PasswordField confirmPassword;
+
+    public UpdatePasswordForm() {
+        super(UserDto.class, UserDto.I18N_PREFIX);
+
+        setWidth(480, Unit.PIXELS);
+    }
+
+    @Override
+    protected void addFields() {
+        currentPassword = addField(UserDto.PASSWORD, PasswordField.class);
+        newPassword = addField(UserDto.NEW_PASSWORD, PasswordField.class);
+        confirmPassword = addField(UserDto.CONFIRM_PASSWORD, PasswordField.class);
+        setRequired(true, UserDto.PASSWORD, UserDto.NEW_PASSWORD, UserDto.CONFIRM_PASSWORD);
+    }
+
+    @Override
+    protected String createHtmlLayout() {
+        return HTML_LAYOUT;
+    }
 }
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 4e6d3ed666f..624200a1a72 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -52,492 +52,505 @@
 import java.util.function.Consumer;
 import java.util.stream.Collectors;
 
-import static de.symeda.sormas.ui.utils.CssStyles.*;
+import static de.symeda.sormas.ui.utils.CssStyles.LABEL_CRITICAL;
+import static de.symeda.sormas.ui.utils.CssStyles.LABEL_POSITIVE;
 
 public class UserController {
 
-	private Window popUpWindow;
-
-  private boolean isGeneratePassword=false;
-
-
-	public void create() {
-		CommitDiscardWrapperComponent<UserEditForm> userCreateComponent = getUserCreateComponent();
-		Window window = VaadinUiUtil.showModalPopupWindow(userCreateComponent, I18nProperties.getString(Strings.headingCreateNewUser));
-		// user form is too big for typical screens
-		window.setWidth(userCreateComponent.getWrappedComponent().getWidth() + 64 + 20, Unit.PIXELS);
-		window.setHeight(90, Unit.PERCENTAGE);
-	}
-
-	public void edit(UserDto user) {
-		Window window = VaadinUiUtil.createPopupWindow();
-		CommitDiscardWrapperComponent<UserEditForm> userComponent = getUserEditComponent(user.getUuid(), window::close);
-
-		window.setCaption(I18nProperties.getString(Strings.headingEditUser));
-		window.setContent(userComponent);
-		// user form is too big for typical screens
-		window.setWidth(userComponent.getWrappedComponent().getWidth() + 64 + 20, Unit.PIXELS);
-		window.setHeight(90, Unit.PERCENTAGE);
-		UI.getCurrent().addWindow(window);
-	}
-
-	public void overview() {
-		String navigationState = UsersView.VIEW_NAME;
-		SormasUI.get().getNavigator().navigateTo(navigationState);
-	}
-
-	/**
-	 * Update the fragment without causing navigator to change view
-	 */
-	public void setUriFragmentParameter(String caseUuid) {
-		String fragmentParameter;
-		if (caseUuid == null || caseUuid.isEmpty()) {
-			fragmentParameter = "";
-		} else {
-			fragmentParameter = caseUuid;
-		}
-
-		Page page = SormasUI.get().getPage();
-		page.setUriFragment("!" + UsersView.VIEW_NAME + "/" + fragmentParameter, false);
-	}
-
-	public CommitDiscardWrapperComponent<UserEditForm> getUserEditComponent(final String userUuid, Runnable closeWindowCallback) {
-		UserEditForm userEditForm = new UserEditForm(false);
-		UserDto userDto = FacadeProvider.getUserFacade().getByUuid(userUuid);
-		userEditForm.setValue(userDto);
-		final CommitDiscardWrapperComponent<UserEditForm> editView =
-			new CommitDiscardWrapperComponent<UserEditForm>(userEditForm, UiUtil.permitted(UserRight.USER_EDIT), userEditForm.getFieldGroup());
-
-		// Add reset password button
-		if (FacadeProvider.getFeatureConfigurationFacade().isFeatureDisabled(FeatureType.AUTH_PROVIDER_TO_SORMAS_USER_SYNC)) {
-			Button resetPasswordButton = createResetPasswordButton(userUuid, userDto.getUserEmail(), editView);
-			editView.getButtonsPanel().addComponent(resetPasswordButton, 0);
-		}
-
-		editView.addDiscardListener(closeWindowCallback::run);
-		editView.addCommitListener(() -> {
-			if (!userEditForm.getFieldGroup().isModified()) {
-				UserDto user = userEditForm.getValue();
-				UserDto existingUser = FacadeProvider.getUserFacade().getByUuid(user.getUuid());
-				// If user roles have changed, the user might no longer have a district assigned and therefore
-				// needs to be removed as surveillance/contact officer from existing cases/contacts
-				if (existingUser.getDistrict() != null && user.getDistrict() == null) {
-					openRemoveUserAsOfficerPrompt(result -> {
-						if (result) {
-							FacadeProvider.getUserFacade().removeUserAsSurveillanceAndContactOfficer(user.getUuid());
-							closeWindowCallback.run();
-						}
-					});
-				}
-				if (DataHelper.isSame(user, UiUtil.getUser())) {
-
-					Set<UserRight> oldUserRights =
-						UserRoleDto.getUserRights(FacadeProvider.getUserRoleFacade().getByReferences(existingUser.getUserRoles()));
-					Set<UserRight> newUserRights = UserRoleDto.getUserRights(FacadeProvider.getUserRoleFacade().getByReferences(user.getUserRoles()));
-
-					if (oldUserRights.contains(UserRight.USER_ROLE_EDIT) && !newUserRights.contains(UserRight.USER_ROLE_EDIT)) {
-						new Notification(
-							I18nProperties.getString(Strings.messageCheckInputData),
-							I18nProperties.getValidationError(Validations.removeRolesWithEditRightFromOwnUser),
-							Notification.Type.ERROR_MESSAGE,
-							true).show(Page.getCurrent());
-					} else if (!newUserRights.contains(UserRight.USER_EDIT)) {
-						new Notification(
-							I18nProperties.getString(Strings.messageCheckInputData),
-							I18nProperties.getValidationError(Validations.removeRolesWithEditUserFromOwnUser),
-							Notification.Type.ERROR_MESSAGE,
-							true).show(Page.getCurrent());
-					} else {
-						saveUser(user);
-						closeWindowCallback.run();
-					}
-				} else {
-					saveUser(user);
-					closeWindowCallback.run();
-				}
-			}
-		});
-
-		return editView;
-	}
-
-	private void openRemoveUserAsOfficerPrompt(Consumer<Boolean> callback) {
-		VaadinUiUtil.showConfirmationPopup(
-			I18nProperties.getString(Strings.headingSaveUser),
-			new Label(I18nProperties.getString(Strings.confirmationRemoveUserAsOfficer)),
-			I18nProperties.getString(Strings.yes),
-			I18nProperties.getString(Strings.no),
-			640,
-			callback);
-	}
-
-	private void saveUser(UserDto user) {
-		if (FacadeProvider.getFeatureConfigurationFacade().isFeatureEnabled(FeatureType.AUTH_PROVIDER_TO_SORMAS_USER_SYNC)) {
-			FacadeProvider.getUserFacade().saveUserRolesAndRestrictions(user, user.getUserRoles());
-		} else {
-			FacadeProvider.getUserFacade().saveUser(user, false);
-		}
-		refreshView();
-	}
-
-	public CommitDiscardWrapperComponent<UserEditForm> getUserCreateComponent() {
-
-		UserEditForm createForm = new UserEditForm(true);
-		createForm.setValue(UserDto.build());
-		final CommitDiscardWrapperComponent<UserEditForm> editView =
-			new CommitDiscardWrapperComponent<UserEditForm>(createForm, UiUtil.permitted(UserRight.USER_CREATE), createForm.getFieldGroup());
-
-		editView.addCommitListener(new CommitListener() {
-
-			@Override
-			public void onCommit() {
-				if (!createForm.getFieldGroup().isModified()) {
-					UserDto dto = createForm.getValue();
-					dto = FacadeProvider.getUserFacade().saveUser(dto, false);
-					refreshView();
-					makeInitialPassword(dto.getUuid(), dto.getUserEmail());
-				}
-			}
-		});
-		return editView;
-	}
-
-	public boolean isLoginUnique(String uuid, String userName) {
-		return FacadeProvider.getUserFacade().isLoginUnique(uuid, userName);
-	}
-
-	public void makeInitialPassword(String userUuid, String userEmail) {
-		if (StringUtils.isBlank(userEmail) || AuthProvider.getProvider(FacadeProvider.getConfigFacade()).isDefaultProvider()) {
-			String newPassword = FacadeProvider.getUserFacade().resetPassword(userUuid);
-			showPasswordResetInternalSuccessPopup(newPassword);
-		} else {
-			showAccountCreatedSuccessful();
-		}
-	}
-
-	public void makeNewPassword(String userUuid, String userEmail) {
-		String newPassword = FacadeProvider.getUserFacade().resetPassword(userUuid);
-
-		if (StringUtils.isBlank(userEmail) || AuthProvider.getProvider(FacadeProvider.getConfigFacade()).isDefaultProvider()) {
-			showPasswordResetInternalSuccessPopup(newPassword);
-		} else {
-			showPasswordResetExternalSuccessPopup();
-		}
-	}
-
-public void showUpdatePassword(String userUuid, String userEmail, String password, String currentPassword) {
-		FacadeProvider.getUserFacade().updateUserPassword(userUuid, password, currentPassword);
-		if (isGeneratePassword) {
-			if (StringUtils.isBlank(userEmail) || AuthProvider.getProvider(FacadeProvider.getConfigFacade()).isDefaultProvider()) {
-				showPasswordResetInternalSuccessPopup(password);
-			} else {
-				showPasswordResetExternalSuccessPopup();
-			}
-		} else {
-			showPasswordChangeInternalSuccessPopup(I18nProperties.getString(Strings.messagePasswordChange));
-		}
-		isGeneratePassword=false;
-	}
-
-
-
-	private void showPasswordResetInternalSuccessPopup(String newPassword) {
-		showPopupWindow(I18nProperties.getString(Strings.headingNewPassword),newPassword,450,true);
-	}
-
-	private void showPasswordChangeInternalSuccessPopup(String passwordSuccessMessage) {
-		showPopupWindow(I18nProperties.getString(Strings.headingChangePassword), passwordSuccessMessage,null,true);
-	}
-
-	private void showPopupWindow(String header,String message,Integer width,Boolean closeable) {
-		VerticalLayout layout = new VerticalLayout();
-		Label messageLabel = new Label(message);
-		messageLabel.addStyleName(CssStyles.H2);
-		layout.addComponent(messageLabel);
-		Window popupWindow = VaadinUiUtil.showPopupWindow(layout);
-
-		popupWindow.setCaption(header);
-		if(width!=null) {
-			popupWindow.setWidth(width, Unit.PIXELS);
-		}
-
-		layout.setMargin(true);
-		if(closeable) {
-			popupWindow.addCloseListener(event -> popUpWindow.close());
-		}
-
-
-	}
-
-	private void showAccountCreatedSuccessful() {
-		showPopupWindow(I18nProperties.getString(Strings.headingNewAccount), I18nProperties.getString(Strings.messageActivateAccount),350,false);
-	}
-
-	private void showPasswordResetExternalSuccessPopup() {
-		showPopupWindow(I18nProperties.getString(Strings.headingNewPassword), I18nProperties.getString(Strings.messagePasswordResetEmailLink),450,true);
-	}
-
-	private void refreshView() {
-		View currentView = SormasUI.get().getNavigator().getCurrentView();
-		if (currentView instanceof UsersView) {
-			// force refresh, because view didn't change
-			((UsersView) currentView).enter(null);
-		}
-	}
-
-	public Button createResetPasswordButton(String userUuid, String userEmail, CommitDiscardWrapperComponent<UserEditForm> editView) {
-
-		return ButtonHelper.createIconButton(Captions.userResetPassword, VaadinIcons.UNLOCK, new ClickListener() {
-
-			private static final long serialVersionUID = 1L;
-
-			@Override
-			public void buttonClick(ClickEvent event) {
-				ConfirmationComponent resetPasswordComponent = getResetPasswordConfirmationComponent(userUuid, userEmail, editView);
-				Window popupWindow = VaadinUiUtil.showPopupWindow(resetPasswordComponent);
-				resetPasswordComponent.addDoneListener(() -> popupWindow.close());
-				resetPasswordComponent.getCancelButton().addClickListener(new ClickListener() {
-
-					private static final long serialVersionUID = 1L;
-
-					@Override
-					public void buttonClick(ClickEvent event) {
-						popupWindow.close();
-					}
-				});
-				popupWindow.setCaption(I18nProperties.getString(Strings.headingUpdatePassword));
-			}
-		}, ValoTheme.BUTTON_LINK);
-	}
-
-	public Button generatePasswordButton() {
-
-		return ButtonHelper.createIconButton(Captions.userGeneratePassword, VaadinIcons.UNLOCK, new ClickListener() {
-
-			private static final long serialVersionUID = 1L;
-			final UpdatePasswordForm form = new UpdatePasswordForm();
-
-			@Override
-			public void buttonClick(ClickEvent event) {
-				isGeneratePassword = true;
-
-				String generatedPassword = FacadeProvider.getUserFacade().generatePassword();
-				form.currentPassword.setCaption(generatedPassword);
-				form.confirmPassword.setCaption(generatedPassword);
-			}
-		}, ValoTheme.BUTTON_LINK);
-	}
-
-	public Button createUpdatePasswordButton() {
-		return ButtonHelper.createIconButton(Captions.userResetPassword, VaadinIcons.UNLOCK, new ClickListener() {
-			private static final long serialVersionUID = 1L;
-			@Override
-			public void buttonClick(ClickEvent event) {
-				popUpWindow = VaadinUiUtil.showPopupWindow(getUpdatePasswordComponent());
-				popUpWindow.setCaption(I18nProperties.getString(Strings.headingChangePassword));
-			}
-		}, ValoTheme.BUTTON_LINK);
-	}
-
-	public ConfirmationComponent getResetPasswordConfirmationComponent(
-		String userUuid,
-		String userEmail,
-		CommitDiscardWrapperComponent<UserEditForm> editView) {
-		ConfirmationComponent resetPasswordConfirmationComponent = new ConfirmationComponent(false) {
-
-			private static final long serialVersionUID = 1L;
-
-			@Override
-			protected void onConfirm() {
-				onDone();
-				editView.discard();
-				makeNewPassword(userUuid, userEmail);
-			}
-
-			@Override
-			protected void onCancel() {
-			}
-		};
-		resetPasswordConfirmationComponent.getConfirmButton().setCaption(I18nProperties.getCaption(Captions.userUpdatePasswordConfirmation));
-		resetPasswordConfirmationComponent.getCancelButton().setCaption(I18nProperties.getCaption(Captions.actionCancel));
-		resetPasswordConfirmationComponent.setMargin(true);
-		return resetPasswordConfirmationComponent;
-	}
-
-	public CommitDiscardWrapperComponent<UserSettingsForm> getUserSettingsComponent(Runnable commitOrDiscardCallback) {
-		UserSettingsForm form = new UserSettingsForm();
-		UserDto user = FacadeProvider.getUserFacade().getByUuid(UiUtil.getUserUuid());
-		form.setValue(user);
-
-		final CommitDiscardWrapperComponent<UserSettingsForm> component = new CommitDiscardWrapperComponent<>(form, form.getFieldGroup());
-		component.addCommitListener(() -> {
-			if (!form.getFieldGroup().isModified()) {
-				UserDto changedUser = form.getValue();
-				FacadeProvider.getUserFacade().saveUser(changedUser, true);
-				I18nProperties.setUserLanguage(changedUser.getLanguage());
-				FacadeProvider.getI18nFacade().setUserLanguage(changedUser.getLanguage());
-				Page.getCurrent().reload();
-				commitOrDiscardCallback.run();
-			}
-		});
-		component.addDiscardListener(commitOrDiscardCallback::run);
-
-		return component;
-	}
-
-	public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordComponent() {
-		Label passwordStrengthDesc = new Label();
-		UpdatePasswordForm form = new UpdatePasswordForm();
-		UserDto user = FacadeProvider.getUserFacade().getByUuid(UserProvider.getCurrent().getUuid());
-		form.setValue(user);
-		final CommitDiscardWrapperComponent<UpdatePasswordForm> component = new CommitDiscardWrapperComponent<>(form, form.getFieldGroup());
-		form.newPassword.addTextChangeListener(event -> {
-			passwordStrengthDesc.setValue(FacadeProvider.getUserFacade().checkPasswordStrength(event.getText()));
-			if (FacadeProvider.getUserFacade().isPasswordStrong(event.getText())) {
-				passwordStrengthDesc.setStyleName(LABEL_POSITIVE);
-			}
-			else {
-				passwordStrengthDesc.setStyleName(LABEL_CRITICAL);
-			}
-		});
-		component.addDiscardListener(()-> popUpWindow.close());
-
-		component.addCommitListener(() -> {
-			if (!form.getFieldGroup().isModified()) {
-				UserDto changedUser = form.getValue();
-				if (!Objects.equals(changedUser.getConfirmPassword(), changedUser.getUpdatePassword())) {
-
-					Notification.show(I18nProperties.getString(Strings.messageNewPasswordDoesNotMatchFailed), Notification.Type.ERROR_MESSAGE);
-				} else if (!FacadeProvider.getUserFacade().validatePassword(user.getUuid(), changedUser.getCurrentPassword())) {
-					Notification.show(I18nProperties.getString(Strings.messageWrongCurrentPassword), Notification.Type.ERROR_MESSAGE);
-				} else if (passwordStrengthDesc.getValue().contains("Weak")) {
-					Notification.show(I18nProperties.getString(Strings.messageNewPasswordFailed), Notification.Type.ERROR_MESSAGE);
-				} else{
-					showUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getUpdatePassword(), changedUser.getCurrentPassword());
-
-				}
-			}
-		});
-
-		Button generatePasswordButton = ControllerProvider.getUserController().generatePasswordButton();
-		generatePasswordButton.addClickListener((ClickListener) event -> {
-			String generatedPassword = FacadeProvider.getUserFacade().generatePassword();
-			form.newPassword.setValue(generatedPassword);
-			form.confirmPassword.setValue(generatedPassword);
-		});
-		component.getButtonsPanel().addComponent(generatePasswordButton, 0);
-
-		component.addComponent(passwordStrengthDesc, 1);
-		return component;
-	}
-
-	public void setFlagIcons(ComboBox cbLanguage) {
-		for (Language language : Language.values()) {
-			cbLanguage.setItemIcon(language, new ThemeResource("img/flag-icons/" + language.name().toLowerCase() + ".png"));
-		}
-	}
-
-	public void sync() {
-		if (UiUtil.permitted(FeatureType.AUTH_PROVIDER_TO_SORMAS_USER_SYNC)) {
-			FacadeProvider.getUserFacade().syncUsersFromAuthenticationProvider();
-			SormasUI.refreshView();
-		} else {
-			Window window = VaadinUiUtil.showPopupWindow(new UsersSyncLayout());
-			window.setCaption(I18nProperties.getCaption(Captions.syncUsers));
-		}
-	}
-
-	public void enableAllSelectedItems(Collection<UserDto> selectedRows, UserGrid userGrid) {
-
-		if (selectedRows.isEmpty()) {
-			new Notification(
-				I18nProperties.getString(Strings.headingNoUsersSelected),
-				I18nProperties.getString(Strings.messageNoUsersSelected),
-				Notification.Type.WARNING_MESSAGE,
-				false).show(Page.getCurrent());
-		} else {
-			VaadinUiUtil.showConfirmationPopup(
-				I18nProperties.getString(Strings.headingConfirmEnabling),
-				new Label(String.format(I18nProperties.getString(Strings.confirmationEnableUsers), selectedRows.size())),
-				I18nProperties.getString(Strings.yes),
-				I18nProperties.getString(Strings.no),
-				null,
-				confirmed -> {
-					if (Boolean.FALSE.equals(confirmed)) {
-						return;
-					}
-
-					new BulkOperationHandler<UserDto>(
-						Strings.messageUsersEnabled,
-						null,
-						Strings.headingSomeUsersNotEnabled,
-						Strings.headingUsersNotEnabled,
-						Strings.messageCountUsersNotEnabled,
-						null,
-						null,
-						null,
-						null,
-						Strings.infoBulkProcessFinishedWithSkips,
-						Strings.infoBulkProcessFinishedWithoutSuccess).doBulkOperation(batch -> {
-
-							List<String> uuids = batch.stream().map(UserDto::getUuid).collect(Collectors.toList());
-							return FacadeProvider.getUserFacade().enableUsers(uuids);
-						}, new ArrayList<>(selectedRows), remaining -> {
-							userGrid.reload();
-							if (CollectionUtils.isNotEmpty(remaining)) {
-								userGrid.asMultiSelect().selectItems(remaining.toArray(new UserDto[0]));
-							} else {
-								overview();
-							}
-						});
-				});
-		}
-	}
-
-	public void disableAllSelectedItems(Collection<UserDto> selectedRows, UserGrid userGrid) {
-
-		if (selectedRows.isEmpty()) {
-			new Notification(
-				I18nProperties.getString(Strings.headingNoUsersSelected),
-				I18nProperties.getString(Strings.messageNoUsersSelected),
-				Notification.Type.WARNING_MESSAGE,
-				false).show(Page.getCurrent());
-		} else {
-			VaadinUiUtil.showConfirmationPopup(
-				I18nProperties.getString(Strings.headingConfirmDisabling),
-				new Label(String.format(I18nProperties.getString(Strings.confirmationDisableUsers), selectedRows.size())),
-				I18nProperties.getString(Strings.yes),
-				I18nProperties.getString(Strings.no),
-				null,
-				confirmed -> {
-					if (Boolean.FALSE.equals(confirmed)) {
-						return;
-					}
-
-					new BulkOperationHandler<UserDto>(
-						Strings.messageUsersDisabled,
-						null,
-						Strings.headingSomeUsersNotDisabled,
-						Strings.headingUsersNotDisabled,
-						Strings.messageCountUsersNotDisabled,
-						null,
-						null,
-						null,
-						null,
-						Strings.infoBulkProcessFinishedWithSkips,
-						Strings.infoBulkProcessFinishedWithoutSuccess).doBulkOperation(batch -> {
-
-							List<String> uuids = batch.stream().map(UserDto::getUuid).collect(Collectors.toList());
-							return FacadeProvider.getUserFacade().disableUsers(uuids);
-						}, new ArrayList<>(selectedRows), remaining -> {
-							userGrid.reload();
-							if (CollectionUtils.isNotEmpty(remaining)) {
-								userGrid.asMultiSelect().selectItems(remaining.toArray(new UserDto[0]));
-							} else {
-								overview();
-							}
-						});
-				});
-		}
-	}
+    private Window popUpWindow;
+
+    private boolean isGeneratePassword = false;
+
+    public void create() {
+        CommitDiscardWrapperComponent<UserEditForm> userCreateComponent = getUserCreateComponent();
+        Window window = VaadinUiUtil.showModalPopupWindow(userCreateComponent, I18nProperties.getString(Strings.headingCreateNewUser));
+        // user form is too big for typical screens
+        window.setWidth(userCreateComponent.getWrappedComponent().getWidth() + 64 + 20, Unit.PIXELS);
+        window.setHeight(90, Unit.PERCENTAGE);
+    }
+
+    public void edit(UserDto user) {
+        Window window = VaadinUiUtil.createPopupWindow();
+        CommitDiscardWrapperComponent<UserEditForm> userComponent = getUserEditComponent(user.getUuid(), window::close);
+
+        window.setCaption(I18nProperties.getString(Strings.headingEditUser));
+        window.setContent(userComponent);
+        // user form is too big for typical screens
+        window.setWidth(userComponent.getWrappedComponent().getWidth() + 64 + 20, Unit.PIXELS);
+        window.setHeight(90, Unit.PERCENTAGE);
+        UI.getCurrent().addWindow(window);
+    }
+
+    public void overview() {
+        String navigationState = UsersView.VIEW_NAME;
+        SormasUI.get().getNavigator().navigateTo(navigationState);
+    }
+
+    /**
+     * Update the fragment without causing navigator to change view
+     */
+    public void setUriFragmentParameter(String caseUuid) {
+        String fragmentParameter;
+        if (caseUuid == null || caseUuid.isEmpty()) {
+            fragmentParameter = "";
+        } else {
+            fragmentParameter = caseUuid;
+        }
+
+        Page page = SormasUI.get().getPage();
+        page.setUriFragment("!" + UsersView.VIEW_NAME + "/" + fragmentParameter, false);
+    }
+
+    public CommitDiscardWrapperComponent<UserEditForm> getUserEditComponent(final String userUuid, Runnable closeWindowCallback) {
+        UserEditForm userEditForm = new UserEditForm(false);
+        UserDto userDto = FacadeProvider.getUserFacade().getByUuid(userUuid);
+        userEditForm.setValue(userDto);
+        final CommitDiscardWrapperComponent<UserEditForm> editView =
+                new CommitDiscardWrapperComponent<UserEditForm>(userEditForm, UiUtil.permitted(UserRight.USER_EDIT), userEditForm.getFieldGroup());
+
+        // Add reset password button
+        if (FacadeProvider.getFeatureConfigurationFacade().isFeatureDisabled(FeatureType.AUTH_PROVIDER_TO_SORMAS_USER_SYNC)) {
+            Button resetPasswordButton = createResetPasswordButton(userUuid, userDto.getUserEmail(), editView);
+            editView.getButtonsPanel().addComponent(resetPasswordButton, 0);
+        }
+
+        editView.addDiscardListener(closeWindowCallback::run);
+        editView.addCommitListener(() -> {
+            if (!userEditForm.getFieldGroup().isModified()) {
+                UserDto user = userEditForm.getValue();
+                UserDto existingUser = FacadeProvider.getUserFacade().getByUuid(user.getUuid());
+                // If user roles have changed, the user might no longer have a district assigned and therefore
+                // needs to be removed as surveillance/contact officer from existing cases/contacts
+                if (existingUser.getDistrict() != null && user.getDistrict() == null) {
+                    openRemoveUserAsOfficerPrompt(result -> {
+                        if (result) {
+                            FacadeProvider.getUserFacade().removeUserAsSurveillanceAndContactOfficer(user.getUuid());
+                            closeWindowCallback.run();
+                        }
+                    });
+                }
+                if (DataHelper.isSame(user, UiUtil.getUser())) {
+
+                    Set<UserRight> oldUserRights =
+                            UserRoleDto.getUserRights(FacadeProvider.getUserRoleFacade().getByReferences(existingUser.getUserRoles()));
+                    Set<UserRight> newUserRights = UserRoleDto.getUserRights(FacadeProvider.getUserRoleFacade().getByReferences(user.getUserRoles()));
+
+                    if (oldUserRights.contains(UserRight.USER_ROLE_EDIT) && !newUserRights.contains(UserRight.USER_ROLE_EDIT)) {
+                        new Notification(
+                                I18nProperties.getString(Strings.messageCheckInputData),
+                                I18nProperties.getValidationError(Validations.removeRolesWithEditRightFromOwnUser),
+                                Notification.Type.ERROR_MESSAGE,
+                                true).show(Page.getCurrent());
+                    } else if (!newUserRights.contains(UserRight.USER_EDIT)) {
+                        new Notification(
+                                I18nProperties.getString(Strings.messageCheckInputData),
+                                I18nProperties.getValidationError(Validations.removeRolesWithEditUserFromOwnUser),
+                                Notification.Type.ERROR_MESSAGE,
+                                true).show(Page.getCurrent());
+                    } else {
+                        saveUser(user);
+                        closeWindowCallback.run();
+                    }
+                } else {
+                    saveUser(user);
+                    closeWindowCallback.run();
+                }
+            }
+        });
+
+        return editView;
+    }
+
+    private void openRemoveUserAsOfficerPrompt(Consumer<Boolean> callback) {
+        VaadinUiUtil.showConfirmationPopup(
+                I18nProperties.getString(Strings.headingSaveUser),
+                new Label(I18nProperties.getString(Strings.confirmationRemoveUserAsOfficer)),
+                I18nProperties.getString(Strings.yes),
+                I18nProperties.getString(Strings.no),
+                640,
+                callback);
+    }
+
+    private void saveUser(UserDto user) {
+        if (FacadeProvider.getFeatureConfigurationFacade().isFeatureEnabled(FeatureType.AUTH_PROVIDER_TO_SORMAS_USER_SYNC)) {
+            FacadeProvider.getUserFacade().saveUserRolesAndRestrictions(user, user.getUserRoles());
+        } else {
+            FacadeProvider.getUserFacade().saveUser(user, false);
+        }
+        refreshView();
+    }
+
+    public CommitDiscardWrapperComponent<UserEditForm> getUserCreateComponent() {
+
+        UserEditForm createForm = new UserEditForm(true);
+        createForm.setValue(UserDto.build());
+        final CommitDiscardWrapperComponent<UserEditForm> editView =
+                new CommitDiscardWrapperComponent<UserEditForm>(createForm, UiUtil.permitted(UserRight.USER_CREATE), createForm.getFieldGroup());
+
+        editView.addCommitListener(new CommitListener() {
+
+            @Override
+            public void onCommit() {
+                if (!createForm.getFieldGroup().isModified()) {
+                    UserDto dto = createForm.getValue();
+                    dto = FacadeProvider.getUserFacade().saveUser(dto, false);
+                    refreshView();
+                    makeInitialPassword(dto.getUuid(), dto.getUserEmail());
+                }
+            }
+        });
+        return editView;
+    }
+
+    public boolean isLoginUnique(String uuid, String userName) {
+        return FacadeProvider.getUserFacade().isLoginUnique(uuid, userName);
+    }
+
+    public void makeInitialPassword(String userUuid, String userEmail) {
+        if (StringUtils.isBlank(userEmail) || AuthProvider.getProvider(FacadeProvider.getConfigFacade()).isDefaultProvider()) {
+            String newPassword = FacadeProvider.getUserFacade().resetPassword(userUuid);
+            showPasswordResetInternalSuccessPopup(newPassword);
+        } else {
+            showAccountCreatedSuccessful();
+        }
+    }
+
+    public void makeNewPassword(String userUuid, String userEmail) {
+        String newPassword = FacadeProvider.getUserFacade().resetPassword(userUuid);
+
+        if (StringUtils.isBlank(userEmail) || AuthProvider.getProvider(FacadeProvider.getConfigFacade()).isDefaultProvider()) {
+            showPasswordResetInternalSuccessPopup(newPassword);
+        } else {
+            showPasswordResetExternalSuccessPopup();
+        }
+    }
+
+    public void showUpdatePassword(String userUuid, String userEmail, String password, String currentPassword) {
+        FacadeProvider.getUserFacade().updateUserPassword(userUuid, password, currentPassword);
+        if (isGeneratePassword) {
+            if (StringUtils.isBlank(userEmail) || AuthProvider.getProvider(FacadeProvider.getConfigFacade()).isDefaultProvider()) {
+                showPasswordResetInternalSuccessPopup(password);
+            } else {
+                showPasswordResetExternalSuccessPopup();
+            }
+        } else {
+            showPasswordChangeInternalSuccessPopup(I18nProperties.getString(Strings.messagePasswordChange));
+        }
+        isGeneratePassword = false;
+    }
+
+    private void showPasswordResetInternalSuccessPopup(String newPassword) {
+        VerticalLayout layout = new VerticalLayout();
+        layout.addComponent(new Label(I18nProperties.getString(Strings.messageCopyPassword)));
+        Label passwordLabel = new Label(newPassword);
+        passwordLabel.addStyleName(CssStyles.H2);
+        layout.addComponent(passwordLabel);
+        Window popupWindow = VaadinUiUtil.showPopupWindow(layout);
+        popupWindow.setCaption(I18nProperties.getString(Strings.headingNewPassword));
+        layout.setMargin(true);
+    }
+
+    private void showPasswordChangeInternalSuccessPopup(String passwordSuccessMessage) {
+        showPopupWindow(I18nProperties.getString(Strings.headingChangePassword), passwordSuccessMessage, null, true);
+    }
+
+    private void showPopupWindow(String header, String message, Integer width, Boolean closeable) {
+        VerticalLayout layout = new VerticalLayout();
+        Label messageLabel = new Label(message);
+        messageLabel.addStyleName(CssStyles.H2);
+        layout.addComponent(messageLabel);
+        Window popupWindow = VaadinUiUtil.showPopupWindow(layout);
+
+        popupWindow.setCaption(header);
+        if (width != null) {
+            popupWindow.setWidth(width, Unit.PIXELS);
+        }
+
+        layout.setMargin(true);
+        if (closeable) {
+            popupWindow.addCloseListener(event -> popUpWindow.close());
+        }
+    }
+
+    private void showAccountCreatedSuccessful() {
+        VerticalLayout layout = new VerticalLayout();
+        layout.addComponent(new Label(I18nProperties.getString(Strings.messageActivateAccount)));
+        Window popupWindow = VaadinUiUtil.showPopupWindow(layout);
+        popupWindow.setCaption(I18nProperties.getString(Strings.headingNewAccount));
+        popupWindow.setWidth(350, Unit.PIXELS);
+        layout.setMargin(true);
+    }
+
+    private void showPasswordResetExternalSuccessPopup() {
+        VerticalLayout layout = new VerticalLayout();
+        layout.addComponent(new Label(I18nProperties.getString(Strings.messagePasswordResetEmailLink)));
+        Window popupWindow = VaadinUiUtil.showPopupWindow(layout);
+        popupWindow.setCaption(I18nProperties.getString(Strings.headingNewPassword));
+        popupWindow.setWidth(450, Unit.PIXELS);
+        layout.setMargin(true);
+    }
+
+    private void refreshView() {
+        View currentView = SormasUI.get().getNavigator().getCurrentView();
+        if (currentView instanceof UsersView) {
+            // force refresh, because view didn't change
+            ((UsersView) currentView).enter(null);
+        }
+    }
+
+    public Button createResetPasswordButton(String userUuid, String userEmail, CommitDiscardWrapperComponent<UserEditForm> editView) {
+
+        return ButtonHelper.createIconButton(Captions.userResetPassword, VaadinIcons.UNLOCK, new ClickListener() {
+
+            private static final long serialVersionUID = 1L;
+
+            @Override
+            public void buttonClick(ClickEvent event) {
+                ConfirmationComponent resetPasswordComponent = getResetPasswordConfirmationComponent(userUuid, userEmail, editView);
+                Window popupWindow = VaadinUiUtil.showPopupWindow(resetPasswordComponent);
+                resetPasswordComponent.addDoneListener(() -> popupWindow.close());
+                resetPasswordComponent.getCancelButton().addClickListener(new ClickListener() {
+
+                    private static final long serialVersionUID = 1L;
+
+                    @Override
+                    public void buttonClick(ClickEvent event) {
+                        popupWindow.close();
+                    }
+                });
+                popupWindow.setCaption(I18nProperties.getString(Strings.headingUpdatePassword));
+            }
+        }, ValoTheme.BUTTON_LINK);
+    }
+
+    public Button generatePasswordButton() {
+
+        return ButtonHelper.createIconButton(Captions.userGeneratePassword, VaadinIcons.UNLOCK, new ClickListener() {
+
+            private static final long serialVersionUID = 1L;
+            final UpdatePasswordForm form = new UpdatePasswordForm();
+
+            @Override
+            public void buttonClick(ClickEvent event) {
+                isGeneratePassword = true;
+
+                String generatedPassword = FacadeProvider.getUserFacade().generatePassword();
+                form.currentPassword.setCaption(generatedPassword);
+                form.confirmPassword.setCaption(generatedPassword);
+            }
+        }, ValoTheme.BUTTON_LINK);
+    }
+
+    public Button createUpdatePasswordButton() {
+        return ButtonHelper.createIconButton(Captions.userResetPassword, VaadinIcons.UNLOCK, new ClickListener() {
+            private static final long serialVersionUID = 1L;
+
+            @Override
+            public void buttonClick(ClickEvent event) {
+                popUpWindow = VaadinUiUtil.showPopupWindow(getUpdatePasswordComponent());
+                popUpWindow.setCaption(I18nProperties.getString(Strings.headingChangePassword));
+            }
+        }, ValoTheme.BUTTON_LINK);
+    }
+
+    public ConfirmationComponent getResetPasswordConfirmationComponent(
+            String userUuid,
+            String userEmail,
+            CommitDiscardWrapperComponent<UserEditForm> editView) {
+        ConfirmationComponent resetPasswordConfirmationComponent = new ConfirmationComponent(false) {
+
+            private static final long serialVersionUID = 1L;
+
+            @Override
+            protected void onConfirm() {
+                onDone();
+                editView.discard();
+                makeNewPassword(userUuid, userEmail);
+            }
+
+            @Override
+            protected void onCancel() {
+            }
+        };
+        resetPasswordConfirmationComponent.getConfirmButton().setCaption(I18nProperties.getCaption(Captions.userUpdatePasswordConfirmation));
+        resetPasswordConfirmationComponent.getCancelButton().setCaption(I18nProperties.getCaption(Captions.actionCancel));
+        resetPasswordConfirmationComponent.setMargin(true);
+        return resetPasswordConfirmationComponent;
+    }
+
+    public CommitDiscardWrapperComponent<UserSettingsForm> getUserSettingsComponent(Runnable commitOrDiscardCallback) {
+        UserSettingsForm form = new UserSettingsForm();
+        UserDto user = FacadeProvider.getUserFacade().getByUuid(UiUtil.getUserUuid());
+        form.setValue(user);
+
+        final CommitDiscardWrapperComponent<UserSettingsForm> component = new CommitDiscardWrapperComponent<>(form, form.getFieldGroup());
+        component.addCommitListener(() -> {
+            if (!form.getFieldGroup().isModified()) {
+                UserDto changedUser = form.getValue();
+                FacadeProvider.getUserFacade().saveUser(changedUser, true);
+                I18nProperties.setUserLanguage(changedUser.getLanguage());
+                FacadeProvider.getI18nFacade().setUserLanguage(changedUser.getLanguage());
+                Page.getCurrent().reload();
+                commitOrDiscardCallback.run();
+            }
+        });
+        component.addDiscardListener(commitOrDiscardCallback::run);
+
+        return component;
+    }
+
+    public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordComponent() {
+        Label passwordStrengthDesc = new Label();
+        UpdatePasswordForm form = new UpdatePasswordForm();
+        UserDto user = FacadeProvider.getUserFacade().getByUuid(UserProvider.getCurrent().getUuid());
+        form.setValue(user);
+        final CommitDiscardWrapperComponent<UpdatePasswordForm> component = new CommitDiscardWrapperComponent<>(form, form.getFieldGroup());
+        form.newPassword.addTextChangeListener(event -> {
+            passwordStrengthDesc.setValue(FacadeProvider.getUserFacade().checkPasswordStrength(event.getText()));
+            if (FacadeProvider.getUserFacade().isPasswordStrong(event.getText())) {
+                passwordStrengthDesc.setStyleName(LABEL_POSITIVE);
+            } else {
+                passwordStrengthDesc.setStyleName(LABEL_CRITICAL);
+            }
+        });
+        component.addDiscardListener(() -> popUpWindow.close());
+
+        component.addCommitListener(() -> {
+            if (!form.getFieldGroup().isModified()) {
+                UserDto changedUser = form.getValue();
+                if (!Objects.equals(changedUser.getConfirmPassword(), changedUser.getUpdatePassword())) {
+
+                    Notification.show(I18nProperties.getString(Strings.messageNewPasswordDoesNotMatchFailed), Notification.Type.ERROR_MESSAGE);
+                } else if (!FacadeProvider.getUserFacade().validatePassword(user.getUuid(), changedUser.getCurrentPassword())) {
+                    Notification.show(I18nProperties.getString(Strings.messageWrongCurrentPassword), Notification.Type.ERROR_MESSAGE);
+                } else if (passwordStrengthDesc.getValue().contains("Weak")) {
+                    Notification.show(I18nProperties.getString(Strings.messageNewPasswordFailed), Notification.Type.ERROR_MESSAGE);
+                } else {
+                    showUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getUpdatePassword(), changedUser.getCurrentPassword());
+
+                }
+            }
+        });
+
+        Button generatePasswordButton = ControllerProvider.getUserController().generatePasswordButton();
+        generatePasswordButton.addClickListener((ClickListener) event -> {
+            String generatedPassword = FacadeProvider.getUserFacade().generatePassword();
+            form.newPassword.setValue(generatedPassword);
+            form.confirmPassword.setValue(generatedPassword);
+        });
+        component.getButtonsPanel().addComponent(generatePasswordButton, 0);
+
+        component.addComponent(passwordStrengthDesc, 1);
+        return component;
+    }
+
+    public void setFlagIcons(ComboBox cbLanguage) {
+        for (Language language : Language.values()) {
+            cbLanguage.setItemIcon(language, new ThemeResource("img/flag-icons/" + language.name().toLowerCase() + ".png"));
+        }
+    }
+
+    public void sync() {
+        if (UiUtil.permitted(FeatureType.AUTH_PROVIDER_TO_SORMAS_USER_SYNC)) {
+            FacadeProvider.getUserFacade().syncUsersFromAuthenticationProvider();
+            SormasUI.refreshView();
+        } else {
+            Window window = VaadinUiUtil.showPopupWindow(new UsersSyncLayout());
+            window.setCaption(I18nProperties.getCaption(Captions.syncUsers));
+        }
+    }
+
+    public void enableAllSelectedItems(Collection<UserDto> selectedRows, UserGrid userGrid) {
+
+        if (selectedRows.isEmpty()) {
+            new Notification(
+                    I18nProperties.getString(Strings.headingNoUsersSelected),
+                    I18nProperties.getString(Strings.messageNoUsersSelected),
+                    Notification.Type.WARNING_MESSAGE,
+                    false).show(Page.getCurrent());
+        } else {
+            VaadinUiUtil.showConfirmationPopup(
+                    I18nProperties.getString(Strings.headingConfirmEnabling),
+                    new Label(String.format(I18nProperties.getString(Strings.confirmationEnableUsers), selectedRows.size())),
+                    I18nProperties.getString(Strings.yes),
+                    I18nProperties.getString(Strings.no),
+                    null,
+                    confirmed -> {
+                        if (Boolean.FALSE.equals(confirmed)) {
+                            return;
+                        }
+
+                        new BulkOperationHandler<UserDto>(
+                                Strings.messageUsersEnabled,
+                                null,
+                                Strings.headingSomeUsersNotEnabled,
+                                Strings.headingUsersNotEnabled,
+                                Strings.messageCountUsersNotEnabled,
+                                null,
+                                null,
+                                null,
+                                null,
+                                Strings.infoBulkProcessFinishedWithSkips,
+                                Strings.infoBulkProcessFinishedWithoutSuccess).doBulkOperation(batch -> {
+
+                            List<String> uuids = batch.stream().map(UserDto::getUuid).collect(Collectors.toList());
+                            return FacadeProvider.getUserFacade().enableUsers(uuids);
+                        }, new ArrayList<>(selectedRows), remaining -> {
+                            userGrid.reload();
+                            if (CollectionUtils.isNotEmpty(remaining)) {
+                                userGrid.asMultiSelect().selectItems(remaining.toArray(new UserDto[0]));
+                            } else {
+                                overview();
+                            }
+                        });
+                    });
+        }
+    }
+
+    public void disableAllSelectedItems(Collection<UserDto> selectedRows, UserGrid userGrid) {
+
+        if (selectedRows.isEmpty()) {
+            new Notification(
+                    I18nProperties.getString(Strings.headingNoUsersSelected),
+                    I18nProperties.getString(Strings.messageNoUsersSelected),
+                    Notification.Type.WARNING_MESSAGE,
+                    false).show(Page.getCurrent());
+        } else {
+            VaadinUiUtil.showConfirmationPopup(
+                    I18nProperties.getString(Strings.headingConfirmDisabling),
+                    new Label(String.format(I18nProperties.getString(Strings.confirmationDisableUsers), selectedRows.size())),
+                    I18nProperties.getString(Strings.yes),
+                    I18nProperties.getString(Strings.no),
+                    null,
+                    confirmed -> {
+                        if (Boolean.FALSE.equals(confirmed)) {
+                            return;
+                        }
+
+                        new BulkOperationHandler<UserDto>(
+                                Strings.messageUsersDisabled,
+                                null,
+                                Strings.headingSomeUsersNotDisabled,
+                                Strings.headingUsersNotDisabled,
+                                Strings.messageCountUsersNotDisabled,
+                                null,
+                                null,
+                                null,
+                                null,
+                                Strings.infoBulkProcessFinishedWithSkips,
+                                Strings.infoBulkProcessFinishedWithoutSuccess).doBulkOperation(batch -> {
+
+                            List<String> uuids = batch.stream().map(UserDto::getUuid).collect(Collectors.toList());
+                            return FacadeProvider.getUserFacade().disableUsers(uuids);
+                        }, new ArrayList<>(selectedRows), remaining -> {
+                            userGrid.reload();
+                            if (CollectionUtils.isNotEmpty(remaining)) {
+                                userGrid.asMultiSelect().selectItems(remaining.toArray(new UserDto[0]));
+                            } else {
+                                overview();
+                            }
+                        });
+                    });
+        }
+    }
 }
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/UpdatePasswordValidator.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/UpdatePasswordValidator.java
deleted file mode 100644
index cd914d524c1..00000000000
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/UpdatePasswordValidator.java
+++ /dev/null
@@ -1,28 +0,0 @@
-package de.symeda.sormas.ui.utils;
-
-import com.vaadin.v7.data.validator.AbstractValidator;
-
-public class UpdatePasswordValidator extends AbstractValidator<String> {
-
-	/**
-	 * Constructs a validator with the given error message.
-	 *
-	 * @param errorMessage
-	 *            the message to be included in an {@link InvalidValueException}
-	 *            (with "{0}" replaced by the value that failed validation).
-	 */
-	public UpdatePasswordValidator(String errorMessage) {
-		super(errorMessage);
-	}
-
-	@Override
-	protected boolean isValidValue(String password) {
-		String pattern = "(?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=])(?=\\S+$).{8,}";
-		return password == null || password.isEmpty() || password.matches(pattern);
-	}
-
-	@Override
-	public Class getType() {
-		return String.class;
-	}
-}

From 003c8e113975f2491462775baadaa33cbc80a4cf Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 23 Jul 2024 09:44:44 +0000
Subject: [PATCH 53/95] add permitAll to isPasswordStrong to pass text case

---
 .../main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java   | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 2d180cc0b18..549d780dc5f 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -944,6 +944,7 @@ public String checkPasswordStrength(String password) {
         return PasswordValidator.checkPasswordStrength(password);
     }
 
+    @PermitAll
     @Override
     public boolean isPasswordStrong(String password) {
         return PasswordValidator.isStrongPassword(password);

From afb411a69ab72d98e864aee405dcf3c437bbd24f Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 23 Jul 2024 11:40:43 +0000
Subject: [PATCH 54/95] validation update on change password form

---
 .../controls/ControlPasswordField.java        | 93 ++++++++++---------
 .../app/login/ChangePasswordActivity.java     | 31 ++-----
 .../activity_change_password_layout.xml       | 42 ---------
 .../app/src/main/res/values/strings.xml       | 10 +-
 .../sormas/backend/user/UserFacadeEjb.java    |  1 +
 5 files changed, 61 insertions(+), 116 deletions(-)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
index 7689911a37f..a56432cc684 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
@@ -15,59 +15,60 @@
 
 package de.symeda.sormas.app.component.controls;
 
-import com.google.android.material.textfield.TextInputLayout;
-
 import android.content.Context;
 import android.text.InputType;
 import android.util.AttributeSet;
 import android.view.LayoutInflater;
 
+import com.google.android.material.textfield.TextInputLayout;
+
 import de.symeda.sormas.app.R;
 
 public class ControlPasswordField extends ControlTextEditField {
 
-	// Constructors
-
-	public ControlPasswordField(Context context) {
-		super(context);
-	}
-
-	public ControlPasswordField(Context context, AttributeSet attrs) {
-		super(context, attrs);
-	}
-
-	public ControlPasswordField(Context context, AttributeSet attrs, int defStyle) {
-		super(context, attrs, defStyle);
-	}
-
-	// Overrides
-
-	@Override
-	protected void initialize(Context context, AttributeSet attrs, int defStyle) {
-		super.initialize(context, attrs, defStyle);
-
-		setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD);
-	}
-
-	@Override
-	protected void inflateView(Context context, AttributeSet attrs, int defStyle) {
-		LayoutInflater inflater = (LayoutInflater) context.getSystemService(Context.LAYOUT_INFLATER_SERVICE);
-
-		if (inflater != null) {
-			if (isSlim()) {
-				inflater.inflate(R.layout.control_password_slim_layout, this);
-			} else {
-				inflater.inflate(R.layout.control_password_layout, this);
-			}
-		} else {
-			throw new RuntimeException("Unable to inflate layout in " + getClass().getName());
-		}
-	}
-
-	@Override
-	protected void onFinishInflate() {
-		super.onFinishInflate();
-		TextInputLayout inputLayout = (TextInputLayout) this.findViewById(R.id.text_input_layout);
-		inputLayout.setPasswordVisibilityToggleEnabled(true);
-	}
+    // Constructors
+
+    public ControlPasswordField(Context context) {
+        super(context);
+    }
+
+    public ControlPasswordField(Context context, AttributeSet attrs) {
+        super(context, attrs);
+    }
+
+    public ControlPasswordField(Context context, AttributeSet attrs, int defStyle) {
+        super(context, attrs, defStyle);
+    }
+
+    // Overrides
+
+    @Override
+    protected void initialize(Context context, AttributeSet attrs, int defStyle) {
+        super.initialize(context, attrs, defStyle);
+
+        setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD);
+    }
+
+    @Override
+    protected void inflateView(Context context, AttributeSet attrs, int defStyle) {
+        LayoutInflater inflater = (LayoutInflater) context.getSystemService(Context.LAYOUT_INFLATER_SERVICE);
+
+        if (inflater != null) {
+            if (isSlim()) {
+                inflater.inflate(R.layout.control_password_slim_layout, this);
+            } else {
+                inflater.inflate(R.layout.control_password_layout, this);
+            }
+        } else {
+            throw new RuntimeException("Unable to inflate layout in " + getClass().getName());
+        }
+    }
+
+    @Override
+    protected void onFinishInflate() {
+        super.onFinishInflate();
+        TextInputLayout inputLayout = (TextInputLayout) this.findViewById(R.id.text_input_layout);
+        inputLayout.setPasswordVisibilityToggleEnabled(true);
+    }
+
 }
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index e0eeb8b1802..1d47c531a51 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -206,69 +206,52 @@ public void onFailure(Call<String> call, Throwable t) {
      * When clicked on submit
      **/
     public void savePassword(View view) {
-        // Disable error states
         binding.changePasswordNewPassword.disableErrorState();
         binding.changePasswordCurrentPassword.disableErrorState();
         binding.changePasswordConfirmPassword.disableErrorState();
 
-        // Check if server URL is configured
         if (DataHelper.isNullOrEmpty(ConfigProvider.getServerRestUrl())) {
             NavigationHelper.goToSettings(this);
             return;
         }
 
-        // Retrieve password values
         String currentPassword = binding.changePasswordCurrentPassword.getValue();
         String newPassword = binding.changePasswordNewPassword.getValue();
         String confirmPassword = binding.changePasswordConfirmPassword.getValue();
         String configPassword = ConfigProvider.getPassword();
 
-        // Validate input fields
         boolean isValid = true;
+
         if (currentPassword == null || currentPassword.trim().isEmpty()) {
-            binding.incorrectCurrentPassword.setVisibility(View.VISIBLE);
-            binding.incorrectCurrentPassword.setText("Current password cannot be empty.");
+            binding.changePasswordCurrentPassword.enableErrorState(R.string.error_current_password_empty);
             isValid = false;
         }
         if (newPassword == null || newPassword.trim().isEmpty()) {
-            binding.incorrectNewPassword.setVisibility(View.VISIBLE);
-            binding.incorrectNewPassword.setText("New password cannot be empty.");
+            binding.changePasswordNewPassword.enableErrorState(R.string.error_new_password_empty);
             isValid = false;
         }
         if (confirmPassword == null || confirmPassword.trim().isEmpty()) {
-            binding.incorrectConfirmPassword.setVisibility(View.VISIBLE);
-            binding.incorrectConfirmPassword.setText("Confirm password cannot be empty.");
+            binding.changePasswordConfirmPassword.enableErrorState(R.string.error_confirm_password_empty);
             isValid = false;
         }
         if (!configPassword.equals(currentPassword)) {
-            binding.incorrectCurrentPassword.setVisibility(View.VISIBLE);
-            binding.incorrectCurrentPassword.setText("Current password is incorrect.");
+            binding.changePasswordCurrentPassword.enableErrorState(R.string.error_current_password_incorrect);
             isValid = false;
         }
         if (!newPassword.equals(confirmPassword)) {
-            binding.incorrectConfirmPassword.setVisibility(View.VISIBLE);
-            binding.incorrectConfirmPassword.setText("Passwords do not match.");
+            binding.changePasswordConfirmPassword.enableErrorState(R.string.error_passwords_do_not_match);
             isValid = false;
         }
 
-        // If all validations pass, proceed with the password change
-        System.out.println("isValid: " + isValid);
-        System.out.println("isGood: " + isGood);
-        System.out.println("currentPassword: " + currentPassword);
-        System.out.println("newPassword: " + newPassword);
-        System.out.println("confirmPassword: " + confirmPassword);
-        System.out.println("configPassword: " + configPassword);
-        // Call registrationDataCheck if necessary
         if (isValid) {
             registrationDataCheck(view);
         }
-        
+
         if (isValid && isGood) {
             RetroProvider.connectAsyncHandled(this, true, true, result -> {
                 if (Boolean.TRUE.equals(result)) {
                     try {
                         executeSaveNewPasswordCall(UserDtoHelper.saveNewPassword(ConfigProvider.getUser().getUuid(), newPassword, currentPassword));
-                        // Cache the new password
                         setNewPassword(newPassword);
                     } catch (Exception e) {
                         binding.actionPasswordStrength.setVisibility(View.VISIBLE);
diff --git a/sormas-app/app/src/main/res/layout/activity_change_password_layout.xml b/sormas-app/app/src/main/res/layout/activity_change_password_layout.xml
index fb3084fdc6b..0fda7252b32 100644
--- a/sormas-app/app/src/main/res/layout/activity_change_password_layout.xml
+++ b/sormas-app/app/src/main/res/layout/activity_change_password_layout.xml
@@ -78,20 +78,11 @@
                     app:value="@={data.currentPassword}"
 
                     />
-                <!---for error-->
-                <TextView
-                    android:id="@+id/incorrect_current_password"
-                    android:layout_width="match_parent"
-                    android:layout_height="wrap_content"
-                    android:visibility="gone"
-                    android:text="@string/message_incorrect_current_password"
-                    android:textColor="@color/errorBackground" />
 
                 <de.symeda.sormas.app.component.controls.ControlPasswordField
                     android:id="@+id/change_password_new_password"
                     style="@style/ControlSingleColumnStyle"
                     android:layout_marginTop="10dp"
-
                     android:hint="@string/caption_enter_new_password"
                     app:caption="@string/caption_enter_new_password"
                     app:description="@string/caption_enter_new_password"
@@ -100,17 +91,6 @@
                     app:required="true"
                     app:value="@={data.newPassword}" />
 
-                <TextView
-                    android:id="@+id/incorrect_new_password"
-                    android:layout_width="match_parent"
-                    android:layout_height="wrap_content"
-                    android:text="@string/message_incorrect_new_password"
-                    android:visibility="gone"
-                    android:textColor="@color/errorBackground" />
-
-                <!--                android:onClick="registrationDataCheck"-->
-
-
                 <de.symeda.sormas.app.component.controls.ControlPasswordField
                     android:id="@+id/change_password_confirm_password"
                     style="@style/ControlSingleColumnStyle"
@@ -123,15 +103,6 @@
                     android:layout_marginTop="10dp"
                     app:labelCaption="@string/caption_confirm_new_password"
                     app:value="@={data.confirmPassword}" />
-                <!---for error-->
-                <TextView
-                    android:id="@+id/incorrect_confirm_password"
-                    android:layout_width="match_parent"
-                    android:layout_height="wrap_content"
-                    android:text="@string/message_not_match_password"
-                    android:visibility="gone"
-                    android:layout_marginBottom="15dp"
-                    android:textColor="@color/errorBackground" />
 
                 <Button
                     android:id="@+id/btn_changePassword"
@@ -156,7 +127,6 @@
                         android:layout_height="match_parent"
                         android:text="@string/action_strength_password"
                         android:textAlignment="viewStart" />
-                    <!--                    android:onClick="registrationDataCheck"-->
 
                 </RelativeLayout>
 
@@ -165,18 +135,6 @@
                     android:layout_height="wrap_content"
                     android:orientation="horizontal">
 
-
-                    <!--                <de.symeda.sormas.app.component.controls.ControlButton-->
-                    <!--                    android:id="@+id/btn_changePassword"-->
-                    <!--                    android:layout_width="match_parent"-->
-                    <!--                    android:layout_height="wrap_content"-->
-                    <!--                    android:layout_marginTop="@dimen/buttonControlMarginBottom"-->
-                    <!--                    android:layout_marginBottom="@dimen/buttonControlMarginBottom"-->
-                    <!--                    android:onClick="savePassword"-->
-                    <!--                    android:text="@string/action_change_password"-->
-                    <!--                    app:buttonType="@{ControlButtonType.SECONDARY}"-->
-                    <!--                    app:rounded="true" />-->
-
                     <Button
                         android:id="@+id/action_generatePassword"
                         android:layout_alignParentEnd="true"
diff --git a/sormas-app/app/src/main/res/values/strings.xml b/sormas-app/app/src/main/res/values/strings.xml
index 659966e733c..2197e0cd598 100644
--- a/sormas-app/app/src/main/res/values/strings.xml
+++ b/sormas-app/app/src/main/res/values/strings.xml
@@ -562,9 +562,6 @@
     <string name="message_case_infrastructure_data_changed">You have changed the infrastructure data of this case. Do you want to transfer the case to the new health facility (the hospitalization data will be updated) or do you only want to edit the data to correct a mistake?</string>
     <string name="message_download_app_failed">The download of the new SORMAS version failed. Please make sure you have the best internet connection possible and try again or inform a supervisor if you keep getting this error despite a good internet connection.</string>
     <string name="message_empty_password">Please enter a password.</string>
-    <string name="message_incorrect_current_password">Please your Current Password is incorrect.</string>
-    <string name="message_incorrect_new_password">Please your New Password is incorrect.</string>
-    <string name="message_not_match_password">Passwords does not match.</string>
     <string name="message_empty_username">Please enter a username.</string>
     <string name="message_encryption">SORMAS requires device encryption to be activated on your device to ensure data security.\n\nPlease note that you cannot use the application as long as device encryption is disabled.</string>
     <string name="message_enter_person_name">Please enter a first and last name for the new person.</string>
@@ -752,6 +749,11 @@
     <string name="hint_enter_confirm_new_password">"Enter Confirm Password"</string>
     <string name="caption_enter_current_password">"Enter Current Password"</string>
     <string name="caption_enter_new_password">"Enter new Password"</string>
-    <string name="caption_confirm_new_password">"Confirm Password"</string>
+    <string name="caption_confirm_new_password">"Enter Confirm Password"</string>
+    <string name="error_current_password_empty">Current Password Cannot be Empty</string>
+    <string name="error_new_password_empty">New Password Cannot be Empty</string>
+    <string name="error_confirm_password_empty">Confirm Password Cannot be Empty</string>
+    <string name="error_current_password_incorrect">Current Password is Incorrect</string>
+    <string name="error_passwords_do_not_match">Passwords do not match</string>
 
 </resources>
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 549d780dc5f..215c0057ce2 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -940,6 +940,7 @@ public boolean validatePassword(String uuid, String password) {
         return false;
     }
 
+    @PermitAll
     public String checkPasswordStrength(String password) {
         return PasswordValidator.checkPasswordStrength(password);
     }

From 484bde5a5709f62e3e470a40b8085c2bd256c0fd Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 23 Jul 2024 13:37:23 +0000
Subject: [PATCH 55/95] update with copy password from alert functionality

---
 .../app/login/ChangePasswordActivity.java     | 83 +++++++++++++++++--
 .../res/layout/dialog_change_password.xml     | 27 ++++++
 .../app/src/main/res/values/strings.xml       |  2 +
 3 files changed, 104 insertions(+), 8 deletions(-)
 create mode 100644 sormas-app/app/src/main/res/layout/dialog_change_password.xml

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index 1d47c531a51..6ca91b865f4 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -4,13 +4,22 @@
 import static de.symeda.sormas.app.backend.config.ConfigProvider.setNewPassword;
 
 import android.annotation.SuppressLint;
+import android.app.Activity;
+import android.app.AlertDialog;
+import android.content.ClipData;
+import android.content.ClipboardManager;
+import android.content.Context;
+import android.content.DialogInterface;
 import android.content.Intent;
 import android.graphics.Color;
 import android.os.Build;
 import android.os.Bundle;
 import android.util.Log;
+import android.view.LayoutInflater;
 import android.view.View;
+import android.widget.Button;
 import android.widget.ProgressBar;
+import android.widget.TextView;
 import android.widget.Toast;
 
 import androidx.annotation.NonNull;
@@ -46,6 +55,7 @@ public class ChangePasswordActivity extends BaseLocalizedActivity implements Act
     private ActivityChangePasswordLayoutBinding binding;
     private ProgressBar preloader;
     private View fragmentFrame;
+    private boolean isPasswordGenerated = false;
 
     @RequiresApi(api = Build.VERSION_CODES.R)
     @Override
@@ -158,6 +168,7 @@ public void onResponse(@NonNull Call<String> call, @NonNull Response<String> res
                     var generatedPassword = response.body();
                     binding.changePasswordNewPassword.setValue(generatedPassword);
                     binding.changePasswordConfirmPassword.setValue(generatedPassword);
+                    isPasswordGenerated = true;
                     Toast.makeText(getApplicationContext(), "Password Generated", Toast.LENGTH_SHORT).show();
                 }
 
@@ -171,29 +182,46 @@ public void onFailure(@NonNull Call<String> call, @NonNull Throwable t) {
         }
     }
 
-    private void executeSaveNewPasswordCall(Call<String> call) {
+
+    private void executeSaveNewPasswordCall(Call<String> call, Activity activity) {
         try {
             showPreloader();
 
             call.enqueue(new Callback<String>() {
                 @Override
                 public void onResponse(Call<String> call, Response<String> response) {
+                    hidePreloader();
+
                     if (response.code() != 200) {
                         NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_save_password);
-                        hidePreloader();
 
                     } else {
-                        Toast.makeText(getApplicationContext(), "Password Saved", Toast.LENGTH_LONG).show();
-                        NotificationHelper.showNotification(binding, NotificationType.SUCCESS, R.string.message_password_changed);
-                        finish();
-                        hidePreloader();
+                        String message;
+                        if (isPasswordGenerated) {
+                            String generatedPassword = binding.changePasswordNewPassword.getValue();
+                            message = "Password Saved: " + generatedPassword;
+                            alertDialog(activity, message);
+                            //Toast.makeText(getApplicationContext(), "Password Saved: " + generatedPassword, Toast.LENGTH_LONG).show();
+                        } else {
+                            message = "Password changed successfully";
+                            alertDialog(activity, message);
+
+                            //Toast.makeText(getApplicationContext(), "Password changed successfully", Toast.LENGTH_LONG).show();
+                        }
+
+
+                        //NotificationHelper.showNotification(binding, NotificationType.SUCCESS, R.string.message_password_changed);
+
                     }
 
                 }
 
                 @Override
                 public void onFailure(Call<String> call, Throwable t) {
-                    Toast.makeText(getApplicationContext(), "Could not connect to server", Toast.LENGTH_SHORT).show();
+                    String message = "Could not connect to server";
+                    //Toast.makeText(getApplicationContext(), "Could not connect to server", Toast.LENGTH_SHORT).show();
+                    alertDialog(activity, message);
+
                 }
             });
         } catch (Exception e) {
@@ -202,6 +230,43 @@ public void onFailure(Call<String> call, Throwable t) {
 
     }
 
+
+    public void alertDialog(Activity activity, String password) {
+        AlertDialog.Builder builder = new AlertDialog.Builder(activity);
+        LayoutInflater inflater = activity.getLayoutInflater();
+        View dialogView = inflater.inflate(R.layout.dialog_change_password, null);
+
+        TextView passwordTextView = dialogView.findViewById(R.id.passwordTextView);
+
+        Button copyButton = dialogView.findViewById(R.id.copyButton);
+        if (isPasswordGenerated) {
+            copyButton.setVisibility(View.VISIBLE);
+        }
+
+        passwordTextView.setText(password);
+
+        copyButton.setOnClickListener(v -> {
+            // Copy password to clipboard
+            ClipboardManager clipboard = (ClipboardManager) activity.getSystemService(Context.CLIPBOARD_SERVICE);
+            ClipData clip = ClipData.newPlainText("Password", password);
+            clipboard.setPrimaryClip(clip);
+            Toast.makeText(activity, "Password copied to clipboard", Toast.LENGTH_SHORT).show();
+        });
+
+        builder.setView(dialogView);
+        builder.setCancelable(true);
+        builder.setPositiveButton(activity.getString(R.string.action_ok), new DialogInterface.OnClickListener() {
+            @Override
+            public void onClick(DialogInterface dialog, int which) {
+                dialog.dismiss();
+                finish();
+            }
+        });
+
+        AlertDialog dialog = builder.create();
+        dialog.show();
+    }
+    
     /**
      * When clicked on submit
      **/
@@ -236,10 +301,12 @@ public void savePassword(View view) {
         }
         if (!configPassword.equals(currentPassword)) {
             binding.changePasswordCurrentPassword.enableErrorState(R.string.error_current_password_incorrect);
+            Toast.makeText(getApplicationContext(), R.string.error_current_password_incorrect, Toast.LENGTH_SHORT).show();
             isValid = false;
         }
         if (!newPassword.equals(confirmPassword)) {
             binding.changePasswordConfirmPassword.enableErrorState(R.string.error_passwords_do_not_match);
+            Toast.makeText(getApplicationContext(), R.string.error_passwords_do_not_match, Toast.LENGTH_SHORT).show();
             isValid = false;
         }
 
@@ -251,7 +318,7 @@ public void savePassword(View view) {
             RetroProvider.connectAsyncHandled(this, true, true, result -> {
                 if (Boolean.TRUE.equals(result)) {
                     try {
-                        executeSaveNewPasswordCall(UserDtoHelper.saveNewPassword(ConfigProvider.getUser().getUuid(), newPassword, currentPassword));
+                        executeSaveNewPasswordCall(UserDtoHelper.saveNewPassword(ConfigProvider.getUser().getUuid(), newPassword, currentPassword), this);
                         setNewPassword(newPassword);
                     } catch (Exception e) {
                         binding.actionPasswordStrength.setVisibility(View.VISIBLE);
diff --git a/sormas-app/app/src/main/res/layout/dialog_change_password.xml b/sormas-app/app/src/main/res/layout/dialog_change_password.xml
new file mode 100644
index 00000000000..ec5cb1e179d
--- /dev/null
+++ b/sormas-app/app/src/main/res/layout/dialog_change_password.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="utf-8"?>
+<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
+    android:orientation="vertical"
+    android:layout_width="match_parent"
+    android:layout_height="wrap_content"
+    android:padding="16dp">
+
+    <TextView
+        android:id="@+id/passwordTextView"
+        android:layout_width="match_parent"
+        android:layout_height="wrap_content"
+        android:textColor="@android:color/black"
+        android:textSize="16sp"
+        android:padding="8dp"
+        android:gravity="center_vertical"
+        android:text="Password" />
+
+    <Button
+        android:id="@+id/copyButton"
+        android:layout_width="wrap_content"
+        android:layout_height="wrap_content"
+        android:text="Copy to Clipboard"
+        android:layout_gravity="end"
+        android:visibility="gone"
+        android:layout_marginTop="8dp" />
+
+</LinearLayout>
diff --git a/sormas-app/app/src/main/res/values/strings.xml b/sormas-app/app/src/main/res/values/strings.xml
index 2197e0cd598..bfdbc647491 100644
--- a/sormas-app/app/src/main/res/values/strings.xml
+++ b/sormas-app/app/src/main/res/values/strings.xml
@@ -755,5 +755,7 @@
     <string name="error_confirm_password_empty">Confirm Password Cannot be Empty</string>
     <string name="error_current_password_incorrect">Current Password is Incorrect</string>
     <string name="error_passwords_do_not_match">Passwords do not match</string>
+    <string name="error_title">Error</string>
+    <string name="success_title">Success</string>
 
 </resources>

From 8ff346d042b8be9ae89354b0a15832ce1580bb77 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 23 Jul 2024 17:26:27 +0000
Subject: [PATCH 56/95] update of generate password with number check

---
 .../sormas/api/utils/PasswordHelper.java      | 209 ++++++++++--------
 .../app/login/ChangePasswordActivity.java     |  60 ++---
 .../res/layout/dialog_change_password.xml     |  19 +-
 .../app/src/main/res/values/strings.xml       |   2 +-
 .../backend/util/PasswordValidator.java       |  16 +-
 .../backend/user/UserFacadeEjbTest.java       |   4 +-
 6 files changed, 160 insertions(+), 150 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java b/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
index 84f97c78323..ecdf02b8e91 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
@@ -17,101 +17,132 @@
  *******************************************************************************/
 package de.symeda.sormas.api.utils;
 
+import org.apache.commons.codec.binary.Hex;
+
+import javax.validation.ValidationException;
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.util.Arrays;
 
-import javax.validation.ValidationException;
-
-import org.apache.commons.codec.binary.Hex;
-
 public final class PasswordHelper {
 
-	private PasswordHelper() {
-		// Hide Utility Class Constructor
-	}
-
-	private static final char[] PASSWORD_CHARS = new char[26 - 2 + 26 - 3 + 8];
-	static {
-		int i = 0;
-		for (char ch = 'a'; ch <= 'z'; ch++) {
-			switch (ch) {
-			case 'l':
-				continue;
-			case 'v':
-				continue;
-			default:
-				PASSWORD_CHARS[i++] = ch;
-			}
-		}
-		for (char ch = 'A'; ch <= 'Z'; ch++) {
-			switch (ch) {
-			case 'I':
-				continue;
-			case 'O':
-				continue;
-			case 'V':
-				continue;
-			default:
-				PASSWORD_CHARS[i++] = ch;
-			}
-		}
-		for (char ch = '2'; ch <= '9'; ch++) {
-			PASSWORD_CHARS[i++] = ch;
-		}
-
-		if (i != PASSWORD_CHARS.length) {
-			throw new ValidationException("Size of password char array does not match defined values.");
-		}
-	}
-
-	public static String generatePasswordWithSpecialChars(int length) {
-		// Combine the existing character set with special characters
-		char[] combinedChars = Arrays.copyOf(PASSWORD_CHARS, PASSWORD_CHARS.length + 10);
-		combinedChars[PASSWORD_CHARS.length] = '!';
-		combinedChars[PASSWORD_CHARS.length + 1] = '@';
-		combinedChars[PASSWORD_CHARS.length + 2] = '#';
-		combinedChars[PASSWORD_CHARS.length + 3] = '$';
-		combinedChars[PASSWORD_CHARS.length + 4] = '%';
-		combinedChars[PASSWORD_CHARS.length + 5] = '^';
-		combinedChars[PASSWORD_CHARS.length + 6] = '&';
-		combinedChars[PASSWORD_CHARS.length + 7] = '*';
-		combinedChars[PASSWORD_CHARS.length + 8] = '(';
-		combinedChars[PASSWORD_CHARS.length + 9] = ')';
-
-		SecureRandom rnd = new SecureRandom();
-		char[] chs = new char[length];
-		for (int i = 0; i < length; i++)
-			chs[i] = combinedChars[rnd.nextInt(combinedChars.length)];
-		return new String(chs);
-	}
-
-	public static String createPass(final int length) {
-
-		SecureRandom rnd = new SecureRandom();
-
-		char[] chs = new char[length];
-		for (int i = 0; i < length; i++)
-			chs[i] = PASSWORD_CHARS[rnd.nextInt(PASSWORD_CHARS.length)];
-		final String val = new String(chs);
-
-		return val;
-	}
-
-	public static String encodePassword(String password, String seed) {
-
-		MessageDigest digest;
-		try {
-			digest = MessageDigest.getInstance("SHA-256");
-			digest.reset();
-			byte[] digested = digest.digest((password + seed).getBytes(StandardCharsets.UTF_8));
-			String encoded = Hex.encodeHexString(digested);
-			return encoded;
-
-		} catch (NoSuchAlgorithmException e) {
-			throw new RuntimeException(e);
-		}
-	}
+    private PasswordHelper() {
+        // Hide Utility Class Constructor
+    }
+
+    private static final char[] PASSWORD_CHARS = new char[26 - 2 + 26 - 3 + 8];
+
+    static {
+        int i = 0;
+        for (char ch = 'a'; ch <= 'z'; ch++) {
+            switch (ch) {
+                case 'l':
+                    continue;
+                case 'v':
+                    continue;
+                default:
+                    PASSWORD_CHARS[i++] = ch;
+            }
+        }
+        for (char ch = 'A'; ch <= 'Z'; ch++) {
+            switch (ch) {
+                case 'I':
+                    continue;
+                case 'O':
+                    continue;
+                case 'V':
+                    continue;
+                default:
+                    PASSWORD_CHARS[i++] = ch;
+            }
+        }
+        for (char ch = '2'; ch <= '9'; ch++) {
+            PASSWORD_CHARS[i++] = ch;
+        }
+
+        if (i != PASSWORD_CHARS.length) {
+            throw new ValidationException("Size of password char array does not match defined values.");
+        }
+    }
+
+    public static String generatePasswordWithSpecialChars(int length) {
+        // Combine the existing character set with special characters
+        char[] combinedChars = Arrays.copyOf(PASSWORD_CHARS, PASSWORD_CHARS.length + 10);
+        combinedChars[PASSWORD_CHARS.length] = '!';
+        combinedChars[PASSWORD_CHARS.length + 1] = '@';
+        combinedChars[PASSWORD_CHARS.length + 2] = '#';
+        combinedChars[PASSWORD_CHARS.length + 3] = '$';
+        combinedChars[PASSWORD_CHARS.length + 4] = '%';
+        combinedChars[PASSWORD_CHARS.length + 5] = '^';
+        combinedChars[PASSWORD_CHARS.length + 6] = '&';
+        combinedChars[PASSWORD_CHARS.length + 7] = '*';
+        combinedChars[PASSWORD_CHARS.length + 8] = '(';
+        combinedChars[PASSWORD_CHARS.length + 9] = ')';
+
+        SecureRandom rnd = new SecureRandom();
+        char[] chs = new char[length];
+
+        // Ensure at least one digit
+        chs[0] = (char) ('2' + rnd.nextInt(8)); // 2-9
+
+        // Ensure at least one special character
+        chs[1] = combinedChars[PASSWORD_CHARS.length + rnd.nextInt(10)];
+
+        // Ensure at least one uppercase letter
+        chs[2] = (char) ('A' + rnd.nextInt(26));
+        while (chs[2] == 'I' || chs[2] == 'O' || chs[2] == 'V') {
+            chs[2] = (char) ('A' + rnd.nextInt(26));
+        }
+
+        // Ensure at least one lowercase letter
+        chs[3] = (char) ('a' + rnd.nextInt(26));
+        while (chs[3] == 'l' || chs[3] == 'v') {
+            chs[3] = (char) ('a' + rnd.nextInt(26));
+        }
+
+        // Fill the rest of the password
+        for (int i = 4; i < length; i++) {
+            chs[i] = combinedChars[rnd.nextInt(combinedChars.length)];
+        }
+
+        // Shuffle the password array to avoid predictable patterns
+        for (int i = 0; i < chs.length; i++) {
+            int randomIndex = rnd.nextInt(chs.length);
+            char temp = chs[i];
+            chs[i] = chs[randomIndex];
+            chs[randomIndex] = temp;
+        }
+
+        return new String(chs);
+    }
+
+
+    public static String createPass(final int length) {
+
+        SecureRandom rnd = new SecureRandom();
+
+        char[] chs = new char[length];
+        for (int i = 0; i < length; i++)
+            chs[i] = PASSWORD_CHARS[rnd.nextInt(PASSWORD_CHARS.length)];
+        final String val = new String(chs);
+
+        return val;
+    }
+
+    public static String encodePassword(String password, String seed) {
+
+        MessageDigest digest;
+        try {
+            digest = MessageDigest.getInstance("SHA-256");
+            digest.reset();
+            byte[] digested = digest.digest((password + seed).getBytes(StandardCharsets.UTF_8));
+            String encoded = Hex.encodeHexString(digested);
+            return encoded;
+
+        } catch (NoSuchAlgorithmException e) {
+            throw new RuntimeException(e);
+        }
+    }
 }
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index 6ca91b865f4..f64c3511849 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -17,7 +17,6 @@
 import android.util.Log;
 import android.view.LayoutInflater;
 import android.view.View;
-import android.widget.Button;
 import android.widget.ProgressBar;
 import android.widget.TextView;
 import android.widget.Toast;
@@ -50,7 +49,7 @@ public class ChangePasswordActivity extends BaseLocalizedActivity implements Act
 
     public static final String TAG = ChangePasswordActivity.class.getSimpleName();
 
-    private boolean isAtLeast8 = false, hasUppercase = false, hasNumber = false, hasSymbol = false, isGood = false;
+    private boolean isAtLeast8 = false, hasUppercase = false, hasNumber = false, hasSpecialCharacter = false, isGood = false;
 
     private ActivityChangePasswordLayoutBinding binding;
     private ProgressBar preloader;
@@ -109,8 +108,8 @@ public void registrationDataCheck(View view) {
         isAtLeast8 = newPassword.length() >= 8;
         hasUppercase = newPassword.matches("(.*[A-Z].*)");
         hasNumber = newPassword.matches("(.*[0-9].*)");
-        hasSymbol = newPassword.matches("^(?=.*[_@#%&?;,.()]).*$");
-        if (isAtLeast8 && hasNumber && hasUppercase && hasSymbol) {
+        hasSpecialCharacter = newPassword.matches(".*[^a-zA-Z0-9\\s].*");
+        if (isAtLeast8 && hasNumber && hasUppercase && hasSpecialCharacter) {
             isGood = true;
             binding.actionPasswordStrength.setVisibility(view.getVisibility());
             binding.actionPasswordStrength.setText(R.string.message_password_strong);
@@ -182,7 +181,6 @@ public void onFailure(@NonNull Call<String> call, @NonNull Throwable t) {
         }
     }
 
-
     private void executeSaveNewPasswordCall(Call<String> call, Activity activity) {
         try {
             showPreloader();
@@ -194,24 +192,20 @@ public void onResponse(Call<String> call, Response<String> response) {
 
                     if (response.code() != 200) {
                         NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_save_password);
-
                     } else {
                         String message;
+                        String title;
+                        title = "Change Passworrd";
+
                         if (isPasswordGenerated) {
                             String generatedPassword = binding.changePasswordNewPassword.getValue();
-                            message = "Password Saved: " + generatedPassword;
-                            alertDialog(activity, message);
-                            //Toast.makeText(getApplicationContext(), "Password Saved: " + generatedPassword, Toast.LENGTH_LONG).show();
+                            message = generatedPassword;
+                            alertDialog(activity, message, title);
                         } else {
                             message = "Password changed successfully";
-                            alertDialog(activity, message);
-
-                            //Toast.makeText(getApplicationContext(), "Password changed successfully", Toast.LENGTH_LONG).show();
+                            alertDialog(activity, message, title);
                         }
-
-
-                        //NotificationHelper.showNotification(binding, NotificationType.SUCCESS, R.string.message_password_changed);
-
+                        NotificationHelper.showNotification(binding, NotificationType.SUCCESS, R.string.message_password_changed);
                     }
 
                 }
@@ -219,9 +213,9 @@ public void onResponse(Call<String> call, Response<String> response) {
                 @Override
                 public void onFailure(Call<String> call, Throwable t) {
                     String message = "Could not connect to server";
-                    //Toast.makeText(getApplicationContext(), "Could not connect to server", Toast.LENGTH_SHORT).show();
-                    alertDialog(activity, message);
+                    String title = "Change Passworrd";
 
+                    alertDialog(activity, message, title);
                 }
             });
         } catch (Exception e) {
@@ -230,25 +224,23 @@ public void onFailure(Call<String> call, Throwable t) {
 
     }
 
-
-    public void alertDialog(Activity activity, String password) {
+    public void alertDialog(Activity activity, String message, String title) {
         AlertDialog.Builder builder = new AlertDialog.Builder(activity);
         LayoutInflater inflater = activity.getLayoutInflater();
         View dialogView = inflater.inflate(R.layout.dialog_change_password, null);
 
         TextView passwordTextView = dialogView.findViewById(R.id.passwordTextView);
 
-        Button copyButton = dialogView.findViewById(R.id.copyButton);
         if (isPasswordGenerated) {
-            copyButton.setVisibility(View.VISIBLE);
+            passwordTextView.setText(message);
         }
 
-        passwordTextView.setText(password);
+        builder.setTitle(title);
 
-        copyButton.setOnClickListener(v -> {
+        passwordTextView.setOnClickListener(v -> {
             // Copy password to clipboard
             ClipboardManager clipboard = (ClipboardManager) activity.getSystemService(Context.CLIPBOARD_SERVICE);
-            ClipData clip = ClipData.newPlainText("Password", password);
+            ClipData clip = ClipData.newPlainText("Password", message);
             clipboard.setPrimaryClip(clip);
             Toast.makeText(activity, "Password copied to clipboard", Toast.LENGTH_SHORT).show();
         });
@@ -266,7 +258,7 @@ public void onClick(DialogInterface dialog, int which) {
         AlertDialog dialog = builder.create();
         dialog.show();
     }
-    
+
     /**
      * When clicked on submit
      **/
@@ -290,23 +282,19 @@ public void savePassword(View view) {
         if (currentPassword == null || currentPassword.trim().isEmpty()) {
             binding.changePasswordCurrentPassword.enableErrorState(R.string.error_current_password_empty);
             isValid = false;
-        }
-        if (newPassword == null || newPassword.trim().isEmpty()) {
+        } else if (newPassword == null || newPassword.trim().isEmpty()) {
             binding.changePasswordNewPassword.enableErrorState(R.string.error_new_password_empty);
             isValid = false;
-        }
-        if (confirmPassword == null || confirmPassword.trim().isEmpty()) {
+        } else if (confirmPassword == null || confirmPassword.trim().isEmpty()) {
             binding.changePasswordConfirmPassword.enableErrorState(R.string.error_confirm_password_empty);
             isValid = false;
-        }
-        if (!configPassword.equals(currentPassword)) {
+        } else if (!configPassword.equals(currentPassword)) {
             binding.changePasswordCurrentPassword.enableErrorState(R.string.error_current_password_incorrect);
-            Toast.makeText(getApplicationContext(), R.string.error_current_password_incorrect, Toast.LENGTH_SHORT).show();
+            NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.error_current_password_incorrect);
             isValid = false;
-        }
-        if (!newPassword.equals(confirmPassword)) {
+        } else if (!newPassword.equals(confirmPassword)) {
             binding.changePasswordConfirmPassword.enableErrorState(R.string.error_passwords_do_not_match);
-            Toast.makeText(getApplicationContext(), R.string.error_passwords_do_not_match, Toast.LENGTH_SHORT).show();
+            NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.error_passwords_do_not_match);
             isValid = false;
         }
 
diff --git a/sormas-app/app/src/main/res/layout/dialog_change_password.xml b/sormas-app/app/src/main/res/layout/dialog_change_password.xml
index ec5cb1e179d..8080c5147ae 100644
--- a/sormas-app/app/src/main/res/layout/dialog_change_password.xml
+++ b/sormas-app/app/src/main/res/layout/dialog_change_password.xml
@@ -7,21 +7,14 @@
 
     <TextView
         android:id="@+id/passwordTextView"
-        android:layout_width="match_parent"
+        android:layout_width="wrap_content"
         android:layout_height="wrap_content"
+        android:text="@string/password_change_success"
+        android:textSize="18sp"
         android:textColor="@android:color/black"
-        android:textSize="16sp"
         android:padding="8dp"
-        android:gravity="center_vertical"
-        android:text="Password" />
-
-    <Button
-        android:id="@+id/copyButton"
-        android:layout_width="wrap_content"
-        android:layout_height="wrap_content"
-        android:text="Copy to Clipboard"
-        android:layout_gravity="end"
-        android:visibility="gone"
-        android:layout_marginTop="8dp" />
+        android:background="?attr/selectableItemBackground"
+        android:clickable="true"
+        android:focusable="true" />
 
 </LinearLayout>
diff --git a/sormas-app/app/src/main/res/values/strings.xml b/sormas-app/app/src/main/res/values/strings.xml
index bfdbc647491..bdea550e5c8 100644
--- a/sormas-app/app/src/main/res/values/strings.xml
+++ b/sormas-app/app/src/main/res/values/strings.xml
@@ -757,5 +757,5 @@
     <string name="error_passwords_do_not_match">Passwords do not match</string>
     <string name="error_title">Error</string>
     <string name="success_title">Success</string>
-
+    <string name="password_change_success">User\'s password was changed successfully</string>
 </resources>
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
index 0a5d58c3b35..66b4f3d21a3 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
@@ -5,36 +5,34 @@ public class PasswordValidator {
     private PasswordValidator() {
         throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
     }
-    public static String  checkPasswordStrength(String password) {
+
+    public static String checkPasswordStrength(String password) {
         boolean strongPassword = isStrongPassword(password);
 
         if (strongPassword) {
-            return "Password Strength is Strong";
-        }
-        else {
-            return "Password Strength is Weak";
+            return "Password is Strong";
+        } else {
+            return "Password is Weak";
         }
     }
 
     public static boolean isStrongPassword(String password) {
-        return password.length() >= 8 && hasDigits(password) && hasSpecialCharacters(password)&& hasCapitalLetter(password);
+        return password.length() >= 8 && hasDigits(password) && hasSpecialCharacters(password) && hasCapitalLetter(password);
     }
 
 
     private static boolean hasDigits(String password) {
         return password.chars().anyMatch(Character::isDigit);
     }
-    
+
     private static boolean hasSpecialCharacters(String password) {
         return password.chars().anyMatch(ch -> !Character.isLetterOrDigit(ch) && !Character.isWhitespace(ch));
     }
 
 
-
     private static boolean hasCapitalLetter(String password) {
         return password.chars().anyMatch(Character::isUpperCase);
     }
 
 
-
 }
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
index aad3cde1cbf..a80f801e00f 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
@@ -531,13 +531,13 @@ void testValidatePasswordInvalid() {
     @Test
     void testCheckPasswordStrengthStrong() {
         String result = getUserFacade().checkPasswordStrength("Verystrongassword134$");
-        assertEquals("Password Strength is Strong", result);
+        assertEquals("Password is Strong", result);
     }
 
     @Test
     void testCheckPasswordStrengthWeak() {
         String result = getUserFacade().checkPasswordStrength("weak");
-        assertEquals("Password Strength is Weak", result);
+        assertEquals("Password is Weak", result);
     }
 
 }

From 4c26528803cea455f24fe29833919dba5f91f079 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 23 Jul 2024 18:09:29 +0000
Subject: [PATCH 57/95] clean up on build.gradle

---
 sormas-app/app/build.gradle | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/sormas-app/app/build.gradle b/sormas-app/app/build.gradle
index b0f3284b336..1a8455112be 100644
--- a/sormas-app/app/build.gradle
+++ b/sormas-app/app/build.gradle
@@ -74,7 +74,6 @@ android {
     }
     buildFeatures {
         dataBinding true
-        viewBinding true
     }
 
     // needed for pre androidx testing. This will not make it's way into the apk
@@ -95,12 +94,6 @@ repositories {
 }
 
 dependencies {
-    implementation 'androidx.constraintlayout:constraintlayout:2.1.3'
-    implementation 'androidx.lifecycle:lifecycle-livedata-ktx:2.4.0'
-    implementation 'androidx.lifecycle:lifecycle-viewmodel-ktx:2.4.0'
-    def lifecycle_version = "2.2.0"
-    def paging_version = "3.0.1"
-
     implementation fileTree(include: ['*.jar'], dir: 'libs')
     implementation platform('com.google.firebase:firebase-bom:32.2.0')
     implementation 'androidx.appcompat:appcompat:1.6.1'

From 3c71a908e28e0b275a412e3390aee59ed6dcc03a Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 20 Aug 2024 11:10:33 +0000
Subject: [PATCH 58/95] clean up after review

---
 .../symeda/sormas/api/task/TaskAssignee.java  |   32 +-
 .../api/task/TaskContextIndexCriteria.java    |   46 +-
 .../symeda/sormas/api/task/TaskDateType.java  |   29 +-
 .../de/symeda/sormas/api/user/UserDto.java    |  607 +++---
 .../de/symeda/sormas/api/user/UserFacade.java |  122 +-
 .../symeda/sormas/api/user/UserRoleDto.java   |   18 +-
 .../sormas/api/utils/PasswordHelper.java      |    7 +-
 sormas-app/app/src/main/AndroidManifest.xml   |  427 +++--
 .../app/backend/config/ConfigProvider.java    |   18 +-
 .../controls/ControlPasswordField.java        |    4 +-
 .../sormas/app/settings/SettingsFragment.java |    2 +-
 .../res/layout/control_password_layout.xml    |    1 -
 sormas-app/app/src/main/res/values/dimens.xml |   12 +
 .../app/src/main/res/values/strings.xml       |   27 +-
 sormas-app/app/src/main/res/values/styles.xml |    1 +
 .../backend/user/CurrentUserService.java      |   24 +-
 .../sormas/backend/user/UserFacadeEjb.java    |  117 +-
 .../sormas/backend/user/UserService.java      | 1642 ++++++++---------
 .../backend/util/PasswordValidator.java       |    3 -
 .../sormas/backend/AbstractBeanTest.java      |   71 +-
 .../EnvironmentSampleServiceTest.java         |   13 +-
 .../backend/user/UserFacadeEjbTest.java       |   85 +-
 .../sormas/rest/resources/UserResource.java   |   17 +-
 .../main/java/de/symeda/sormas/ui/Menu.java   |   24 +-
 .../symeda/sormas/ui/user/UserController.java |   37 +-
 25 files changed, 1750 insertions(+), 1636 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskAssignee.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskAssignee.java
index 908e06f1256..b94998f9426 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskAssignee.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskAssignee.java
@@ -1,33 +1,15 @@
-/*******************************************************************************
- * SORMAS® - Surveillance Outbreak Response Management & Analysis System
- * Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <https://www.gnu.org/licenses/>.
- *******************************************************************************/
-
 package de.symeda.sormas.api.task;
 
 import de.symeda.sormas.api.i18n.I18nProperties;
 
 public enum TaskAssignee {
 
-	ALL,
-	CURRENT_USER,
-	OTHER_USERS;
+    ALL,
+    CURRENT_USER,
+    OTHER_USERS;
 
-	@Override
-	public String toString() {
-		return I18nProperties.getEnumCaption(this);
-	}
+    @Override
+    public String toString() {
+        return I18nProperties.getEnumCaption(this);
+    }
 }
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
index fb86f7e9fe3..eea003bc3db 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
@@ -1,21 +1,3 @@
-/*******************************************************************************
- * SORMAS® - Surveillance Outbreak Response Management & Analysis System
- * Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <https://www.gnu.org/licenses/>.
- *******************************************************************************/
-
 package de.symeda.sormas.api.task;
 
 import de.symeda.sormas.api.audit.AuditIncludeProperty;
@@ -26,22 +8,22 @@
 @AuditedClass
 public class TaskContextIndexCriteria implements Serializable, Cloneable {
 
-	private TaskContext taskContext;
-	@AuditIncludeProperty
-	private String uuid;
+    private TaskContext taskContext;
+    @AuditIncludeProperty
+    private String uuid;
 
-	public TaskContextIndexCriteria() {
-	}
+    public TaskContextIndexCriteria() {
+    }
 
-	public TaskContextIndexCriteria(TaskContext taskContext) {
-		this.taskContext = taskContext;
-	}
+    public TaskContextIndexCriteria(TaskContext taskContext) {
+        this.taskContext = taskContext;
+    }
 
-	public TaskContext getTaskContext() {
-		return taskContext;
-	}
+    public TaskContext getTaskContext() {
+        return taskContext;
+    }
 
-	public String getUuid() {
-		return uuid;
-	}
+    public String getUuid() {
+        return uuid;
+    }
 }
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskDateType.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskDateType.java
index 9a7b34f7644..007b4704a14 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskDateType.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskDateType.java
@@ -1,31 +1,14 @@
-/*******************************************************************************
- * SORMAS® - Surveillance Outbreak Response Management & Analysis System
- * Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <https://www.gnu.org/licenses/>.
- *******************************************************************************/
 package de.symeda.sormas.api.task;
 
 import de.symeda.sormas.api.i18n.I18nProperties;
 
 public enum TaskDateType {
 
-	SUGGESTED_START_DATE,
-	DUE_DATE;
+    SUGGESTED_START_DATE,
+    DUE_DATE;
 
-	@Override
-	public String toString() {
-		return I18nProperties.getEnumCaption(this);
-	}
+    @Override
+    public String toString() {
+        return I18nProperties.getEnumCaption(this);
+    }
 }
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
index 84cf201ab72..6a25643e827 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
@@ -13,316 +13,315 @@
  * along with this program. If not, see <https://www.gnu.org/licenses/>.
  */
 
-package de.symeda.sormas.api.user;
-
-import java.util.Collections;
-import java.util.Set;
-
-import javax.validation.Valid;
-import javax.validation.constraints.Size;
-
-import com.fasterxml.jackson.annotation.JsonIgnore;
-
-import de.symeda.sormas.api.Disease;
-import de.symeda.sormas.api.EntityDto;
-import de.symeda.sormas.api.Language;
-import de.symeda.sormas.api.audit.AuditIncludeProperty;
-import de.symeda.sormas.api.i18n.Validations;
-import de.symeda.sormas.api.infrastructure.community.CommunityReferenceDto;
-import de.symeda.sormas.api.infrastructure.district.DistrictReferenceDto;
-import de.symeda.sormas.api.infrastructure.facility.FacilityReferenceDto;
-import de.symeda.sormas.api.infrastructure.pointofentry.PointOfEntryReferenceDto;
-import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
-import de.symeda.sormas.api.location.LocationDto;
-import de.symeda.sormas.api.utils.DataHelper;
-import de.symeda.sormas.api.utils.FeatureIndependent;
-import de.symeda.sormas.api.utils.FieldConstraints;
+ package de.symeda.sormas.api.user;
+
+ import java.util.Collections;
+ import java.util.Set;
+ 
+ import javax.validation.Valid;
+ import javax.validation.constraints.Size;
+ 
+ import com.fasterxml.jackson.annotation.JsonIgnore;
+ 
+ import de.symeda.sormas.api.Disease;
+ import de.symeda.sormas.api.EntityDto;
+ import de.symeda.sormas.api.Language;
+ import de.symeda.sormas.api.audit.AuditIncludeProperty;
+ import de.symeda.sormas.api.i18n.Validations;
+ import de.symeda.sormas.api.infrastructure.community.CommunityReferenceDto;
+ import de.symeda.sormas.api.infrastructure.district.DistrictReferenceDto;
+ import de.symeda.sormas.api.infrastructure.facility.FacilityReferenceDto;
+ import de.symeda.sormas.api.infrastructure.pointofentry.PointOfEntryReferenceDto;
+ import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
+ import de.symeda.sormas.api.location.LocationDto;
+ import de.symeda.sormas.api.utils.DataHelper;
+ import de.symeda.sormas.api.utils.FeatureIndependent;
+ import de.symeda.sormas.api.utils.FieldConstraints;
 
 @FeatureIndependent
 public class UserDto extends EntityDto {
 
-	private static final long serialVersionUID = -8558187171374254398L;
-
-	public static final String COLUMN_NAME_USERROLE = "userrole_id";
-	public static final String COLUMN_NAME_USER_ID = "user_id";
-
-	public static final String I18N_PREFIX = "User";
-
-	public static final String ACTIVE = "active";
-	public static final String USER_NAME = "userName";
-	public static final String FIRST_NAME = "firstName";
-	public static final String LAST_NAME = "lastName";
-	public static final String NAME = "name";
-	public static final String USER_EMAIL = "userEmail";
-	public static final String PHONE = "phone";
-	public static final String ADDRESS = "address";
-	public static final String USER_ROLES = "userRoles";
-	public static final String REGION = "region";
-	public static final String DISTRICT = "district";
-	public static final String COMMUNITY = "community";
-	public static final String HEALTH_FACILITY = "healthFacility";
-	public static final String ASSOCIATED_OFFICER = "associatedOfficer";
-	public static final String LABORATORY = "laboratory";
-	public static final String POINT_OF_ENTRY = "pointOfEntry";
+    private static final long serialVersionUID = -8558187171374254398L;
+
+    public static final String COLUMN_NAME_USERROLE = "userrole_id";
+    public static final String COLUMN_NAME_USER_ID = "user_id";
+
+    public static final String I18N_PREFIX = "User";
+
+    public static final String ACTIVE = "active";
+    public static final String USER_NAME = "userName";
+    public static final String FIRST_NAME = "firstName";
+    public static final String LAST_NAME = "lastName";
+    public static final String NAME = "name";
+    public static final String USER_EMAIL = "userEmail";
+    public static final String PHONE = "phone";
+    public static final String ADDRESS = "address";
+    public static final String USER_ROLES = "userRoles";
+    public static final String REGION = "region";
+    public static final String DISTRICT = "district";
+    public static final String COMMUNITY = "community";
+    public static final String HEALTH_FACILITY = "healthFacility";
+    public static final String ASSOCIATED_OFFICER = "associatedOfficer";
+    public static final String LABORATORY = "laboratory";
+    public static final String POINT_OF_ENTRY = "pointOfEntry";
     public static final String LIMITED_DISEASES = "limitedDiseases";
-	public static final String LANGUAGE = "language";
-	public static final String HAS_CONSENTED_TO_GDPR = "hasConsentedToGdpr";
-	public static final String JURISDICTION_LEVEL = "jurisdictionLevel";
-	public static final String PASSWORD = "currentPassword";
-	public static final String NEW_PASSWORD = "updatePassword";
-	public static final String CONFIRM_PASSWORD = "confirmPassword";
-	public static final String PASSWORD_STRENGTH = "passwordStrength";
-
-	private boolean active = true;
-
-	@Size(max = FieldConstraints.CHARACTER_LIMIT_DEFAULT, message = Validations.textTooLong)
-	@AuditIncludeProperty
-	private String userName;
-
-	@Size(max = FieldConstraints.CHARACTER_LIMIT_DEFAULT, message = Validations.textTooLong)
-	private String firstName;
-	@Size(max = FieldConstraints.CHARACTER_LIMIT_DEFAULT, message = Validations.textTooLong)
-	private String lastName;
-	@Size(max = FieldConstraints.CHARACTER_LIMIT_SMALL, message = Validations.textTooLong)
-	private String userEmail;
-	@Size(max = FieldConstraints.CHARACTER_LIMIT_SMALL, message = Validations.textTooLong)
-	private String phone;
-	@Valid
-	private LocationDto address;
-
-	private Set<UserRoleReferenceDto> userRoles = Collections.emptySet();
-
-	private RegionReferenceDto region;
-	private DistrictReferenceDto district;
-	// community of community informant
-	private CommunityReferenceDto community;
-	// facility of informant
-	private FacilityReferenceDto healthFacility;
-	// laboratory of lab user
-	private FacilityReferenceDto laboratory;
-	// point of entry of POE users
-	private PointOfEntryReferenceDto pointOfEntry;
-
-	private UserReferenceDto associatedOfficer;
-
-	private Set<Disease> limitedDiseases;
-
-	private Language language;
-
-	private boolean hasConsentedToGdpr;
-	private String currentPassword;
-	private String updatePassword;
-	private String confirmPassword;
-	private String passwordStrength;
-
-	private JurisdictionLevel jurisdictionLevel;
-
-	public static UserDto build() {
-		UserDto user = new UserDto();
-		user.setUuid(DataHelper.createUuid());
-		user.setAddress(LocationDto.build());
-		return user;
-	}
-
-	public boolean isActive() {
-		return active;
-	}
-
-	public void setActive(boolean active) {
-		this.active = active;
-	}
-
-	public String getUserName() {
-		return userName;
-	}
-
-	public void setUserName(String userName) {
-		this.userName = userName;
-	}
-
-	public String getFirstName() {
-		return firstName;
-	}
-
-	public void setFirstName(String firstName) {
-		this.firstName = firstName;
-	}
-
-	public String getLastName() {
-		return lastName;
-	}
-
-	public void setLastName(String lastName) {
-		this.lastName = lastName;
-	}
-
-	public String getName() {
-		return firstName + " " + lastName;
-	}
-
-	public String getUserEmail() {
-		return userEmail;
-	}
-
-	public void setUserEmail(String userEmail) {
-		this.userEmail = userEmail;
-	}
-
-	public void setCurrentPassword(String currentPassword) {
-		this.currentPassword = currentPassword;
-	}
-
-	public String getCurrentPassword() {
-		return currentPassword;
-	}
-
-	public void setUpdatePassword(String updatePassword) {
-		this.updatePassword = updatePassword;
-	}
-
-	public String getUpdatePassword() {
-		return updatePassword;
-	}
-
-	public void setConfirmPassword(String confirmPassword) {
-		this.confirmPassword = confirmPassword;
-	}
-
-	public String getConfirmPassword() {
-		return confirmPassword;
-	}
-
-	public void setPasswordStrength(String passwordStrength) {
-		this.passwordStrength = passwordStrength;
-	}
-
-	public String getPasswordStrength() {
-		return passwordStrength;
-	}
+    public static final String LANGUAGE = "language";
+    public static final String HAS_CONSENTED_TO_GDPR = "hasConsentedToGdpr";
+    public static final String JURISDICTION_LEVEL = "jurisdictionLevel";
+    public static final String PASSWORD = "currentPassword";
+    public static final String NEW_PASSWORD = "newPassword";
+    public static final String CONFIRM_PASSWORD = "confirmPassword";
+
+    private boolean active = true;
+
+    @Size(max = FieldConstraints.CHARACTER_LIMIT_DEFAULT, message = Validations.textTooLong)
+    @AuditIncludeProperty
+    private String userName;
+
+    @Size(max = FieldConstraints.CHARACTER_LIMIT_DEFAULT, message = Validations.textTooLong)
+    private String firstName;
+    @Size(max = FieldConstraints.CHARACTER_LIMIT_DEFAULT, message = Validations.textTooLong)
+    private String lastName;
+    @Size(max = FieldConstraints.CHARACTER_LIMIT_SMALL, message = Validations.textTooLong)
+    private String userEmail;
+    @Size(max = FieldConstraints.CHARACTER_LIMIT_SMALL, message = Validations.textTooLong)
+    private String phone;
+    @Valid
+    private LocationDto address;
+
+    private Set<UserRoleReferenceDto> userRoles = Collections.emptySet();
+
+    private RegionReferenceDto region;
+    private DistrictReferenceDto district;
+    // community of community informant
+    private CommunityReferenceDto community;
+    // facility of informant
+    private FacilityReferenceDto healthFacility;
+    // laboratory of lab user
+    private FacilityReferenceDto laboratory;
+    // point of entry of POE users
+    private PointOfEntryReferenceDto pointOfEntry;
+
+    private UserReferenceDto associatedOfficer;
+
+    private Set<Disease> limitedDiseases;
+
+    private Language language;
+
+    private boolean hasConsentedToGdpr;
+    private String currentPassword;
+    private String updatePassword;
+    private String confirmPassword;
+    private String passwordStrength;
+
+    private JurisdictionLevel jurisdictionLevel;
+
+    public static UserDto build() {
+        UserDto user = new UserDto();
+        user.setUuid(DataHelper.createUuid());
+        user.setAddress(LocationDto.build());
+        return user;
+    }
+
+    public boolean isActive() {
+        return active;
+    }
+
+    public void setActive(boolean active) {
+        this.active = active;
+    }
+
+    public String getUserName() {
+        return userName;
+    }
+
+    public void setUserName(String userName) {
+        this.userName = userName;
+    }
+
+    public String getFirstName() {
+        return firstName;
+    }
+
+    public void setFirstName(String firstName) {
+        this.firstName = firstName;
+    }
+
+    public String getLastName() {
+        return lastName;
+    }
+
+    public void setLastName(String lastName) {
+        this.lastName = lastName;
+    }
+
+    public String getName() {
+        return firstName + " " + lastName;
+    }
+
+    public String getUserEmail() {
+        return userEmail;
+    }
+
+    public void setUserEmail(String userEmail) {
+        this.userEmail = userEmail;
+    }
+
+    public void setCurrentPassword(String currentPassword) {
+        this.currentPassword = currentPassword;
+    }
+
+    public String getCurrentPassword() {
+        return currentPassword;
+    }
+
+    public void setUpdatePassword(String updatePassword) {
+        this.updatePassword = updatePassword;
+    }
+
+    public String getUpdatePassword() {
+        return updatePassword;
+    }
+
+    public void setConfirmPassword(String confirmPassword) {
+        this.confirmPassword = confirmPassword;
+    }
+
+    public String getConfirmPassword() {
+        return confirmPassword;
+    }
+
+    public void setPasswordStrength(String passwordStrength) {
+        this.passwordStrength = passwordStrength;
+    }
+
+    public String getPasswordStrength() {
+        return passwordStrength;
+    }
 
-	public String getPhone() {
-		return phone;
-	}
+    public String getPhone() {
+        return phone;
+    }
 
-	public void setPhone(String phone) {
-		this.phone = phone;
-	}
-
-	public LocationDto getAddress() {
-		return address;
-	}
-
-	public void setAddress(LocationDto address) {
-		this.address = address;
-	}
-
-	public Set<UserRoleReferenceDto> getUserRoles() {
-		return userRoles;
-	}
-
-	public void setUserRoles(Set<UserRoleReferenceDto> userRoles) {
-		this.userRoles = userRoles;
-	}
+    public void setPhone(String phone) {
+        this.phone = phone;
+    }
+
+    public LocationDto getAddress() {
+        return address;
+    }
+
+    public void setAddress(LocationDto address) {
+        this.address = address;
+    }
+
+    public Set<UserRoleReferenceDto> getUserRoles() {
+        return userRoles;
+    }
+
+    public void setUserRoles(Set<UserRoleReferenceDto> userRoles) {
+        this.userRoles = userRoles;
+    }
 
-	@Override
-	public String buildCaption() {
-		return UserReferenceDto.buildCaption(firstName, lastName);
-	}
-
-	@JsonIgnore
-	public String i18nPrefix() {
-		return I18N_PREFIX;
-	}
-
-	public UserReferenceDto getAssociatedOfficer() {
-		return associatedOfficer;
-	}
-
-	public void setAssociatedOfficer(UserReferenceDto associatedOfficer) {
-		this.associatedOfficer = associatedOfficer;
-	}
-
-	public RegionReferenceDto getRegion() {
-		return region;
-	}
-
-	public void setRegion(RegionReferenceDto region) {
-		this.region = region;
-	}
-
-	public DistrictReferenceDto getDistrict() {
-		return district;
-	}
-
-	public void setDistrict(DistrictReferenceDto district) {
-		this.district = district;
-	}
-
-	public CommunityReferenceDto getCommunity() {
-		return community;
-	}
-
-	public void setCommunity(CommunityReferenceDto community) {
-		this.community = community;
-	}
-
-	public FacilityReferenceDto getHealthFacility() {
-		return healthFacility;
-	}
-
-	public void setHealthFacility(FacilityReferenceDto healthFacility) {
-		this.healthFacility = healthFacility;
-	}
-
-	public FacilityReferenceDto getLaboratory() {
-		return laboratory;
-	}
-
-	public void setLaboratory(FacilityReferenceDto laboratory) {
-		this.laboratory = laboratory;
-	}
-
-	public PointOfEntryReferenceDto getPointOfEntry() {
-		return pointOfEntry;
-	}
-
-	public void setPointOfEntry(PointOfEntryReferenceDto pointOfEntry) {
-		this.pointOfEntry = pointOfEntry;
-	}
-
-	public UserReferenceDto toReference() {
-		return new UserReferenceDto(getUuid(), getFirstName(), getLastName());
-	}
-
-	public Set<Disease> getLimitedDiseases() {
-		return limitedDiseases;
-	}
-
-	public void setLimitedDiseases(Set<Disease> limitedDiseases) {
-		this.limitedDiseases = limitedDiseases;
-	}
-
-	public Language getLanguage() {
-		return language;
-	}
-
-	public void setLanguage(Language language) {
-		this.language = language;
-	}
-
-	public boolean isHasConsentedToGdpr() {
-		return hasConsentedToGdpr;
-	}
-
-	public void setHasConsentedToGdpr(boolean hasConsentedToGdpr) {
-		this.hasConsentedToGdpr = hasConsentedToGdpr;
-	}
-
-	public JurisdictionLevel getJurisdictionLevel() {
-		return jurisdictionLevel;
-	}
-
-	public void setJurisdictionLevel(JurisdictionLevel jurisdictionLevel) {
-		this.jurisdictionLevel = jurisdictionLevel;
-	}
+    @Override
+    public String buildCaption() {
+        return UserReferenceDto.buildCaption(firstName, lastName);
+    }
+
+    @JsonIgnore
+    public String i18nPrefix() {
+        return I18N_PREFIX;
+    }
+
+    public UserReferenceDto getAssociatedOfficer() {
+        return associatedOfficer;
+    }
+
+    public void setAssociatedOfficer(UserReferenceDto associatedOfficer) {
+        this.associatedOfficer = associatedOfficer;
+    }
+
+    public RegionReferenceDto getRegion() {
+        return region;
+    }
+
+    public void setRegion(RegionReferenceDto region) {
+        this.region = region;
+    }
+
+    public DistrictReferenceDto getDistrict() {
+        return district;
+    }
+
+    public void setDistrict(DistrictReferenceDto district) {
+        this.district = district;
+    }
+
+    public CommunityReferenceDto getCommunity() {
+        return community;
+    }
+
+    public void setCommunity(CommunityReferenceDto community) {
+        this.community = community;
+    }
+
+    public FacilityReferenceDto getHealthFacility() {
+        return healthFacility;
+    }
+
+    public void setHealthFacility(FacilityReferenceDto healthFacility) {
+        this.healthFacility = healthFacility;
+    }
+
+    public FacilityReferenceDto getLaboratory() {
+        return laboratory;
+    }
+
+    public void setLaboratory(FacilityReferenceDto laboratory) {
+        this.laboratory = laboratory;
+    }
+
+    public PointOfEntryReferenceDto getPointOfEntry() {
+        return pointOfEntry;
+    }
+
+    public void setPointOfEntry(PointOfEntryReferenceDto pointOfEntry) {
+        this.pointOfEntry = pointOfEntry;
+    }
+
+    public UserReferenceDto toReference() {
+        return new UserReferenceDto(getUuid(), getFirstName(), getLastName());
+    }
+
+    public Set<Disease> getLimitedDiseases() {
+        return limitedDiseases;
+    }
+
+    public void setLimitedDiseases(Set<Disease> limitedDiseases) {
+        this.limitedDiseases = limitedDiseases;
+    }
+
+    public Language getLanguage() {
+        return language;
+    }
+
+    public void setLanguage(Language language) {
+        this.language = language;
+    }
+
+    public boolean isHasConsentedToGdpr() {
+        return hasConsentedToGdpr;
+    }
+
+    public void setHasConsentedToGdpr(boolean hasConsentedToGdpr) {
+        this.hasConsentedToGdpr = hasConsentedToGdpr;
+    }
+
+    public JurisdictionLevel getJurisdictionLevel() {
+        return jurisdictionLevel;
+    }
+
+    public void setJurisdictionLevel(JurisdictionLevel jurisdictionLevel) {
+        this.jurisdictionLevel = jurisdictionLevel;
+    }
 }
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
index ea1496062fb..0075477bf64 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
@@ -42,35 +42,33 @@
 @Remote
 public interface UserFacade {
 
-	UserDto getByUuid(String uuid);
+    UserDto getByUuid(String uuid);
 
-	UserDto saveUser(@Valid UserDto dto, boolean isUserSettingsUpdate);
+    UserDto saveUser(@Valid UserDto dto, boolean isUserSettingsUpdate);
 
-	UserDto saveUserRolesAndRestrictions(UserDto user, Set<UserRoleReferenceDto> userRoles);
+    UserDto saveUserRolesAndRestrictions(UserDto user, Set<UserRoleReferenceDto> userRoles);
 
-	boolean isLoginUnique(String uuid, String userName);
+    boolean isLoginUnique(String uuid, String userName);
 
-	String resetPassword(String uuid);
+    String resetPassword(String uuid);
 
-	String updatePassword(String uuid, String password);
+    String updateUserPassword(String uuid, String newPassword, String currentPassword);
 
-	String updateUserPassword(String uuid, String newPassword, String currentPassword);
+    Set<UserRoleDto> getValidLoginRoles(String userName, String password);
 
-	Set<UserRoleDto> getValidLoginRoles(String userName, String password);
+    boolean validatePassword(String uuid, String password);
 
-	boolean validatePassword(String uuid, String password);
+    String checkPasswordStrength(String password);
 
-	String checkPasswordStrength(String password);
+    boolean isPasswordStrong(String password);
 
-	boolean isPasswordStrong(String password);
+    String generatePassword();
 
-	String generatePassword();
+    List<UserDto> getAllAfter(Date date);
 
-	List<UserDto> getAllAfter(Date date);
+    UserDto getByUserName(String userName);
 
-	UserDto getByUserName(String userName);
-
-	/**
+    /**
 	 * 
 	 * @param regionRef
 	 *            reference of the region to be filtered for. When this region is null, it is not filtered in this regard.
@@ -82,17 +80,18 @@ public interface UserFacade {
 	 *            user rights to be filtered for.
 	 * @return
 	 */
-	List<UserReferenceDto> getUsersByRegionAndRights(RegionReferenceDto regionRef, Disease limitedDisease, UserRight... userRights);
+    List<UserReferenceDto> getUsersByRegionAndRights(RegionReferenceDto regionRef, Disease limitedDisease, UserRight... userRights);
 
-	List<UserReferenceDto> getUsersWithSuperiorJurisdiction(UserDto user);
+    List<UserReferenceDto> getUsersWithSuperiorJurisdiction(UserDto user);
 
-	List<UserDto> getIndexList(UserCriteria userCriteria, Integer first, Integer max, List<SortProperty> sortProperties);
+    List<UserDto> getIndexList(UserCriteria userCriteria, Integer first, Integer max, List<SortProperty> sortProperties);
 
-	Page<UserDto> getIndexPage(UserCriteria userCriteria, int offset, int size, List<SortProperty> sortProperties);
+    Page<UserDto> getIndexPage(UserCriteria userCriteria, int offset, int size, List<SortProperty> sortProperties);
 
-	long count(UserCriteria userCriteria);
+    long count(UserCriteria userCriteria);
 
 	/**
+	 * 
 	 * @param district
 	 *            reference of the district to be filtered for. When this district is null, it is not filtered in this regard.
 	 *            NOTE: some users don't have a district (often users with NATIONAL_USER role, for example). They will
@@ -103,7 +102,7 @@ public interface UserFacade {
 	 *            user rights to be filtered for.
 	 * @return
 	 */
-	List<UserReferenceDto> getUserRefsByDistrict(DistrictReferenceDto district, Disease limitedDisease, UserRight... userRights);
+    List<UserReferenceDto> getUserRefsByDistrict(DistrictReferenceDto district, Disease limitedDisease, UserRight... userRights);
 
 	/**
 	 * 
@@ -117,70 +116,69 @@ public interface UserFacade {
 	 *            user rights to be filtered for.
 	 * @return
 	 */
-	List<UserReferenceDto> getUserRefsByDistrict(DistrictReferenceDto district, boolean excludeLimitedDiseaseUsers, UserRight... userRights);
+    List<UserReferenceDto> getUserRefsByDistrict(DistrictReferenceDto district, boolean excludeLimitedDiseaseUsers, UserRight... userRights);
 
-	List<UserReferenceDto> getUserRefsByDistricts(List<DistrictReferenceDto> districts, Disease limitedDisease, UserRight... userRights);
+    List<UserReferenceDto> getUserRefsByDistricts(List<DistrictReferenceDto> districts, Disease limitedDisease, UserRight... userRights);
 
-	List<UserReferenceDto> getUserRefsByInfrastructure(
-		InfrastructureDataReferenceDto infrastructure,
-		JurisdictionLevel jurisdictionLevel,
-		JurisdictionLevel allowedJurisdictionLevel,
-		Disease limitedDisease,
-		UserRight... userRights);
+    List<UserReferenceDto> getUserRefsByInfrastructure(
+            InfrastructureDataReferenceDto infrastructure,
+            JurisdictionLevel jurisdictionLevel,
+            JurisdictionLevel allowedJurisdictionLevel,
+            Disease limitedDisease,
+            UserRight... userRights);
 
-	List<UserReferenceDto> getAllUserRefs(boolean includeInactive);
+    List<UserReferenceDto> getAllUserRefs(boolean includeInactive);
 
-	List<UserDto> getUsersByAssociatedOfficer(UserReferenceDto associatedOfficer, UserRight... userRights);
+    List<UserDto> getUsersByAssociatedOfficer(UserReferenceDto associatedOfficer, UserRight... userRights);
 
-	List<String> getAllUuids();
+    List<String> getAllUuids();
 
-	List<UserDto> getByUuids(List<String> uuids);
+    List<UserDto> getByUuids(List<String> uuids);
 
-	UserDto getCurrentUser();
+    UserDto getCurrentUser();
 
-	UserReferenceDto getCurrentUserAsReference();
+    UserReferenceDto getCurrentUserAsReference();
 
-	Set<UserRight> getValidLoginRights(String userName, String password);
+    Set<UserRight> getValidLoginRights(String userName, String password);
 
-	void removeUserAsSurveillanceAndContactOfficer(String userUuid);
+    void removeUserAsSurveillanceAndContactOfficer(String userUuid);
 
-	UserSyncResult syncUser(String userUuid);
+    UserSyncResult syncUser(String userUuid);
 
-	List<UserDto> getUsersWithDefaultPassword();
+    List<UserDto> getUsersWithDefaultPassword();
 
-	List<ProcessedEntity> enableUsers(List<String> userUuids);
+    List<ProcessedEntity> enableUsers(List<String> userUuids);
 
-	List<ProcessedEntity> disableUsers(List<String> userUuids);
+    List<ProcessedEntity> disableUsers(List<String> userUuids);
 
-	List<UserReferenceDto> getUsersHavingCaseInJurisdiction(CaseReferenceDto caseReferenceDto);
+    List<UserReferenceDto> getUsersHavingCaseInJurisdiction(CaseReferenceDto caseReferenceDto);
 
-	List<UserReferenceDto> getUsersHavingContactInJurisdiction(ContactReferenceDto contactReferenceDto);
+    List<UserReferenceDto> getUsersHavingContactInJurisdiction(ContactReferenceDto contactReferenceDto);
 
-	List<UserReferenceDto> getUsersHavingEventInJurisdiction(EventReferenceDto event);
+    List<UserReferenceDto> getUsersHavingEventInJurisdiction(EventReferenceDto event);
 
-	List<UserReferenceDto> getUsersHavingTravelEntryInJurisdiction(TravelEntryReferenceDto travelEntryReferenceDto);
+    List<UserReferenceDto> getUsersHavingTravelEntryInJurisdiction(TravelEntryReferenceDto travelEntryReferenceDto);
 
-	List<UserReferenceDto> getUsersHavingEnvironmentInJurisdiction(EnvironmentReferenceDto environmentReferenceDto);
+    List<UserReferenceDto> getUsersHavingEnvironmentInJurisdiction(EnvironmentReferenceDto environmentReferenceDto);
 
-	List<UserReferenceWithTaskNumbersDto> getAssignableUsersWithTaskNumbers(@NotNull TaskContextIndexCriteria taskContextIndexCriteria);
+    List<UserReferenceWithTaskNumbersDto> getAssignableUsersWithTaskNumbers(@NotNull TaskContextIndexCriteria taskContextIndexCriteria);
 
-	Set<UserRoleDto> getUserRoles(UserDto user);
+    Set<UserRoleDto> getUserRoles(UserDto user);
 
-	long getUserCountHavingRole(UserRoleReferenceDto userRoleRef);
+    long getUserCountHavingRole(UserRoleReferenceDto userRoleRef);
 
-	List<UserReferenceDto> getUsersHavingOnlyRole(UserRoleReferenceDto userRoleRef);
+    List<UserReferenceDto> getUsersHavingOnlyRole(UserRoleReferenceDto userRoleRef);
 
-	/**
-	 * Retrieves the user rights of the user specified by the passed UUID, or those of the current user if no UUID is specified.
-	 * Requesting the user rights of another user without the rights to view users and user roles results in an AccessDeniedException.
-	 * 
-	 * @param userUuid
-	 *            The UUID of the user to request the user rights for
-	 * @return A set containing the user rights associated to all user roles assigned to the user
-	 */
-	List<UserRight> getUserRights(String userUuid);
+    /**
+     * Retrieves the user rights of the user specified by the passed UUID, or those of the current user if no UUID is specified.
+     * Requesting the user rights of another user without the rights to view users and user roles results in an AccessDeniedException.
+     *
+     * @param userUuid The UUID of the user to request the user rights for
+     * @return A set containing the user rights associated to all user roles assigned to the user
+     */
+    List<UserRight> getUserRights(String userUuid);
 
-	void syncUsersFromAuthenticationProvider();
+    void syncUsersFromAuthenticationProvider();
 
-	boolean isSyncEnabled();
+    boolean isSyncEnabled();
 }
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
index fd141b9f47a..777268bc8b4 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
@@ -17,20 +17,26 @@
  *******************************************************************************/
 package de.symeda.sormas.api.user;
 
+import java.beans.Transient;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+import javax.validation.constraints.Size;
+
 import com.fasterxml.jackson.annotation.JsonIgnore;
+
 import de.symeda.sormas.api.EntityDto;
-import de.symeda.sormas.api.audit.AuditedClass;
 import de.symeda.sormas.api.i18n.I18nProperties;
 import de.symeda.sormas.api.i18n.Strings;
 import de.symeda.sormas.api.i18n.Validations;
 import de.symeda.sormas.api.utils.DataHelper;
 import de.symeda.sormas.api.utils.FieldConstraints;
 import de.symeda.sormas.api.utils.ValidationException;
-
-import javax.validation.constraints.Size;
-import java.beans.Transient;
-import java.util.*;
-import java.util.stream.Collectors;
+import de.symeda.sormas.api.audit.AuditedClass;
 
 @AuditedClass
 public class UserRoleDto extends EntityDto {
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java b/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
index ecdf02b8e91..cdcfcaad187 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
@@ -17,13 +17,14 @@
  *******************************************************************************/
 package de.symeda.sormas.api.utils;
 
-import org.apache.commons.codec.binary.Hex;
-
-import javax.validation.ValidationException;
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
+
+import javax.validation.ValidationException;
+
+import org.apache.commons.codec.binary.Hex;
 import java.util.Arrays;
 
 public final class PasswordHelper {
diff --git a/sormas-app/app/src/main/AndroidManifest.xml b/sormas-app/app/src/main/AndroidManifest.xml
index dc3e18592fc..c1920f7a730 100644
--- a/sormas-app/app/src/main/AndroidManifest.xml
+++ b/sormas-app/app/src/main/AndroidManifest.xml
@@ -8,11 +8,12 @@
     <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
     <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
     <uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
-    <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
     <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" />
     <uses-permission android:name="android.permission.WAKE_LOCK" />
     <uses-feature android:name="android.hardware.location.gps" />
+    <uses-permission android:name="android.permission.CAMERA" />
     <uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
+    <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
 
     <application
         android:name=".SormasApplication"
@@ -20,10 +21,9 @@
         android:icon="@mipmap/ic_launcher"
         android:label="@string/app_name"
         android:supportsRtl="true"
-        android:theme="@style/SormasTheme" >
+        android:theme="@style/SormasTheme">
 
-        <uses-library
-            android:name="android.test.runner"
+        <uses-library android:name="android.test.runner"
             android:required="false" />
 
         <uses-library android:name ="org.apache.http.legacy" android:required ="false"/>
@@ -32,374 +32,396 @@
             android:theme="@style/LoginActivityTheme"
             android:screenOrientation="portrait"
             android:exported="true"
-            android:launchMode="singleTop"
-            >
+            android:launchMode="singleTop">
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />
-
                 <category android:name="android.intent.category.LAUNCHER" />
             </intent-filter>
         </activity>
         <activity
             android:name=".settings.SettingsActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
-        </activity>
+            android:launchMode="singleTop">
         <activity
             android:name=".login.EnterPinActivity"
-            android:launchMode="singleTop"
-            android:screenOrientation="portrait"
             android:theme="@style/SormasTheme"
-            android:windowSoftInputMode="stateHidden" >
-        </activity>
-        <activity
-            android:name=".dashboard.DashboardActivity"
-            android:launchMode="singleTop"
             android:screenOrientation="portrait"
+            android:launchMode="singleTop"
+            android:windowSoftInputMode="stateHidden">
+        </activity>
+
+
+
+        <activity android:name=".dashboard.DashboardActivity"
             android:theme="@style/ActivityWithOverflowMenuTheme"
-            android:windowSoftInputMode="stateHidden" >
+            android:screenOrientation="portrait"
+            android:launchMode="singleTop"
+            android:windowSoftInputMode="stateHidden">
         </activity>
+
         <activity
             android:name=".task.list.TaskListActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".task.edit.TaskEditActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".task.edit.TaskEditActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".task.list.TaskListActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".task.edit.TaskNewActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".task.edit.TaskNewActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".task.list.TaskListActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".sample.list.SampleListActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".sample.read.SampleReadActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".sample.read.SampleReadActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".sample.list.SampleListActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".sample.edit.SampleEditActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".sample.edit.SampleEditActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".sample.read.SampleReadActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".pathogentest.read.PathogenTestReadActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".pathogentest.read.PathogenTestReadActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".sample.read.SampleReadActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".pathogentest.edit.PathogenTestNewActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".pathogentest.edit.PathogenTestNewActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".sample.read.SampleReadActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".pathogentest.edit.PathogenTestEditActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".pathogentest.edit.PathogenTestEditActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".pathogentest.read.PathogenTestReadActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".caze.list.CaseListActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".caze.read.CaseReadActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".caze.list.CaseListActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".caze.edit.CaseNewActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".caze.list.CaseListActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".caze.edit.CaseEditActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".caze.read.CaseReadActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".report.aggregate.AggregateReportsActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".contact.edit.ContactNewActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".sample.edit.SampleNewActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".contact.list.ContactListActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".contact.read.ContactReadActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".contact.list.ContactListActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".contact.edit.ContactEditActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".contact.read.ContactReadActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".visit.read.VisitReadActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".contact.read.ContactReadActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".visit.edit.VisitEditActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".contact.edit.ContactEditActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".visit.edit.VisitNewActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".contact.edit.ContactEditActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".event.list.EventListActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".event.read.EventReadActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".event.read.EventReadActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".event.list.EventListActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".event.eventparticipant.read.EventParticipantReadActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".event.eventparticipant.read.EventParticipantReadActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".event.read.EventReadActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".event.edit.EventEditActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".event.edit.EventEditActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".event.read.EventReadActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".event.eventparticipant.edit.EventParticipantNewActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".event.eventparticipant.edit.EventParticipantNewActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".event.edit.EventEditActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".event.eventparticipant.edit.EventParticipantEditActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".event.eventparticipant.edit.EventParticipantEditActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".event.edit.EventEditActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".event.edit.EventNewActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".event.edit.EventNewActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".event.list.EventListActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".campaign.list.CampaignFormDataListActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".campaign.read.CampaignFormDataReadActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".campaign.list.CampaignFormDataListActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".campaign.edit.CampaignFormDataEditActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".campaign.read.CampaignFormDataReadActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".campaign.edit.CampaignFormDataNewActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".campaign.list.CampaignFormDataListActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".report.ReportActivity"
-            android:launchMode="singleTop"
-            android:theme="@style/ActivityWithOverflowMenuTheme" />
-        <activity
-            android:name=".therapy.read.PrescriptionReadActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
+            android:launchMode="singleTop" />
+
+        <activity android:name=".therapy.read.PrescriptionReadActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".caze.read.CaseReadActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".therapy.edit.PrescriptionEditActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".therapy.edit.PrescriptionEditActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".therapy.edit.PrescriptionNewActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".therapy.read.TreatmentReadActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".therapy.read.TreatmentReadActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".caze.read.CaseReadActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".therapy.edit.TreatmentEditActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".therapy.edit.TreatmentEditActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".therapy.edit.TreatmentNewActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".therapy.edit.TreatmentNewActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".clinicalcourse.read.ClinicalVisitReadActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".clinicalcourse.read.ClinicalVisitReadActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".caze.read.CaseReadActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".clinicalcourse.edit.ClinicalVisitEditActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".clinicalcourse.edit.ClinicalVisitEditActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".clinicalcourse.edit.ClinicalVisitNewActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".clinicalcourse.edit.ClinicalVisitNewActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".caze.edit.CaseEditActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".immunization.list.ImmunizationListActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".immunization.read.ImmunizationReadActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".immunization.read.ImmunizationReadActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".immunization.list.ImmunizationListActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".immunization.edit.ImmunizationEditActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".immunization.edit.ImmunizationEditActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".immunization.read.ImmunizationReadActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
+
         <activity
             android:name=".immunization.edit.ImmunizationNewActivity"
-            android:launchMode="singleTop"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".immunization.list.ImmunizationListActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".immunization.vaccination.VaccinationNewActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".immunization.vaccination.VaccinationNewActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".immunization.edit.ImmunizationEditActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".immunization.vaccination.VaccinationReadActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".immunization.vaccination.VaccinationReadActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".immunization.edit.ImmunizationEditActivity"
             android:screenOrientation="portrait"
-            android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-        <activity
-            android:name=".immunization.vaccination.VaccinationEditActivity"
-            android:launchMode="singleTop"
+
+        <activity android:name=".immunization.vaccination.VaccinationEditActivity"
+            android:theme="@style/ActivityWithOverflowMenuTheme"
             android:parentActivityName=".immunization.vaccination.VaccinationReadActivity"
             android:screenOrientation="portrait"
-               android:theme="@style/ActivityWithOverflowMenuTheme" >
+            android:launchMode="singleTop">
         </activity>
-           
 
         <activity
             android:name=".environment.list.EnvironmentListActivity"
@@ -461,76 +483,71 @@
             android:launchMode="singleTop">
         </activity>
 
+        <!-- Only needed for androidTest - found no other way to manifest this -->
         <activity
-            android:name=".login.ChangePasswordActivity"
-            android:launchMode="singleTop"
-            android:screenOrientation="portrait"
-            android:theme="@style/SormasTheme"
-            android:windowSoftInputMode="stateHidden" />
+            android:name=".TestBackendActivity" />
 
         <activity
             android:name=".barcode.BarcodeActivity" />
-          <!-- Only needed for androidTest - found no other way to manifest this -->
-   
 
         <receiver
             android:name=".SormasBootstrap"
             android:enabled="true"
-            android:exported="true" >
+            android:exported="true">
             <intent-filter>
                 <action android:name="android.intent.action.BOOT_COMPLETED" />
             </intent-filter>
         </receiver>
+
         <!--
              Optionally, register AnalyticsReceiver and AnalyticsService to support background
              dispatching on non-Google Play devices
         -->
-        <!-- <receiver -->
-        <!-- android:name="com.google.android.gms.analytics.AnalyticsReceiver" -->
-        <!-- android:enabled="true"> -->
-        <!-- <intent-filter> -->
-        <!-- <action android:name="com.google.android.gms.analytics.ANALYTICS_DISPATCH" /> -->
-        <!-- </intent-filter> -->
-        <!-- </receiver> -->
-        <!-- <service -->
-        <!-- android:name="com.google.android.gms.analytics.AnalyticsService" -->
-        <!-- android:enabled="true" -->
-        <!-- android:exported="false" /> -->
+        <!--<receiver-->
+            <!--android:name="com.google.android.gms.analytics.AnalyticsReceiver"-->
+            <!--android:enabled="true">-->
+            <!--<intent-filter>-->
+                <!--<action android:name="com.google.android.gms.analytics.ANALYTICS_DISPATCH" />-->
+            <!--</intent-filter>-->
+        <!--</receiver>-->
+
+        <!--<service-->
+            <!--android:name="com.google.android.gms.analytics.AnalyticsService"-->
+            <!--android:enabled="true"-->
+            <!--android:exported="false" />-->
+
         <!--
              Optionally, register CampaignTrackingReceiver and CampaignTrackingService to enable
              installation campaign reporting
         -->
-        <!-- <receiver -->
-        <!-- android:name="com.google.android.gms.analytics.CampaignTrackingReceiver" -->
-        <!-- android:exported="true"> -->
-        <!-- <intent-filter> -->
-        <!-- <action android:name="com.android.vending.INSTALL_REFERRER" /> -->
-        <!-- </intent-filter> -->
-        <!-- </receiver> -->
+        <!--<receiver-->
+            <!--android:name="com.google.android.gms.analytics.CampaignTrackingReceiver"-->
+            <!--android:exported="true">-->
+            <!--<intent-filter>-->
+                <!--<action android:name="com.android.vending.INSTALL_REFERRER" />-->
+            <!--</intent-filter>-->
+        <!--</receiver>-->
+
         <provider
             android:name="androidx.core.content.FileProvider"
             android:authorities="${applicationId}.fileprovider"
             android:exported="false"
-            android:grantUriPermissions="true" >
+            android:grantUriPermissions="true">
             <meta-data
                 android:name="android.support.FILE_PROVIDER_PATHS"
                 android:resource="@xml/file_paths" />
         </provider>
 
-        <service
-            android:name=".core.TaskNotificationService"
-            android:enabled="true" />
-
         <service
             android:name=".core.FeatureConfigurationService"
-            android:enabled="true" /> <!-- <service android:name="com.google.android.gms.analytics.CampaignTrackingService" /> -->
+            android:enabled="true" /> <!--<service android:name="com.google.android.gms.analytics.CampaignTrackingService" />-->
 
         <receiver
             android:name=".LbdsRecevierComponent"
             android:enabled="true"
-            android:exported="true" >
+            android:exported="true">
             <intent-filter>
-                <action android:name="android.intent.action.BOOT_COMPLETED" />
+                <action android:name="android.intent.action.BOOT_COMPLETED"/>
                 <action android:name="android.intent.action.SEND" />
                 <category android:name="android.intent.category.DEFAULT" />
             </intent-filter>
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
index 7b04d4b1cc8..08ad7ecf2b1 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
@@ -15,15 +15,6 @@
 
 package de.symeda.sormas.app.backend.config;
 
-import android.app.Activity;
-import android.app.AlertDialog;
-import android.content.Context;
-import android.content.DialogInterface;
-import android.os.Build;
-import android.security.KeyPairGeneratorSpec;
-import android.util.Base64;
-import android.util.Log;
-
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
@@ -56,6 +47,15 @@
 import javax.crypto.NoSuchPaddingException;
 import javax.security.auth.x500.X500Principal;
 
+import android.app.Activity;
+import android.app.AlertDialog;
+import android.content.Context;
+import android.content.DialogInterface;
+import android.os.Build;
+import android.security.KeyPairGeneratorSpec;
+import android.util.Base64;
+import android.util.Log;
+
 import de.symeda.sormas.api.user.UserRight;
 import de.symeda.sormas.api.utils.DataHelper;
 import de.symeda.sormas.app.R;
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
index a56432cc684..d0a7529aea9 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
@@ -15,13 +15,13 @@
 
 package de.symeda.sormas.app.component.controls;
 
+import com.google.android.material.textfield.TextInputLayout;
+
 import android.content.Context;
 import android.text.InputType;
 import android.util.AttributeSet;
 import android.view.LayoutInflater;
 
-import com.google.android.material.textfield.TextInputLayout;
-
 import de.symeda.sormas.app.R;
 
 public class ControlPasswordField extends ControlTextEditField {
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
index c2a18a0f0fc..65479ce9d19 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
@@ -57,13 +57,13 @@
 import de.symeda.sormas.app.core.notification.NotificationHelper;
 import de.symeda.sormas.app.databinding.FragmentSettingsLayoutBinding;
 import de.symeda.sormas.app.lbds.LbdsIntentSender;
-import de.symeda.sormas.app.login.ChangePasswordActivity;
 import de.symeda.sormas.app.login.EnterPinActivity;
 import de.symeda.sormas.app.login.LoginActivity;
 import de.symeda.sormas.app.rest.SynchronizeDataAsync;
 import de.symeda.sormas.app.util.Callback;
 import de.symeda.sormas.app.util.DataUtils;
 import de.symeda.sormas.app.util.SoftKeyboardHelper;
+import de.symeda.sormas.app.login.ChangePasswordActivity;
 
 /**
  * TODO SettingsFragment should probably not be a BaseLandingFragment, but a BaseFragment
diff --git a/sormas-app/app/src/main/res/layout/control_password_layout.xml b/sormas-app/app/src/main/res/layout/control_password_layout.xml
index f7f5cf6ceae..7aacb40d551 100644
--- a/sormas-app/app/src/main/res/layout/control_password_layout.xml
+++ b/sormas-app/app/src/main/res/layout/control_password_layout.xml
@@ -39,7 +39,6 @@
                 android:id="@+id/text_input"
                 android:layout_width="match_parent"
                 android:inputType="textPassword"
-                android:hint=""
                 style="@style/ControlTextFieldStyle" />
 
         </com.google.android.material.textfield.TextInputLayout>
diff --git a/sormas-app/app/src/main/res/values/dimens.xml b/sormas-app/app/src/main/res/values/dimens.xml
index 182da1921a1..c587d96ed40 100644
--- a/sormas-app/app/src/main/res/values/dimens.xml
+++ b/sormas-app/app/src/main/res/values/dimens.xml
@@ -289,12 +289,16 @@
     <dimen name="summaryVisualizationMarginBottom">16dp</dimen>
 
 
+
+
+
     <dimen name="navigationNumberMarginTop">8dp</dimen>
     <dimen name="navigationNumberMarginBottom">8dp</dimen>
     <dimen name="navigationNumberMarginRight">16dp</dimen>
     <dimen name="navigationTitlePadding">16dp</dimen>
 
 
+
     <!-- Landing Summary: Donut Progress -->
     <dimen name="circularProgressFinishedStrokeWidth">5dp</dimen>
     <dimen name="circularProgressUnfinishedStrokeWidth">5dp</dimen>
@@ -319,6 +323,9 @@
     <dimen name="legendDefaultShapeHeight">5dp</dimen>
 
 
+
+
+
     <dimen name="listActivityRowPrimaryTextSize">16sp</dimen>
     <dimen name="row_entry_secondary_text_size">14sp</dimen>
     <dimen name="listActivityRowSecondaryTextVerticalMargin">8dp</dimen>
@@ -343,6 +350,11 @@
     <dimen name="readActivitySubListHeadingTextSize">@dimen/h4</dimen>
 
 
+
+
+
+
+
     <dimen name="listGoToIconWidth">36dp</dimen>
     <dimen name="listGoToIconHeight">36dp</dimen>
 
diff --git a/sormas-app/app/src/main/res/values/strings.xml b/sormas-app/app/src/main/res/values/strings.xml
index bdea550e5c8..103547d8a7b 100644
--- a/sormas-app/app/src/main/res/values/strings.xml
+++ b/sormas-app/app/src/main/res/values/strings.xml
@@ -37,8 +37,6 @@
     <string name="action_allow_gps_access">Allow GPS Access</string>
     <string name="action_apply_filters">Apply filters</string>
     <string name="action_back_to_settings">Back to settings</string>
-    <string name="action_generate_password">Generate Password</string>
-    <string name="action_strength_password">Password Strength</string>
     <string name="action_cancel">Cancel</string>
     <string name="action_change_PIN">Change PIN</string>
     <string name="action_change_settings"><u>Change Settings</u></string>
@@ -70,7 +68,6 @@
     <string name="action_install_later">Install later</string>
     <string name="action_loadMore">Load more</string>
     <string name="action_login">Sign in</string>
-    <string name="action_change_password">Change Password</string>
     <string name="action_login_default_user">Sign in as demo user</string>
     <string name="action_logout">Logout</string>
     <string name="action_logout_anyway">Logout anyway</string>
@@ -306,8 +303,6 @@
     <string name="description_report_message">Your Message</string>
     <string name="description_sormas_logo">SORMAS Logo</string>
     <string name="description_username">Username</string>
-    <string name="description_new_password">New Password</string>
-    <string name="description_confirm_password">Confirm Password</string>
     <string name="description_year">Year</string>
     <string name="description_report">Report</string>
 
@@ -429,7 +424,6 @@
     <string name="heading_pathogen_test_summary">Pathogen Test Summary</string>
     <string name="heading_pathogen_tests_list">Pathogen Test Listing</string>
     <string name="heading_sign_in">Sign In</string>
-    <string name="heading_change_password">Change Password</string>
     <string name="heading_social_events">Social Events</string>
     <string name="heading_source_case">Source Case</string>
     <string name="heading_source_of_information">Source of Information</string>
@@ -531,7 +525,6 @@
     <string name="info_resync_duration">Re-sync will probably take several minutes.</string>
     <string name="info_select_create_person">Please select a person or click \'Create\' to create a new one.</string>
     <string name="info_sign_in">Sign into SORMAS to continue the journey of saving lives.</string>
-    <string name="info_change_password">To change your Password you will <b>need to enter your SORMAS user password.</b></string>
     <string name="info_similar_persons_found">SORMAS already contains at least one person that seems to be very similar to the personal details you have entered.</string>
     <string name="info_symptoms">Please select an answer for ALL symptoms indicating if they occurred during this illness between symptom onset and case detection:</string>
     <string name="info_synchronizing">Synchronizing with SORMAS server...</string>
@@ -583,17 +576,11 @@
     <string name="message_no_user_selected">No user has been selected</string>
     <string name="message_not_specified">Not specified</string>
     <string name="message_pin_changed">PIN has been successfully changed.</string>
-    <string name="message_password_changed">Password has been successfully changed.</string>
     <string name="message_pin_correct_loading">PIN correct. Starting SORMAS ...</string>
     <string name="message_pin_no_consecutive">PIN must not be made of consecutive numbers.</string>
     <string name="message_pin_no_same">PIN must not have more than 2 equal numbers.</string>
-    <string name="message_password_weak">Password Strength is Weak</string>
-    <string name="message_password_moderate">Password Strength is Moderate</string>
-    <string name="message_password_strong">Password Strength is strong</string>
     <string name="message_pin_not_matching">The PINs you\'ve entered do not match. Please try again.</string>
     <string name="message_pin_too_short">PIN has to be four digits long.</string>
-    <string name="message_could_not_generate_password">Could not generate password</string>
-    <string name="message_could_not_save_password">Could not save password</string>
     <string name="message_pin_wrong">You\'ve entered an incorrect PIN.</string>
     <string name="message_report_not_sent">Unable to send report at this time.</string>
     <string name="message_report_sent">Problem report successfully sent.</string>
@@ -758,4 +745,18 @@
     <string name="error_title">Error</string>
     <string name="success_title">Success</string>
     <string name="password_change_success">User\'s password was changed successfully</string>
+    <string name="action_change_password">Change Password</string>
+    <string name="action_generate_password">Generate Password</string>
+    <string name="action_strength_password">Password Strength</string>
+    <string name="description_new_password">New Password</string>
+    <string name="description_confirm_password">Confirm Password</string>
+    <string name="heading_change_password">Change Password</string>
+    <string name="info_change_password">To change your Password you will <b>need to enter your SORMAS user password.</b></string>
+    <string name="message_password_changed">Password has been successfully changed.</string>
+    <string name="message_password_weak">Password Strength is Weak</string>
+    <string name="message_password_moderate">Password Strength is Moderate</string>
+    <string name="message_password_strong">Password Strength is strong</string>
+    <string name="message_could_not_generate_password">Could not generate password</string>
+    <string name="message_could_not_save_password">Could not save password</string>
+
 </resources>
diff --git a/sormas-app/app/src/main/res/values/styles.xml b/sormas-app/app/src/main/res/values/styles.xml
index 1a55eff19f7..7dac2d812ae 100644
--- a/sormas-app/app/src/main/res/values/styles.xml
+++ b/sormas-app/app/src/main/res/values/styles.xml
@@ -413,6 +413,7 @@
         <item name="android:background">@drawable/selector_button_primary</item>
         <item name="android:elevation">@dimen/primaryButtonElevation</item>
     </style>
+    
     <style name="GenerateButtonStyle">
         <item name="android:layout_height">@dimen/primaryButtonHeight</item>
         <item name="android:gravity">center</item>
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java
index cc60d4035b5..fe9269cf989 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java
@@ -1,10 +1,8 @@
 package de.symeda.sormas.backend.user;
 
-import de.symeda.sormas.api.audit.AuditIgnore;
-import de.symeda.sormas.api.user.UserRight;
-import de.symeda.sormas.backend.util.ModelConstants;
-import org.hibernate.Hibernate;
-import org.hibernate.proxy.HibernateProxy;
+import static de.symeda.sormas.backend.user.UserHelper.isRestrictedToAssignEntities;
+
+import java.util.Set;
 
 import javax.annotation.Resource;
 import javax.ejb.LocalBean;
@@ -14,11 +12,21 @@
 import javax.persistence.EntityManager;
 import javax.persistence.PersistenceContext;
 import javax.persistence.TypedQuery;
-import javax.persistence.criteria.*;
+import javax.persistence.criteria.CriteriaBuilder;
+import javax.persistence.criteria.CriteriaQuery;
+import javax.persistence.criteria.Fetch;
+import javax.persistence.criteria.JoinType;
+import javax.persistence.criteria.ParameterExpression;
+import javax.persistence.criteria.Predicate;
+import javax.persistence.criteria.Root;
 import javax.transaction.Transactional;
-import java.util.Set;
 
-import static de.symeda.sormas.backend.user.UserHelper.isRestrictedToAssignEntities;
+import org.hibernate.Hibernate;
+import org.hibernate.proxy.HibernateProxy;
+
+import de.symeda.sormas.api.audit.AuditIgnore;
+import de.symeda.sormas.api.user.UserRight;
+import de.symeda.sormas.backend.util.ModelConstants;
 
 @Stateless
 @LocalBean
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 215c0057ce2..5f48f924ec3 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -14,6 +14,52 @@
  */
 package de.symeda.sormas.backend.user;
 
+import static de.symeda.sormas.api.AuthProvider.KEYCLOAK;
+import static java.util.Objects.isNull;
+
+import java.lang.reflect.InvocationTargetException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Comparator;
+import java.util.Date;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Optional;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+import javax.annotation.security.PermitAll;
+import javax.ejb.EJB;
+import javax.ejb.LocalBean;
+import javax.ejb.Stateless;
+import javax.enterprise.event.Event;
+import javax.inject.Inject;
+import javax.persistence.EntityManager;
+import javax.persistence.EntityNotFoundException;
+import javax.persistence.PersistenceContext;
+import javax.persistence.criteria.CriteriaBuilder;
+import javax.persistence.criteria.CriteriaQuery;
+import javax.persistence.criteria.Join;
+import javax.persistence.criteria.JoinType;
+import javax.persistence.criteria.Order;
+import javax.persistence.criteria.Predicate;
+import javax.persistence.criteria.Root;
+import javax.persistence.criteria.Subquery;
+import javax.validation.Valid;
+import javax.validation.ValidationException;
+import javax.ws.rs.ForbiddenException;
+
+import org.apache.commons.beanutils.BeanUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.jetbrains.annotations.Nullable;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import de.symeda.sormas.api.AuthProvider;
 import de.symeda.sormas.api.Disease;
 import de.symeda.sormas.api.EntityDto;
@@ -37,8 +83,21 @@
 import de.symeda.sormas.api.task.TaskContext;
 import de.symeda.sormas.api.task.TaskContextIndexCriteria;
 import de.symeda.sormas.api.travelentry.TravelEntryReferenceDto;
-import de.symeda.sormas.api.user.*;
-import de.symeda.sormas.api.utils.*;
+import de.symeda.sormas.api.user.JurisdictionLevel;
+import de.symeda.sormas.api.user.UserCriteria;
+import de.symeda.sormas.api.user.UserDto;
+import de.symeda.sormas.api.user.UserFacade;
+import de.symeda.sormas.api.user.UserReferenceDto;
+import de.symeda.sormas.api.user.UserReferenceWithTaskNumbersDto;
+import de.symeda.sormas.api.user.UserRight;
+import de.symeda.sormas.api.user.UserRoleDto;
+import de.symeda.sormas.api.user.UserRoleReferenceDto;
+import de.symeda.sormas.api.user.UserSyncResult;
+import de.symeda.sormas.api.utils.AccessDeniedException;
+import de.symeda.sormas.api.utils.DataHelper;
+import de.symeda.sormas.api.utils.DefaultEntityHelper;
+import de.symeda.sormas.api.utils.PasswordHelper;
+import de.symeda.sormas.api.utils.SortProperty;
 import de.symeda.sormas.backend.FacadeHelper;
 import de.symeda.sormas.backend.caze.Case;
 import de.symeda.sormas.backend.caze.CaseFacadeEjb.CaseFacadeEjbLocal;
@@ -48,7 +107,11 @@
 import de.symeda.sormas.backend.common.AbstractDomainObject;
 import de.symeda.sormas.backend.common.ConfigFacadeEjb.ConfigFacadeEjbLocal;
 import de.symeda.sormas.backend.common.CriteriaBuilderHelper;
-import de.symeda.sormas.backend.contact.*;
+import de.symeda.sormas.backend.contact.Contact;
+import de.symeda.sormas.backend.contact.ContactJoins;
+import de.symeda.sormas.backend.contact.ContactJurisdictionPredicateValidator;
+import de.symeda.sormas.backend.contact.ContactQueryContext;
+import de.symeda.sormas.backend.contact.ContactService;
 import de.symeda.sormas.backend.environment.Environment;
 import de.symeda.sormas.backend.environment.EnvironmentJoins;
 import de.symeda.sormas.backend.environment.EnvironmentJurisdictionPredicateValidator;
@@ -84,34 +147,15 @@
 import de.symeda.sormas.backend.user.event.SyncUsersFromProviderEvent;
 import de.symeda.sormas.backend.user.event.UserCreateEvent;
 import de.symeda.sormas.backend.user.event.UserUpdateEvent;
-import de.symeda.sormas.backend.util.*;
-import org.apache.commons.beanutils.BeanUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.jetbrains.annotations.NotNull;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.annotation.security.PermitAll;
-import javax.ejb.EJB;
-import javax.ejb.LocalBean;
-import javax.ejb.Stateless;
-import javax.enterprise.event.Event;
-import javax.inject.Inject;
-import javax.persistence.EntityManager;
-import javax.persistence.EntityNotFoundException;
-import javax.persistence.PersistenceContext;
-import javax.persistence.criteria.Order;
-import javax.persistence.criteria.*;
-import javax.validation.Valid;
-import javax.validation.ValidationException;
-import javax.ws.rs.ForbiddenException;
-import java.lang.reflect.InvocationTargetException;
-import java.util.*;
-import java.util.stream.Collectors;
-
-import static de.symeda.sormas.api.AuthProvider.KEYCLOAK;
-import static java.util.Objects.isNull;
-
+import de.symeda.sormas.backend.util.DtoHelper;
+import de.symeda.sormas.backend.util.ModelConstants;
+import de.symeda.sormas.backend.util.QueryHelper;
+import de.symeda.sormas.backend.util.RightsAllowed;
+import de.symeda.sormas.backend.util.PasswordValidator;
+import de.symeda.sormas.backend.util.ModelConstants;
+import de.symeda.sormas.backend.util.RightsAllowed;
+import de.symeda.sormas.backend.util.QueryHelper;
+import de.symeda.sormas.backend.util.DtoHelper;
 
 @Stateless(name = "UserFacade")
 public class UserFacadeEjb implements UserFacade {
@@ -875,19 +919,10 @@ public UserDto getCurrentUser() {
         return toDto(userService.getCurrentUser());
     }
 
-    @PermitAll
-    @AuditIgnore
-    public String updatePassword(String uuid, String password) {
-        String updatePassword = userService.updatePassword(uuid, password);
-        passwordResetEvent.fire(new PasswordResetEvent(userService.getByUuid(uuid)));
-
-        return updatePassword;
-    }
-
     @PermitAll
     @Override
     public String updateUserPassword(String uuid, String password, String currentPassword) {
-        String updatePassword = updatePassword(uuid, password);
+        String updatePassword = userService.updatePassword(uuid, password);
         passwordResetEvent.fire(new PasswordResetEvent(userService.getByUuid(uuid)));
         return updatePassword;
     }
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
index 4842bd37f4b..a35a15ad2d7 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
@@ -81,108 +81,107 @@
 @LocalBean
 public class UserService extends AdoServiceWithUserFilterAndJurisdiction<User> {
 
-	@EJB
-	private UserRoleFacadeEjb.UserRoleFacadeEjbLocal userRoleFacade;
-	@EJB
-	private RegionService regionService;
-	@EJB
-	private DistrictService districtService;
-	@EJB
-	private CommunityService communityService;
-	@EJB
-	private FacilityService facilityService;
-	@EJB
-	private PointOfEntryService pointOfEntryService;
-	@Inject
-	private javax.enterprise.event.Event<UserUpdateEvent> userUpdateEvent;
-
-	public UserService() {
-		super(User.class);
-	}
-
-	public User createUser() {
-
-		User user = new User();
-		// dummy password to make sure no one can login with this user
-		setNewPassword(user);
-		return user;
-	}
-
-	/**
-	 * Fetches a use from the DB by its username. The check is done case-insensitive.
-	 * 
-	 * @param userName
-	 *            The username in any casing.
-	 * @return The corresponding User object from the DB.
-	 */
-	public User getByUserName(String userName) {
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		ParameterExpression<String> userNameParam = cb.parameter(String.class, User.USER_NAME);
-		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-		Root<User> from = cq.from(getElementClass());
-
-		// lowercase everything for case-insensitive check
-		Expression<String> userNameExpression = cb.lower(from.get(User.USER_NAME));
-		String userNameParamValue = userName.toLowerCase();
-
-		cq.where(cb.equal(userNameExpression, userNameParam));
-
-		TypedQuery<User> q = em.createQuery(cq).setParameter(userNameParam, userNameParamValue);
-
-		return q.getResultList().stream().findFirst().orElse(null);
-	}
-
-	public List<User> getAllByRegionsAndNotificationTypes(
-		List<Region> regions,
-		NotificationProtocol notificationProtocol,
-		Collection<NotificationType> notificationTypes,
-		boolean fetchNotificationTypes) {
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-		Root<User> from = cq.from(getElementClass());
-
-		Predicate filter = from.get(User.REGION).in(regions);
-		if (!notificationTypes.isEmpty()) {
-			Join<User, UserRole> rolesJoin = from.join(User.USER_ROLES, JoinType.LEFT);
-			Join<UserRole, NotificationType> notificationsJoin = rolesJoin.join(
-				NotificationProtocol.EMAIL.equals(notificationProtocol) ? UserRole.EMAIL_NOTIFICATIONS : UserRole.SMS_NOTIFICATIONS,
-				JoinType.LEFT);
-			Predicate notificationsFilter = notificationsJoin.in(notificationTypes);
-			filter = CriteriaBuilderHelper.and(cb, filter, notificationsFilter);
-		}
-		if (fetchNotificationTypes) {
-			from.fetch(User.USER_ROLES, JoinType.LEFT)
-				.fetch(
-					NotificationProtocol.EMAIL.equals(notificationProtocol) ? UserRole.EMAIL_NOTIFICATIONS : UserRole.SMS_NOTIFICATIONS,
-					JoinType.LEFT);
-		}
-		cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
-
-		cq.distinct(true).orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
-
-		return em.createQuery(cq).getResultList();
-	}
-
-	/**
-	 * @param districts
-	 * @param userRights
-	 * @return List of users with specified UserRights on district level in the specified districts
-	 */
-	public List<User> getAllByDistrictsAndUserRights(List<District> districts, Collection<UserRight> userRights) {
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-		Root<User> from = cq.from(getElementClass());
-
-		Predicate filter = from.get(User.DISTRICT).in(districts);
-		filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.DISTRICT));
-		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, userRights));
-		cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
-		cq.distinct(true).orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
-
-		return em.createQuery(cq).getResultList();
-	}
+    @EJB
+    private UserRoleFacadeEjb.UserRoleFacadeEjbLocal userRoleFacade;
+    @EJB
+    private RegionService regionService;
+    @EJB
+    private DistrictService districtService;
+    @EJB
+    private CommunityService communityService;
+    @EJB
+    private FacilityService facilityService;
+    @EJB
+    private PointOfEntryService pointOfEntryService;
+    @Inject
+    private javax.enterprise.event.Event<UserUpdateEvent> userUpdateEvent;
+
+    public UserService() {
+        super(User.class);
+    }
+
+    public User createUser() {
+
+        User user = new User();
+        // dummy password to make sure no one can login with this user
+        setNewPassword(user);
+        return user;
+    }
+
+    /**
+     * Fetches a use from the DB by its username. The check is done case-insensitive.
+     *
+     * @param userName The username in any casing.
+     * @return The corresponding User object from the DB.
+     */
+    public User getByUserName(String userName) {
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        ParameterExpression<String> userNameParam = cb.parameter(String.class, User.USER_NAME);
+        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+        Root<User> from = cq.from(getElementClass());
+
+        // lowercase everything for case-insensitive check
+        Expression<String> userNameExpression = cb.lower(from.get(User.USER_NAME));
+        String userNameParamValue = userName.toLowerCase();
+
+        cq.where(cb.equal(userNameExpression, userNameParam));
+
+        TypedQuery<User> q = em.createQuery(cq).setParameter(userNameParam, userNameParamValue);
+
+        return q.getResultList().stream().findFirst().orElse(null);
+    }
+
+    public List<User> getAllByRegionsAndNotificationTypes(
+            List<Region> regions,
+            NotificationProtocol notificationProtocol,
+            Collection<NotificationType> notificationTypes,
+            boolean fetchNotificationTypes) {
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+        Root<User> from = cq.from(getElementClass());
+
+        Predicate filter = from.get(User.REGION).in(regions);
+        if (!notificationTypes.isEmpty()) {
+            Join<User, UserRole> rolesJoin = from.join(User.USER_ROLES, JoinType.LEFT);
+            Join<UserRole, NotificationType> notificationsJoin = rolesJoin.join(
+                    NotificationProtocol.EMAIL.equals(notificationProtocol) ? UserRole.EMAIL_NOTIFICATIONS : UserRole.SMS_NOTIFICATIONS,
+                    JoinType.LEFT);
+            Predicate notificationsFilter = notificationsJoin.in(notificationTypes);
+            filter = CriteriaBuilderHelper.and(cb, filter, notificationsFilter);
+        }
+        if (fetchNotificationTypes) {
+            from.fetch(User.USER_ROLES, JoinType.LEFT)
+                    .fetch(
+                            NotificationProtocol.EMAIL.equals(notificationProtocol) ? UserRole.EMAIL_NOTIFICATIONS : UserRole.SMS_NOTIFICATIONS,
+                            JoinType.LEFT);
+        }
+        cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
+
+        cq.distinct(true).orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
+
+        return em.createQuery(cq).getResultList();
+    }
+
+    /**
+     * @param districts
+     * @param userRights
+     * @return List of users with specified UserRights on district level in the specified districts
+     */
+    public List<User> getAllByDistrictsAndUserRights(List<District> districts, Collection<UserRight> userRights) {
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+        Root<User> from = cq.from(getElementClass());
+
+        Predicate filter = from.get(User.DISTRICT).in(districts);
+        filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.DISTRICT));
+        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, userRights));
+        cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
+        cq.distinct(true).orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
+
+        return em.createQuery(cq).getResultList();
+    }
 
 	/**
 	 * Loads users filtered by combinable filter conditions.<br />
@@ -196,28 +195,29 @@ public List<User> getAllByDistrictsAndUserRights(List<District> districts, Colle
 	 * @param activeOnly
 	 * @param userRights
 	 */
-	public List<UserReference> getUserReferences(List<String> regionUuids, List<String> districtUuids, boolean activeOnly, UserRight... userRights) {
-		return getUserReferences(regionUuids, districtUuids, null, activeOnly, userRights);
-	}
-
-	public List<UserReference> getUserReferences(
-		List<String> regionUuids,
-		List<String> districtUuids,
-		List<String> communityUuids,
-		boolean activeOnly,
-		UserRight... userRights) {
-		return getUserReferences(regionUuids, districtUuids, communityUuids, activeOnly, null, userRights);
-	}
-
-	public List<UserReference> getUserReferences(
-		List<String> regionUuids,
-		List<String> districtUuids,
-		List<String> communityUuids,
-		boolean activeOnly,
-		Disease limitedDisease,
-		UserRight... userRights) {
-		return getUserReferences(regionUuids, districtUuids, communityUuids, activeOnly, limitedDisease, false, Arrays.asList(userRights));
-	}
+    public List<UserReference> getUserReferences(List<String> regionUuids, List<String> districtUuids, boolean activeOnly, UserRight... userRights) {
+
+        return getUserReferences(regionUuids, districtUuids, null, activeOnly, userRights);
+    }
+
+    public List<UserReference> getUserReferences(
+            List<String> regionUuids,
+            List<String> districtUuids,
+            List<String> communityUuids,
+            boolean activeOnly,
+            UserRight... userRights) {
+        return getUserReferences(regionUuids, districtUuids, communityUuids, activeOnly, null, userRights);
+    }
+
+    public List<UserReference> getUserReferences(
+            List<String> regionUuids,
+            List<String> districtUuids,
+            List<String> communityUuids,
+            boolean activeOnly,
+            Disease limitedDisease,
+            UserRight... userRights) {
+        return getUserReferences(regionUuids, districtUuids, communityUuids, activeOnly, limitedDisease, false, Arrays.asList(userRights));
+    }
 
 	/**
 	 * Loads users filtered by combinable filter conditions.<br />
@@ -232,718 +232,718 @@ public List<UserReference> getUserReferences(
 	 * @param activeOnly
 	 * @param userRights
 	 */
-	public List<UserReference> getUserReferences(
-		List<String> regionUuids,
-		List<String> districtUuids,
-		List<String> communityUuids,
-		boolean activeOnly,
-		Disease limitedDisease,
-		boolean excludeLimitedDiseaseUsers,
-		List<UserRight> userRights) {
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
-		Root<UserReference> root = cq.from(UserReference.class);
-		Root<User> userRoot = cq.from(User.class);
-		cq.select(root);
-
-		// WHERE inner AND
-		Predicate filter = null;
-		boolean userEntityJoinUsed = false;
-
-		if (CollectionUtils.isNotEmpty(regionUuids)) {
-			Join<User, Region> regionJoin = userRoot.join(User.REGION, JoinType.LEFT);
-			filter = CriteriaBuilderHelper.and(cb, filter, cb.in(regionJoin.get(AbstractDomainObject.UUID)).value(regionUuids));
-			userEntityJoinUsed = true;
-		}
-		if (CollectionUtils.isNotEmpty(districtUuids)) {
-			Join<User, District> districtJoin = userRoot.join(User.DISTRICT, JoinType.LEFT);
-			Join<User, Region> userRegionJoin = userRoot.join(User.REGION, JoinType.LEFT);
-			Join<Region, District> districtRegionJoin = userRegionJoin.join(Region.DISTRICTS, JoinType.LEFT);
-
-			Predicate districtFilter = cb.or(
-				cb.in(districtJoin.get(AbstractDomainObject.UUID)).value(districtUuids),
-				cb.and(
-					cb.in(districtRegionJoin.get(AbstractDomainObject.UUID)).value(districtUuids),
-					cb.equal(root.get(UserReference.JURISDICTION_LEVEL), JurisdictionLevel.REGION)));
-
-			filter = CriteriaBuilderHelper.and(cb, filter, districtFilter);
-			userEntityJoinUsed = true;
-		}
-		if (!hasRight(UserRight.SEE_PERSONAL_DATA_OUTSIDE_JURISDICTION)) {
-			filter = CriteriaBuilderHelper.and(cb, filter, createCurrentUserJurisdictionFilter(cb, userRoot));
-			userEntityJoinUsed = true;
-		}
-
-		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(userRoot, userRights));
-
-		if (userEntityJoinUsed) {
-			filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(root.get(UserReference.ID), userRoot.get(AbstractDomainObject.ID)));
-		}
-
-		// WHERE outer AND
-		if (activeOnly) {
-			filter = CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, root));
-		}
-
-		// eliminate users that are limited to others diseases
-		if (limitedDisease != null) {
-			Predicate restrictOtherLimitedDiseaseUsers = cb.or(
-				cb.isNull(userRoot.get(User.LIMITED_DISEASES)),
-				cb.like(userRoot.get(User.LIMITED_DISEASES).as(String.class), "%" + limitedDisease.name() + '%'));
-			filter = CriteriaBuilderHelper.and(cb, filter, restrictOtherLimitedDiseaseUsers);
-		}
-
-		//exlude users with limited diseases
-		if (excludeLimitedDiseaseUsers) {
-			filter = CriteriaBuilderHelper.and(cb, filter, cb.isNull(userRoot.get(User.LIMITED_DISEASES)));
-		}
-
-		if (CollectionUtils.isNotEmpty(communityUuids)) {
-			Join<User, Community> communityJoin = userRoot.join(User.COMMUNITY, JoinType.LEFT);
-			filter = CriteriaBuilderHelper.and(cb, filter, cb.in(communityJoin.get(AbstractDomainObject.UUID)).value(communityUuids));
-		}
-
-		if (filter != null) {
-			cq.where(filter);
-		}
-
-		cq.distinct(true);
-		cq.orderBy(cb.asc(root.get(AbstractDomainObject.ID)));
-
-		return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
-	}
-
-	public List<UserReference> getUserRefsByInfrastructure(
-		String infrastructureUuid,
-		JurisdictionLevel jurisdictionLevel,
-		JurisdictionLevel allowedJurisdictionLevel,
-		Disease limitedDisease,
-		UserRight... userRights) {
-
-		if (jurisdictionLevel.getOrder() < allowedJurisdictionLevel.getOrder()) {
-			return Collections.emptyList();
-		}
-
-		InfrastructureAdo baseInfrastructure;
-		switch (jurisdictionLevel) {
-		case HEALTH_FACILITY:
-		case LABORATORY:
-		case EXTERNAL_LABORATORY:
-			baseInfrastructure = facilityService.getByUuid(infrastructureUuid);
-			break;
-		case POINT_OF_ENTRY:
-			baseInfrastructure = pointOfEntryService.getByUuid(infrastructureUuid);
-			break;
-		case COMMUNITY:
-			baseInfrastructure = communityService.getByUuid(infrastructureUuid);
-			break;
-		case DISTRICT:
-			baseInfrastructure = districtService.getByUuid(infrastructureUuid);
-			break;
-		case REGION:
-			baseInfrastructure = regionService.getByUuid(infrastructureUuid);
-			break;
-		case NATION:
-			baseInfrastructure = null;
-			break;
-		default:
-			throw new IllegalArgumentException("Unsupported jurisdiction level: " + jurisdictionLevel.name());
-		}
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
-		Root<UserReference> root = cq.from(UserReference.class);
-		Root<User> userRoot = cq.from(User.class);
-		UserQueryContext queryContext = new UserQueryContext(cb, cq, userRoot);
-		UserJoins joins = queryContext.getJoins();
-		cq.select(root);
-
-		Predicate filter = CriteriaBuilderHelper.and(cb, createDefaultFilter(cb, root), cb.equal(root.get(UserReference.ID), userRoot.get(User.ID)));
-
-		Predicate jurisdictionFilter = null;
-		while (jurisdictionLevel.getOrder() >= allowedJurisdictionLevel.getOrder()) {
-			Predicate jurisdictionPredicate = createUserRefsByInfrastructurePredicate(
-				cb,
-				joins,
-				baseInfrastructure != null ? baseInfrastructure.getUuid() : null,
-				jurisdictionLevel);
-			jurisdictionFilter = CriteriaBuilderHelper.or(cb, jurisdictionFilter, jurisdictionPredicate);
-
-			if (jurisdictionLevel.getOrder() > 1) {
-				jurisdictionLevel = baseInfrastructure instanceof Facility && ((Facility) baseInfrastructure).getCommunity() != null
-					? JurisdictionLevel.COMMUNITY
-					: InfrastructureHelper.getSuperordinateJurisdiction(jurisdictionLevel);
-				if (jurisdictionLevel.getOrder() > 1 && baseInfrastructure != null) {
-					baseInfrastructure = JurisdictionHelper.getParentInfrastructure(baseInfrastructure, jurisdictionLevel);
-				}
-			} else {
-				break;
-			}
-		}
-
-		filter = CriteriaBuilderHelper.and(cb, filter, jurisdictionFilter);
-
-		if (limitedDisease != null) {
-			Predicate restrictOtherLimitedDiseaseUsers = cb.or(
-				cb.isNull(userRoot.get(User.LIMITED_DISEASES)),
-				cb.like(userRoot.get(User.LIMITED_DISEASES).as(String.class), "%" + limitedDisease.name() + "%"));
-			filter = CriteriaBuilderHelper.and(cb, filter, restrictOtherLimitedDiseaseUsers);
-		}
-
-		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(userRoot, Arrays.asList(userRights)));
-
-		cq.where(filter);
-		cq.distinct(true);
-		cq.orderBy(cb.asc(root.get(AbstractDomainObject.ID)));
-
-		return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
-	}
-
-	private Predicate createUserRefsByInfrastructurePredicate(
-		CriteriaBuilder cb,
-		UserJoins joins,
-		String infrastructureUuid,
-		JurisdictionLevel jurisdictionLevel) {
-
-		Predicate predicate = null;
-
-		switch (jurisdictionLevel) {
-		case HEALTH_FACILITY:
-			predicate = cb.equal(joins.getHealthFacility().get(Facility.UUID), infrastructureUuid);
-			break;
-		case LABORATORY:
-		case EXTERNAL_LABORATORY:
-			predicate = cb.equal(joins.getLaboratory().get(Facility.UUID), infrastructureUuid);
-			break;
-		case COMMUNITY:
-			predicate = cb.and(
-				cb.isNull(joins.getHealthFacility()),
-				cb.isNull(joins.getLaboratory()),
-				cb.equal(joins.getCommunity().get(Community.UUID), infrastructureUuid));
-			break;
-		case POINT_OF_ENTRY:
-			predicate = cb.equal(joins.getPointOfEntry().get(PointOfEntry.UUID), infrastructureUuid);
-			break;
-		case DISTRICT:
-			predicate = cb.and(
-				cb.isNull(joins.getCommunity()),
-				cb.isNull(joins.getHealthFacility()),
-				cb.isNull(joins.getLaboratory()),
-				cb.isNull(joins.getPointOfEntry()),
-				cb.equal(joins.getDistrict().get(District.UUID), infrastructureUuid));
-			break;
-		case REGION:
-			predicate = cb.and(
-				cb.isNull(joins.getDistrict()),
-				cb.isNull(joins.getLaboratory()),
-				cb.equal(joins.getRegion().get(Region.UUID), infrastructureUuid));
-			break;
-		case NATION:
-			predicate = cb.and(cb.isNull(joins.getRegion()), cb.isNull(joins.getLaboratory()));
-			break;
-		default:
-			break;
-		}
-
-		return predicate;
-	}
-
-	public List<UserReference> getUserReferencesByJurisdictions(
-		List<String> regionUuids,
-		List<String> districtUuids,
-		List<String> communityUuids,
-		Collection<JurisdictionLevel> jurisdictionLevels,
-		Collection<UserRight> userRights) {
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
-		Root<UserReference> root = cq.from(UserReference.class);
-		Root<User> userRoot = cq.from(User.class);
-		cq.select(root);
-
-		// WHERE inner AND
-		Predicate filter = createDefaultFilter(cb, root);
-		boolean userEntityJoinUsed = false;
-
-		if (CollectionUtils.isNotEmpty(regionUuids)) {
-			Join<User, Region> regionJoin = userRoot.join(User.REGION, JoinType.LEFT);
-			filter = CriteriaBuilderHelper.and(cb, filter, cb.in(regionJoin.get(AbstractDomainObject.UUID)).value(regionUuids));
-			userEntityJoinUsed = true;
-		}
-		if (CollectionUtils.isNotEmpty(districtUuids)) {
-			Join<User, District> districtJoin = userRoot.join(User.DISTRICT, JoinType.LEFT);
-			filter = CriteriaBuilderHelper.and(cb, filter, cb.in(districtJoin.get(AbstractDomainObject.UUID)).value(districtUuids));
-			userEntityJoinUsed = true;
-		}
-		if (CollectionUtils.isNotEmpty(communityUuids)) {
-			Join<User, Community> communityJoin = userRoot.join(User.COMMUNITY, JoinType.LEFT);
-			filter = CriteriaBuilderHelper.and(cb, filter, cb.in(communityJoin.get(AbstractDomainObject.UUID)).value(communityUuids));
-			userEntityJoinUsed = true;
-		}
-		if (CollectionUtils.isNotEmpty(jurisdictionLevels)) {
-			filter = CriteriaBuilderHelper.and(cb, filter, root.get(UserReference.JURISDICTION_LEVEL).in(jurisdictionLevels));
-		}
-		Predicate userRightsFilter = buildUserRightsFilter(userRoot, userRights);
-		if (userRightsFilter != null) {
-			filter = CriteriaBuilderHelper.and(cb, filter, userRightsFilter);
-			userEntityJoinUsed = true;
-		}
-
-		if (userEntityJoinUsed) {
-			filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(root.get(UserReference.ID), userRoot.get(AbstractDomainObject.ID)));
-		}
-
-		Join<Object, Object> rolesJoin = root.join(User.USER_ROLES, JoinType.LEFT);
-		filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(rolesJoin.get(UserRole.RESTRICT_ACCESS_TO_ASSIGNED_ENTITIES), false));
-
-		if (filter != null) {
-			cq.where(filter);
-		}
-
-		cq.distinct(true);
-		cq.orderBy(cb.asc(root.get(AbstractDomainObject.ID)));
-
-		return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
-	}
-
-	public List<UserReference> getUserReferencesByIds(Collection<Long> userIds) {
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
-		Root<UserReference> root = cq.from(UserReference.class);
-
-		cq.where(root.get(UserReference.ID).in(userIds));
-
-		return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
-	}
-
-	public User getRandomDistrictUser(District district, UserRight... userRights) {
-
-		return getRandomUser(
-			getUserReferencesByJurisdictions(
-				null,
-				Collections.singletonList(district.getUuid()),
-				null,
-				Collections.singletonList(JurisdictionLevel.DISTRICT),
-				Arrays.asList(userRights)));
-	}
-
-	public User getRandomRegionUser(Region region, UserRight... userRights) {
-
-		return getRandomUser(
-			getUserReferencesByJurisdictions(
-				Collections.singletonList(region.getUuid()),
-				null,
-				null,
-				Collections.singletonList(JurisdictionLevel.REGION),
-				Arrays.asList(userRights)));
-	}
-
-	public User getRandomUser(List<UserReference> candidates) {
-
-		if (CollectionUtils.isEmpty(candidates)) {
-			return null;
-		}
-
-		UserReference chosenUser = candidates.get(new Random().nextInt(candidates.size()));
-		return getByUuid(chosenUser.getUuid());
-	}
-
-	public List<User> getFacilityUsersOfHospital(Facility facility) {
-
-		if (facility == null || !FacilityType.HOSPITAL.equals(facility.getType())) {
-			throw new IllegalArgumentException("Facility needs to be a hospital");
-		}
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-		Root<User> from = cq.from(getElementClass());
-
-		Predicate filter = cb.and(
-			createDefaultFilter(cb, from),
-			cb.equal(from.get(User.HEALTH_FACILITY), facility),
-			cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.HEALTH_FACILITY));
-
-		cq.where(filter).distinct(true);
-		return em.createQuery(cq).getResultList();
-	}
-
-	public List<User> getLabUsersOfLab(Facility facility) {
-
-		if (facility == null || facility.getType() != FacilityType.LABORATORY) {
-			throw new IllegalArgumentException("Facility needs to be a laboratory");
-		}
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-		Root<User> from = cq.from(getElementClass());
-
-		Predicate filter = cb.and(
-			createDefaultFilter(cb, from),
-			cb.equal(from.get(User.LABORATORY), facility),
-			from.get(User.JURISDICTION_LEVEL).in(JurisdictionLevel.LABORATORY, JurisdictionLevel.EXTERNAL_LABORATORY));
-
-		cq.where(filter).distinct(true);
-
-		return em.createQuery(cq).getResultList();
-	}
-
-	/**
-	 * @param associatedOfficer
-	 * @param userRights
-	 * @return
-	 */
-	public List<User> getAllByAssociatedOfficer(User associatedOfficer, UserRight[] userRights) {
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-		Root<User> from = cq.from(getElementClass());
-
-		Predicate filter = cb.and(createDefaultFilter(cb, from), cb.equal(from.get(User.ASSOCIATED_OFFICER), associatedOfficer));
-		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRights)));
-		cq.where(filter);
-
-		cq.orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
-
-		return em.createQuery(cq).getResultList();
-	}
-
-	public Map<String, User> getResponsibleUsersByEventUuids(List<String> eventUuids) {
-
-		Map<String, User> responsibleUserByEventUuid = new HashMap<>();
-		IterableHelper.executeBatched(eventUuids, ModelConstants.PARAMETER_LIMIT, batchedEventUuids -> {
-			CriteriaBuilder cb = em.getCriteriaBuilder();
-			CriteriaQuery<Object[]> cq = cb.createQuery(Object[].class);
-			Root<Event> eventRoot = cq.from(Event.class);
-			Join<Event, User> responsibleUserJoin = eventRoot.join(Event.RESPONSIBLE_USER, JoinType.LEFT);
-
-			cq.where(cb.and(createDefaultFilter(cb, responsibleUserJoin), eventRoot.get(Event.UUID).in(batchedEventUuids)));
-			cq.multiselect(eventRoot.get(Event.UUID), responsibleUserJoin);
-
-			cq.orderBy(cb.asc(eventRoot.get(Event.UUID)));
-
-			responsibleUserByEventUuid
-				.putAll(em.createQuery(cq).getResultList().stream().collect(Collectors.toMap(row -> (String) row[0], row -> (User) row[1])));
-		});
-		return responsibleUserByEventUuid;
-	}
-
-	public boolean isLoginUnique(String excludedUuid, String userName) {
-		User user = getByUserName(userName);
-		return user == null || user.getUuid().equals(excludedUuid);
-	}
-
-	public String resetPassword(String userUuid) {
-		User user = getByUuid(userUuid);
-		if (user == null) {
-			return null;
-		}
-
-		String password = setNewPassword(user);
-		ensurePersisted(user);
-
-		return password;
-	}
-
-	public static String setNewPassword(User user) {
-		String password = PasswordHelper.createPass(12);
-		user.setSeed(PasswordHelper.createPass(16));
-		user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
-
-		return password;
-	}
-
-	public String generatePassword() {
-      return PasswordHelper.generatePasswordWithSpecialChars(12);
-	}
-
-	public String updatePassword(String userUuid, String password) {
-		User user = getByUuid(userUuid);
-
-		if (user == null && password == null) {
-			return null;
-		}
-		assert user != null;
-		user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
-		ensurePersisted(user);
-		return password;
-	}
-
-	public Predicate buildCriteriaFilter(UserCriteria userCriteria, CriteriaBuilder cb, Root<User> from) {
-
-		Predicate filter = null;
-		if (userCriteria.getActive() != null) {
-			filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.ACTIVE), userCriteria.getActive()));
-		}
-		if (userCriteria.getUserRole() != null) {
-			filter = CriteriaBuilderHelper.and(
-				cb,
-				filter,
-				cb.equal(from.join(User.USER_ROLES, JoinType.LEFT).get(AbstractDomainObject.UUID), userCriteria.getUserRole().getUuid()));
-		}
-		if (userCriteria.getRegion() != null) {
-			filter = CriteriaBuilderHelper
-				.and(cb, filter, cb.equal(from.join(User.REGION, JoinType.LEFT).get(AbstractDomainObject.UUID), userCriteria.getRegion().getUuid()));
-		}
-		if (userCriteria.getDistrict() != null) {
-			filter = CriteriaBuilderHelper.and(
-				cb,
-				filter,
-				cb.equal(from.join(User.DISTRICT, JoinType.LEFT).get(AbstractDomainObject.UUID), userCriteria.getDistrict().getUuid()));
-		}
-		if (userCriteria.getFreeText() != null) {
-			String[] textFilters = userCriteria.getFreeText().split("\\s+");
-			for (String textFilter : textFilters) {
-				if (DataHelper.isNullOrEmpty(textFilter)) {
-					continue;
-				}
-
-				Predicate likeFilters = cb.or(
-					CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.FIRST_NAME), textFilter),
-					CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.LAST_NAME), textFilter),
-					CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.USER_NAME), textFilter),
-					CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.USER_EMAIL), textFilter),
-					CriteriaBuilderHelper.ilike(cb, from.get(User.PHONE), textFilter),
-					CriteriaBuilderHelper.ilike(cb, from.get(User.UUID), textFilter));
-				filter = CriteriaBuilderHelper.and(cb, filter, likeFilters);
-			}
-		}
-
-		return filter;
-	}
-
-	@SuppressWarnings("rawtypes")
-	@Override
-	public Predicate createUserFilter(CriteriaBuilder cb, CriteriaQuery cq, From<?, User> from) {
-		// a user can read all other users
-		return null;
-	}
-
-	public Predicate createCurrentUserJurisdictionFilter(CriteriaBuilder cb, From<?, User> from) {
-		User currentUser = getCurrentUser();
-
-		if (currentUser.getHealthFacility() != null) {
-			return cb.equal(from.get(User.HEALTH_FACILITY), currentUser.getHealthFacility());
-		} else if (currentUser.getPointOfEntry() != null) {
-			return cb.equal(from.get(User.POINT_OF_ENTRY), currentUser.getPointOfEntry());
-		} else if (currentUser.getLaboratory() != null) {
-			return cb.equal(from.get(User.LABORATORY), currentUser.getLaboratory());
-		} else if (currentUser.getCommunity() != null) {
-			return cb.equal(from.get(User.COMMUNITY), currentUser.getCommunity());
-		} else if (currentUser.getDistrict() != null) {
-			return cb.equal(from.get(User.DISTRICT), currentUser.getDistrict());
-		} else if (currentUser.getRegion() != null) {
-			return cb.equal(from.get(User.REGION), currentUser.getRegion());
-		} else {
-			return cb.conjunction();
-		}
-	}
-
-	public Predicate buildUserRightsFilter(Root<User> from, Collection<UserRight> userRights) {
-
-		if (userRights != null && !userRights.isEmpty()) {
-			Join<User, UserRole> rolesJoin = from.join(User.USER_ROLES, JoinType.LEFT);
-			Join<UserRole, UserRight> rightsJoin = rolesJoin.join(UserRole.USER_RIGHTS, JoinType.LEFT);
-			return rightsJoin.in(Collections.singletonList(userRights));
-		}
-
-		return null;
-	}
-
-	public Long countByAssignedOfficer(User officer, UserRight userRights) {
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<Long> cq = cb.createQuery(Long.class);
-		Root<User> from = cq.from(getElementClass());
-		Predicate filter = cb.equal(from.get(User.ASSOCIATED_OFFICER), officer);
-		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRights)));
-		cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
-		cq.select(cb.count(from));
-		return em.createQuery(cq).getSingleResult();
-	}
-
-	/**
-	 *
-	 * @param districts
-	 * @param userRight
-	 * @return Number of users with specified UserRight on district level
-	 */
-	public Long countByDistricts(List<District> districts, UserRight userRight) {
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<Long> cq = cb.createQuery(Long.class);
-		Root<User> from = cq.from(getElementClass());
-		Predicate filter = from.get(User.DISTRICT).in(districts);
-		filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.DISTRICT));
-		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
-		cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
-		cq.select(cb.count(from));
-		return em.createQuery(cq).getSingleResult();
-	}
-
-	/**
-	 *
-	 * @param districts
-	 * @return Number of users with specified UserRight on community level
-	 */
-	public Long countByCommunities(List<District> districts, UserRight userRight) {
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<Long> cq = cb.createQuery(Long.class);
-		Root<User> from = cq.from(getElementClass());
-		Predicate filter = from.get(User.COMMUNITY).get(Community.DISTRICT).in(districts);
-		filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.COMMUNITY));
-		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
-		cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
-		cq.select(cb.count(from));
-		return em.createQuery(cq).getSingleResult();
-	}
+    public List<UserReference> getUserReferences(
+            List<String> regionUuids,
+            List<String> districtUuids,
+            List<String> communityUuids,
+            boolean activeOnly,
+            Disease limitedDisease,
+            boolean excludeLimitedDiseaseUsers,
+            List<UserRight> userRights) {
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
+        Root<UserReference> root = cq.from(UserReference.class);
+        Root<User> userRoot = cq.from(User.class);
+        cq.select(root);
+
+        // WHERE inner AND
+        Predicate filter = null;
+        boolean userEntityJoinUsed = false;
+
+        if (CollectionUtils.isNotEmpty(regionUuids)) {
+            Join<User, Region> regionJoin = userRoot.join(User.REGION, JoinType.LEFT);
+            filter = CriteriaBuilderHelper.and(cb, filter, cb.in(regionJoin.get(AbstractDomainObject.UUID)).value(regionUuids));
+            userEntityJoinUsed = true;
+        }
+        if (CollectionUtils.isNotEmpty(districtUuids)) {
+            Join<User, District> districtJoin = userRoot.join(User.DISTRICT, JoinType.LEFT);
+            Join<User, Region> userRegionJoin = userRoot.join(User.REGION, JoinType.LEFT);
+            Join<Region, District> districtRegionJoin = userRegionJoin.join(Region.DISTRICTS, JoinType.LEFT);
+
+            Predicate districtFilter = cb.or(
+                    cb.in(districtJoin.get(AbstractDomainObject.UUID)).value(districtUuids),
+                    cb.and(
+                            cb.in(districtRegionJoin.get(AbstractDomainObject.UUID)).value(districtUuids),
+                            cb.equal(root.get(UserReference.JURISDICTION_LEVEL), JurisdictionLevel.REGION)));
+
+            filter = CriteriaBuilderHelper.and(cb, filter, districtFilter);
+            userEntityJoinUsed = true;
+        }
+        if (!hasRight(UserRight.SEE_PERSONAL_DATA_OUTSIDE_JURISDICTION)) {
+            filter = CriteriaBuilderHelper.and(cb, filter, createCurrentUserJurisdictionFilter(cb, userRoot));
+            userEntityJoinUsed = true;
+        }
+
+        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(userRoot, userRights));
+
+        if (userEntityJoinUsed) {
+            filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(root.get(UserReference.ID), userRoot.get(AbstractDomainObject.ID)));
+        }
+
+        // WHERE outer AND
+        if (activeOnly) {
+            filter = CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, root));
+        }
+
+        // eliminate users that are limited to others diseases
+        if (limitedDisease != null) {
+            Predicate restrictOtherLimitedDiseaseUsers = cb.or(
+                    cb.isNull(userRoot.get(User.LIMITED_DISEASES)),
+                    cb.like(userRoot.get(User.LIMITED_DISEASES).as(String.class), "%" + limitedDisease.name() + '%'));
+            filter = CriteriaBuilderHelper.and(cb, filter, restrictOtherLimitedDiseaseUsers);
+        }
+
+        //exlude users with limited diseases
+        if (excludeLimitedDiseaseUsers) {
+            filter = CriteriaBuilderHelper.and(cb, filter, cb.isNull(userRoot.get(User.LIMITED_DISEASES)));
+        }
+
+        if (CollectionUtils.isNotEmpty(communityUuids)) {
+            Join<User, Community> communityJoin = userRoot.join(User.COMMUNITY, JoinType.LEFT);
+            filter = CriteriaBuilderHelper.and(cb, filter, cb.in(communityJoin.get(AbstractDomainObject.UUID)).value(communityUuids));
+        }
+
+        if (filter != null) {
+            cq.where(filter);
+        }
+
+        cq.distinct(true);
+        cq.orderBy(cb.asc(root.get(AbstractDomainObject.ID)));
+
+        return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
+    }
+
+    public List<UserReference> getUserRefsByInfrastructure(
+            String infrastructureUuid,
+            JurisdictionLevel jurisdictionLevel,
+            JurisdictionLevel allowedJurisdictionLevel,
+            Disease limitedDisease,
+            UserRight... userRights) {
+
+        if (jurisdictionLevel.getOrder() < allowedJurisdictionLevel.getOrder()) {
+            return Collections.emptyList();
+        }
+
+        InfrastructureAdo baseInfrastructure;
+        switch (jurisdictionLevel) {
+            case HEALTH_FACILITY:
+            case LABORATORY:
+            case EXTERNAL_LABORATORY:
+                baseInfrastructure = facilityService.getByUuid(infrastructureUuid);
+                break;
+            case POINT_OF_ENTRY:
+                baseInfrastructure = pointOfEntryService.getByUuid(infrastructureUuid);
+                break;
+            case COMMUNITY:
+                baseInfrastructure = communityService.getByUuid(infrastructureUuid);
+                break;
+            case DISTRICT:
+                baseInfrastructure = districtService.getByUuid(infrastructureUuid);
+                break;
+            case REGION:
+                baseInfrastructure = regionService.getByUuid(infrastructureUuid);
+                break;
+            case NATION:
+                baseInfrastructure = null;
+                break;
+            default:
+                throw new IllegalArgumentException("Unsupported jurisdiction level: " + jurisdictionLevel.name());
+        }
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
+        Root<UserReference> root = cq.from(UserReference.class);
+        Root<User> userRoot = cq.from(User.class);
+        UserQueryContext queryContext = new UserQueryContext(cb, cq, userRoot);
+        UserJoins joins = queryContext.getJoins();
+        cq.select(root);
+
+        Predicate filter = CriteriaBuilderHelper.and(cb, createDefaultFilter(cb, root), cb.equal(root.get(UserReference.ID), userRoot.get(User.ID)));
+
+        Predicate jurisdictionFilter = null;
+        while (jurisdictionLevel.getOrder() >= allowedJurisdictionLevel.getOrder()) {
+            Predicate jurisdictionPredicate = createUserRefsByInfrastructurePredicate(
+                    cb,
+                    joins,
+                    baseInfrastructure != null ? baseInfrastructure.getUuid() : null,
+                    jurisdictionLevel);
+            jurisdictionFilter = CriteriaBuilderHelper.or(cb, jurisdictionFilter, jurisdictionPredicate);
+
+            if (jurisdictionLevel.getOrder() > 1) {
+                jurisdictionLevel = baseInfrastructure instanceof Facility && ((Facility) baseInfrastructure).getCommunity() != null
+                        ? JurisdictionLevel.COMMUNITY
+                        : InfrastructureHelper.getSuperordinateJurisdiction(jurisdictionLevel);
+                if (jurisdictionLevel.getOrder() > 1 && baseInfrastructure != null) {
+                    baseInfrastructure = JurisdictionHelper.getParentInfrastructure(baseInfrastructure, jurisdictionLevel);
+                }
+            } else {
+                break;
+            }
+        }
+
+        filter = CriteriaBuilderHelper.and(cb, filter, jurisdictionFilter);
+
+        if (limitedDisease != null) {
+            Predicate restrictOtherLimitedDiseaseUsers = cb.or(
+                    cb.isNull(userRoot.get(User.LIMITED_DISEASES)),
+                    cb.like(userRoot.get(User.LIMITED_DISEASES).as(String.class), "%" + limitedDisease.name() + "%"));
+            filter = CriteriaBuilderHelper.and(cb, filter, restrictOtherLimitedDiseaseUsers);
+        }
+
+        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(userRoot, Arrays.asList(userRights)));
+
+        cq.where(filter);
+        cq.distinct(true);
+        cq.orderBy(cb.asc(root.get(AbstractDomainObject.ID)));
+
+        return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
+    }
+
+    private Predicate createUserRefsByInfrastructurePredicate(
+            CriteriaBuilder cb,
+            UserJoins joins,
+            String infrastructureUuid,
+            JurisdictionLevel jurisdictionLevel) {
+
+        Predicate predicate = null;
+
+        switch (jurisdictionLevel) {
+            case HEALTH_FACILITY:
+                predicate = cb.equal(joins.getHealthFacility().get(Facility.UUID), infrastructureUuid);
+                break;
+            case LABORATORY:
+            case EXTERNAL_LABORATORY:
+                predicate = cb.equal(joins.getLaboratory().get(Facility.UUID), infrastructureUuid);
+                break;
+            case COMMUNITY:
+                predicate = cb.and(
+                        cb.isNull(joins.getHealthFacility()),
+                        cb.isNull(joins.getLaboratory()),
+                        cb.equal(joins.getCommunity().get(Community.UUID), infrastructureUuid));
+                break;
+            case POINT_OF_ENTRY:
+                predicate = cb.equal(joins.getPointOfEntry().get(PointOfEntry.UUID), infrastructureUuid);
+                break;
+            case DISTRICT:
+                predicate = cb.and(
+                        cb.isNull(joins.getCommunity()),
+                        cb.isNull(joins.getHealthFacility()),
+                        cb.isNull(joins.getLaboratory()),
+                        cb.isNull(joins.getPointOfEntry()),
+                        cb.equal(joins.getDistrict().get(District.UUID), infrastructureUuid));
+                break;
+            case REGION:
+                predicate = cb.and(
+                        cb.isNull(joins.getDistrict()),
+                        cb.isNull(joins.getLaboratory()),
+                        cb.equal(joins.getRegion().get(Region.UUID), infrastructureUuid));
+                break;
+            case NATION:
+                predicate = cb.and(cb.isNull(joins.getRegion()), cb.isNull(joins.getLaboratory()));
+                break;
+            default:
+                break;
+        }
+
+        return predicate;
+    }
+
+    public List<UserReference> getUserReferencesByJurisdictions(
+            List<String> regionUuids,
+            List<String> districtUuids,
+            List<String> communityUuids,
+            Collection<JurisdictionLevel> jurisdictionLevels,
+            Collection<UserRight> userRights) {
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
+        Root<UserReference> root = cq.from(UserReference.class);
+        Root<User> userRoot = cq.from(User.class);
+        cq.select(root);
+
+        // WHERE inner AND
+        Predicate filter = createDefaultFilter(cb, root);
+        boolean userEntityJoinUsed = false;
+
+        if (CollectionUtils.isNotEmpty(regionUuids)) {
+            Join<User, Region> regionJoin = userRoot.join(User.REGION, JoinType.LEFT);
+            filter = CriteriaBuilderHelper.and(cb, filter, cb.in(regionJoin.get(AbstractDomainObject.UUID)).value(regionUuids));
+            userEntityJoinUsed = true;
+        }
+        if (CollectionUtils.isNotEmpty(districtUuids)) {
+            Join<User, District> districtJoin = userRoot.join(User.DISTRICT, JoinType.LEFT);
+            filter = CriteriaBuilderHelper.and(cb, filter, cb.in(districtJoin.get(AbstractDomainObject.UUID)).value(districtUuids));
+            userEntityJoinUsed = true;
+        }
+        if (CollectionUtils.isNotEmpty(communityUuids)) {
+            Join<User, Community> communityJoin = userRoot.join(User.COMMUNITY, JoinType.LEFT);
+            filter = CriteriaBuilderHelper.and(cb, filter, cb.in(communityJoin.get(AbstractDomainObject.UUID)).value(communityUuids));
+            userEntityJoinUsed = true;
+        }
+        if (CollectionUtils.isNotEmpty(jurisdictionLevels)) {
+            filter = CriteriaBuilderHelper.and(cb, filter, root.get(UserReference.JURISDICTION_LEVEL).in(jurisdictionLevels));
+        }
+        Predicate userRightsFilter = buildUserRightsFilter(userRoot, userRights);
+        if (userRightsFilter != null) {
+            filter = CriteriaBuilderHelper.and(cb, filter, userRightsFilter);
+            userEntityJoinUsed = true;
+        }
+
+        if (userEntityJoinUsed) {
+            filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(root.get(UserReference.ID), userRoot.get(AbstractDomainObject.ID)));
+        }
+
+        Join<Object, Object> rolesJoin = root.join(User.USER_ROLES, JoinType.LEFT);
+        filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(rolesJoin.get(UserRole.RESTRICT_ACCESS_TO_ASSIGNED_ENTITIES), false));
+
+        if (filter != null) {
+            cq.where(filter);
+        }
+
+        cq.distinct(true);
+        cq.orderBy(cb.asc(root.get(AbstractDomainObject.ID)));
+
+        return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
+    }
+
+    public List<UserReference> getUserReferencesByIds(Collection<Long> userIds) {
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
+        Root<UserReference> root = cq.from(UserReference.class);
+
+        cq.where(root.get(UserReference.ID).in(userIds));
+
+        return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
+    }
+
+    public User getRandomDistrictUser(District district, UserRight... userRights) {
+
+        return getRandomUser(
+                getUserReferencesByJurisdictions(
+                        null,
+                        Collections.singletonList(district.getUuid()),
+                        null,
+                        Collections.singletonList(JurisdictionLevel.DISTRICT),
+                        Arrays.asList(userRights)));
+    }
+
+    public User getRandomRegionUser(Region region, UserRight... userRights) {
+
+        return getRandomUser(
+                getUserReferencesByJurisdictions(
+                        Collections.singletonList(region.getUuid()),
+                        null,
+                        null,
+                        Collections.singletonList(JurisdictionLevel.REGION),
+                        Arrays.asList(userRights)));
+    }
+
+    public User getRandomUser(List<UserReference> candidates) {
+
+        if (CollectionUtils.isEmpty(candidates)) {
+            return null;
+        }
+
+        UserReference chosenUser = candidates.get(new Random().nextInt(candidates.size()));
+        return getByUuid(chosenUser.getUuid());
+    }
+
+    public List<User> getFacilityUsersOfHospital(Facility facility) {
+
+        if (facility == null || !FacilityType.HOSPITAL.equals(facility.getType())) {
+            throw new IllegalArgumentException("Facility needs to be a hospital");
+        }
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+        Root<User> from = cq.from(getElementClass());
+
+        Predicate filter = cb.and(
+                createDefaultFilter(cb, from),
+                cb.equal(from.get(User.HEALTH_FACILITY), facility),
+                cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.HEALTH_FACILITY));
+
+        cq.where(filter).distinct(true);
+        return em.createQuery(cq).getResultList();
+    }
+
+    public List<User> getLabUsersOfLab(Facility facility) {
+
+        if (facility == null || facility.getType() != FacilityType.LABORATORY) {
+            throw new IllegalArgumentException("Facility needs to be a laboratory");
+        }
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+        Root<User> from = cq.from(getElementClass());
+
+        Predicate filter = cb.and(
+                createDefaultFilter(cb, from),
+                cb.equal(from.get(User.LABORATORY), facility),
+                from.get(User.JURISDICTION_LEVEL).in(JurisdictionLevel.LABORATORY, JurisdictionLevel.EXTERNAL_LABORATORY));
+
+        cq.where(filter).distinct(true);
+
+        return em.createQuery(cq).getResultList();
+    }
+
+    /**
+     * @param associatedOfficer
+     * @param userRights
+     * @return
+     */
+    public List<User> getAllByAssociatedOfficer(User associatedOfficer, UserRight[] userRights) {
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+        Root<User> from = cq.from(getElementClass());
+
+        Predicate filter = cb.and(createDefaultFilter(cb, from), cb.equal(from.get(User.ASSOCIATED_OFFICER), associatedOfficer));
+        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRights)));
+        cq.where(filter);
+
+        cq.orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
+
+        return em.createQuery(cq).getResultList();
+    }
+
+    public Map<String, User> getResponsibleUsersByEventUuids(List<String> eventUuids) {
+
+        Map<String, User> responsibleUserByEventUuid = new HashMap<>();
+        IterableHelper.executeBatched(eventUuids, ModelConstants.PARAMETER_LIMIT, batchedEventUuids -> {
+            CriteriaBuilder cb = em.getCriteriaBuilder();
+            CriteriaQuery<Object[]> cq = cb.createQuery(Object[].class);
+            Root<Event> eventRoot = cq.from(Event.class);
+            Join<Event, User> responsibleUserJoin = eventRoot.join(Event.RESPONSIBLE_USER, JoinType.LEFT);
+
+            cq.where(cb.and(createDefaultFilter(cb, responsibleUserJoin), eventRoot.get(Event.UUID).in(batchedEventUuids)));
+            cq.multiselect(eventRoot.get(Event.UUID), responsibleUserJoin);
+
+            cq.orderBy(cb.asc(eventRoot.get(Event.UUID)));
+
+            responsibleUserByEventUuid
+                    .putAll(em.createQuery(cq).getResultList().stream().collect(Collectors.toMap(row -> (String) row[0], row -> (User) row[1])));
+        });
+        return responsibleUserByEventUuid;
+    }
+
+    public boolean isLoginUnique(String excludedUuid, String userName) {
+        User user = getByUserName(userName);
+        return user == null || user.getUuid().equals(excludedUuid);
+    }
+
+    public String resetPassword(String userUuid) {
+        User user = getByUuid(userUuid);
+        if (user == null) {
+            return null;
+        }
+
+        String password = setNewPassword(user);
+        ensurePersisted(user);
+
+        return password;
+    }
+
+    public static String setNewPassword(User user) {
+        String password = PasswordHelper.createPass(12);
+        user.setSeed(PasswordHelper.createPass(16));
+        user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
+
+        return password;
+    }
+
+    public String generatePassword() {
+        return PasswordHelper.generatePasswordWithSpecialChars(12);
+    }
+
+    public String updatePassword(String userUuid, String password) {
+        User user = getByUuid(userUuid);
+
+        if (user == null && password == null) {
+            return null;
+        }
+        assert user != null;
+        user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
+        ensurePersisted(user);
+        return password;
+    }
+
+    public Predicate buildCriteriaFilter(UserCriteria userCriteria, CriteriaBuilder cb, Root<User> from) {
+
+        Predicate filter = null;
+        if (userCriteria.getActive() != null) {
+            filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.ACTIVE), userCriteria.getActive()));
+        }
+        if (userCriteria.getUserRole() != null) {
+            filter = CriteriaBuilderHelper.and(
+                    cb,
+                    filter,
+                    cb.equal(from.join(User.USER_ROLES, JoinType.LEFT).get(AbstractDomainObject.UUID), userCriteria.getUserRole().getUuid()));
+        }
+        if (userCriteria.getRegion() != null) {
+            filter = CriteriaBuilderHelper
+                    .and(cb, filter, cb.equal(from.join(User.REGION, JoinType.LEFT).get(AbstractDomainObject.UUID), userCriteria.getRegion().getUuid()));
+        }
+        if (userCriteria.getDistrict() != null) {
+            filter = CriteriaBuilderHelper.and(
+                    cb,
+                    filter,
+                    cb.equal(from.join(User.DISTRICT, JoinType.LEFT).get(AbstractDomainObject.UUID), userCriteria.getDistrict().getUuid()));
+        }
+        if (userCriteria.getFreeText() != null) {
+            String[] textFilters = userCriteria.getFreeText().split("\\s+");
+            for (String textFilter : textFilters) {
+                if (DataHelper.isNullOrEmpty(textFilter)) {
+                    continue;
+                }
+
+                Predicate likeFilters = cb.or(
+                        CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.FIRST_NAME), textFilter),
+                        CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.LAST_NAME), textFilter),
+                        CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.USER_NAME), textFilter),
+                        CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.USER_EMAIL), textFilter),
+                        CriteriaBuilderHelper.ilike(cb, from.get(User.PHONE), textFilter),
+                        CriteriaBuilderHelper.ilike(cb, from.get(User.UUID), textFilter));
+                filter = CriteriaBuilderHelper.and(cb, filter, likeFilters);
+            }
+        }
+
+        return filter;
+    }
+
+    @SuppressWarnings("rawtypes")
+    @Override
+    public Predicate createUserFilter(CriteriaBuilder cb, CriteriaQuery cq, From<?, User> from) {
+        // a user can read all other users
+        return null;
+    }
+
+    public Predicate createCurrentUserJurisdictionFilter(CriteriaBuilder cb, From<?, User> from) {
+        User currentUser = getCurrentUser();
+
+        if (currentUser.getHealthFacility() != null) {
+            return cb.equal(from.get(User.HEALTH_FACILITY), currentUser.getHealthFacility());
+        } else if (currentUser.getPointOfEntry() != null) {
+            return cb.equal(from.get(User.POINT_OF_ENTRY), currentUser.getPointOfEntry());
+        } else if (currentUser.getLaboratory() != null) {
+            return cb.equal(from.get(User.LABORATORY), currentUser.getLaboratory());
+        } else if (currentUser.getCommunity() != null) {
+            return cb.equal(from.get(User.COMMUNITY), currentUser.getCommunity());
+        } else if (currentUser.getDistrict() != null) {
+            return cb.equal(from.get(User.DISTRICT), currentUser.getDistrict());
+        } else if (currentUser.getRegion() != null) {
+            return cb.equal(from.get(User.REGION), currentUser.getRegion());
+        } else {
+            return cb.conjunction();
+        }
+    }
+
+    public Predicate buildUserRightsFilter(Root<User> from, Collection<UserRight> userRights) {
+
+        if (userRights != null && !userRights.isEmpty()) {
+            Join<User, UserRole> rolesJoin = from.join(User.USER_ROLES, JoinType.LEFT);
+            Join<UserRole, UserRight> rightsJoin = rolesJoin.join(UserRole.USER_RIGHTS, JoinType.LEFT);
+            return rightsJoin.in(Collections.singletonList(userRights));
+        }
+
+        return null;
+    }
+
+    public Long countByAssignedOfficer(User officer, UserRight userRights) {
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<Long> cq = cb.createQuery(Long.class);
+        Root<User> from = cq.from(getElementClass());
+        Predicate filter = cb.equal(from.get(User.ASSOCIATED_OFFICER), officer);
+        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRights)));
+        cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
+        cq.select(cb.count(from));
+        return em.createQuery(cq).getSingleResult();
+    }
+
+    /**
+     *
+     * @param districts
+     * @param userRight
+     * @return Number of users with specified UserRight on district level
+     */
+    public Long countByDistricts(List<District> districts, UserRight userRight) {
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<Long> cq = cb.createQuery(Long.class);
+        Root<User> from = cq.from(getElementClass());
+        Predicate filter = from.get(User.DISTRICT).in(districts);
+        filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.DISTRICT));
+        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
+        cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
+        cq.select(cb.count(from));
+        return em.createQuery(cq).getSingleResult();
+    }
+
+    /**
+     *
+     * @param districts
+     * @return Number of users with specified UserRight on community level
+     */
+    public Long countByCommunities(List<District> districts, UserRight userRight) {
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<Long> cq = cb.createQuery(Long.class);
+        Root<User> from = cq.from(getElementClass());
+        Predicate filter = from.get(User.COMMUNITY).get(Community.DISTRICT).in(districts);
+        filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.COMMUNITY));
+        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
+        cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
+        cq.select(cb.count(from));
+        return em.createQuery(cq).getSingleResult();
+    }
 
 	/**
 	 *
 	 * @param districts
 	 * @return Number of users with specified UserRight on health facility level
 	 */
-	public Long countByHealthFacilities(List<District> districts, UserRight userRight) {
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<Long> cq = cb.createQuery(Long.class);
-		Root<User> from = cq.from(getElementClass());
-		Predicate filter = from.get(User.HEALTH_FACILITY).get(Facility.DISTRICT).in(districts);
-		filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.HEALTH_FACILITY));
-		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
-		cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
-		cq.select(cb.count(from));
-		return em.createQuery(cq).getSingleResult();
-	}
+    public Long countByHealthFacilities(List<District> districts, UserRight userRight) {
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<Long> cq = cb.createQuery(Long.class);
+        Root<User> from = cq.from(getElementClass());
+        Predicate filter = from.get(User.HEALTH_FACILITY).get(Facility.DISTRICT).in(districts);
+        filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.HEALTH_FACILITY));
+        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
+        cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
+        cq.select(cb.count(from));
+        return em.createQuery(cq).getSingleResult();
+    }
 
 	/**
 	 *
 	 * @param districts
 	 * @return Number of users with specified UserRight on pointOfEntry level
 	 */
-	public Long countByPointOfEntries(List<District> districts, UserRight userRight) {
-
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<Long> cq = cb.createQuery(Long.class);
-		Root<User> from = cq.from(getElementClass());
-		Predicate filter = from.get(User.POINT_OF_ENTRY).get(PointOfEntry.DISTRICT).in(districts);
-		filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.POINT_OF_ENTRY));
-		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
-		cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
-		cq.select(cb.count(from));
-		return em.createQuery(cq).getSingleResult();
-	}
-
-	public boolean hasRole(UserRole userRole) {
-		return getCurrentUser().getUserRoles().contains(userRole);
-	}
-
-	public boolean hasRegion(RegionReferenceDto regionReference) {
-		User currentUser = getCurrentUser();
-		if (currentUser.getRegion() == null) {
-			return false;
-		}
-		return currentUser.getRegion().getUuid().equals(regionReference.getUuid());
-	}
+    public Long countByPointOfEntries(List<District> districts, UserRight userRight) {
+
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<Long> cq = cb.createQuery(Long.class);
+        Root<User> from = cq.from(getElementClass());
+        Predicate filter = from.get(User.POINT_OF_ENTRY).get(PointOfEntry.DISTRICT).in(districts);
+        filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.POINT_OF_ENTRY));
+        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
+        cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
+        cq.select(cb.count(from));
+        return em.createQuery(cq).getSingleResult();
+    }
+
+    public boolean hasRole(UserRole userRole) {
+        return getCurrentUser().getUserRoles().contains(userRole);
+    }
+
+    public boolean hasRegion(RegionReferenceDto regionReference) {
+        User currentUser = getCurrentUser();
+        if (currentUser.getRegion() == null) {
+            return false;
+        }
+        return currentUser.getRegion().getUuid().equals(regionReference.getUuid());
+    }
 
 	/**
 	 * @param root
 	 *            root to {@link User} or {@link UserReference}.
 	 */
-	private Predicate createDefaultFilter(CriteriaBuilder cb, From<?, ?> root) {
-		return cb.isTrue(root.get(User.ACTIVE));
-	}
-
-	public List<User> getAllActive() {
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-		Root<User> from = cq.from(getElementClass());
-		cq.where(createDefaultFilter(cb, from));
-		cq.orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
-
-		return em.createQuery(cq).getResultList();
-	}
-
-	public List<User> getAllDefaultUsers() {
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-		Root<User> from = cq.from(getElementClass());
-		cq.where(cb.and(createDefaultFilter(cb, from), from.get(User.USER_NAME).in(DefaultEntityHelper.getDefaultUserNames())));
-		cq.orderBy(cb.asc(from.get(User.USER_NAME)));
-
-		return em.createQuery(cq).getResultList();
-	}
-
-	public List<User> getAllByFacilityType(FacilityType facilityType) {
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-		Root<User> from = cq.from(getElementClass());
-		cq.where(cb.equal(from.join(User.HEALTH_FACILITY, JoinType.LEFT).get(Facility.TYPE), facilityType));
-
-		return em.createQuery(cq).getResultList();
-	}
-
-	public long countWithRole(UserRoleReferenceDto userRoleRef) {
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<Long> cq = cb.createQuery(Long.class);
-		Root<User> from = cq.from(getElementClass());
-
-		cq.select(cb.count(from));
-		cq.where(cb.equal(from.join(User.USER_ROLES, JoinType.LEFT).get(UserRole.UUID), userRoleRef.getUuid()));
-
-		return em.createQuery(cq).getSingleResult();
-
-	}
-
-	public List<User> getAllWithRole(UserRole userRoleRef) {
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<User> cq = cb.createQuery(User.class);
-		Root<User> from = cq.from(getElementClass());
-
-		cq.where(cb.equal(from.join(User.USER_ROLES, JoinType.LEFT).get(UserRole.UUID), userRoleRef.getUuid()));
-
-		return em.createQuery(cq).getResultList();
-	}
-
-	public List<User> getAllWithOnlyRole(UserRoleReferenceDto userRoleRef) {
-		CriteriaBuilder cb = em.getCriteriaBuilder();
-		CriteriaQuery<User> cq = cb.createQuery(User.class);
-		Root<User> from = cq.from(getElementClass());
-		Join<Object, Object> rolesJoin = from.join(User.USER_ROLES, JoinType.LEFT);
-
-		Subquery<Long> roleCount = cq.subquery(Long.class);
-		Root<User> roleCountFrom = roleCount.from(User.class);
-
-		roleCount.select(cb.count(roleCountFrom.join(User.USER_ROLES, JoinType.LEFT).get(UserRole.ID)));
-		roleCount.where(cb.equal(from.get(User.ID), roleCountFrom.get(User.ID)));
-
-		cq.where(cb.equal(rolesJoin.get(UserRole.UUID), userRoleRef.getUuid()), cb.equal(roleCount, 1));
-
-		return em.createQuery(cq).getResultList();
-	}
-
-	/**
-	 * Triggers the user sync asynchronously to not block the deployment step
-	 */
-	public void syncUserAsync(User user) {
-		try {
-			UserUpdateEvent event = new UserUpdateEvent(user);
-			event.setExceptionCallback(exceptionMessage -> logger.error("Could not synchronize user {} due to {}", user.getUuid(), exceptionMessage));
-
-			this.userUpdateEvent.fireAsync(event);
-		} catch (Throwable e) {
-			logger.error(MessageFormat.format("Unexpected exception when synchronizing user {0}", user.getUuid()), e);
-		}
-	}
-
-	public boolean isPortHealthUser() {
-		User user = getCurrentUser();
-		Set<UserRoleDto> userRoleDtos = user.getUserRoles().stream().map(UserRoleFacadeEjb::toDto).collect(Collectors.toSet());
-		return userRoleFacade.isPortHealthUser(userRoleDtos);
-	}
-
-	public Predicate inJurisdictionOrOwned(CriteriaBuilder cb, UserJoins joins) {
-		return new UserJurisdictionPredicateValidator(cb, getCurrentUser(), null, joins).inJurisdictionOrOwned();
-	}
+    private Predicate createDefaultFilter(CriteriaBuilder cb, From<?, ?> root) {
+        return cb.isTrue(root.get(User.ACTIVE));
+    }
+
+    public List<User> getAllActive() {
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+        Root<User> from = cq.from(getElementClass());
+        cq.where(createDefaultFilter(cb, from));
+        cq.orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
+
+        return em.createQuery(cq).getResultList();
+    }
+
+    public List<User> getAllDefaultUsers() {
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+        Root<User> from = cq.from(getElementClass());
+        cq.where(cb.and(createDefaultFilter(cb, from), from.get(User.USER_NAME).in(DefaultEntityHelper.getDefaultUserNames())));
+        cq.orderBy(cb.asc(from.get(User.USER_NAME)));
+
+        return em.createQuery(cq).getResultList();
+    }
+
+    public List<User> getAllByFacilityType(FacilityType facilityType) {
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+        Root<User> from = cq.from(getElementClass());
+        cq.where(cb.equal(from.join(User.HEALTH_FACILITY, JoinType.LEFT).get(Facility.TYPE), facilityType));
+
+        return em.createQuery(cq).getResultList();
+    }
+
+    public long countWithRole(UserRoleReferenceDto userRoleRef) {
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<Long> cq = cb.createQuery(Long.class);
+        Root<User> from = cq.from(getElementClass());
+
+        cq.select(cb.count(from));
+        cq.where(cb.equal(from.join(User.USER_ROLES, JoinType.LEFT).get(UserRole.UUID), userRoleRef.getUuid()));
+
+        return em.createQuery(cq).getSingleResult();
+
+    }
+
+    public List<User> getAllWithRole(UserRole userRoleRef) {
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<User> cq = cb.createQuery(User.class);
+        Root<User> from = cq.from(getElementClass());
+
+        cq.where(cb.equal(from.join(User.USER_ROLES, JoinType.LEFT).get(UserRole.UUID), userRoleRef.getUuid()));
+
+        return em.createQuery(cq).getResultList();
+    }
+
+    public List<User> getAllWithOnlyRole(UserRoleReferenceDto userRoleRef) {
+        CriteriaBuilder cb = em.getCriteriaBuilder();
+        CriteriaQuery<User> cq = cb.createQuery(User.class);
+        Root<User> from = cq.from(getElementClass());
+        Join<Object, Object> rolesJoin = from.join(User.USER_ROLES, JoinType.LEFT);
+
+        Subquery<Long> roleCount = cq.subquery(Long.class);
+        Root<User> roleCountFrom = roleCount.from(User.class);
+
+        roleCount.select(cb.count(roleCountFrom.join(User.USER_ROLES, JoinType.LEFT).get(UserRole.ID)));
+        roleCount.where(cb.equal(from.get(User.ID), roleCountFrom.get(User.ID)));
+
+        cq.where(cb.equal(rolesJoin.get(UserRole.UUID), userRoleRef.getUuid()), cb.equal(roleCount, 1));
+
+        return em.createQuery(cq).getResultList();
+    }
+
+    /**
+     * Triggers the user sync asynchronously to not block the deployment step
+     */
+    public void syncUserAsync(User user) {
+        try {
+            UserUpdateEvent event = new UserUpdateEvent(user);
+            event.setExceptionCallback(exceptionMessage -> logger.error("Could not synchronize user {} due to {}", user.getUuid(), exceptionMessage));
+
+            this.userUpdateEvent.fireAsync(event);
+        } catch (Throwable e) {
+            logger.error(MessageFormat.format("Unexpected exception when synchronizing user {0}", user.getUuid()), e);
+        }
+    }
+
+    public boolean isPortHealthUser() {
+        User user = getCurrentUser();
+        Set<UserRoleDto> userRoleDtos = user.getUserRoles().stream().map(UserRoleFacadeEjb::toDto).collect(Collectors.toSet());
+        return userRoleFacade.isPortHealthUser(userRoleDtos);
+    }
+
+    public Predicate inJurisdictionOrOwned(CriteriaBuilder cb, UserJoins joins) {
+        return new UserJurisdictionPredicateValidator(cb, getCurrentUser(), null, joins).inJurisdictionOrOwned();
+    }
 }
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
index 66b4f3d21a3..0b5dfbccc38 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
@@ -20,7 +20,6 @@ public static boolean isStrongPassword(String password) {
         return password.length() >= 8 && hasDigits(password) && hasSpecialCharacters(password) && hasCapitalLetter(password);
     }
 
-
     private static boolean hasDigits(String password) {
         return password.chars().anyMatch(Character::isDigit);
     }
@@ -29,10 +28,8 @@ private static boolean hasSpecialCharacters(String password) {
         return password.chars().anyMatch(ch -> !Character.isLetterOrDigit(ch) && !Character.isWhitespace(ch));
     }
 
-
     private static boolean hasCapitalLetter(String password) {
         return password.chars().anyMatch(Character::isUpperCase);
     }
 
-
 }
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
index a3efadc6801..4af593034e4 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
@@ -14,6 +14,35 @@
  */
 package de.symeda.sormas.backend;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import java.lang.annotation.Annotation;
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.function.BiFunction;
+import java.util.function.Consumer;
+import java.util.function.Function;
+import java.util.stream.Collectors;
+
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+import javax.persistence.EntityManager;
+import javax.persistence.Query;
+
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.junit.jupiter.api.function.Executable;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.mockito.junit.jupiter.MockitoSettings;
+import org.mockito.quality.Strictness;
+
 import de.hilling.junit.cdi.CdiTestJunitExtension;
 import de.hilling.junit.cdi.ContextControlWrapper;
 import de.symeda.sormas.api.ConfigFacade;
@@ -143,7 +172,12 @@
 import de.symeda.sormas.backend.externaljournal.ExternalJournalService;
 import de.symeda.sormas.backend.externalmessage.ExternalMessageFacadeEjb.ExternalMessageFacadeEjbLocal;
 import de.symeda.sormas.backend.externalmessage.ExternalMessageService;
-import de.symeda.sormas.backend.externalmessage.labmessage.*;
+import de.symeda.sormas.backend.externalmessage.labmessage.AutomaticLabMessageProcessor;
+import de.symeda.sormas.backend.externalmessage.labmessage.ExternalMessageProcessingFacadeEjbLocal;
+import de.symeda.sormas.backend.externalmessage.labmessage.SampleReportFacadeEjb;
+import de.symeda.sormas.backend.externalmessage.labmessage.SampleReportService;
+import de.symeda.sormas.backend.externalmessage.labmessage.TestReportFacadeEjb;
+import de.symeda.sormas.backend.externalmessage.labmessage.TestReportService;
 import de.symeda.sormas.backend.externalsurveillancetool.ExternalSurveillanceToolGatewayFacadeEjb.ExternalSurveillanceToolGatewayFacadeEjbLocal;
 import de.symeda.sormas.backend.feature.FeatureConfiguration;
 import de.symeda.sormas.backend.feature.FeatureConfigurationFacadeEjb.FeatureConfigurationFacadeEjbLocal;
@@ -229,41 +263,18 @@
 import de.symeda.sormas.backend.therapy.TreatmentService;
 import de.symeda.sormas.backend.travelentry.TravelEntryFacadeEjb;
 import de.symeda.sormas.backend.travelentry.services.TravelEntryService;
-import de.symeda.sormas.backend.user.*;
+import de.symeda.sormas.backend.user.CurrentUserService;
+import de.symeda.sormas.backend.user.User;
 import de.symeda.sormas.backend.user.UserFacadeEjb.UserFacadeEjbLocal;
+import de.symeda.sormas.backend.user.UserRole;
 import de.symeda.sormas.backend.user.UserRoleFacadeEjb.UserRoleFacadeEjbLocal;
+import de.symeda.sormas.backend.user.UserRoleService;
+import de.symeda.sormas.backend.user.UserService;
 import de.symeda.sormas.backend.vaccination.VaccinationFacadeEjb;
 import de.symeda.sormas.backend.vaccination.VaccinationService;
 import de.symeda.sormas.backend.visit.VisitFacadeEjb.VisitFacadeEjbLocal;
 import de.symeda.sormas.backend.visit.VisitService;
-import org.junit.jupiter.api.AfterEach;
-import org.junit.jupiter.api.BeforeAll;
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.extension.ExtendWith;
-import org.junit.jupiter.api.function.Executable;
-import org.mockito.junit.jupiter.MockitoExtension;
-import org.mockito.junit.jupiter.MockitoSettings;
-import org.mockito.quality.Strictness;
-
-import javax.naming.InitialContext;
-import javax.naming.NamingException;
-import javax.persistence.EntityManager;
-import javax.persistence.Query;
-import java.lang.annotation.Annotation;
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.function.BiFunction;
-import java.util.function.Consumer;
-import java.util.function.Function;
-import java.util.stream.Collectors;
-
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.junit.jupiter.api.Assertions.assertThrows;
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.Mockito.when;
-
+ 
 @ExtendWith(CdiTestJunitExtension.class)
 @ExtendWith(MockitoExtension.class)
 @MockitoSettings(strictness = Strictness.LENIENT)
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
index abae3bb81f0..6e0b1576520 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
@@ -15,6 +15,13 @@
 
 package de.symeda.sormas.backend.environment.environmentsample;
 
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.is;
+
+import org.apache.commons.lang3.NotImplementedException;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+
 import de.symeda.sormas.api.environment.EnvironmentDto;
 import de.symeda.sormas.api.environment.EnvironmentMedia;
 import de.symeda.sormas.api.environment.environmentsample.EnvironmentSampleDto;
@@ -24,12 +31,6 @@
 import de.symeda.sormas.api.user.UserDto;
 import de.symeda.sormas.backend.AbstractBeanTest;
 import de.symeda.sormas.backend.TestDataCreator;
-import org.apache.commons.lang3.NotImplementedException;
-import org.junit.jupiter.api.Assertions;
-import org.junit.jupiter.api.Test;
-
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.is;
 
 public class EnvironmentSampleServiceTest extends AbstractBeanTest {
 
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
index a80f801e00f..99f9c0d5390 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
@@ -1,10 +1,61 @@
 package de.symeda.sormas.backend.user;
 
+import static de.symeda.sormas.api.user.DefaultUserRole.ADMIN_SUPERVISOR;
+import static de.symeda.sormas.api.user.DefaultUserRole.CASE_OFFICER;
+import static de.symeda.sormas.api.user.DefaultUserRole.CONTACT_OFFICER;
+import static de.symeda.sormas.api.user.DefaultUserRole.CONTACT_SUPERVISOR;
+import static de.symeda.sormas.api.user.DefaultUserRole.DISTRICT_OBSERVER;
+import static de.symeda.sormas.api.user.DefaultUserRole.NATIONAL_USER;
+import static de.symeda.sormas.api.user.DefaultUserRole.POE_INFORMANT;
+import static de.symeda.sormas.api.user.DefaultUserRole.REST_EXTERNAL_VISITS_USER;
+import static de.symeda.sormas.api.user.DefaultUserRole.SURVEILLANCE_OFFICER;
+import static de.symeda.sormas.api.user.DefaultUserRole.SURVEILLANCE_SUPERVISOR;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.contains;
+import static org.hamcrest.Matchers.containsInAnyOrder;
+import static org.hamcrest.Matchers.hasItem;
+import static org.hamcrest.Matchers.hasItems;
+import static org.hamcrest.Matchers.hasSize;
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.not;
+import static org.hamcrest.Matchers.nullValue;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.mockStatic;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.Set;
+import java.util.UUID;
+import java.util.stream.Collectors;
+
+import javax.persistence.EntityNotFoundException;
+import javax.validation.ValidationException;
+
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.mockito.MockedStatic;
+import org.mockito.Mockito;
+import org.mockito.MockitoAnnotations;
+
 import de.symeda.sormas.api.AuthProvider;
 import de.symeda.sormas.api.Disease;
 import de.symeda.sormas.api.EntityDto;
 import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
-import de.symeda.sormas.api.user.*;
+import de.symeda.sormas.api.user.UserCriteria;
+import de.symeda.sormas.api.user.UserDto;
+import de.symeda.sormas.api.user.UserFacade;
+import de.symeda.sormas.api.user.UserReferenceDto;
+import de.symeda.sormas.api.user.UserRight;
 import de.symeda.sormas.api.utils.AccessDeniedException;
 import de.symeda.sormas.api.utils.SortProperty;
 import de.symeda.sormas.backend.AbstractBeanTest;
@@ -12,24 +63,22 @@
 import de.symeda.sormas.backend.infrastructure.region.Region;
 import de.symeda.sormas.backend.infrastructure.region.RegionFacadeEjb;
 import de.symeda.sormas.backend.infrastructure.region.RegionService;
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Test;
-import org.mockito.MockedStatic;
-import org.mockito.MockitoAnnotations;
 
-import javax.persistence.EntityNotFoundException;
-import javax.validation.ValidationException;
-import java.util.*;
-import java.util.stream.Collectors;
-
-import static de.symeda.sormas.api.user.DefaultUserRole.*;
-import static org.hamcrest.CoreMatchers.equalTo;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.contains;
-import static org.hamcrest.Matchers.*;
-import static org.junit.jupiter.api.Assertions.*;
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.Mockito.*;
+import de.symeda.sormas.api.AuthProvider;
+import de.symeda.sormas.api.Disease;
+import de.symeda.sormas.api.EntityDto;
+import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
+import de.symeda.sormas.api.user.UserDto;
+import de.symeda.sormas.api.user.UserRoleDto;
+import de.symeda.sormas.api.utils.AccessDeniedException;
+import de.symeda.sormas.api.utils.SortProperty;
+import de.symeda.sormas.backend.AbstractBeanTest;
+import de.symeda.sormas.backend.TestDataCreator.RDCF;
+import de.symeda.sormas.backend.infrastructure.region.Region;
+import de.symeda.sormas.backend.infrastructure.region.RegionFacadeEjb;
+import de.symeda.sormas.backend.infrastructure.region.RegionService;
+import static org.mockito.Mockito.when;
+import static org.junit.jupiter.api.Assertions.assertNotEquals;
 
 public class UserFacadeEjbTest extends AbstractBeanTest {
 
diff --git a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
index 577a3ee0dc0..561b3d4762f 100644
--- a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
+++ b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
@@ -15,6 +15,18 @@
 
 package de.symeda.sormas.rest.resources;
 
+import java.util.Date;
+import java.util.List;
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.core.MediaType;
+
 import de.symeda.sormas.api.FacadeProvider;
 import de.symeda.sormas.api.caze.CriteriaWithSorting;
 import de.symeda.sormas.api.common.Page;
@@ -25,11 +37,6 @@
 import de.symeda.sormas.api.user.UserRight;
 import io.swagger.v3.oas.annotations.parameters.RequestBody;
 
-import javax.ws.rs.*;
-import javax.ws.rs.core.MediaType;
-import java.util.Date;
-import java.util.List;
-
 /**
  * @see <a href="https://jersey.java.net/documentation/latest/">Jersey documentation</a>
  * @see <a href="https://jersey.java.net/documentation/latest/jaxrs-resources.html#d0e2051">Jersey documentation HTTP Methods</a>
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
index e0ffa76961c..3302aa09706 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
@@ -17,15 +17,31 @@
  *******************************************************************************/
 package de.symeda.sormas.ui;
 
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.StringUtils;
+
 import com.vaadin.icons.VaadinIcons;
 import com.vaadin.navigator.Navigator;
 import com.vaadin.navigator.View;
 import com.vaadin.server.FileResource;
 import com.vaadin.server.Resource;
 import com.vaadin.server.ThemeResource;
-import com.vaadin.ui.*;
+import com.vaadin.ui.Alignment;
+import com.vaadin.ui.Button;
+import com.vaadin.ui.CssLayout;
+import com.vaadin.ui.HorizontalLayout;
+import com.vaadin.ui.Image;
+import com.vaadin.ui.Label;
+import com.vaadin.ui.MenuBar;
 import com.vaadin.ui.MenuBar.Command;
+import com.vaadin.ui.UI;
+import com.vaadin.ui.Window;
 import com.vaadin.ui.themes.ValoTheme;
+
 import de.symeda.sormas.api.FacadeProvider;
 import de.symeda.sormas.api.i18n.Captions;
 import de.symeda.sormas.api.i18n.I18nProperties;
@@ -37,12 +53,6 @@
 import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent;
 import de.symeda.sormas.ui.utils.CssStyles;
 import de.symeda.sormas.ui.utils.VaadinUiUtil;
-import org.apache.commons.lang3.StringUtils;
-
-import java.nio.file.Path;
-import java.nio.file.Paths;
-import java.util.HashMap;
-import java.util.Map;
 
 /**
  * Responsive navigation menu presenting a list of available views to the user.
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 624200a1a72..adda0c36250 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -17,16 +17,32 @@
  *******************************************************************************/
 package de.symeda.sormas.ui.user;
 
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+import java.util.Set;
+import java.util.function.Consumer;
+import java.util.stream.Collectors;
+
+import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.lang3.StringUtils;
+
 import com.vaadin.icons.VaadinIcons;
 import com.vaadin.navigator.View;
 import com.vaadin.server.Page;
 import com.vaadin.server.Sizeable.Unit;
 import com.vaadin.server.ThemeResource;
-import com.vaadin.ui.*;
+import com.vaadin.ui.Button;
 import com.vaadin.ui.Button.ClickEvent;
 import com.vaadin.ui.Button.ClickListener;
+import com.vaadin.ui.Label;
+import com.vaadin.ui.Notification;
+import com.vaadin.ui.UI;
+import com.vaadin.ui.VerticalLayout;
+import com.vaadin.ui.Window;
 import com.vaadin.ui.themes.ValoTheme;
 import com.vaadin.v7.ui.ComboBox;
+
 import de.symeda.sormas.api.AuthProvider;
 import de.symeda.sormas.api.FacadeProvider;
 import de.symeda.sormas.api.Language;
@@ -39,21 +55,20 @@
 import de.symeda.sormas.api.user.UserRight;
 import de.symeda.sormas.api.user.UserRoleDto;
 import de.symeda.sormas.api.utils.DataHelper;
-import de.symeda.sormas.ui.ControllerProvider;
 import de.symeda.sormas.ui.SormasUI;
 import de.symeda.sormas.ui.UiUtil;
-import de.symeda.sormas.ui.UserProvider;
-import de.symeda.sormas.ui.utils.*;
+import de.symeda.sormas.ui.utils.BulkOperationHandler;
+import de.symeda.sormas.ui.utils.ButtonHelper;
+import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent;
 import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent.CommitListener;
-import org.apache.commons.collections4.CollectionUtils;
-import org.apache.commons.lang3.StringUtils;
-
-import java.util.*;
-import java.util.function.Consumer;
-import java.util.stream.Collectors;
-
+import de.symeda.sormas.ui.utils.ConfirmationComponent;
+import de.symeda.sormas.ui.utils.CssStyles;
+import de.symeda.sormas.ui.utils.VaadinUiUtil;
+import de.symeda.sormas.ui.ControllerProvider;
+import de.symeda.sormas.ui.UserProvider;
 import static de.symeda.sormas.ui.utils.CssStyles.LABEL_CRITICAL;
 import static de.symeda.sormas.ui.utils.CssStyles.LABEL_POSITIVE;
+import java.util.Objects;
 
 public class UserController {
 

From 5bcb629958b8995c713aa9a05045c9be23110b90 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 20 Aug 2024 14:04:35 +0000
Subject: [PATCH 59/95] clean up after review

---
 .../de/symeda/sormas/api/user/UserDto.java    |  12 +-
 .../de/symeda/sormas/api/user/UserFacade.java |  60 ++++------
 sormas-app/pom.xml                            |   2 +-
 .../sormas/backend/user/UserFacadeEjb.java    |  17 ---
 .../backend/user/UserFacadeEjbTest.java       | 104 ++++++------------
 .../symeda/sormas/ui/user/UserController.java |  45 +++-----
 6 files changed, 79 insertions(+), 161 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
index 6a25643e827..72e618fce9c 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
@@ -37,7 +37,7 @@
  import de.symeda.sormas.api.utils.DataHelper;
  import de.symeda.sormas.api.utils.FeatureIndependent;
  import de.symeda.sormas.api.utils.FieldConstraints;
-
+ 
 @FeatureIndependent
 public class UserDto extends EntityDto {
 
@@ -110,7 +110,7 @@ public class UserDto extends EntityDto {
 
     private boolean hasConsentedToGdpr;
     private String currentPassword;
-    private String updatePassword;
+    private String newPassword;
     private String confirmPassword;
     private String passwordStrength;
 
@@ -175,12 +175,12 @@ public String getCurrentPassword() {
         return currentPassword;
     }
 
-    public void setUpdatePassword(String updatePassword) {
-        this.updatePassword = updatePassword;
+    public void setNewPassword(String newPassword) {
+        this.newPassword = newPassword;
     }
 
-    public String getUpdatePassword() {
-        return updatePassword;
+    public String getNewPassword() {
+        return newPassword;
     }
 
     public void setConfirmPassword(String confirmPassword) {
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
index 0075477bf64..f7e58bff6e7 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
@@ -54,8 +54,6 @@ public interface UserFacade {
 
     String updateUserPassword(String uuid, String newPassword, String currentPassword);
 
-    Set<UserRoleDto> getValidLoginRoles(String userName, String password);
-
     boolean validatePassword(String uuid, String password);
 
     String checkPasswordStrength(String password);
@@ -69,17 +67,13 @@ public interface UserFacade {
     UserDto getByUserName(String userName);
 
     /**
-	 * 
-	 * @param regionRef
-	 *            reference of the region to be filtered for. When this region is null, it is not filtered in this regard.
-	 *            NOTE: some users don't have a region (often users with NATIONAL_USER role, for example). They will
-	 *            not be included when a region is specified, but otherwise they will.
-	 * @param limitedDisease
-	 *            can be used to remove users from the return value that are limited to diseases other that limitedDisease.
-	 * @param userRights
-	 *            user rights to be filtered for.
-	 * @return
-	 */
+     * @param regionRef      reference of the region to be filtered for. When this region is null, it is not filtered in this regard.
+     *                       NOTE: some users don't have a region (often users with NATIONAL_USER role, for example). They will
+     *                       not be included when a region is specified, but otherwise they will.
+     * @param limitedDisease can be used to remove users from the return value that are limited to diseases other that limitedDisease.
+     * @param userRights     user rights to be filtered for.
+     * @return
+     */
     List<UserReferenceDto> getUsersByRegionAndRights(RegionReferenceDto regionRef, Disease limitedDisease, UserRight... userRights);
 
     List<UserReferenceDto> getUsersWithSuperiorJurisdiction(UserDto user);
@@ -90,32 +84,24 @@ public interface UserFacade {
 
     long count(UserCriteria userCriteria);
 
-	/**
-	 * 
-	 * @param district
-	 *            reference of the district to be filtered for. When this district is null, it is not filtered in this regard.
-	 *            NOTE: some users don't have a district (often users with NATIONAL_USER role, for example). They will
-	 *            not be included when a district is specified, but otherwise they will.
-	 * @param limitedDisease
-	 *            can be used to remove users from the return value that are limited to diseases other that limitedDisease.
-	 * @param userRights
-	 *            user rights to be filtered for.
-	 * @return
-	 */
+    /**
+     * @param district       reference of the district to be filtered for. When this district is null, it is not filtered in this regard.
+     *                       NOTE: some users don't have a district (often users with NATIONAL_USER role, for example). They will
+     *                       not be included when a district is specified, but otherwise they will.
+     * @param limitedDisease can be used to remove users from the return value that are limited to diseases other that limitedDisease.
+     * @param userRights     user rights to be filtered for.
+     * @return
+     */
     List<UserReferenceDto> getUserRefsByDistrict(DistrictReferenceDto district, Disease limitedDisease, UserRight... userRights);
 
-	/**
-	 * 
-	 * @param district
-	 *            reference of the district to be filtered for. When this district is null, it is not filtered in this regard.
-	 *            NOTE: some users don't have a district (often users with NATIONAL_USER role, for example). They will
-	 *            * not be included when a district is specified, but otherwise they will.
-	 * @param excludeLimitedDiseaseUsers
-	 *            if true, all users limited to diseases are excluded from the return value.
-	 * @param userRights
-	 *            user rights to be filtered for.
-	 * @return
-	 */
+    /**
+     * @param district                   reference of the district to be filtered for. When this district is null, it is not filtered in this regard.
+     *                                   NOTE: some users don't have a district (often users with NATIONAL_USER role, for example). They will
+     *                                   * not be included when a district is specified, but otherwise they will.
+     * @param excludeLimitedDiseaseUsers if true, all users limited to diseases are excluded from the return value.
+     * @param userRights                 user rights to be filtered for.
+     * @return
+     */
     List<UserReferenceDto> getUserRefsByDistrict(DistrictReferenceDto district, boolean excludeLimitedDiseaseUsers, UserRight... userRights);
 
     List<UserReferenceDto> getUserRefsByDistricts(List<DistrictReferenceDto> districts, Disease limitedDisease, UserRight... userRights);
diff --git a/sormas-app/pom.xml b/sormas-app/pom.xml
index c2be8875554..f64314439ef 100644
--- a/sormas-app/pom.xml
+++ b/sormas-app/pom.xml
@@ -3,7 +3,7 @@
 	<parent>
 		<artifactId>sormas-base</artifactId>
 		<groupId>de.symeda.sormas</groupId>
-		<version>1.98.0-SNAPSHOT</version>
+		<version>1.99.0-SNAPSHOT</version>
 		<relativePath>../sormas-base</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 5f48f924ec3..186328da4aa 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -152,10 +152,6 @@
 import de.symeda.sormas.backend.util.QueryHelper;
 import de.symeda.sormas.backend.util.RightsAllowed;
 import de.symeda.sormas.backend.util.PasswordValidator;
-import de.symeda.sormas.backend.util.ModelConstants;
-import de.symeda.sormas.backend.util.RightsAllowed;
-import de.symeda.sormas.backend.util.QueryHelper;
-import de.symeda.sormas.backend.util.DtoHelper;
 
 @Stateless(name = "UserFacade")
 public class UserFacadeEjb implements UserFacade {
@@ -950,19 +946,6 @@ public Set<UserRight> getValidLoginRights(String userName, String password) {
         return null;
     }
 
-    @PermitAll
-    @Override
-    public Set<UserRoleDto> getValidLoginRoles(String userName, String password) {
-        User user = userService.getByUserName(userName);
-
-        if (user != null && user.isActive()
-                && (DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed())))) {
-            return getUserRoles(toDto(user));
-        }
-
-        return Collections.emptySet();
-    }
-
     @Override
     @PermitAll
     public boolean validatePassword(String uuid, String password) {
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
index 99f9c0d5390..63147653616 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
@@ -1,5 +1,36 @@
 package de.symeda.sormas.backend.user;
 
+import de.symeda.sormas.api.AuthProvider;
+import de.symeda.sormas.api.Disease;
+import de.symeda.sormas.api.EntityDto;
+import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
+import de.symeda.sormas.api.user.UserCriteria;
+import de.symeda.sormas.api.user.UserDto;
+import de.symeda.sormas.api.user.UserFacade;
+import de.symeda.sormas.api.user.UserReferenceDto;
+import de.symeda.sormas.api.user.UserRight;
+import de.symeda.sormas.api.utils.AccessDeniedException;
+import de.symeda.sormas.api.utils.SortProperty;
+import de.symeda.sormas.backend.AbstractBeanTest;
+import de.symeda.sormas.backend.TestDataCreator.RDCF;
+import de.symeda.sormas.backend.infrastructure.region.Region;
+import de.symeda.sormas.backend.infrastructure.region.RegionFacadeEjb;
+import de.symeda.sormas.backend.infrastructure.region.RegionService;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.mockito.MockedStatic;
+import org.mockito.MockitoAnnotations;
+
+import javax.persistence.EntityNotFoundException;
+import javax.validation.ValidationException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.Set;
+import java.util.UUID;
+import java.util.stream.Collectors;
+
 import static de.symeda.sormas.api.user.DefaultUserRole.ADMIN_SUPERVISOR;
 import static de.symeda.sormas.api.user.DefaultUserRole.CASE_OFFICER;
 import static de.symeda.sormas.api.user.DefaultUserRole.CONTACT_OFFICER;
@@ -22,6 +53,7 @@
 import static org.hamcrest.Matchers.nullValue;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertNotEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.junit.jupiter.api.Assertions.assertNull;
 import static org.junit.jupiter.api.Assertions.assertThrows;
@@ -29,56 +61,7 @@
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.mockStatic;
-
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.List;
-import java.util.Set;
-import java.util.UUID;
-import java.util.stream.Collectors;
-
-import javax.persistence.EntityNotFoundException;
-import javax.validation.ValidationException;
-
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Test;
-import org.mockito.MockedStatic;
-import org.mockito.Mockito;
-import org.mockito.MockitoAnnotations;
-
-import de.symeda.sormas.api.AuthProvider;
-import de.symeda.sormas.api.Disease;
-import de.symeda.sormas.api.EntityDto;
-import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
-import de.symeda.sormas.api.user.UserCriteria;
-import de.symeda.sormas.api.user.UserDto;
-import de.symeda.sormas.api.user.UserFacade;
-import de.symeda.sormas.api.user.UserReferenceDto;
-import de.symeda.sormas.api.user.UserRight;
-import de.symeda.sormas.api.utils.AccessDeniedException;
-import de.symeda.sormas.api.utils.SortProperty;
-import de.symeda.sormas.backend.AbstractBeanTest;
-import de.symeda.sormas.backend.TestDataCreator.RDCF;
-import de.symeda.sormas.backend.infrastructure.region.Region;
-import de.symeda.sormas.backend.infrastructure.region.RegionFacadeEjb;
-import de.symeda.sormas.backend.infrastructure.region.RegionService;
-
-import de.symeda.sormas.api.AuthProvider;
-import de.symeda.sormas.api.Disease;
-import de.symeda.sormas.api.EntityDto;
-import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
-import de.symeda.sormas.api.user.UserDto;
-import de.symeda.sormas.api.user.UserRoleDto;
-import de.symeda.sormas.api.utils.AccessDeniedException;
-import de.symeda.sormas.api.utils.SortProperty;
-import de.symeda.sormas.backend.AbstractBeanTest;
-import de.symeda.sormas.backend.TestDataCreator.RDCF;
-import de.symeda.sormas.backend.infrastructure.region.Region;
-import de.symeda.sormas.backend.infrastructure.region.RegionFacadeEjb;
-import de.symeda.sormas.backend.infrastructure.region.RegionService;
 import static org.mockito.Mockito.when;
-import static org.junit.jupiter.api.Assertions.assertNotEquals;
 
 public class UserFacadeEjbTest extends AbstractBeanTest {
 
@@ -531,29 +514,6 @@ public void testGeneratePassword() {
         assertFalse(result.isEmpty());
     }
 
-    @Test
-    void testGetValidLoginRolesValidUser() {
-        // Arrange
-        User user = creator.createTestUser();
-
-        // Act
-        Set<UserRoleDto> result = getUserFacade().getValidLoginRoles(user.getUserName(), "password");
-
-        // Assert
-        assertNotNull(result);
-        assertFalse(result.isEmpty());
-    }
-
-    @Test
-    void testGetValidLoginRolesInvalidUser() {
-        // Act
-        Set<UserRoleDto> result = getUserFacade().getValidLoginRoles("testuser", "password");
-
-        // Assert
-        assertNotNull(result);
-        assertTrue(result.isEmpty());
-    }
-
     @Test
     void testValidatePasswordValid() {
         // Arrange
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index adda0c36250..3e9c06d23a5 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -17,32 +17,16 @@
  *******************************************************************************/
 package de.symeda.sormas.ui.user;
 
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-import java.util.Set;
-import java.util.function.Consumer;
-import java.util.stream.Collectors;
-
-import org.apache.commons.collections4.CollectionUtils;
-import org.apache.commons.lang3.StringUtils;
-
 import com.vaadin.icons.VaadinIcons;
 import com.vaadin.navigator.View;
 import com.vaadin.server.Page;
 import com.vaadin.server.Sizeable.Unit;
 import com.vaadin.server.ThemeResource;
-import com.vaadin.ui.Button;
+import com.vaadin.ui.*;
 import com.vaadin.ui.Button.ClickEvent;
 import com.vaadin.ui.Button.ClickListener;
-import com.vaadin.ui.Label;
-import com.vaadin.ui.Notification;
-import com.vaadin.ui.UI;
-import com.vaadin.ui.VerticalLayout;
-import com.vaadin.ui.Window;
 import com.vaadin.ui.themes.ValoTheme;
 import com.vaadin.v7.ui.ComboBox;
-
 import de.symeda.sormas.api.AuthProvider;
 import de.symeda.sormas.api.FacadeProvider;
 import de.symeda.sormas.api.Language;
@@ -55,20 +39,25 @@
 import de.symeda.sormas.api.user.UserRight;
 import de.symeda.sormas.api.user.UserRoleDto;
 import de.symeda.sormas.api.utils.DataHelper;
+import de.symeda.sormas.ui.ControllerProvider;
 import de.symeda.sormas.ui.SormasUI;
 import de.symeda.sormas.ui.UiUtil;
-import de.symeda.sormas.ui.utils.BulkOperationHandler;
-import de.symeda.sormas.ui.utils.ButtonHelper;
-import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent;
-import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent.CommitListener;
-import de.symeda.sormas.ui.utils.ConfirmationComponent;
-import de.symeda.sormas.ui.utils.CssStyles;
-import de.symeda.sormas.ui.utils.VaadinUiUtil;
-import de.symeda.sormas.ui.ControllerProvider;
 import de.symeda.sormas.ui.UserProvider;
+import de.symeda.sormas.ui.utils.*;
+import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent.CommitListener;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+import java.util.Objects;
+import java.util.Set;
+import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.lang3.StringUtils;
+
+import java.util.function.Consumer;
+import java.util.stream.Collectors;
+
 import static de.symeda.sormas.ui.utils.CssStyles.LABEL_CRITICAL;
 import static de.symeda.sormas.ui.utils.CssStyles.LABEL_POSITIVE;
-import java.util.Objects;
 
 public class UserController {
 
@@ -433,7 +422,7 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
         component.addCommitListener(() -> {
             if (!form.getFieldGroup().isModified()) {
                 UserDto changedUser = form.getValue();
-                if (!Objects.equals(changedUser.getConfirmPassword(), changedUser.getUpdatePassword())) {
+                if (!Objects.equals(changedUser.getConfirmPassword(), changedUser.getNewPassword())) {
 
                     Notification.show(I18nProperties.getString(Strings.messageNewPasswordDoesNotMatchFailed), Notification.Type.ERROR_MESSAGE);
                 } else if (!FacadeProvider.getUserFacade().validatePassword(user.getUuid(), changedUser.getCurrentPassword())) {
@@ -441,7 +430,7 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
                 } else if (passwordStrengthDesc.getValue().contains("Weak")) {
                     Notification.show(I18nProperties.getString(Strings.messageNewPasswordFailed), Notification.Type.ERROR_MESSAGE);
                 } else {
-                    showUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getUpdatePassword(), changedUser.getCurrentPassword());
+                    showUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getNewPassword(), changedUser.getCurrentPassword());
 
                 }
             }

From 39f066e0619fc31475a839270e33c49cd6865e2b Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 20 Aug 2024 14:28:34 +0000
Subject: [PATCH 60/95] taking of @Audited from UserRoleDto

---
 .../src/main/java/de/symeda/sormas/api/user/UserRoleDto.java     | 1 -
 1 file changed, 1 deletion(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
index 777268bc8b4..9826233aef8 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
@@ -38,7 +38,6 @@
 import de.symeda.sormas.api.utils.ValidationException;
 import de.symeda.sormas.api.audit.AuditedClass;
 
-@AuditedClass
 public class UserRoleDto extends EntityDto {
 
     private static final long serialVersionUID = -547459523041494446L;

From 752fd9217790fb4259612ee5b664d0bd0b15bf7a Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 20 Aug 2024 14:58:38 +0000
Subject: [PATCH 61/95] Replacing genereatepassword with create pass

---
 .../sormas/api/utils/PasswordHelper.java      | 53 -------------
 .../sormas/backend/user/UserService.java      | 79 +++++++++----------
 2 files changed, 37 insertions(+), 95 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java b/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
index cdcfcaad187..449736d4977 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
@@ -25,7 +25,6 @@
 import javax.validation.ValidationException;
 
 import org.apache.commons.codec.binary.Hex;
-import java.util.Arrays;
 
 public final class PasswordHelper {
 
@@ -68,58 +67,6 @@ private PasswordHelper() {
         }
     }
 
-    public static String generatePasswordWithSpecialChars(int length) {
-        // Combine the existing character set with special characters
-        char[] combinedChars = Arrays.copyOf(PASSWORD_CHARS, PASSWORD_CHARS.length + 10);
-        combinedChars[PASSWORD_CHARS.length] = '!';
-        combinedChars[PASSWORD_CHARS.length + 1] = '@';
-        combinedChars[PASSWORD_CHARS.length + 2] = '#';
-        combinedChars[PASSWORD_CHARS.length + 3] = '$';
-        combinedChars[PASSWORD_CHARS.length + 4] = '%';
-        combinedChars[PASSWORD_CHARS.length + 5] = '^';
-        combinedChars[PASSWORD_CHARS.length + 6] = '&';
-        combinedChars[PASSWORD_CHARS.length + 7] = '*';
-        combinedChars[PASSWORD_CHARS.length + 8] = '(';
-        combinedChars[PASSWORD_CHARS.length + 9] = ')';
-
-        SecureRandom rnd = new SecureRandom();
-        char[] chs = new char[length];
-
-        // Ensure at least one digit
-        chs[0] = (char) ('2' + rnd.nextInt(8)); // 2-9
-
-        // Ensure at least one special character
-        chs[1] = combinedChars[PASSWORD_CHARS.length + rnd.nextInt(10)];
-
-        // Ensure at least one uppercase letter
-        chs[2] = (char) ('A' + rnd.nextInt(26));
-        while (chs[2] == 'I' || chs[2] == 'O' || chs[2] == 'V') {
-            chs[2] = (char) ('A' + rnd.nextInt(26));
-        }
-
-        // Ensure at least one lowercase letter
-        chs[3] = (char) ('a' + rnd.nextInt(26));
-        while (chs[3] == 'l' || chs[3] == 'v') {
-            chs[3] = (char) ('a' + rnd.nextInt(26));
-        }
-
-        // Fill the rest of the password
-        for (int i = 4; i < length; i++) {
-            chs[i] = combinedChars[rnd.nextInt(combinedChars.length)];
-        }
-
-        // Shuffle the password array to avoid predictable patterns
-        for (int i = 0; i < chs.length; i++) {
-            int randomIndex = rnd.nextInt(chs.length);
-            char temp = chs[i];
-            chs[i] = chs[randomIndex];
-            chs[randomIndex] = temp;
-        }
-
-        return new String(chs);
-    }
-
-
     public static String createPass(final int length) {
 
         SecureRandom rnd = new SecureRandom();
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
index a35a15ad2d7..d183f54db7f 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
@@ -183,18 +183,18 @@ public List<User> getAllByDistrictsAndUserRights(List<District> districts, Colle
         return em.createQuery(cq).getResultList();
     }
 
-	/**
-	 * Loads users filtered by combinable filter conditions.<br />
-	 * Condition combination if parameter is set:<br />
-	 * {@code ((regionUuids & districtUuids & filterByJurisdiction & userRoles) | includeSupervisors) & activeOnly}
-	 * 
-	 * @see #createCurrentUserJurisdictionFilter(CriteriaBuilder, From)
-	 * @param regionUuids
-	 * @param districtUuids
-	 * @param filterByCurrentUserJurisdiction
-	 * @param activeOnly
-	 * @param userRights
-	 */
+    /**
+     * Loads users filtered by combinable filter conditions.<br />
+     * Condition combination if parameter is set:<br />
+     * {@code ((regionUuids & districtUuids & filterByJurisdiction & userRoles) | includeSupervisors) & activeOnly}
+     *
+     * @param regionUuids
+     * @param districtUuids
+     * @param filterByCurrentUserJurisdiction
+     * @param activeOnly
+     * @param userRights
+     * @see #createCurrentUserJurisdictionFilter(CriteriaBuilder, From)
+     */
     public List<UserReference> getUserReferences(List<String> regionUuids, List<String> districtUuids, boolean activeOnly, UserRight... userRights) {
 
         return getUserReferences(regionUuids, districtUuids, null, activeOnly, userRights);
@@ -219,19 +219,19 @@ public List<UserReference> getUserReferences(
         return getUserReferences(regionUuids, districtUuids, communityUuids, activeOnly, limitedDisease, false, Arrays.asList(userRights));
     }
 
-	/**
-	 * Loads users filtered by combinable filter conditions.<br />
-	 * Condition combination if parameter is set:<br />
-	 * {@code ((regionUuids & districtUuids & communityUuids & filterByJurisdiction & userRoles) | includeSupervisors) & activeOnly}
-	 *
-	 * @see #createCurrentUserJurisdictionFilter(CriteriaBuilder, From)
-	 * @param regionUuids
-	 * @param districtUuids
-	 * @param communityUuids
-	 * @param filterByJurisdiction
-	 * @param activeOnly
-	 * @param userRights
-	 */
+    /**
+     * Loads users filtered by combinable filter conditions.<br />
+     * Condition combination if parameter is set:<br />
+     * {@code ((regionUuids & districtUuids & communityUuids & filterByJurisdiction & userRoles) | includeSupervisors) & activeOnly}
+     *
+     * @param regionUuids
+     * @param districtUuids
+     * @param communityUuids
+     * @param filterByJurisdiction
+     * @param activeOnly
+     * @param userRights
+     * @see #createCurrentUserJurisdictionFilter(CriteriaBuilder, From)
+     */
     public List<UserReference> getUserReferences(
             List<String> regionUuids,
             List<String> districtUuids,
@@ -654,7 +654,7 @@ public static String setNewPassword(User user) {
     }
 
     public String generatePassword() {
-        return PasswordHelper.generatePasswordWithSpecialChars(12);
+        return PasswordHelper.createPass(12);
     }
 
     public String updatePassword(String userUuid, String password) {
@@ -763,7 +763,6 @@ public Long countByAssignedOfficer(User officer, UserRight userRights) {
     }
 
     /**
-     *
      * @param districts
      * @param userRight
      * @return Number of users with specified UserRight on district level
@@ -782,7 +781,6 @@ public Long countByDistricts(List<District> districts, UserRight userRight) {
     }
 
     /**
-     *
      * @param districts
      * @return Number of users with specified UserRight on community level
      */
@@ -799,11 +797,10 @@ public Long countByCommunities(List<District> districts, UserRight userRight) {
         return em.createQuery(cq).getSingleResult();
     }
 
-	/**
-	 *
-	 * @param districts
-	 * @return Number of users with specified UserRight on health facility level
-	 */
+    /**
+     * @param districts
+     * @return Number of users with specified UserRight on health facility level
+     */
     public Long countByHealthFacilities(List<District> districts, UserRight userRight) {
 
         CriteriaBuilder cb = em.getCriteriaBuilder();
@@ -817,11 +814,10 @@ public Long countByHealthFacilities(List<District> districts, UserRight userRigh
         return em.createQuery(cq).getSingleResult();
     }
 
-	/**
-	 *
-	 * @param districts
-	 * @return Number of users with specified UserRight on pointOfEntry level
-	 */
+    /**
+     * @param districts
+     * @return Number of users with specified UserRight on pointOfEntry level
+     */
     public Long countByPointOfEntries(List<District> districts, UserRight userRight) {
 
         CriteriaBuilder cb = em.getCriteriaBuilder();
@@ -847,10 +843,9 @@ public boolean hasRegion(RegionReferenceDto regionReference) {
         return currentUser.getRegion().getUuid().equals(regionReference.getUuid());
     }
 
-	/**
-	 * @param root
-	 *            root to {@link User} or {@link UserReference}.
-	 */
+    /**
+     * @param root root to {@link User} or {@link UserReference}.
+     */
     private Predicate createDefaultFilter(CriteriaBuilder cb, From<?, ?> root) {
         return cb.isTrue(root.get(User.ACTIVE));
     }

From a18eec476f3501f2098873d84fedc3e6106656e5 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 20 Aug 2024 17:22:57 +0000
Subject: [PATCH 62/95] clean up after review

---
 sormas-app/app/src/main/AndroidManifest.xml   | 21 +++++-
 .../app/backend/config/ConfigProvider.java    |  3 +-
 .../controls/ControlPasswordField.java        |  1 -
 .../app/login/ChangePasswordActivity.java     |  7 +-
 sormas-backend/pom.xml                        |  6 --
 .../sormas/backend/user/UserService.java      |  9 ++-
 .../backend/util/PasswordValidator.java       |  6 +-
 .../sormas/backend/TestDataCreator.java       | 74 +++++++++++++++----
 .../backend/user/UserFacadeEjbTest.java       | 67 +++++++++--------
 .../main/java/de/symeda/sormas/ui/Menu.java   | 29 +++++---
 .../symeda/sormas/ui/user/UserController.java | 41 ++++++----
 11 files changed, 172 insertions(+), 92 deletions(-)

diff --git a/sormas-app/app/src/main/AndroidManifest.xml b/sormas-app/app/src/main/AndroidManifest.xml
index c1920f7a730..04da6058191 100644
--- a/sormas-app/app/src/main/AndroidManifest.xml
+++ b/sormas-app/app/src/main/AndroidManifest.xml
@@ -43,6 +43,7 @@
             android:theme="@style/ActivityWithOverflowMenuTheme"
             android:screenOrientation="portrait"
             android:launchMode="singleTop">
+        </activity>
         <activity
             android:name=".login.EnterPinActivity"
             android:theme="@style/SormasTheme"
@@ -490,6 +491,13 @@
         <activity
             android:name=".barcode.BarcodeActivity" />
 
+        <activity
+                android:name=".login.ChangePasswordActivity"
+                android:launchMode="singleTop"
+                android:screenOrientation="portrait"
+                android:theme="@style/SormasTheme"
+                android:windowSoftInputMode="stateHidden" />
+
         <receiver
             android:name=".SormasBootstrap"
             android:enabled="true"
@@ -539,8 +547,17 @@
         </provider>
 
         <service
-            android:name=".core.FeatureConfigurationService"
-            android:enabled="true" /> <!--<service android:name="com.google.android.gms.analytics.CampaignTrackingService" />-->
+            android:enabled="true"
+            android:name=".core.TaskNotificationService" />
+
+        <service
+            android:enabled="true"
+            android:name=".core.FeatureConfigurationService" />
+
+        <!--<service android:name="com.google.android.gms.analytics.CampaignTrackingService" />-->
+        <!--<service-->
+            <!--android:name=".core.TaskNotificationService"-->
+            <!--android:enabled="true" />-->
 
         <receiver
             android:name=".LbdsRecevierComponent"
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
index 08ad7ecf2b1..b151a4d578c 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
@@ -314,8 +314,7 @@ public static void setUsernameAndPassword(String username, String password) {
     }
 
     public static void setNewPassword(String password) {
-        System.out.println("Entered setNewPassword");
-        System.out.println("setNewPassword: newPassword: " + password);
+        
         if (password == null)
             throw new NullPointerException("password");
         password = instance.encodeCredential(password, "Password");
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
index d0a7529aea9..afb22412af6 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
@@ -70,5 +70,4 @@ protected void onFinishInflate() {
         TextInputLayout inputLayout = (TextInputLayout) this.findViewById(R.id.text_input_layout);
         inputLayout.setPasswordVisibilityToggleEnabled(true);
     }
-
 }
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index f64c3511849..2e42b2a6d83 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -49,8 +49,11 @@ public class ChangePasswordActivity extends BaseLocalizedActivity implements Act
 
     public static final String TAG = ChangePasswordActivity.class.getSimpleName();
 
-    private boolean isAtLeast8 = false, hasUppercase = false, hasNumber = false, hasSpecialCharacter = false, isGood = false;
-
+    private boolean isAtLeast8 = false;
+    private boolean hasUppercase = false;
+    private boolean hasNumber = false;
+    private boolean hasSpecialCharacter = false;
+    private boolean isGood = false;    
     private ActivityChangePasswordLayoutBinding binding;
     private ProgressBar preloader;
     private View fragmentFrame;
diff --git a/sormas-backend/pom.xml b/sormas-backend/pom.xml
index b4cf11461e1..625bb6bb630 100644
--- a/sormas-backend/pom.xml
+++ b/sormas-backend/pom.xml
@@ -318,12 +318,6 @@
 
 		<!-- *** Test dependencies END *** -->
 
-		<dependency>
-			<groupId>edu.vt.middleware</groupId>
-			<artifactId>vt-password</artifactId>
-			<version>3.1.2</version>
-		</dependency>
-
 	</dependencies>
 
 	<build>
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
index d183f54db7f..3574089354f 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
@@ -1,6 +1,6 @@
 /*
  * SORMAS® - Surveillance Outbreak Response Management & Analysis System
- * Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+ * Copyright © 2016-2022 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
@@ -658,14 +658,17 @@ public String generatePassword() {
     }
 
     public String updatePassword(String userUuid, String password) {
+        
         User user = getByUuid(userUuid);
-
         if (user == null && password == null) {
             return null;
         }
-        assert user != null;
+        if (user == null) {
+            throw new IllegalArgumentException("User not found for UUID: " + userUuid);
+        }
         user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
         ensurePersisted(user);
+
         return password;
     }
 
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
index 0b5dfbccc38..8c8b4d8e01c 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
@@ -17,17 +17,13 @@ public static String checkPasswordStrength(String password) {
     }
 
     public static boolean isStrongPassword(String password) {
-        return password.length() >= 8 && hasDigits(password) && hasSpecialCharacters(password) && hasCapitalLetter(password);
+        return password.length() >= 8 && hasDigits(password) && hasCapitalLetter(password);
     }
 
     private static boolean hasDigits(String password) {
         return password.chars().anyMatch(Character::isDigit);
     }
 
-    private static boolean hasSpecialCharacters(String password) {
-        return password.chars().anyMatch(ch -> !Character.isLetterOrDigit(ch) && !Character.isWhitespace(ch));
-    }
-
     private static boolean hasCapitalLetter(String password) {
         return password.chars().anyMatch(Character::isUpperCase);
     }
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
index c8ac5b63c62..4dd75449231 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
@@ -14,7 +14,26 @@
  */
 package de.symeda.sormas.backend;
 
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.function.Consumer;
+import java.util.function.Function;
+import java.util.stream.Collectors;
+
+import javax.annotation.Nullable;
+
+import org.jetbrains.annotations.NotNull;
+
 import com.fasterxml.jackson.databind.ObjectMapper;
+
 import de.symeda.sormas.api.Disease;
 import de.symeda.sormas.api.ReferenceDto;
 import de.symeda.sormas.api.VisitOrigin;
@@ -28,7 +47,13 @@
 import de.symeda.sormas.api.campaign.diagram.DiagramType;
 import de.symeda.sormas.api.campaign.form.CampaignFormMetaDto;
 import de.symeda.sormas.api.campaign.form.CampaignFormMetaReferenceDto;
-import de.symeda.sormas.api.caze.*;
+import de.symeda.sormas.api.caze.CaseClassification;
+import de.symeda.sormas.api.caze.CaseDataDto;
+import de.symeda.sormas.api.caze.CaseReferenceDto;
+import de.symeda.sormas.api.caze.InvestigationStatus;
+import de.symeda.sormas.api.caze.VaccinationInfoSource;
+import de.symeda.sormas.api.caze.Vaccine;
+import de.symeda.sormas.api.caze.VaccineManufacturer;
 import de.symeda.sormas.api.caze.surveillancereport.ReportingType;
 import de.symeda.sormas.api.caze.surveillancereport.SurveillanceReportDto;
 import de.symeda.sormas.api.clinicalcourse.ClinicalVisitDto;
@@ -49,7 +74,13 @@
 import de.symeda.sormas.api.environment.environmentsample.EnvironmentSampleReferenceDto;
 import de.symeda.sormas.api.environment.environmentsample.Pathogen;
 import de.symeda.sormas.api.epidata.EpiDataDto;
-import de.symeda.sormas.api.event.*;
+import de.symeda.sormas.api.event.EventDto;
+import de.symeda.sormas.api.event.EventInvestigationStatus;
+import de.symeda.sormas.api.event.EventParticipantDto;
+import de.symeda.sormas.api.event.EventParticipantReferenceDto;
+import de.symeda.sormas.api.event.EventReferenceDto;
+import de.symeda.sormas.api.event.EventStatus;
+import de.symeda.sormas.api.event.TypeOfPlace;
 import de.symeda.sormas.api.exposure.ExposureDto;
 import de.symeda.sormas.api.exposure.ExposureType;
 import de.symeda.sormas.api.exposure.TypeOfAnimal;
@@ -58,7 +89,11 @@
 import de.symeda.sormas.api.externalmessage.ExternalMessageType;
 import de.symeda.sormas.api.externalmessage.labmessage.SampleReportDto;
 import de.symeda.sormas.api.externalmessage.labmessage.TestReportDto;
-import de.symeda.sormas.api.immunization.*;
+import de.symeda.sormas.api.immunization.ImmunizationDto;
+import de.symeda.sormas.api.immunization.ImmunizationManagementStatus;
+import de.symeda.sormas.api.immunization.ImmunizationReferenceDto;
+import de.symeda.sormas.api.immunization.ImmunizationStatus;
+import de.symeda.sormas.api.immunization.MeansOfImmunization;
 import de.symeda.sormas.api.importexport.ExportConfigurationDto;
 import de.symeda.sormas.api.importexport.ExportType;
 import de.symeda.sormas.api.infrastructure.PopulationDataDto;
@@ -73,8 +108,19 @@
 import de.symeda.sormas.api.infrastructure.pointofentry.PointOfEntryType;
 import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
 import de.symeda.sormas.api.location.LocationDto;
-import de.symeda.sormas.api.person.*;
-import de.symeda.sormas.api.sample.*;
+import de.symeda.sormas.api.person.PersonContactDetailDto;
+import de.symeda.sormas.api.person.PersonContactDetailType;
+import de.symeda.sormas.api.person.PersonDto;
+import de.symeda.sormas.api.person.PersonReferenceDto;
+import de.symeda.sormas.api.person.Sex;
+import de.symeda.sormas.api.sample.AdditionalTestDto;
+import de.symeda.sormas.api.sample.PathogenTestDto;
+import de.symeda.sormas.api.sample.PathogenTestResultType;
+import de.symeda.sormas.api.sample.PathogenTestType;
+import de.symeda.sormas.api.sample.SampleDto;
+import de.symeda.sormas.api.sample.SampleMaterial;
+import de.symeda.sormas.api.sample.SamplePurpose;
+import de.symeda.sormas.api.sample.SampleReferenceDto;
 import de.symeda.sormas.api.share.ExternalShareStatus;
 import de.symeda.sormas.api.sormastosormas.SormasToSormasOriginInfoDto;
 import de.symeda.sormas.api.sormastosormas.share.incoming.ShareRequestDataType;
@@ -91,9 +137,14 @@
 import de.symeda.sormas.api.therapy.TreatmentDto;
 import de.symeda.sormas.api.therapy.TreatmentType;
 import de.symeda.sormas.api.travelentry.TravelEntryDto;
-import de.symeda.sormas.api.user.*;
+import de.symeda.sormas.api.user.DefaultUserRole;
+import de.symeda.sormas.api.user.JurisdictionLevel;
+import de.symeda.sormas.api.user.UserDto;
+import de.symeda.sormas.api.user.UserReferenceDto;
+import de.symeda.sormas.api.user.UserRight;
+import de.symeda.sormas.api.user.UserRoleDto;
+import de.symeda.sormas.api.user.UserRoleReferenceDto;
 import de.symeda.sormas.api.utils.DataHelper;
-import de.symeda.sormas.api.utils.PasswordHelper;
 import de.symeda.sormas.api.vaccination.VaccinationDto;
 import de.symeda.sormas.api.visit.VisitDto;
 import de.symeda.sormas.api.visit.VisitStatus;
@@ -111,14 +162,7 @@
 import de.symeda.sormas.backend.sormastosormas.share.outgoing.SormasToSormasShareInfo;
 import de.symeda.sormas.backend.user.User;
 import de.symeda.sormas.backend.user.UserRole;
-import org.jetbrains.annotations.NotNull;
-
-import javax.annotation.Nullable;
-import java.io.IOException;
-import java.util.*;
-import java.util.function.Consumer;
-import java.util.function.Function;
-import java.util.stream.Collectors;
+import de.symeda.sormas.api.utils.PasswordHelper;
 
 public class TestDataCreator {
 
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
index 63147653616..76106a9d831 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
@@ -1,36 +1,5 @@
 package de.symeda.sormas.backend.user;
 
-import de.symeda.sormas.api.AuthProvider;
-import de.symeda.sormas.api.Disease;
-import de.symeda.sormas.api.EntityDto;
-import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
-import de.symeda.sormas.api.user.UserCriteria;
-import de.symeda.sormas.api.user.UserDto;
-import de.symeda.sormas.api.user.UserFacade;
-import de.symeda.sormas.api.user.UserReferenceDto;
-import de.symeda.sormas.api.user.UserRight;
-import de.symeda.sormas.api.utils.AccessDeniedException;
-import de.symeda.sormas.api.utils.SortProperty;
-import de.symeda.sormas.backend.AbstractBeanTest;
-import de.symeda.sormas.backend.TestDataCreator.RDCF;
-import de.symeda.sormas.backend.infrastructure.region.Region;
-import de.symeda.sormas.backend.infrastructure.region.RegionFacadeEjb;
-import de.symeda.sormas.backend.infrastructure.region.RegionService;
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Test;
-import org.mockito.MockedStatic;
-import org.mockito.MockitoAnnotations;
-
-import javax.persistence.EntityNotFoundException;
-import javax.validation.ValidationException;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.List;
-import java.util.Set;
-import java.util.UUID;
-import java.util.stream.Collectors;
-
 import static de.symeda.sormas.api.user.DefaultUserRole.ADMIN_SUPERVISOR;
 import static de.symeda.sormas.api.user.DefaultUserRole.CASE_OFFICER;
 import static de.symeda.sormas.api.user.DefaultUserRole.CONTACT_OFFICER;
@@ -53,7 +22,6 @@
 import static org.hamcrest.Matchers.nullValue;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertFalse;
-import static org.junit.jupiter.api.Assertions.assertNotEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.junit.jupiter.api.Assertions.assertNull;
 import static org.junit.jupiter.api.Assertions.assertThrows;
@@ -61,6 +29,41 @@
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.mockStatic;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.Set;
+import java.util.UUID;
+import java.util.stream.Collectors;
+
+import javax.persistence.EntityNotFoundException;
+import javax.validation.ValidationException;
+
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.mockito.MockedStatic;
+import org.mockito.Mockito;
+import org.mockito.MockitoAnnotations;
+
+import de.symeda.sormas.api.AuthProvider;
+import de.symeda.sormas.api.Disease;
+import de.symeda.sormas.api.EntityDto;
+import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
+import de.symeda.sormas.api.user.UserCriteria;
+import de.symeda.sormas.api.user.UserDto;
+import de.symeda.sormas.api.user.UserFacade;
+import de.symeda.sormas.api.user.UserReferenceDto;
+import de.symeda.sormas.api.user.UserRight;
+import de.symeda.sormas.api.utils.AccessDeniedException;
+import de.symeda.sormas.api.utils.SortProperty;
+import de.symeda.sormas.backend.AbstractBeanTest;
+import de.symeda.sormas.backend.TestDataCreator.RDCF;
+import de.symeda.sormas.backend.infrastructure.region.Region;
+import de.symeda.sormas.backend.infrastructure.region.RegionFacadeEjb;
+import de.symeda.sormas.backend.infrastructure.region.RegionService;
+import static org.junit.jupiter.api.Assertions.assertNotEquals;
 import static org.mockito.Mockito.when;
 
 public class UserFacadeEjbTest extends AbstractBeanTest {
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
index 3302aa09706..fa18733bd69 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
@@ -155,11 +155,16 @@ private void showSettingsPopup() {
      * Register a pre-created view instance in the navigation menu and in the
      * {@link Navigator}.
      *
-     * @param view    view instance to register
-     * @param name    view name
-     * @param caption view caption in the menu
-     * @param icon    view icon in the menu
      * @see Navigator#addView(String, View)
+     *
+     * @param view
+     *            view instance to register
+     * @param name
+     *            view name
+     * @param caption
+     *            view caption in the menu
+     * @param icon
+     *            view icon in the menu
      */
     public void addView(View view, final String name, String caption, Resource icon) {
 
@@ -171,11 +176,16 @@ public void addView(View view, final String name, String caption, Resource icon)
      * Register a view in the navigation menu and in the {@link Navigator} based
      * on a view class.
      *
-     * @param viewClass class of the views to create
-     * @param name      view name
-     * @param caption   view caption in the menu
-     * @param icon      view icon in the menu
      * @see Navigator#addView(String, Class)
+     *
+     * @param viewClass
+     *            class of the views to create
+     * @param name
+     *            view name
+     * @param caption
+     *            view caption in the menu
+     * @param icon
+     *            view icon in the menu
      */
     public void addView(Class<? extends View> viewClass, final String name, String caption, Resource icon) {
 
@@ -196,7 +206,8 @@ private void createViewButton(final String name, String caption, Resource icon)
      * Highlights a view navigation button as the currently active view in the
      * menu. This method does not perform the actual navigation.
      *
-     * @param viewName the name of the view to show as active
+     * @param viewName
+     *            the name of the view to show as active
      */
     public void setActiveView(String viewName) {
 
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 3e9c06d23a5..6aa58c3dc1e 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -17,16 +17,32 @@
  *******************************************************************************/
 package de.symeda.sormas.ui.user;
 
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+import java.util.Set;
+import java.util.function.Consumer;
+import java.util.stream.Collectors;
+
+import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.lang3.StringUtils;
+
 import com.vaadin.icons.VaadinIcons;
 import com.vaadin.navigator.View;
 import com.vaadin.server.Page;
 import com.vaadin.server.Sizeable.Unit;
 import com.vaadin.server.ThemeResource;
-import com.vaadin.ui.*;
+import com.vaadin.ui.Button;
 import com.vaadin.ui.Button.ClickEvent;
 import com.vaadin.ui.Button.ClickListener;
+import com.vaadin.ui.Label;
+import com.vaadin.ui.Notification;
+import com.vaadin.ui.UI;
+import com.vaadin.ui.VerticalLayout;
+import com.vaadin.ui.Window;
 import com.vaadin.ui.themes.ValoTheme;
 import com.vaadin.v7.ui.ComboBox;
+
 import de.symeda.sormas.api.AuthProvider;
 import de.symeda.sormas.api.FacadeProvider;
 import de.symeda.sormas.api.Language;
@@ -39,25 +55,20 @@
 import de.symeda.sormas.api.user.UserRight;
 import de.symeda.sormas.api.user.UserRoleDto;
 import de.symeda.sormas.api.utils.DataHelper;
-import de.symeda.sormas.ui.ControllerProvider;
 import de.symeda.sormas.ui.SormasUI;
 import de.symeda.sormas.ui.UiUtil;
-import de.symeda.sormas.ui.UserProvider;
-import de.symeda.sormas.ui.utils.*;
+import de.symeda.sormas.ui.utils.BulkOperationHandler;
+import de.symeda.sormas.ui.utils.ButtonHelper;
+import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent;
 import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent.CommitListener;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-import java.util.Objects;
-import java.util.Set;
-import org.apache.commons.collections4.CollectionUtils;
-import org.apache.commons.lang3.StringUtils;
-
-import java.util.function.Consumer;
-import java.util.stream.Collectors;
-
+import de.symeda.sormas.ui.utils.ConfirmationComponent;
+import de.symeda.sormas.ui.utils.CssStyles;
+import de.symeda.sormas.ui.utils.VaadinUiUtil;
+import de.symeda.sormas.ui.ControllerProvider;
+import de.symeda.sormas.ui.UserProvider;
 import static de.symeda.sormas.ui.utils.CssStyles.LABEL_CRITICAL;
 import static de.symeda.sormas.ui.utils.CssStyles.LABEL_POSITIVE;
+import java.util.Objects;
 
 public class UserController {
 

From b90d09e4f6f0aa614d24852f8696c2590f35cc09 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 20 Aug 2024 20:51:39 +0000
Subject: [PATCH 63/95] fix lowercase error on password validator

---
 .../src/main/resources/strings.properties     |  3 +-
 .../app/login/ChangePasswordActivity.java     | 13 +++---
 .../app/src/main/res/values/strings.xml       |  1 +
 .../backend/util/PasswordValidator.java       | 15 ++++++-
 .../symeda/sormas/ui/user/UserController.java | 44 ++++++++++++++-----
 5 files changed, 56 insertions(+), 20 deletions(-)

diff --git a/sormas-api/src/main/resources/strings.properties b/sormas-api/src/main/resources/strings.properties
index 369bf6d2044..afcc920d6e5 100644
--- a/sormas-api/src/main/resources/strings.properties
+++ b/sormas-api/src/main/resources/strings.properties
@@ -1279,8 +1279,7 @@ messageExternalMessagesAssigned = The assignee has been changed for all selected
 messageLoginFailed = Please check your username and password and try again
 messageNewPasswordDoesNotMatchFailed = New password and Confirm password does not match
 messagePasswordFailed = Incorrect Password Please check your Password and try again
-messageWrongCurrentPassword = Wrong Current Password
-messageNewPasswordFailed = Password should contain some text, \n atleast one special character \n some numbers \n and should be more than 8 characters
+messageNewPasswordFailed = Password should contain some text, \n some numbers \n and should be more than 8 characters
 messageMissingCases = Please generate some cases before generating contacts
 messageMissingDateFilter = Please fill in both date filter fields
 messageMissingEpiWeekFilter = Please fill in both epi week filter fields
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index 2e42b2a6d83..0c503c7cf70 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -52,8 +52,8 @@ public class ChangePasswordActivity extends BaseLocalizedActivity implements Act
     private boolean isAtLeast8 = false;
     private boolean hasUppercase = false;
     private boolean hasNumber = false;
-    private boolean hasSpecialCharacter = false;
-    private boolean isGood = false;    
+    private boolean hasLowerCaseCharacter = false;
+    private boolean isGood = false;
     private ActivityChangePasswordLayoutBinding binding;
     private ProgressBar preloader;
     private View fragmentFrame;
@@ -105,14 +105,14 @@ public void backToSettings(View view) {
     }
 
     @SuppressLint("ResourceType")
-    public void registrationDataCheck(View view) {
+    public void passwordValidationCheck(View view) {
         String newPassword = binding.changePasswordNewPassword.getValue();
 
         isAtLeast8 = newPassword.length() >= 8;
         hasUppercase = newPassword.matches("(.*[A-Z].*)");
         hasNumber = newPassword.matches("(.*[0-9].*)");
-        hasSpecialCharacter = newPassword.matches(".*[^a-zA-Z0-9\\s].*");
-        if (isAtLeast8 && hasNumber && hasUppercase && hasSpecialCharacter) {
+        hasLowerCaseCharacter = newPassword.matches(".*[a-z].*");
+        if (isAtLeast8 && hasNumber && hasUppercase && hasLowerCaseCharacter) {
             isGood = true;
             binding.actionPasswordStrength.setVisibility(view.getVisibility());
             binding.actionPasswordStrength.setText(R.string.message_password_strong);
@@ -120,6 +120,7 @@ public void registrationDataCheck(View view) {
         } else {
             binding.actionPasswordStrength.setVisibility(view.getVisibility());
             binding.actionPasswordStrength.setText(R.string.message_password_weak);
+            NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.additional_message_passord_weakk);
             binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.errorBackground)));
         }
     }
@@ -302,7 +303,7 @@ public void savePassword(View view) {
         }
 
         if (isValid) {
-            registrationDataCheck(view);
+            passwordValidationCheck(view);
         }
 
         if (isValid && isGood) {
diff --git a/sormas-app/app/src/main/res/values/strings.xml b/sormas-app/app/src/main/res/values/strings.xml
index 103547d8a7b..8b19cbeac4c 100644
--- a/sormas-app/app/src/main/res/values/strings.xml
+++ b/sormas-app/app/src/main/res/values/strings.xml
@@ -758,5 +758,6 @@
     <string name="message_password_strong">Password Strength is strong</string>
     <string name="message_could_not_generate_password">Could not generate password</string>
     <string name="message_could_not_save_password">Could not save password</string>
+    <string name="additional_message_passord_weak">Password should contain some text, some numbers and should be more than 8 characters</string>
 
 </resources>
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
index 8c8b4d8e01c..c642dd867c4 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
@@ -17,7 +17,16 @@ public static String checkPasswordStrength(String password) {
     }
 
     public static boolean isStrongPassword(String password) {
-        return password.length() >= 8 && hasDigits(password) && hasCapitalLetter(password);
+        if (password == null) {
+            throw new IllegalArgumentException("Password cannot be null");
+        }
+
+        boolean isLengthValid = password.length() >= 8;
+        boolean hasDigit = hasDigits(password);
+        boolean hasCapitalLetter = hasCapitalLetter(password);
+        boolean hasLowercaseLetter = hasLowercaseLetter(password);
+
+        return isLengthValid && hasDigit && hasCapitalLetter && hasLowercaseLetter;
     }
 
     private static boolean hasDigits(String password) {
@@ -28,4 +37,8 @@ private static boolean hasCapitalLetter(String password) {
         return password.chars().anyMatch(Character::isUpperCase);
     }
 
+    private static boolean hasLowercaseLetter(String password) {
+        return password.chars().anyMatch(Character::isLowerCase);
+    }
+
 }
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 6aa58c3dc1e..387cf4d5c88 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -417,32 +417,49 @@ public CommitDiscardWrapperComponent<UserSettingsForm> getUserSettingsComponent(
     public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordComponent() {
         Label passwordStrengthDesc = new Label();
         UpdatePasswordForm form = new UpdatePasswordForm();
-        UserDto user = FacadeProvider.getUserFacade().getByUuid(UserProvider.getCurrent().getUuid());
+        UserDto user = FacadeProvider.getUserFacade().getByUuid(Objects.requireNonNull(UserProvider.getCurrent()).getUuid());
         form.setValue(user);
+
         final CommitDiscardWrapperComponent<UpdatePasswordForm> component = new CommitDiscardWrapperComponent<>(form, form.getFieldGroup());
-        form.newPassword.addTextChangeListener(event -> {
-            passwordStrengthDesc.setValue(FacadeProvider.getUserFacade().checkPasswordStrength(event.getText()));
-            if (FacadeProvider.getUserFacade().isPasswordStrong(event.getText())) {
-                passwordStrengthDesc.setStyleName(LABEL_POSITIVE);
-            } else {
-                passwordStrengthDesc.setStyleName(LABEL_CRITICAL);
+
+        form.newPassword.setValidationVisible(false);
+        form.confirmPassword.setValidationVisible(false);
+        form.currentPassword.setValidationVisible(false);
+
+        form.newPassword.addBlurListener(event -> {
+            String newPassword = form.newPassword.getValue();
+            if(Objects.nonNull(newPassword)) {
+                if (!FacadeProvider.getUserFacade().isPasswordStrong(newPassword)) {
+                    passwordStrengthDesc.setStyleName(LABEL_CRITICAL);
+                } else {
+                    passwordStrengthDesc.setStyleName(LABEL_POSITIVE);
+                }
+                passwordStrengthDesc.setValue(FacadeProvider.getUserFacade().checkPasswordStrength(newPassword));
             }
+            form.newPassword.setValidationVisible(true);
+        });
+
+        form.confirmPassword.addBlurListener(event -> {
+            form.confirmPassword.setValidationVisible(true);
+        });
+
+        form.currentPassword.addBlurListener(event -> {
+            form.currentPassword.setValidationVisible(true);
         });
+
         component.addDiscardListener(() -> popUpWindow.close());
 
         component.addCommitListener(() -> {
             if (!form.getFieldGroup().isModified()) {
                 UserDto changedUser = form.getValue();
                 if (!Objects.equals(changedUser.getConfirmPassword(), changedUser.getNewPassword())) {
-
                     Notification.show(I18nProperties.getString(Strings.messageNewPasswordDoesNotMatchFailed), Notification.Type.ERROR_MESSAGE);
                 } else if (!FacadeProvider.getUserFacade().validatePassword(user.getUuid(), changedUser.getCurrentPassword())) {
                     Notification.show(I18nProperties.getString(Strings.messageWrongCurrentPassword), Notification.Type.ERROR_MESSAGE);
-                } else if (passwordStrengthDesc.getValue().contains("Weak")) {
+                } else if (!FacadeProvider.getUserFacade().isPasswordStrong(changedUser.getNewPassword())) {
                     Notification.show(I18nProperties.getString(Strings.messageNewPasswordFailed), Notification.Type.ERROR_MESSAGE);
                 } else {
                     showUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getNewPassword(), changedUser.getCurrentPassword());
-
                 }
             }
         });
@@ -452,13 +469,18 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
             String generatedPassword = FacadeProvider.getUserFacade().generatePassword();
             form.newPassword.setValue(generatedPassword);
             form.confirmPassword.setValue(generatedPassword);
+
+            form.newPassword.setValidationVisible(true);
+            form.confirmPassword.setValidationVisible(true);
         });
-        component.getButtonsPanel().addComponent(generatePasswordButton, 0);
 
+        component.getButtonsPanel().addComponent(generatePasswordButton, 0);
         component.addComponent(passwordStrengthDesc, 1);
+
         return component;
     }
 
+
     public void setFlagIcons(ComboBox cbLanguage) {
         for (Language language : Language.values()) {
             cbLanguage.setItemIcon(language, new ThemeResource("img/flag-icons/" + language.name().toLowerCase() + ".png"));

From 8100344ae12cccf13e1e8944655335b65be6dfde Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Tue, 20 Aug 2024 21:20:54 +0000
Subject: [PATCH 64/95] clean up after review

---
 .../java/de/symeda/sormas/api/user/UserRoleDto.java    |  1 -
 .../sormas/app/login/ChangePasswordActivity.java       |  2 +-
 .../de/symeda/sormas/backend/AbstractBeanTest.java     |  2 +-
 .../environmentsample/EnvironmentSampleEditForm.java   | 10 +++-------
 4 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
index 9826233aef8..a8c54c57b0e 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
@@ -36,7 +36,6 @@
 import de.symeda.sormas.api.utils.DataHelper;
 import de.symeda.sormas.api.utils.FieldConstraints;
 import de.symeda.sormas.api.utils.ValidationException;
-import de.symeda.sormas.api.audit.AuditedClass;
 
 public class UserRoleDto extends EntityDto {
 
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index 0c503c7cf70..ef2150d57a2 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -120,7 +120,7 @@ public void passwordValidationCheck(View view) {
         } else {
             binding.actionPasswordStrength.setVisibility(view.getVisibility());
             binding.actionPasswordStrength.setText(R.string.message_password_weak);
-            NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.additional_message_passord_weakk);
+            NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.additional_message_passord_weak);
             binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.errorBackground)));
         }
     }
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
index 4af593034e4..8376ca63389 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
@@ -274,7 +274,7 @@
 import de.symeda.sormas.backend.vaccination.VaccinationService;
 import de.symeda.sormas.backend.visit.VisitFacadeEjb.VisitFacadeEjbLocal;
 import de.symeda.sormas.backend.visit.VisitService;
- 
+
 @ExtendWith(CdiTestJunitExtension.class)
 @ExtendWith(MockitoExtension.class)
 @MockitoSettings(strictness = Strictness.LENIENT)
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/samples/environmentsample/EnvironmentSampleEditForm.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/samples/environmentsample/EnvironmentSampleEditForm.java
index 530e5d69aea..884df0d1fca 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/samples/environmentsample/EnvironmentSampleEditForm.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/samples/environmentsample/EnvironmentSampleEditForm.java
@@ -369,14 +369,10 @@ private void addValidators() {
 	}
 
 	private Date getEarliestPathogenTestDate() {
-		if (!isCreate) {
-			List<PathogenTestDto> pathogenTests = FacadeProvider.getPathogenTestFacade().getAllByEnvironmentSample(getValue().toReference());
-			if (pathogenTests.isEmpty()) {
-				return null;
-			}
-			return pathogenTests.stream().map(PathogenTestDto::getTestDateTime).filter(Objects::nonNull).min(Date::compareTo).orElseGet(() -> null);
-		} else {
+		List<PathogenTestDto> pathogenTests = FacadeProvider.getPathogenTestFacade().getAllByEnvironmentSample(getValue().toReference());
+		if (pathogenTests.isEmpty()) {
 			return null;
 		}
+		return pathogenTests.stream().map(PathogenTestDto::getTestDateTime).filter(Objects::nonNull).min(Date::compareTo).orElseGet(() -> null);
 	}
 }

From a1c76ae4e33bcd8cea7fcb54b801026bc437bad4 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Thu, 19 Sep 2024 14:24:05 +0000
Subject: [PATCH 65/95] clean up after review

---
 .../de/symeda/sormas/api/user/UserDto.java    | 48 +++++++++----------
 1 file changed, 24 insertions(+), 24 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
index 72e618fce9c..080ab9c0a6e 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
@@ -13,30 +13,30 @@
  * along with this program. If not, see <https://www.gnu.org/licenses/>.
  */
 
- package de.symeda.sormas.api.user;
-
- import java.util.Collections;
- import java.util.Set;
- 
- import javax.validation.Valid;
- import javax.validation.constraints.Size;
- 
- import com.fasterxml.jackson.annotation.JsonIgnore;
- 
- import de.symeda.sormas.api.Disease;
- import de.symeda.sormas.api.EntityDto;
- import de.symeda.sormas.api.Language;
- import de.symeda.sormas.api.audit.AuditIncludeProperty;
- import de.symeda.sormas.api.i18n.Validations;
- import de.symeda.sormas.api.infrastructure.community.CommunityReferenceDto;
- import de.symeda.sormas.api.infrastructure.district.DistrictReferenceDto;
- import de.symeda.sormas.api.infrastructure.facility.FacilityReferenceDto;
- import de.symeda.sormas.api.infrastructure.pointofentry.PointOfEntryReferenceDto;
- import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
- import de.symeda.sormas.api.location.LocationDto;
- import de.symeda.sormas.api.utils.DataHelper;
- import de.symeda.sormas.api.utils.FeatureIndependent;
- import de.symeda.sormas.api.utils.FieldConstraints;
+package de.symeda.sormas.api.user;
+
+import java.util.Collections;
+import java.util.Set;
+
+import javax.validation.Valid;
+import javax.validation.constraints.Size;
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
+
+import de.symeda.sormas.api.Disease;
+import de.symeda.sormas.api.EntityDto;
+import de.symeda.sormas.api.Language;
+import de.symeda.sormas.api.audit.AuditIncludeProperty;
+import de.symeda.sormas.api.i18n.Validations;
+import de.symeda.sormas.api.infrastructure.community.CommunityReferenceDto;
+import de.symeda.sormas.api.infrastructure.district.DistrictReferenceDto;
+import de.symeda.sormas.api.infrastructure.facility.FacilityReferenceDto;
+import de.symeda.sormas.api.infrastructure.pointofentry.PointOfEntryReferenceDto;
+import de.symeda.sormas.api.infrastructure.region.RegionReferenceDto;
+import de.symeda.sormas.api.location.LocationDto;
+import de.symeda.sormas.api.utils.DataHelper;
+import de.symeda.sormas.api.utils.FeatureIndependent;
+import de.symeda.sormas.api.utils.FieldConstraints;
  
 @FeatureIndependent
 public class UserDto extends EntityDto {

From 0f9bda0a9f407f3d9e76dc665addb3e7c976bec1 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Thu, 19 Sep 2024 15:12:10 +0000
Subject: [PATCH 66/95] clean up after review

---
 .../sormas/backend/TestDataCreator.java       | 4780 ++++++++---------
 1 file changed, 2388 insertions(+), 2392 deletions(-)

diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
index 4dd75449231..1cb7eb43884 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
@@ -145,6 +145,7 @@
 import de.symeda.sormas.api.user.UserRoleDto;
 import de.symeda.sormas.api.user.UserRoleReferenceDto;
 import de.symeda.sormas.api.utils.DataHelper;
+import de.symeda.sormas.api.utils.PasswordHelper;
 import de.symeda.sormas.api.vaccination.VaccinationDto;
 import de.symeda.sormas.api.visit.VisitDto;
 import de.symeda.sormas.api.visit.VisitStatus;
@@ -162,2399 +163,2394 @@
 import de.symeda.sormas.backend.sormastosormas.share.outgoing.SormasToSormasShareInfo;
 import de.symeda.sormas.backend.user.User;
 import de.symeda.sormas.backend.user.UserRole;
-import de.symeda.sormas.api.utils.PasswordHelper;
 
 public class TestDataCreator {
 
-    private final AbstractBeanTest beanTest;
-    public final Map<DefaultUserRole, UserRoleReferenceDto> userRoleDtoMap = new HashMap<>();
-    public final Map<DefaultUserRole, UserRole> userRoleMap = new HashMap<>();
-
-    public TestDataCreator(AbstractBeanTest beanTest) {
-        this.beanTest = beanTest;
-    }
-
-    private void createUserRoles() {
-        Arrays.stream(DefaultUserRole.values()).forEach(defaultUserRole -> {
-            UserRoleDto userRoleDto =
-                    UserRoleDto.build(defaultUserRole.getDefaultUserRights().toArray(new UserRight[defaultUserRole.getDefaultUserRights().size()]));
-            userRoleDto.setCaption(defaultUserRole.toString());
-            userRoleDto.setEnabled(true);
-            userRoleDto.setPortHealthUser(defaultUserRole.isPortHealthUser());
-            userRoleDto.setLinkedDefaultUserRole(defaultUserRole);
-            userRoleDto.setHasAssociatedDistrictUser(defaultUserRole.hasAssociatedDistrictUser());
-            userRoleDto.setHasOptionalHealthFacility(defaultUserRole.hasOptionalHealthFacility());
-            userRoleDto.setEmailNotificationTypes(defaultUserRole.getEmailNotificationTypes());
-            userRoleDto.setSmsNotificationTypes(defaultUserRole.getSmsNotificationTypes());
-            userRoleDto.setJurisdictionLevel(defaultUserRole.getJurisdictionLevel());
-            userRoleDto = beanTest.getUserRoleFacade().saveUserRole(userRoleDto);
-            userRoleDtoMap.put(defaultUserRole, userRoleDto.toReference());
-            UserRole userRole = beanTest.getEagerUserRole(userRoleDto.getUuid());
-            userRoleMap.put(defaultUserRole, userRole);
-        });
-    }
-
-    public UserRoleReferenceDto getUserRoleReference(DefaultUserRole userRole) {
-        if (userRoleDtoMap.isEmpty()) {
-            createUserRoles();
-        }
-        return userRoleDtoMap.get(userRole);
-    }
-
-    public UserRoleReferenceDto createUserRoleWithRestrictedAccessToAssignedEntitiesUsingTemplate(DefaultUserRole templateUserRole) {
-        UserRoleDto userRole = new UserRoleDto();
-        userRole.setCaption(templateUserRole.toString() + "Restricted");
-        userRole.setJurisdictionLevel(templateUserRole.getJurisdictionLevel());
-        userRole.setUserRights(Arrays.stream(templateUserRole.getDefaultUserRights().toArray(new UserRight[0])).collect(Collectors.toSet()));
-        userRole.setRestrictAccessToAssignedEntities(true);
-        return beanTest.getUserRoleFacade().saveUserRole(userRole).toReference();
-    }
-
-    public UserRole getUserRole(DefaultUserRole userRole) {
-        if (userRoleMap.isEmpty()) {
-            createUserRoles();
-        }
-        return userRoleMap.get(userRole);
-    }
-
-    public UserDto createNationalUser() {
-        return createUser("", "", "", "Nat", "Usr", getUserRoleReference(DefaultUserRole.NATIONAL_USER));
-    }
-
-    public UserDto createSurveillanceSupervisor(RDCF rdcf) {
-        if (rdcf == null) {
-            rdcf = createRDCF("Region", "District", "Community", "Facility");
-        }
-
-        return createUser(rdcf.region.getUuid(), null, null, "Surv", "Sup", getUserRoleReference(DefaultUserRole.SURVEILLANCE_SUPERVISOR));
-    }
-
-    public UserDto createSurveillanceOfficer(RDCF rdcf) {
-        if (rdcf == null) {
-            rdcf = createRDCF("Region", "District", "Community", "Facility");
-        }
-
-        return createUser(
-                rdcf.region.getUuid(),
-                rdcf.district.getUuid(),
-                rdcf.facility.getUuid(),
-                "Surv",
-                "Off",
-                getUserRoleReference(DefaultUserRole.SURVEILLANCE_OFFICER));
-    }
-
-    public UserDto createSurveillanceOfficerWithRestrictedAccessToAssignedEntities(RDCF rdcf) {
-        if (rdcf == null) {
-            rdcf = createRDCF("Region", "District", "Community", "Facility");
-        }
-
-        final UserDto user = createUser(
-                rdcf.region.getUuid(),
-                rdcf.district.getUuid(),
-                rdcf.facility.getUuid(),
-                "SurvOff",
-                "RestrictedAccess",
-                createUserRoleWithRestrictedAccessToAssignedEntitiesUsingTemplate(DefaultUserRole.SURVEILLANCE_OFFICER));
-
-        return user;
-    }
-
-    public UserDto createContactOfficer(RDCF rdcf) {
-        if (rdcf == null) {
-            rdcf = createRDCF("Region", "District", "Community", "Facility");
-        }
-
-        return createUser(
-                rdcf.region.getUuid(),
-                rdcf.district.getUuid(),
-                rdcf.facility.getUuid(),
-                "Cont",
-                "Off",
-                getUserRoleReference(DefaultUserRole.CONTACT_OFFICER));
-    }
-
-    public UserDto createUser(RDCF rdcf, UserRoleReferenceDto userRole, Consumer<UserDto> customConfig) {
-
-        UserDto user = UserDto.build();
-        user.setFirstName("User");
-        user.setLastName(userRole.getCaption());
-        user.setUserName(userRole.buildCaption());
-        user.setUserRoles(new HashSet(Arrays.asList(userRole)));
-        user.setRegion(rdcf.region);
-        user.setDistrict(rdcf.district);
-        user.setCommunity(rdcf.community);
-        user.setHealthFacility(rdcf.facility);
-
-        if (customConfig != null) {
-            customConfig.accept(user);
-        }
-
-        return beanTest.getUserFacade().saveUser(user, false);
-    }
-
-    public UserDto createUser(RDCF rdcf, UserRoleReferenceDto... roles) {
-        return createUser(
-                rdcf.region.getUuid(),
-                rdcf.district.getUuid(),
-                rdcf.facility.getUuid(),
-                roles.length > 0 ? roles[0].getCaption() : "First",
-                "User",
-                roles);
-    }
-
-    public UserDto createUser(RDCF rdcf, DefaultUserRole defaultUserRole) {
-        return createUser(rdcf, "User", defaultUserRole);
-    }
-
-    public UserDto createUser(RDCF rdcf, String lastName, DefaultUserRole defaultUserRole) {
-        UserRoleReferenceDto userRole = getUserRoleReference(defaultUserRole);
-        return createUser(rdcf.region.getUuid(), rdcf.district.getUuid(), rdcf.facility.getUuid(), userRole.getCaption(), lastName, userRole);
-    }
-
-    public UserDto createUser(RDCF rdcf, String firstName, String lastName, UserRoleReferenceDto... roles) {
-        return createUser(
-                rdcf.region.getUuid(),
-                rdcf.district.getUuid(),
-                rdcf.community.getUuid(),
-                rdcf.facility.getUuid(),
-                firstName,
-                lastName,
-                roles);
-    }
-
-    public UserDto createUser(
-            String regionUuid,
-            String districtUuid,
-            String facilityUuid,
-            String firstName,
-            String lastName,
-            UserRoleReferenceDto... roles) {
-        return createUser(regionUuid, districtUuid, null, facilityUuid, firstName, lastName, roles);
-    }
-
-    public UserDto createUser(
-            String regionUuid,
-            String districtUuid,
-            String communityUuid,
-            String facilityUuid,
-            String firstName,
-            String lastName,
-            UserRoleReferenceDto... roles) {
-        return createUser(regionUuid, districtUuid, communityUuid, facilityUuid, firstName, lastName, null, roles);
-    }
-
-    public UserDto createUser(RDCF rdcf, String firstName, String lastName, Disease limitedDisease, UserRoleReferenceDto... roles) {
-        return createUser(rdcf.region.getUuid(), rdcf.district.getUuid(), null, rdcf.facility.getUuid(), firstName, lastName, limitedDisease, roles);
-    }
-
-    public UserDto createUser(
-            String regionUuid,
-            String districtUuid,
-            String facilityUuid,
-            String firstName,
-            String lastName,
-            String caption,
-            JurisdictionLevel jurisdictionLevel,
-            UserRight... userRights) {
-        UserRoleReferenceDto userRole = createUserRole(caption, jurisdictionLevel, userRights);
-        return createUser(regionUuid, districtUuid, facilityUuid, firstName, lastName, userRole);
-    }
-
-    private UserDto createUser(
-            String regionUuid,
-            String districtUuid,
-            String communityUuid,
-            String facilityUuid,
-            String firstName,
-            String lastName,
-            Disease limitedDisease,
-            UserRoleReferenceDto... roles) {
-
-        UserDto user = UserDto.build();
-        user.setFirstName(firstName);
-        user.setLastName(lastName);
-        user.setUserName(firstName + lastName);
-        user.setUserRoles(new HashSet<>(Arrays.asList(roles)));
-        if (limitedDisease != null) {
-            user.setLimitedDiseases(Collections.singleton(limitedDisease));
-        }
-        user.setRegion(beanTest.getRegionFacade().getReferenceByUuid(regionUuid));
-        user.setDistrict(beanTest.getDistrictFacade().getReferenceByUuid(districtUuid));
-        user.setCommunity(beanTest.getCommunityFacade().getReferenceByUuid(communityUuid));
-        user.setHealthFacility(beanTest.getFacilityFacade().getReferenceByUuid(facilityUuid));
-        return beanTest.getUserFacade().saveUser(user, false);
-    }
-
-    public UserDto createPointOfEntryUser(RDP rdp) {
-        return createUser(
-                new RDCF(rdp.region, rdp.district, null, null),
-                userRoleDtoMap.get(DefaultUserRole.POE_INFORMANT),
-                user -> user.setPointOfEntry(rdp.pointOfEntry));
-    }
-
-    public UserRoleReferenceDto createUserRole(String caption, JurisdictionLevel jurisdictionLevel, UserRight... userRights) {
-        UserRoleDto userRole = new UserRoleDto();
-        userRole.setCaption(caption);
-        userRole.setJurisdictionLevel(jurisdictionLevel);
-        userRole.setUserRights(Arrays.stream(userRights).collect(Collectors.toSet()));
-        return beanTest.getUserRoleFacade().saveUserRole(userRole).toReference();
-    }
-
-    public UserRoleReferenceDto createUserRoleWithRequiredRights(String caption, JurisdictionLevel jurisdictionLevel, UserRight... userRights) {
-        UserRoleDto userRole = new UserRoleDto();
-        userRole.setCaption(caption);
-        userRole.setJurisdictionLevel(jurisdictionLevel);
-        userRole.setUserRights(UserRight.getWithRequiredUserRights(userRights));
-        return beanTest.getUserRoleFacade().saveUserRole(userRole).toReference();
-    }
-
-    public PersonDto createPerson() {
-        return createPerson("FirstName", "LastName");
-    }
-
-    public PersonDto createPerson(String firstName, String lastName) {
-        return createPerson(firstName, lastName, Sex.UNKNOWN, null);
-    }
-
-    public PersonDto createPerson(String firstName, String lastName, Sex sex) {
-        return createPerson(firstName, lastName, sex, null);
-    }
-
-    public PersonDto createPerson(String firstName, String lastName, Sex sex, Consumer<PersonDto> customConfig) {
-
-        PersonDto person = PersonDto.build();
-        person.setFirstName(firstName);
-        person.setLastName(lastName);
-        person.setSex(sex);
-
-        if (customConfig != null) {
-            customConfig.accept(person);
-        }
-
-        person = beanTest.getPersonFacade().save(person);
-
-        return person;
-    }
-
-    public PersonDto createPerson(String firstName, String lastName, Consumer<PersonDto> customConfig) {
-
-        PersonDto person = PersonDto.build();
-        person.setFirstName(firstName);
-        person.setLastName(lastName);
-        person.setSex(Sex.UNKNOWN);
-
-        if (customConfig != null) {
-            customConfig.accept(person);
-        }
-
-        person = beanTest.getPersonFacade().save(person);
-
-        return person;
-    }
-
-    public PersonDto createPerson(String firstName, String lastName, Sex sex, Integer birthdateYYYY, Integer birthdateMM, Integer birthdateDD) {
-        return createPerson(firstName, lastName, sex, birthdateYYYY, birthdateMM, birthdateDD, null, null, null);
-    }
-
-    public PersonDto createPerson(
-            String firstName,
-            String lastName,
-            Sex sex,
-            Integer birthdateYYYY,
-            Integer birthdateMM,
-            Integer birthdateDD,
-            String passportNr,
-            String nationalHealthId) {
-        return createPerson(firstName, lastName, sex, birthdateYYYY, birthdateMM, birthdateDD, null, passportNr, nationalHealthId);
-    }
-
-    private PersonDto createPerson(
-            String firstName,
-            String lastName,
-            Sex sex,
-            Integer birthdateYYYY,
-            Integer birthdateMM,
-            Integer birthdateDD,
-            LocationDto address,
-            String passportNr,
-            String nationalHealthId) {
-
-        PersonDto person = PersonDto.build();
-        person.setFirstName(firstName);
-        person.setLastName(lastName);
-        person.setSex(sex);
-        person.setBirthdateYYYY(birthdateYYYY);
-        person.setBirthdateMM(birthdateMM);
-        person.setBirthdateDD(birthdateDD);
-        person.setPassportNumber(passportNr);
-        person.setNationalHealthId(nationalHealthId);
-
-        if (address != null) {
-            person.setAddress(address);
-        }
-
-        person = beanTest.getPersonFacade().save(person);
-
-        return person;
-    }
-
-    public PersonDto createPerson(
-            String firstName,
-            String lastName,
-            Sex sex,
-            Integer birthdateYYYY,
-            Integer birthdateMM,
-            Integer birthdateDD,
-            Consumer<PersonDto> customConfig) {
-
-        PersonDto person = PersonDto.build();
-        person.setFirstName(firstName);
-        person.setLastName(lastName);
-        person.setSex(sex);
-        person.setBirthdateYYYY(birthdateYYYY);
-        person.setBirthdateMM(birthdateMM);
-        person.setBirthdateDD(birthdateDD);
-
-        if (customConfig != null) {
-            customConfig.accept(person);
-        }
-
-        person = beanTest.getPersonFacade().save(person);
-
-        return person;
-    }
-
-    public PersonContactDetailDto createPersonContactDetail(
-            PersonReferenceDto person,
-            boolean primaryContact,
-            PersonContactDetailType personContactDetailType,
-            String contactInformation) {
-        PersonContactDetailDto contactDetails =
-                PersonContactDetailDto.build(person, primaryContact, personContactDetailType, null, null, contactInformation, null, false, null, null);
-        return contactDetails;
-    }
-
-    public CaseDataDto createUnclassifiedCase(Disease disease) {
-
-        RDCF rdcf = createRDCF("Region", "District", "Community", "Facility");
-        UserDto user = beanTest.getUserFacade().getByUserName("SurvSup");
-        if (user == null) {
-            user = createSurveillanceSupervisor(rdcf);
-        }
-
-        PersonDto cazePerson = createPerson("Case", "Person", Sex.UNKNOWN);
-        return createCase(
-                user.toReference(),
-                cazePerson.toReference(),
-                disease,
-                CaseClassification.NOT_CLASSIFIED,
-                InvestigationStatus.PENDING,
-                new Date(),
-                rdcf);
-    }
-
-    public CaseDataDto createCase(UserReferenceDto user, RDCF rdcf, Consumer<CaseDataDto> setCustomFields) {
-        return createCase(
-                user,
-                createPerson().toReference(),
-                Disease.EVD,
-                CaseClassification.SUSPECT,
-                InvestigationStatus.PENDING,
-                new Date(),
-                rdcf,
-                setCustomFields);
-    }
-
-    public CaseDataDto createCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf) {
-        return createCase(user, person, Disease.EVD, CaseClassification.SUSPECT, InvestigationStatus.PENDING, new Date(), rdcf);
-    }
-
-    public CaseDataDto createCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf, Consumer<CaseDataDto> setCustomFields) {
-        return createCase(user, person, Disease.EVD, CaseClassification.SUSPECT, InvestigationStatus.PENDING, new Date(), rdcf, setCustomFields);
-    }
-
-    public CaseDataDto createCase(
-            UserReferenceDto user,
-            PersonReferenceDto cazePerson,
-            Disease disease,
-            CaseClassification caseClassification,
-            InvestigationStatus investigationStatus,
-            Date reportAndOnsetDate,
-            RDCF rdcf) {
-
-        return createCase(user, cazePerson, disease, caseClassification, investigationStatus, reportAndOnsetDate, rdcf, null);
-    }
-
-    public CaseDataDto createCase(
-            UserReferenceDto user,
-            PersonReferenceDto cazePerson,
-            Disease disease,
-            CaseClassification caseClassification,
-            InvestigationStatus investigationStatus,
-            Date reportAndOnsetDate,
-            RDCF rdcf,
-            Consumer<CaseDataDto> setCustomFields) {
-
-        CaseDataDto caze = CaseDataDto.build(cazePerson, disease);
-        caze.setReportDate(reportAndOnsetDate);
-        caze.setReportingUser(user);
-        caze.getSymptoms().setOnsetDate(reportAndOnsetDate);
-        caze.setCaseClassification(caseClassification);
-        caze.setInvestigationStatus(investigationStatus);
-        caze.setResponsibleRegion(rdcf.region);
-        caze.setResponsibleDistrict(rdcf.district);
-        caze.setResponsibleCommunity(rdcf.community);
-        caze.setFacilityType(beanTest.getFacilityFacade().getByUuid(rdcf.facility.getUuid()).getType());
-        caze.setHealthFacility(rdcf.facility);
-        caze.setPointOfEntry(rdcf.pointOfEntry);
-
-        if (setCustomFields != null) {
-            setCustomFields.accept(caze);
-        }
-
-        caze = beanTest.getCaseFacade().save(caze);
-
-        return caze;
-    }
-
-    public ImmunizationDto createImmunization(
-            Disease disease,
-            PersonReferenceDto person,
-            UserReferenceDto reportingUser,
-            ImmunizationStatus immunizationStatus,
-            MeansOfImmunization meansOfImmunization,
-            ImmunizationManagementStatus immunizationManagementStatus,
-            RDCF rdcf,
-            Date startDate,
-            Date endDate,
-            Date validFromDate,
-            Date validUntilDate) {
-        ImmunizationDto immunization =
-                createImmunizationDto(disease, person, reportingUser, immunizationStatus, meansOfImmunization, immunizationManagementStatus, rdcf);
-        immunization.setStartDate(startDate);
-        immunization.setEndDate(endDate);
-        immunization.setValidFrom(validFromDate);
-        immunization.setValidUntil(validUntilDate);
-
-        return beanTest.getImmunizationFacade().save(immunization);
-    }
-
-    public ImmunizationDto createImmunization(
-            Disease disease,
-            PersonReferenceDto person,
-            UserReferenceDto reportingUser,
-            ImmunizationStatus immunizationStatus,
-            MeansOfImmunization meansOfImmunization,
-            ImmunizationManagementStatus immunizationManagementStatus,
-            RDCF rdcf) {
-        ImmunizationDto immunization =
-                createImmunizationDto(disease, person, reportingUser, immunizationStatus, meansOfImmunization, immunizationManagementStatus, rdcf);
-
-        return beanTest.getImmunizationFacade().save(immunization);
-    }
-
-    public ImmunizationDto createImmunization(Disease disease, PersonReferenceDto person, UserReferenceDto reportingUser, RDCF rdcf) {
-
-        return createImmunization(disease, person, reportingUser, rdcf, null);
-    }
-
-    public ImmunizationDto createImmunization(
-            Disease disease,
-            PersonReferenceDto person,
-            UserReferenceDto reportingUser,
-            RDCF rdcf,
-            Consumer<ImmunizationDto> extraConfig) {
-
-        ImmunizationDto immunization = createImmunizationDto(
-                disease,
-                person,
-                reportingUser,
-                ImmunizationStatus.PENDING,
-                MeansOfImmunization.VACCINATION,
-                ImmunizationManagementStatus.ONGOING,
-                rdcf);
-
-        if (extraConfig != null) {
-            extraConfig.accept(immunization);
-        }
-
-        return beanTest.getImmunizationFacade().save(immunization);
-    }
-
-    @NotNull
-    public ImmunizationDto createImmunizationDto(
-            Disease disease,
-            PersonReferenceDto person,
-            UserReferenceDto reportingUser,
-            ImmunizationStatus immunizationStatus,
-            MeansOfImmunization meansOfImmunization,
-            ImmunizationManagementStatus immunizationManagementStatus,
-            RDCF rdcf) {
-        ImmunizationDto immunization = new ImmunizationDto();
-        immunization.setUuid(DataHelper.createUuid());
-        immunization.setDisease(disease);
-        immunization.setPerson(person);
-        immunization.setReportingUser(reportingUser);
-        immunization.setImmunizationStatus(immunizationStatus);
-        immunization.setMeansOfImmunization(meansOfImmunization);
-        immunization.setImmunizationManagementStatus(immunizationManagementStatus);
-        immunization.setResponsibleRegion(rdcf.region);
-        immunization.setResponsibleDistrict(rdcf.district);
-        immunization.setResponsibleCommunity(rdcf.community);
-
-        immunization.setReportDate(new Date());
-        return immunization;
-    }
-
-    public VaccinationDto createVaccination(
-            UserReferenceDto reportingUser,
-            ImmunizationReferenceDto immunization,
-            HealthConditionsDto healthConditions) {
-
-        return createVaccination(reportingUser, immunization, healthConditions, new Date(), null, null);
-    }
-
-    public VaccinationDto createVaccination(UserReferenceDto reportingUser, ImmunizationReferenceDto immunization) {
-        return createVaccination(reportingUser, immunization, new HealthConditionsDto());
-    }
-
-    @NotNull
-    public VaccinationDto createVaccinationDto(
-            UserReferenceDto reportingUser,
-            ImmunizationReferenceDto immunization,
-            HealthConditionsDto healthConditions) {
-        VaccinationDto vaccination = new VaccinationDto();
-        vaccination.setUuid(DataHelper.createUuid());
-        vaccination.setReportingUser(reportingUser);
-        vaccination.setReportDate(new Date());
-
-        vaccination.setImmunization(immunization);
-        vaccination.setHealthConditions(healthConditions);
-        return vaccination;
-    }
-
-    public VaccinationDto createVaccinationWithDetails(
-            UserReferenceDto reportingUser,
-            ImmunizationReferenceDto immunization,
-            HealthConditionsDto healthConditions,
-            Date vaccinationDate,
-            Vaccine vaccine,
-            VaccineManufacturer vaccineManufacturer,
-            VaccinationInfoSource infoSource,
-            String vaccineInn,
-            String vaccineBatchNumber,
-            String vaccineAtcCode,
-            String vaccineDose) {
-
-        VaccinationDto vaccinationDto =
-                createVaccination(reportingUser, immunization, healthConditions, vaccinationDate, vaccine, vaccineManufacturer);
-
-        vaccinationDto.setVaccinationInfoSource(infoSource);
-        vaccinationDto.setVaccineInn(vaccineInn);
-        vaccinationDto.setVaccineBatchNumber(vaccineBatchNumber);
-        vaccinationDto.setVaccineAtcCode(vaccineAtcCode);
-        vaccinationDto.setVaccineDose(vaccineDose);
-
-        return beanTest.getVaccinationFacade().save(vaccinationDto);
-    }
-
-    public VaccinationDto createVaccination(
-            UserReferenceDto reportingUser,
-            ImmunizationReferenceDto immunization,
-            HealthConditionsDto healthConditions,
-            Date vaccinationDate,
-            Vaccine vaccine,
-            VaccineManufacturer vaccineManufacturer) {
-
-        VaccinationDto vaccination = new VaccinationDto();
-        vaccination.setUuid(DataHelper.createUuid());
-        vaccination.setReportingUser(reportingUser);
-        vaccination.setReportDate(new Date());
-        vaccination.setVaccinationDate(new Date());
-        vaccination.setVaccineName(vaccine);
-        vaccination.setVaccineManufacturer(vaccineManufacturer);
-
-        vaccination.setVaccinationDate(vaccinationDate);
-        vaccination.setImmunization(immunization);
-        vaccination.setHealthConditions(healthConditions);
-
-        return beanTest.getVaccinationFacade().save(vaccination);
-    }
-
-    public TravelEntryDto createTravelEntry(PersonReferenceDto person, UserReferenceDto reportingUser, RDCF rdcf, Consumer<TravelEntryDto> config) {
-
-        TravelEntryDto travelEntry = TravelEntryDto.build(person);
-        travelEntry.setDisease(Disease.EVD);
-        travelEntry.setReportingUser(reportingUser);
-        travelEntry.setResponsibleRegion(rdcf.region);
-        travelEntry.setResponsibleDistrict(rdcf.district);
-        travelEntry.setPointOfEntry(rdcf.pointOfEntry);
-        travelEntry.setDateOfArrival(new Date());
-
-        if (config != null) {
-            config.accept(travelEntry);
-        }
-
-        return beanTest.getTravelEntryFacade().save(travelEntry);
-    }
-
-    public TravelEntryDto createTravelEntry(
-            PersonReferenceDto person,
-            UserReferenceDto reportingUser,
-            Disease disease,
-            RegionReferenceDto responsibleRegion,
-            DistrictReferenceDto responsibleDistrict,
-            PointOfEntryReferenceDto pointOfEntry) {
-
-        TravelEntryDto travelEntry = TravelEntryDto.build(person);
-        travelEntry.setDisease(disease);
-        travelEntry.setReportingUser(reportingUser);
-        travelEntry.setDateOfArrival(new Date());
-        travelEntry.setResponsibleRegion(responsibleRegion);
-        travelEntry.setResponsibleDistrict(responsibleDistrict);
-        travelEntry.setPointOfEntry(pointOfEntry);
-
-        return beanTest.getTravelEntryFacade().save(travelEntry);
-    }
-
-    public ClinicalVisitDto createClinicalVisit(CaseDataDto caze) {
-        return createClinicalVisit(caze, null);
-    }
-
-    public ClinicalVisitDto createClinicalVisit(CaseDataDto caze, Consumer<ClinicalVisitDto> extraConfig) {
-
-        ClinicalVisitDto clinicalVisit = ClinicalVisitDto.build(caze.getClinicalCourse().toReference(), caze.getDisease());
-
-        if (extraConfig != null) {
-            extraConfig.accept(clinicalVisit);
-        }
-
-        clinicalVisit = beanTest.getClinicalVisitFacade().saveClinicalVisit(clinicalVisit, caze.getUuid());
-        return clinicalVisit;
-    }
-
-    public PrescriptionDto createPrescription(CaseDataDto caze) {
-        return createPrescription(caze, null);
-    }
-
-    public PrescriptionDto createPrescription(CaseDataDto caze, Consumer<PrescriptionDto> customConfig) {
-
-        PrescriptionDto prescription = PrescriptionDto.buildPrescription(caze.getTherapy().toReference());
-        prescription.setPrescriptionType(TreatmentType.BLOOD_TRANSFUSION);
-
-        if (customConfig != null) {
-            customConfig.accept(prescription);
-        }
-
-        prescription = beanTest.getPrescriptionFacade().savePrescription(prescription);
-
-        return prescription;
-    }
-
-    public TreatmentDto createTreatment(CaseDataDto caze) {
-        return createTreatment(caze, null);
-    }
-
-    public TreatmentDto createTreatment(CaseDataDto caze, Consumer<TreatmentDto> customConfig) {
-
-        TreatmentDto treatment = TreatmentDto.build(caze.getTherapy().toReference());
-        treatment.setTreatmentType(TreatmentType.BLOOD_TRANSFUSION);
-
-        if (customConfig != null) {
-            customConfig.accept(treatment);
-        }
-
-        treatment = beanTest.getTreatmentFacade().saveTreatment(treatment);
-
-        return treatment;
-    }
-
-    public ContactDto createContact(RDCF rdcf, UserReferenceDto reportingUser, PersonReferenceDto contactPerson) {
-        return createContact(reportingUser, null, contactPerson, null, new Date(), null, null, rdcf);
-    }
-
-    public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson) {
-        return createContact(reportingUser, null, contactPerson, null, new Date(), null, null, null);
-    }
-
-    public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, Disease disease) {
-        return createContact(reportingUser, null, contactPerson, null, new Date(), null, disease, null);
-    }
-
-    public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, Disease disease, RDCF rdcf) {
-        return createContact(reportingUser, null, contactPerson, null, new Date(), null, disease, null);
-    }
-
-    public ContactDto createContact(
-            UserReferenceDto reportingUser,
-            PersonReferenceDto contactPerson,
-            Disease disease,
-            Consumer<ContactDto> customConfig) {
-        return createContact(reportingUser, null, contactPerson, null, new Date(), null, disease, null, customConfig);
-    }
-
-    public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, Date reportDateTime) {
-        return createContact(reportingUser, null, contactPerson, null, reportDateTime, null, null, null);
-    }
-
-    public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, CaseDataDto caze) {
-        return createContact(reportingUser, null, contactPerson, caze, new Date(), null, null, null);
-    }
-
-    public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, CaseDataDto caze, RDCF rdcf) {
-        return createContact(reportingUser, null, contactPerson, caze, new Date(), null, null, rdcf);
-    }
-
-    public ContactDto createContact(
-            UserReferenceDto reportingUser,
-            UserReferenceDto contactOfficer,
-            PersonReferenceDto contactPerson,
-            CaseDataDto caze,
-            Date reportDateTime,
-            Date lastContactDate,
-            Disease disease) {
-
-        return createContact(reportingUser, contactOfficer, contactPerson, caze, reportDateTime, lastContactDate, disease, null);
-    }
-
-    public ContactDto createContact(
-            UserReferenceDto reportingUser,
-            UserReferenceDto contactOfficer,
-            PersonReferenceDto contactPerson,
-            CaseDataDto caze,
-            Date reportDateTime,
-            Date lastContactDate,
-            Disease disease,
-            RDCF rdcf) {
-        return createContact(reportingUser, contactOfficer, contactPerson, caze, reportDateTime, lastContactDate, disease, rdcf, null);
-    }
-
-    public ContactDto createContact(
-            UserReferenceDto reportingUser,
-            UserReferenceDto contactOfficer,
-            PersonReferenceDto contactPerson,
-            CaseDataDto caze,
-            Date reportDateTime,
-            Date lastContactDate,
-            Disease disease,
-            RDCF rdcf,
-            Consumer<ContactDto> customConfig) {
-        ContactDto contact;
-
-        if (caze != null) {
-            contact = ContactDto.build(caze);
-        } else {
-            contact = ContactDto.build(null, disease != null ? disease : Disease.EVD, null, null);
-            if (rdcf == null) {
-                rdcf = createRDCF();
-            }
-            contact.setRegion(rdcf.region);
-            contact.setDistrict(rdcf.district);
-        }
-        contact.setReportingUser(reportingUser);
-        contact.setContactOfficer(contactOfficer);
-        contact.setPerson(contactPerson);
-        contact.setReportDateTime(reportDateTime);
-        contact.setLastContactDate(lastContactDate);
-        contact.setEpiData(EpiDataDto.build());
-
-        if (customConfig != null) {
-            customConfig.accept(contact);
-        }
-
-        contact = beanTest.getContactFacade().save(contact);
-
-        return contact;
-    }
-
-    public TaskDto createTask(UserReferenceDto assigneeUser) {
-        return createTask(TaskContext.GENERAL, TaskType.OTHER, TaskStatus.PENDING, null, null, null, null, new Date(), assigneeUser);
-    }
-
-    public TaskDto createTask(TaskContext context, ReferenceDto entityRef, Consumer<TaskDto> customConfig) {
-
-        TaskDto task = TaskDto.build(context, entityRef);
-
-        if (customConfig != null) {
-            customConfig.accept(task);
-        }
-
-        task = beanTest.getTaskFacade().saveTask(task);
-
-        return task;
-    }
-
-    public TaskDto createTask(
-            TaskContext context,
-            TaskType type,
-            TaskStatus status,
-            CaseReferenceDto caze,
-            ContactReferenceDto contact,
-            EventReferenceDto event,
-            EnvironmentReferenceDto environment,
-            Date dueDate,
-            UserReferenceDto assigneeUser) {
-
-        ReferenceDto entityRef;
-        switch (context) {
-            case CASE:
-                entityRef = caze;
-                break;
-            case CONTACT:
-                entityRef = contact;
-                break;
-            case EVENT:
-                entityRef = event;
-                break;
-            case ENVIRONMENT:
-                entityRef = environment;
-                break;
-            case GENERAL:
-                entityRef = null;
-                break;
-            default:
-                throw new IllegalArgumentException(context.toString());
-        }
-
-        TaskDto task = TaskDto.build(context, entityRef);
-        task.setTaskType(type);
-        task.setTaskStatus(status);
-        task.setDueDate(dueDate);
-        task.setAssigneeUser(assigneeUser);
-
-        task = beanTest.getTaskFacade().saveTask(task);
-
-        return task;
-    }
-
-    public VisitDto createVisit(PersonReferenceDto person) {
-        return createVisit(Disease.EVD, person);
-    }
-
-    public VisitDto createVisit(Disease disease, PersonReferenceDto person) {
-        return createVisit(disease, person, new Date(), VisitStatus.COOPERATIVE, VisitOrigin.USER);
-    }
-
-    public VisitDto createVisit(Disease disease, PersonReferenceDto person, Date visitDateTime) {
-        return createVisit(disease, person, visitDateTime, VisitStatus.COOPERATIVE, VisitOrigin.USER);
-    }
-
-    public VisitDto createVisit(Disease disease, PersonReferenceDto person, Date visitDateTime, VisitStatus visitStatus, VisitOrigin visitOrigin) {
-        return createVisit(disease, person, visitDateTime, visitStatus, visitOrigin, null);
-    }
-
-    public VisitDto createVisit(
-            Disease disease,
-            PersonReferenceDto person,
-            Date visitDateTime,
-            VisitStatus visitStatus,
-            VisitOrigin visitOrigin,
-            Consumer<VisitDto> customConfig) {
-
-        VisitDto visit = VisitDto.build(person, disease, visitOrigin);
-        visit.setVisitDateTime(visitDateTime);
-        visit.setVisitStatus(visitStatus);
-
-        if (customConfig != null) {
-            customConfig.accept(visit);
-        }
-
-        visit = beanTest.getVisitFacade().save(visit);
-
-        return visit;
-    }
-
-    public EventDto createEvent(UserReferenceDto reportingUser) {
-
-        return createEvent(reportingUser, new Date());
-    }
-
-    public EventDto createEvent(UserReferenceDto reportingUser, EventStatus status) {
-
-        return createEvent(status, EventInvestigationStatus.PENDING, "eventTitle", "description", reportingUser, null, null);
-    }
-
-    public EventDto createEvent(UserReferenceDto reportingUser, Disease disease) {
-        return createEvent(
-                EventStatus.SIGNAL,
-                EventInvestigationStatus.PENDING,
-                "title",
-                "description",
-                "firstname",
-                "lastname",
-                null,
-                null,
-                new Date(),
-                new Date(),
-                reportingUser,
-                null,
-                disease,
-                null);
-    }
-
-    public EventDto createEvent(UserReferenceDto reportingUser, Disease disease, RDCF rdcf) {
-
-        return createEvent(EventStatus.SIGNAL, EventInvestigationStatus.PENDING, "title", "description", reportingUser, rdcf, (event) -> {
-            event.setReportDateTime(new Date());
-            event.setReportingUser(reportingUser);
-            event.setDisease(disease);
-        });
-    }
-
-    public EventDto createEvent(UserReferenceDto reportingUser, Disease disease, Consumer<EventDto> customConfig) {
-
-        return createEvent(EventStatus.SIGNAL, EventInvestigationStatus.PENDING, "title", "description", reportingUser, null, (event) -> {
-            event.setReportDateTime(new Date());
-            event.setReportingUser(reportingUser);
-            event.setDisease(disease);
-
-            customConfig.accept(event);
-        });
-    }
-
-    public EventDto createEvent(UserReferenceDto reportingUser, Date eventDate) {
-
-        return createEvent(
-                EventStatus.SIGNAL,
-                EventInvestigationStatus.PENDING,
-                "title",
-                "Description",
-                "FirstName",
-                "LastName",
-                null,
-                null,
-                eventDate,
-                new Date(),
-                reportingUser,
-                null,
-                null,
-                null);
-    }
-
-    public EventDto createEvent(
-            EventStatus eventStatus,
-            EventInvestigationStatus eventInvestigationStatus,
-            String eventTitle,
-            String eventDesc,
-            String srcFirstName,
-            String srcLastName,
-            String srcTelNo,
-            TypeOfPlace typeOfPlace,
-            Date eventDate,
-            Date reportDateTime,
-            UserReferenceDto reportingUser,
-            UserReferenceDto responsibleUser,
-            Disease disease,
-            RDCF rdcf) {
-
-        return createEvent(eventStatus, eventInvestigationStatus, eventTitle, eventDesc, reportingUser, rdcf, (event) -> {
-            event.setSrcFirstName(srcFirstName);
-            event.setSrcLastName(srcLastName);
-            event.setSrcTelNo(srcTelNo);
-            event.setTypeOfPlace(typeOfPlace);
-            event.setStartDate(eventDate);
-            event.setReportDateTime(reportDateTime);
-            event.setReportingUser(reportingUser);
-            event.setResponsibleUser(responsibleUser);
-            event.setDisease(disease);
-
-        });
-    }
-
-    public EventDto createEvent(
-            EventStatus eventStatus,
-            EventInvestigationStatus eventInvestigationStatus,
-            String eventTitle,
-            String eventDesc,
-            UserReferenceDto reportingUser,
-            RDCF rdcf,
-            Consumer<EventDto> customSettings) {
-
-        EventDto event = EventDto.build();
-        event.setEventStatus(eventStatus);
-        event.setEventInvestigationStatus(eventInvestigationStatus);
-        event.setEventTitle(eventTitle);
-        event.setEventDesc(eventDesc);
-        event.setReportingUser(reportingUser);
-
-        if (rdcf == null) {
-            rdcf = createRDCF();
-        }
-
-        event.getEventLocation().setRegion(rdcf.region);
-        event.getEventLocation().setDistrict(rdcf.district);
-
-        if (customSettings != null) {
-            customSettings.accept(event);
-        }
-
-        event = beanTest.getEventFacade().save(event);
-
-        return event;
-    }
-
-    public EventParticipantDto createEventParticipant(EventReferenceDto event, PersonDto eventPerson, UserReferenceDto reportingUser) {
-        return createEventParticipant(event, eventPerson, "Description", reportingUser, null, null);
-    }
-
-    public EventParticipantDto createEventParticipant(
-            EventReferenceDto event,
-            PersonDto eventPerson,
-            String involvementDescription,
-            UserReferenceDto reportingUser) {
-        return createEventParticipant(event, eventPerson, involvementDescription, reportingUser, null, null);
-    }
-
-    public EventParticipantDto createEventParticipant(
-            EventReferenceDto event,
-            PersonDto eventPerson,
-            String involvementDescription,
-            UserReferenceDto reportingUser,
-            RDCF rdcf) {
-        return createEventParticipant(event, eventPerson, involvementDescription, reportingUser, null, rdcf);
-    }
-
-    public EventParticipantDto createEventParticipant(
-            EventReferenceDto event,
-            PersonDto eventPerson,
-            String involvementDescription,
-            UserReferenceDto reportingUser,
-            Consumer<EventParticipantDto> customSettings,
-            RDCF rdcf) {
-
-        EventParticipantDto eventParticipant = EventParticipantDto.build(event, reportingUser);
-        eventParticipant.setPerson(eventPerson);
-        eventParticipant.setInvolvementDescription(involvementDescription);
-
-        if (customSettings != null) {
-            customSettings.accept(eventParticipant);
-        }
-        if (rdcf != null) {
-            eventParticipant.setRegion(rdcf.region);
-            eventParticipant.setDistrict(rdcf.district);
-        }
-
-        eventParticipant = beanTest.getEventParticipantFacade().save(eventParticipant);
-        return eventParticipant;
-    }
-
-    public SurveillanceReportDto createSurveillanceReport(UserReferenceDto reportingUser, CaseReferenceDto caseReference) {
-        return createSurveillanceReport(reportingUser, ReportingType.DOCTOR, caseReference);
-    }
-
-    public SurveillanceReportDto createSurveillanceReport(
-            UserReferenceDto reportingUser,
-            ReportingType reportingType,
-            CaseReferenceDto caseReference) {
-        return createSurveillanceReport(reportingUser, reportingType, caseReference, null);
-    }
-
-    public SurveillanceReportDto createSurveillanceReport(
-            UserReferenceDto reportingUser,
-            ReportingType reportingType,
-            CaseReferenceDto caseReference,
-            Consumer<SurveillanceReportDto> extraConfig) {
-        SurveillanceReportDto surveillanceReport = SurveillanceReportDto.build(caseReference, reportingUser);
-        surveillanceReport.setReportingType(reportingType);
-        surveillanceReport.setReportDate(new Date());
-
-        if (extraConfig != null) {
-            extraConfig.accept(surveillanceReport);
-        }
-
-        surveillanceReport = beanTest.getSurveillanceReportFacade().save(surveillanceReport);
-
-        return surveillanceReport;
-    }
-
-    public ActionDto createAction(EventReferenceDto event) {
-
-        ActionDto action = ActionDto.build(ActionContext.EVENT, event);
-
-        action = beanTest.getActionFacade().saveAction(action);
-        return action;
-    }
-
-    public SampleDto createSample(CaseReferenceDto associatedCase, UserReferenceDto reportingUser, Facility lab) {
-        return createSample(associatedCase, reportingUser, lab, null);
-    }
-
-    public SampleDto createSample(CaseReferenceDto associatedCase, UserReferenceDto reportingUser, Facility lab, Consumer<SampleDto> customConfig) {
-        return createSample(associatedCase, new Date(), new Date(), reportingUser, SampleMaterial.BLOOD, lab, customConfig);
-    }
-
-    public SampleDto createSample(CaseReferenceDto associatedCase, UserReferenceDto reportingUser, FacilityReferenceDto lab) {
-        return createSample(associatedCase, reportingUser, lab, null);
-    }
-
-    public SampleDto createSample(
-            CaseReferenceDto associatedCase,
-            UserReferenceDto reportingUser,
-            FacilityReferenceDto lab,
-            Consumer<SampleDto> customSettings) {
-
-        SampleDto sample = SampleDto.build(reportingUser, associatedCase);
-        sample.setSampleDateTime(new Date());
-        sample.setReportDateTime(new Date());
-        sample.setSampleMaterial(SampleMaterial.BLOOD);
-        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-        sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
-
-        if (customSettings != null) {
-            customSettings.accept(sample);
-        }
-
-        sample = beanTest.getSampleFacade().saveSample(sample);
-
-        return sample;
-    }
-
-    public SampleDto createSample(
-            CaseReferenceDto associatedCase,
-            Date sampleDateTime,
-            Date reportDateTime,
-            UserReferenceDto reportingUser,
-            SampleMaterial sampleMaterial,
-            Facility lab) {
-        return createSample(associatedCase, sampleDateTime, reportDateTime, reportingUser, sampleMaterial, lab, null);
-    }
-
-    public SampleDto createSample(
-            CaseReferenceDto associatedCase,
-            Date sampleDateTime,
-            Date reportDateTime,
-            UserReferenceDto reportingUser,
-            SampleMaterial sampleMaterial,
-            Facility lab,
-            Consumer<SampleDto> customConfig) {
-        SampleDto sample = SampleDto.build(reportingUser, associatedCase);
-        sample.setSampleDateTime(sampleDateTime);
-        sample.setReportDateTime(reportDateTime);
-        sample.setSampleMaterial(sampleMaterial);
-        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-        sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
-
-        if (customConfig != null) {
-            customConfig.accept(sample);
-        }
-
-        sample = beanTest.getSampleFacade().saveSample(sample);
-
-        return sample;
-    }
-
-    public SampleDto createSample(
-            CaseReferenceDto associatedCase,
-            Date sampleDateTime,
-            Date reportDateTime,
-            UserReferenceDto reportingUser,
-            SampleMaterial sampleMaterial,
-            FacilityReferenceDto lab) {
-
-        SampleDto sample = SampleDto.build(reportingUser, associatedCase);
-        sample.setSampleDateTime(sampleDateTime);
-        sample.setReportDateTime(reportDateTime);
-        sample.setSampleMaterial(sampleMaterial);
-        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-        sample.setLab(lab);
-
-        sample = beanTest.getSampleFacade().saveSample(sample);
-        return sample;
-    }
-
-    @Deprecated
-    public SampleDto createSample(
-            ContactReferenceDto associatedContact,
-            Date sampleDateTime,
-            Date reportDateTime,
-            UserReferenceDto reportingUser,
-            SampleMaterial sampleMaterial,
-            Facility lab) {
-
-        SampleDto sample = SampleDto.build(reportingUser, associatedContact);
-        sample.setSampleDateTime(sampleDateTime);
-        sample.setReportDateTime(reportDateTime);
-        sample.setSampleMaterial(sampleMaterial);
-        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-        sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
-
-        sample = beanTest.getSampleFacade().saveSample(sample);
-        return sample;
-    }
-
-    public SampleDto createSample(
-            ContactReferenceDto associatedContact,
-            Date sampleDateTime,
-            Date reportDateTime,
-            UserReferenceDto reportingUser,
-            SampleMaterial sampleMaterial,
-            FacilityReferenceDto lab) {
-
-        SampleDto sample = SampleDto.build(reportingUser, associatedContact);
-        sample.setSampleDateTime(sampleDateTime);
-        sample.setReportDateTime(reportDateTime);
-        sample.setSampleMaterial(sampleMaterial);
-        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-        sample.setLab(lab);
-
-        sample = beanTest.getSampleFacade().saveSample(sample);
-        return sample;
-    }
-
-    public SampleDto createSample(
-            ContactReferenceDto associatedContact,
-            UserReferenceDto reportingUser,
-            FacilityReferenceDto lab,
-            Consumer<SampleDto> customSettings) {
-
-        SampleDto sample = SampleDto.build(reportingUser, associatedContact);
-        sample.setSampleDateTime(new Date());
-        sample.setReportDateTime(new Date());
-        sample.setSampleMaterial(SampleMaterial.BLOOD);
-        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-        sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
-
-        if (customSettings != null) {
-            customSettings.accept(sample);
-        }
-
-        sample = beanTest.getSampleFacade().saveSample(sample);
-
-        return sample;
-    }
-
-    public SampleDto createSample(EventParticipantReferenceDto associatedEventParticipant, UserReferenceDto reportingUser, FacilityReferenceDto lab) {
-        return createSample(associatedEventParticipant, new Date(), new Date(), reportingUser, SampleMaterial.BLOOD, lab);
-    }
-
-    public SampleDto createSample(
-            EventParticipantReferenceDto associatedEventParticipant,
-            UserReferenceDto reportingUser,
-            FacilityReferenceDto lab,
-            Consumer<SampleDto> customConfig) {
-        return createSample(associatedEventParticipant, new Date(), new Date(), reportingUser, SampleMaterial.BLOOD, lab, customConfig);
-    }
-
-    public SampleDto createSample(
-            EventParticipantReferenceDto associatedEventParticipant,
-            Date sampleDateTime,
-            Date reportDateTime,
-            UserReferenceDto reportingUser,
-            SampleMaterial sampleMaterial,
-            FacilityReferenceDto lab) {
-
-        SampleDto sample = SampleDto.build(reportingUser, associatedEventParticipant);
-        sample.setSampleDateTime(sampleDateTime);
-        sample.setReportDateTime(reportDateTime);
-        sample.setSampleMaterial(sampleMaterial);
-        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-        sample.setLab(lab);
-
-        sample = beanTest.getSampleFacade().saveSample(sample);
-        return sample;
-    }
-
-    public SampleDto createSample(
-            EventParticipantReferenceDto associatedEventParticipant,
-            Date sampleDateTime,
-            Date reportDateTime,
-            UserReferenceDto reportingUser,
-            SampleMaterial sampleMaterial,
-            FacilityReferenceDto lab,
-            Consumer<SampleDto> customConfig) {
-
-        SampleDto sample = SampleDto.build(reportingUser, associatedEventParticipant);
-        sample.setSampleDateTime(sampleDateTime);
-        sample.setReportDateTime(reportDateTime);
-        sample.setSampleMaterial(sampleMaterial);
-        sample.setSamplePurpose(SamplePurpose.EXTERNAL);
-        sample.setLab(lab);
-
-        if (customConfig != null) {
-            customConfig.accept(sample);
-        }
-
-        sample = beanTest.getSampleFacade().saveSample(sample);
-        return sample;
-    }
-
-    public PathogenTestDto createPathogenTest(
-            SampleReferenceDto sample,
-            PathogenTestType testType,
-            Disease testedDisease,
-            Date testDateTime,
-            FacilityReferenceDto lab,
-            UserReferenceDto labUser,
-            PathogenTestResultType testResult,
-            String testResultText,
-            boolean verified) {
-        return createPathogenTest(sample, testType, testedDisease, testDateTime, lab, labUser, testResult, testResultText, verified, null);
-    }
-
-    public PathogenTestDto createPathogenTest(SampleReferenceDto sample, UserReferenceDto labUser, Consumer<PathogenTestDto> extraConfig) {
-        return createPathogenTest(
-                sample,
-                PathogenTestType.ANTIGEN_DETECTION,
-                null,
-                new Date(),
-                (FacilityReferenceDto) null,
-                labUser,
-                PathogenTestResultType.PENDING,
-                null,
-                true,
-                extraConfig);
-    }
-
-    public PathogenTestDto createPathogenTest(
-            SampleReferenceDto sample,
-            PathogenTestType testType,
-            Disease testedDisease,
-            Date testDateTime,
-            Facility lab,
-            UserReferenceDto labUser,
-            PathogenTestResultType testResult,
-            String testResultText,
-            boolean verified,
-            Consumer<PathogenTestDto> extraConfig) {
-
-        PathogenTestDto sampleTest = PathogenTestDto.build(sample, labUser);
-        sampleTest.setTestedDisease(testedDisease);
-        sampleTest.setTestType(testType);
-        sampleTest.setTestDateTime(testDateTime);
-        sampleTest.setLab(lab != null ? beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()) : null);
-        sampleTest.setTestResult(testResult);
-        sampleTest.setTestResultText(testResultText);
-        sampleTest.setTestResultVerified(verified);
-
-        if (extraConfig != null) {
-            extraConfig.accept(sampleTest);
-        }
-
-        sampleTest = beanTest.getPathogenTestFacade().savePathogenTest(sampleTest);
-        return sampleTest;
-    }
-
-    public PathogenTestDto createPathogenTest(
-            EnvironmentSampleReferenceDto sample,
-            PathogenTestType testType,
-            Pathogen testedPathogen,
-            FacilityReferenceDto lab,
-            UserReferenceDto labUser,
-            PathogenTestResultType testResult,
-            Consumer<PathogenTestDto> extraConfig) {
-
-        PathogenTestDto sampleTest = PathogenTestDto.build(sample, labUser);
-        sampleTest.setTestType(testType);
-        sampleTest.setLab(lab);
-        sampleTest.setTestedPathogen(testedPathogen);
-        sampleTest.setTestResult(testResult);
-        sampleTest.setTestResultVerified(true);
-        sampleTest.setTestDateTime(new Date());
-
-        if (extraConfig != null) {
-            extraConfig.accept(sampleTest);
-        }
-
-        sampleTest = beanTest.getPathogenTestFacade().savePathogenTest(sampleTest);
-        return sampleTest;
-    }
-
-    public PathogenTestDto createPathogenTest(
-            SampleReferenceDto sample,
-            PathogenTestType testType,
-            Disease testedDisease,
-            Date testDateTime,
-            FacilityReferenceDto lab,
-            UserReferenceDto labUser,
-            PathogenTestResultType testResult,
-            String testResultText,
-            boolean verified,
-            Consumer<PathogenTestDto> extraConfig) {
-
-        PathogenTestDto sampleTest = PathogenTestDto.build(sample, labUser);
-        sampleTest.setTestedDisease(testedDisease);
-        sampleTest.setTestType(testType);
-        sampleTest.setTestDateTime(testDateTime);
-        sampleTest.setLab(lab);
-        sampleTest.setTestResult(testResult);
-        sampleTest.setTestResultText(testResultText);
-        sampleTest.setTestResultVerified(verified);
-
-        if (extraConfig != null) {
-            extraConfig.accept(sampleTest);
-        }
-
-        sampleTest = beanTest.getPathogenTestFacade().savePathogenTest(sampleTest);
-        return sampleTest;
-    }
-
-    public PathogenTestDto createPathogenTest(CaseDataDto associatedCase, PathogenTestType testType, PathogenTestResultType resultType) {
-        return createPathogenTest(associatedCase, Disease.CORONAVIRUS, testType, resultType);
-    }
-
-    public PathogenTestDto createPathogenTest(SampleReferenceDto sample, CaseDataDto associatedCase) {
-        RDCF rdcf = createRDCF("LabRegion", "LabDistrict", "LabCommunity", "LabFacilty");
-
-        return createPathogenTest(
-                sample,
-                PathogenTestType.ANTIGEN_DETECTION,
-                associatedCase.getDisease(),
-                new Date(),
-                rdcf.facility,
-                associatedCase.getReportingUser(),
-                PathogenTestResultType.PENDING,
-                "",
-                false);
-    }
-
-    public PathogenTestDto createPathogenTest(
-            CaseDataDto associatedCase,
-            Disease testedDisease,
-            PathogenTestType testType,
-            PathogenTestResultType resultType) {
-
-        RDCF rdcf = createRDCF("Region", "District", "Community", "Facility");
-        SampleDto sample = createSample(
-                new CaseReferenceDto(associatedCase.getUuid()),
-                new Date(),
-                new Date(),
-                associatedCase.getReportingUser(),
-                SampleMaterial.BLOOD,
-                rdcf.facility);
-        return createPathogenTest(
-                new SampleReferenceDto(sample.getUuid()),
-                testType,
-                testedDisease,
-                new Date(),
-                rdcf.facility,
-                associatedCase.getReportingUser(),
-                resultType,
-                "",
-                true);
-    }
-
-    public PathogenTestDto buildPathogenTestDto(RDCF rdcf, UserDto user, SampleDto sample, Disease disease, Date testDateTime) {
-
-        final PathogenTestDto newPathogenTest = new PathogenTestDto();
-
-        newPathogenTest.setSample(sample.toReference());
-        newPathogenTest.setTestedDisease(disease);
-        newPathogenTest.setTestType(PathogenTestType.ISOLATION);
-
-        newPathogenTest.setTestDateTime(testDateTime);
-        newPathogenTest.setLab(new FacilityReferenceDto(rdcf.facility.getUuid(), null, null));
-        newPathogenTest.setLabUser(user.toReference());
-        newPathogenTest.setTestResult(PathogenTestResultType.PENDING);
-        newPathogenTest.setTestResultText("all bad!");
-        newPathogenTest.setTestResultVerified(false);
-        return newPathogenTest;
-    }
-
-    public AdditionalTestDto createAdditionalTest(SampleReferenceDto sample) {
-
-        AdditionalTestDto test = AdditionalTestDto.build(sample);
-        test.setTestDateTime(new Date());
-
-        test = beanTest.getAdditionalTestFacade().saveAdditionalTest(test);
-        return test;
-    }
-
-    public ExposureDto buildAnimalContactExposure(TypeOfAnimal typeOfAnimal) {
-
-        ExposureDto exposure = ExposureDto.build(ExposureType.ANIMAL_CONTACT);
-        exposure.setTypeOfAnimal(typeOfAnimal);
-        return exposure;
-    }
-
-    public CampaignDto createCampaign(UserDto user) {
-
-        CampaignDto campaign = CampaignDto.build();
-        campaign.setCreatingUser(user.toReference());
-        campaign.setName("CampaignName");
-        campaign.setDescription("Campaign description");
-
-        campaign = beanTest.getCampaignFacade().save(campaign);
-
-        return campaign;
-    }
-
-    public CampaignDiagramDefinitionDto createCampaignDiagramDefinition(String diagramId, String diagramCaption) {
-        CampaignDiagramDefinitionDto campaignDiagramDefinition = CampaignDiagramDefinitionDto.build();
-        campaignDiagramDefinition.setDiagramType(DiagramType.COLUMN);
-        campaignDiagramDefinition.setDiagramId(diagramId);
-        campaignDiagramDefinition.setDiagramCaption(diagramCaption);
-
-        return campaignDiagramDefinition;
-    }
-
-    public CampaignFormMetaDto createCampaignForm(CampaignDto campaign) throws IOException {
-
-        CampaignFormMetaDto campaignForm;
-
-        String schema =
-                "[{\"type\": \"text\",\"id\": \"teamNumber\",\"caption\": \"Team number\",\"styles\": [\"first\"]},{\"type\": \"text\",\"id\": "
-                        + "\"namesOfTeamMembers\",\"caption\": \"Names of team members\",\"styles\": [\"col-8\"]},{\"type\": \"text\",\"id\": "
-                        + "\"monitorName\",\"caption\": \"Name of monitor\",\"styles\": [\"first\"]},{\"type\": \"text\",\"id\": \"agencyName\",\"caption\": "
-                        + "\"Agency\"},{\"type\": \"section\",\"id\": \"questionsSection\"},{\"type\": \"label\",\"id\": \"questionsLabel\",\"caption\": \"<h2>Questions</h2>\"}"
-                        + ",{\"type\": \"yes-no\",\"id\": \"oneMemberResident\",\"caption\": \"1) At least one team member is resident of same area (villages)?\"},{\"type\": "
-                        + "\"yes-no\",\"id\": \"vaccinatorsTrained\",\"caption\": \"2) Both vaccinators trained before this campaign?\"},{\"type\": \"section\","
-                        + " \"id\": \"questionsSection2\"},{\"type\": \"label\",\"id\": \"q8To12Label\",\"caption\": \"Q 8-12: Based on observation of team only.\"},"
-                        + "{\"type\": \"yes-no\",\"id\": \"askingAboutMonthOlds\",\"caption\": \"8) Is team specially asking about 0-11 months children?\"},"
-                        + "{\"type\": \"section\", \"id\": \"questionsSection3\"},{\"type\": \"yes-no\",\"id\": \"atLeastOneMemberChw\","
-                        + "\"caption\": \"13) Is at least one member of the team CHW?\"},{\"type\": \"number\",\"id\": "
-                        + "\"numberOfChw\",\"caption\": \"No. of CHW\",\"styles\": [\"row\"],\"dependingOn\": \"atLeastOneMemberChw\",\"dependingOnValues\": [\"YES\"]},"
-                        + "{\"type\": \"yes-no\",\"id\": \"anyMemberFemale\",\"caption\": \"14) Is any member of the team female?\"},{\"type\": \"yes-no\","
-                        + "\"id\": \"accompaniedBySocialMobilizer\",\"caption\": \"15) Does social mobilizer accompany the vaccination team in the field?\"},"
-                        + "{\"type\": \"text\",\"id\": \"comments\",\"caption\": \"Comments\",\"styles\": [\"col-12\"]}]";
-        String translations =
-                "[{\"languageCode\": \"de-DE\", \"translations\": [{\"elementId\": \"teamNumber\", \"caption\": \"Teamnummer\"}, {\"elementId\": \"namesOfTeamMembers\","
-                        + " \"caption\": \"Namen der Teammitglieder\"}]}, {\"languageCode\": \"fr-FR\", \"translations\": [{\"elementId\": \"teamNumber\", "
-                        + "\"caption\": \"Numéro de l'équipe\"}]}]";
-
-        campaignForm = beanTest.getCampaignFormFacade().buildCampaignFormMetaFromJson("testForm", null, schema, translations);
-
-        campaignForm = beanTest.getCampaignFormFacade().saveCampaignFormMeta(campaignForm);
-
-        return campaignForm;
-    }
-
-    public String getCampaignFormData() {
-        return "[{\"id\": \"teamNumber\",\"value\": \"12\"},{\"id\": \"namesOfTeamMembers\", \"value\": \"Waldemar Stricker\"},"
-                + "{\"id\": \"monitorName\", \"value\": \"Josef Saks\"},{\"id\": \"agencyName\",\"value\": \"HZI Institut\"},"
-                + "{\"id\": \"oneMemberResident\", \"value\": \"yes\"},{\"id\": \"vaccinatorsTrained\",\"value\": \"no\"},"
-                + "{\"id\": \"askingAboutMonthOlds\",\"value\": \"yes\"},{\"id\": \"atLeastOneMemberChw\",\"value\": \"yes\"},"
-                + "{\"id\": \"numberOfChw\",\"value\": \"7\"},{\"id\": \"anyMemberFemale\",\"value\": \"yes\"},{\"id\": \"accompaniedBySocialMobilizer\",\"value\": \"no\"},"
-                + "{\"id\": \"comments\",\"value\": \"other comments\"}]";
-    }
-
-    public CampaignFormDataDto buildCampaignFormDataDto(CampaignDto campaign, CampaignFormMetaDto campaignForm, RDCF rdcf, String formData) {
-        CampaignReferenceDto campaignReferenceDto = new CampaignReferenceDto(campaign.getUuid());
-        CampaignFormMetaReferenceDto campaignFormMetaReferenceDto = new CampaignFormMetaReferenceDto(campaignForm.getUuid());
-
-        CampaignFormDataDto campaignFormData =
-                CampaignFormDataDto.build(campaignReferenceDto, campaignFormMetaReferenceDto, rdcf.region, rdcf.district, rdcf.community);
-
-        try {
-            ObjectMapper mapper = new ObjectMapper();
-            campaignFormData.setFormValues(Arrays.asList(mapper.readValue(formData, CampaignFormDataEntry[].class)));
-            return campaignFormData;
-        } catch (IOException e) {
-            throw new RuntimeException(e);
-        }
-    }
-
-    public CampaignFormDataDto createCampaignFormData(CampaignDto campaign, CampaignFormMetaDto campaignForm, RDCF rdcf, String formData) {
-
-        CampaignFormDataDto campaignFormData = buildCampaignFormDataDto(campaign, campaignForm, rdcf, formData);
-
-        campaignFormData = beanTest.getCampaignFormDataFacade().saveCampaignFormData(campaignFormData);
-
-        return campaignFormData;
-    }
-
-    public RDCF createRDCF() {
-        return createRDCF("Region", "District", "Community", "Facility", FacilityType.HOSPITAL, "PointOfEntry", false);
-    }
-
-    public RDCF createRDCF(boolean deafultRdcf) {
-        return createRDCF("Region", "District", "Community", "Facility", FacilityType.HOSPITAL, "PointOfEntry", false, deafultRdcf);
-    }
-
-    public RDCF createRDCF(String regionName, String districtName, String communityName, String facilityName) {
-        return createRDCF(regionName, districtName, communityName, facilityName, FacilityType.HOSPITAL, null, false);
-    }
-
-    public RDCF createRDCF(String regionName, String districtName, String communityName, String facilityName, String pointOfEntryName) {
-        return createRDCF(regionName, districtName, communityName, facilityName, FacilityType.HOSPITAL, pointOfEntryName, false);
-    }
-
-    public RDCF createRDCF(
-            String regionName,
-            String districtName,
-            String communityName,
-            String facilityName,
-            FacilityType facilityType,
-            String pointOfEntryName,
-            boolean withExternalIds) {
-        return createRDCF(regionName, districtName, communityName, facilityName, facilityType, pointOfEntryName, withExternalIds, false);
-    }
-
-    public RDCF createRDCF(
-            String regionName,
-            String districtName,
-            String communityName,
-            String facilityName,
-            FacilityType facilityType,
-            String pointOfEntryName,
-            boolean withExternalIds,
-            boolean defaultRdcf) {
-
-        Region region = createRegion(regionName, withExternalIds ? regionName + "_externalId" : null, defaultRdcf);
-        District district = createDistrict(districtName, region, withExternalIds ? districtName + "_externalId" : null, defaultRdcf);
-        Community community = createCommunity(communityName, district, withExternalIds ? communityName + "_externalId" : null, defaultRdcf);
-        Facility facility =
-                createFacility(facilityName, facilityType, region, district, community, withExternalIds ? facilityName + "_externalId" : null);
-
-        PointOfEntry pointOfEntry = null;
-        if (pointOfEntryName != null) {
-            pointOfEntry = createPointOfEntry(pointOfEntryName, region, district);
-        }
-
-        return new RDCF(
-                new RegionReferenceDto(region.getUuid(), region.getName(), region.getExternalID()),
-                new DistrictReferenceDto(district.getUuid(), district.getName(), district.getExternalID()),
-                new CommunityReferenceDto(community.getUuid(), community.getName(), community.getExternalID()),
-                new FacilityReferenceDto(facility.getUuid(), facility.getName(), facility.getExternalID()),
-                pointOfEntry != null
-                        ? new PointOfEntryReferenceDto(
-                        pointOfEntry.getUuid(),
-                        pointOfEntry.getName(),
-                        pointOfEntry.getPointOfEntryType(),
-                        pointOfEntry.getExternalID())
-                        : null);
-    }
-
-    public RDCFEntities createRDCFEntities() {
-        return createRDCFEntities("Region", "District", "Community", "Facility");
-    }
-
-    public RDCFEntities createRDCFEntities(String regionName, String districtName, String communityName, String facilityName) {
-
-        Region region = createRegion(regionName);
-        District district = createDistrict(districtName, region);
-        Community community = createCommunity(communityName, district);
-        Facility facility = createFacility(facilityName, region, district, community);
-
-        return new RDCFEntities(region, district, community, facility);
-    }
-
-    public RDP createRDP() {
-
-        var region = createRegion("Region");
-        var district = createDistrict("District", region);
-        var pointOfEntry = createPointOfEntry("POE", region, district);
-
-        return new RDP(
-                new RegionReferenceDto(region.getUuid(), region.getName(), region.getExternalID()),
-                new DistrictReferenceDto(district.getUuid(), district.getName(), district.getExternalID()),
-                new PointOfEntryReferenceDto(
-                        pointOfEntry.getUuid(),
-                        pointOfEntry.getName(),
-                        pointOfEntry.getPointOfEntryType(),
-                        pointOfEntry.getExternalID()));
-    }
-
-    public Continent createContinent(String name) {
-        Continent continent = new Continent();
-        continent.setUuid(DataHelper.createUuid());
-        continent.setDefaultName(name);
-        beanTest.getContinentService().persist(continent);
-
-        return continent;
-    }
-
-    public Country createCountry(String countryName, String isoCode, String unoCode) {
-        Country country = new Country();
-        country.setUuid(DataHelper.createUuid());
-        country.setDefaultName(countryName);
-        country.setIsoCode(isoCode);
-        country.setUnoCode(unoCode);
-        beanTest.getCountryService().persist(country);
-
-        return country;
-    }
-
-    public Region createRegion(String regionName) {
-        return createRegion(regionName, null, false);
-    }
-
-    public Region createRegion(String regionName, String externalId, boolean deafultRegion) {
-        Region region = getRegion(regionName, externalId);
-        region.setDefaultInfrastructure(deafultRegion);
-        beanTest.getRegionService().persist(region);
-        return region;
-    }
-
-    public Region createRegionCentrally(String regionName, String externalId) {
-        Region region = getRegion(regionName, externalId);
-        region.setCentrallyManaged(true);
-        beanTest.getRegionService().persist(region);
-        return region;
-    }
-
-    @NotNull
-    private Region getRegion(String regionName, String externalId) {
-        Region region = new Region();
-        region.setUuid(DataHelper.createUuid());
-        region.setName(regionName);
-        region.setEpidCode("COU-REG");
-        region.setExternalID(externalId);
-        return region;
-    }
-
-    public District createDistrict(String districtName, Region region) {
-        return createDistrict(districtName, region, null, false);
-    }
-
-    public District createDistrict(String districtName, Region region, String externalId, boolean defaultDistrict) {
-        District district = getDistrict(districtName, region, externalId);
-        district.setDefaultInfrastructure(defaultDistrict);
-        beanTest.getDistrictService().persist(district);
-        return district;
-    }
-
-    public District createDistrictCentrally(String districtName, Region region, String externalId) {
-        District district = getDistrict(districtName, region, externalId);
-        district.setCentrallyManaged(true);
-        beanTest.getDistrictService().persist(district);
-        return district;
-    }
-
-    @NotNull
-    private District getDistrict(String districtName, Region region, String externalId) {
-        District district = new District();
-        district.setUuid(DataHelper.createUuid());
-        district.setName(districtName);
-        district.setRegion(region);
-        district.setEpidCode("DIS");
-        district.setExternalID(externalId);
-        return district;
-    }
-
-    public Community createCommunity(String communityName, District district) {
-        return createCommunity(communityName, district, null, false);
-    }
-
-    public Community createCommunity(String communityName, District district, String externalId, boolean defaultCommunity) {
-        Community community = getCommunity(communityName, district, externalId);
-        community.setDefaultInfrastructure(defaultCommunity);
-        beanTest.getCommunityService().persist(community);
-        return community;
-    }
-
-    public Community createCommunityCentrally(String communityName, District district, String externalId) {
-        Community community = getCommunity(communityName, district, externalId);
-        community.setCentrallyManaged(true);
-        beanTest.getCommunityService().persist(community);
-        return community;
-
-    }
-
-    @NotNull
-    private Community getCommunity(String communityName, District district, String externalId) {
-        Community community = new Community();
-        community.setUuid(DataHelper.createUuid());
-        community.setName(communityName);
-        community.setDistrict(district);
-        community.setExternalID(externalId);
-        return community;
-    }
-
-    public CommunityDto createCommunity(String communityName, DistrictReferenceDto district) {
-        CommunityDto community = CommunityDto.build();
-        community.setName(communityName);
-        community.setDistrict(district);
-        beanTest.getCommunityFacade().save(community);
-        return community;
-    }
-
-    public Facility createFacility(String facilityName, Region region, District district, Community community) {
-        return createFacility(facilityName, FacilityType.HOSPITAL, region, district, community);
-    }
-
-    public Facility createFacility(String facilityName, FacilityType type, Region region, District district, Community community) {
-        return createFacility(facilityName, type, region, district, community, null);
-    }
-
-    public Facility createFacility(String facilityName, FacilityType type, Region region, District district, Community community, String externalId) {
-        Facility facility = new Facility();
-        facility.setUuid(DataHelper.createUuid());
-        facility.setName(facilityName);
-        facility.setCommunity(community);
-        facility.setDistrict(district);
-        facility.setRegion(region);
-        facility.setType(type);
-        facility.setExternalID(externalId);
-
-        beanTest.getFacilityService().persist(facility);
-
-        return facility;
-    }
-
-    public FacilityDto createFacility(
-            String facilityName,
-            RegionReferenceDto region,
-            DistrictReferenceDto district,
-            CommunityReferenceDto community) {
-        return createFacility(facilityName, region, district, community, null);
-    }
-
-    public FacilityDto createFacility(
-            String facilityName,
-            RegionReferenceDto region,
-            DistrictReferenceDto district,
-            CommunityReferenceDto community,
-            FacilityType type) {
-
-        FacilityDto facility = FacilityDto.build();
-        facility.setName(facilityName);
-        facility.setType(type == null ? FacilityType.HOSPITAL : type);
-        facility.setCommunity(community);
-        facility.setDistrict(district);
-        facility.setRegion(region);
-        beanTest.getFacilityFacade().save(facility);
-        return facility;
-    }
-
-    public FacilityDto createFacility(
-            String facilityName,
-            RegionReferenceDto region,
-            DistrictReferenceDto district,
-            Consumer<FacilityDto> extraConfig) {
-
-        FacilityDto facility = FacilityDto.build();
-        facility.setName(facilityName);
-        facility.setRegion(region);
-        facility.setDistrict(district);
-        facility.setType(FacilityType.HOSPITAL);
-
-        if (extraConfig != null) {
-            extraConfig.accept(facility);
-        }
-
-        beanTest.getFacilityFacade().save(facility);
-        return facility;
-    }
-
-    public PointOfEntry createPointOfEntry(String pointOfEntryName, Region region, District district) {
-        return createPointOfEntry(pointOfEntryName, region, district, null);
-    }
-
-    public PointOfEntry createPointOfEntry(String pointOfEntryName, Region region, District district, String externalId) {
-        PointOfEntry pointOfEntry = new PointOfEntry();
-        pointOfEntry.setUuid(DataHelper.createUuid());
-        pointOfEntry.setPointOfEntryType(PointOfEntryType.AIRPORT);
-        pointOfEntry.setName(pointOfEntryName);
-        pointOfEntry.setDistrict(district);
-        pointOfEntry.setRegion(region);
-        pointOfEntry.setExternalID(externalId);
-
-        beanTest.getPointOfEntryService().persist(pointOfEntry);
-
-        return pointOfEntry;
-    }
-
-    public PointOfEntryDto createPointOfEntry(String pointOfEntryName, RegionReferenceDto region, DistrictReferenceDto district) {
-        PointOfEntryDto pointOfEntry = PointOfEntryDto.build();
-        pointOfEntry.setUuid(DataHelper.createUuid());
-        pointOfEntry.setPointOfEntryType(PointOfEntryType.AIRPORT);
-        pointOfEntry.setName(pointOfEntryName);
-        pointOfEntry.setDistrict(district);
-        pointOfEntry.setRegion(region);
-        beanTest.getPointOfEntryFacade().save(pointOfEntry);
-
-        return pointOfEntry;
-    }
-
-    public PopulationDataDto createPopulationData(RegionReferenceDto region, DistrictReferenceDto district, Integer population, Date collectionDate) {
-        PopulationDataDto populationData = PopulationDataDto.build(collectionDate);
-        populationData.setRegion(region);
-        populationData.setDistrict(district);
-        populationData.setPopulation(population);
-        beanTest.getPopulationDataFacade().savePopulationData(Arrays.asList(populationData));
-        return populationData;
-    }
-
-    public void updateDiseaseConfiguration(
-            Disease disease,
-            Boolean active,
-            Boolean primary,
-            Boolean caseSurveillance,
-            Boolean aggregateReporting,
-            List<String> ageGroups) {
-        updateDiseaseConfiguration(disease, active, primary, caseSurveillance, aggregateReporting, ageGroups, null);
-    }
-
-    public void updateDiseaseConfiguration(
-            Disease disease,
-            Boolean active,
-            Boolean primary,
-            Boolean caseSurveillance,
-            Boolean aggregateReporting,
-            List<String> ageGroups,
-            Integer automaticSampleAssignmentThreshold) {
-        DiseaseConfigurationDto config =
-                DiseaseConfigurationFacadeEjbLocal.toDto(beanTest.getDiseaseConfigurationService().getDiseaseConfiguration(disease));
-        config.setActive(active);
-        config.setPrimaryDisease(primary);
-        config.setCaseSurveillanceEnabled(caseSurveillance);
-        config.setAggregateReportingEnabled(aggregateReporting);
-        config.setAgeGroups(ageGroups);
-        config.setAutomaticSampleAssignmentThreshold(automaticSampleAssignmentThreshold);
-        beanTest.getDiseaseConfigurationFacade().saveDiseaseConfiguration(config);
-    }
-
-    public DocumentDto createDocument(
-            UserReferenceDto uploadingUser,
-            String name,
-            String contentType,
-            long size,
-            EventReferenceDto event,
-            byte[] content)
-            throws IOException {
-        return createDocument(uploadingUser, name, contentType, size, DocumentRelatedEntityType.EVENT, event.getUuid(), content);
-    }
-
-    public DocumentDto createDocument(
-            UserReferenceDto uploadingUser,
-            String name,
-            String contentType,
-            long size,
-            DocumentRelatedEntityType relatedEntityType,
-            String relatedEntityUuid,
-            byte[] content)
-            throws IOException {
-        DocumentDto document = DocumentDto.build();
-        document.setUploadingUser(uploadingUser);
-        document.setName(name);
-        document.setMimeType(contentType);
-        document.setSize(size);
-        DocumentRelatedEntityDto documentRelatedEntities = DocumentRelatedEntityDto.build(relatedEntityType, relatedEntityUuid);
-
-        return beanTest.getDocumentFacade().saveDocument(document, content, Collections.singletonList(documentRelatedEntities));
-    }
-
-    public ExportConfigurationDto createExportConfiguration(String name, ExportType exportType, Set<String> properites, UserReferenceDto user) {
-        ExportConfigurationDto exportConfiguration = ExportConfigurationDto.build(user, exportType);
-        exportConfiguration.setName(name);
-        exportConfiguration.setProperties(properites);
-
-        beanTest.getExportFacade().saveExportConfiguration(exportConfiguration);
-
-        return exportConfiguration;
-    }
-
-    public SystemEventDto createSystemEvent(SystemEventType type, Date startDate, SystemEventStatus status) {
-        return createSystemEvent(type, startDate, new Date(startDate.getTime() + 1000), status, "Generated for test purposes");
-    }
-
-    public SystemEventDto createSystemEvent(SystemEventType type, Date startDate, Date endDate, SystemEventStatus status, String additionalInfo) {
-        SystemEventDto systemEvent = SystemEventDto.build();
-        systemEvent.setType(type);
-        systemEvent.setStartDate(startDate);
-        systemEvent.setEndDate(endDate);
-        systemEvent.setStatus(status);
-        systemEvent.setAdditionalInfo(additionalInfo);
-        return systemEvent;
-    }
-
-    public ExternalMessageDto createExternalMessage(Consumer<ExternalMessageDto> customSettings) {
-        ExternalMessageDto message = ExternalMessageDto.build();
-
-        if (customSettings != null) {
-            customSettings.accept(message);
-        }
-
-        beanTest.getExternalMessageFacade().save(message);
-
-        return message;
-    }
-
-    public ExternalMessageDto createLabMessageWithTestReportAndSurveillanceReport(
-            UserReferenceDto user,
-            CaseReferenceDto caze,
-            SampleReferenceDto sample) {
-        SurveillanceReportDto surveillanceReportDto = createSurveillanceReport(user, ReportingType.LABORATORY, caze);
-        ExternalMessageDto labMessage = createExternalMessage(lm -> {
-            lm.setType(ExternalMessageType.LAB_MESSAGE);
-            lm.setSurveillanceReport(surveillanceReportDto.toReference());
-            lm.setStatus(ExternalMessageStatus.PROCESSED);
-        });
-        SampleReportDto sampleReport = createSampleReport(labMessage, sample);
-        createTestReport(sampleReport);
-        return labMessage;
-
-    }
-
-    public ExternalMessageDto createLabMessageWithSurveillanceReport(UserReferenceDto user, CaseReferenceDto caze) {
-        SurveillanceReportDto surveillanceReportDto = createSurveillanceReport(user, ReportingType.LABORATORY, caze);
-        ExternalMessageDto labMessage = createExternalMessage(lm -> {
-            lm.setType(ExternalMessageType.LAB_MESSAGE);
-            lm.setSurveillanceReport(surveillanceReportDto.toReference());
-            lm.setStatus(ExternalMessageStatus.PROCESSED);
-        });
-
-        return labMessage;
-
-    }
-
-    public ExternalMessageDto createLabMessageWithTestReport(SampleReferenceDto sample) {
-        ExternalMessageDto labMessage = createExternalMessage(lm -> lm.setType(ExternalMessageType.LAB_MESSAGE));
-        SampleReportDto sampleReport = createSampleReport(labMessage, sample);
-        createTestReport(sampleReport);
-        return labMessage;
-
-    }
-
-    public SampleReportDto createSampleReport(ExternalMessageDto labMessage, SampleReferenceDto sample) {
-        SampleReportDto sampleReport = createSampleReport(labMessage);
-        sampleReport.setSample(sample);
-        sampleReport.setChangeDate(new Date());
-        beanTest.getSampleReportFacade().saveSampleReport(sampleReport);
-        return sampleReport;
-    }
-
-    public SampleReportDto createSampleReport(ExternalMessageDto labMessage) {
-        SampleReportDto sampleReport = SampleReportDto.build();
-        labMessage.addSampleReport(sampleReport);
-        beanTest.getSampleReportFacade().saveSampleReport(sampleReport);
-        labMessage.setChangeDate(new Date());
-        beanTest.getExternalMessageFacade().save(labMessage);
-        return sampleReport;
-    }
-
-    public TestReportDto createTestReport(SampleReportDto sampleReport) {
-        TestReportDto testReport = TestReportDto.build();
-        sampleReport.addTestReport(testReport);
-
-        beanTest.getTestReportFacade().saveTestReport(testReport);
-        sampleReport.setChangeDate(new Date());
-        beanTest.getSampleReportFacade().saveSampleReport(sampleReport);
-
-        return testReport;
-    }
-
-    public DiseaseVariant createDiseaseVariant(String name, Disease disease) {
-
-        CustomizableEnumValue diseaseVariant = new CustomizableEnumValue();
-        diseaseVariant.setDataType(CustomizableEnumType.DISEASE_VARIANT);
-        diseaseVariant.setValue("BF.1.2");
-        Set<Disease> diseases = new HashSet<>();
-        diseases.add(disease);
-        diseaseVariant.setDiseases(diseases);
-        diseaseVariant.setCaption(name + " variant");
-        diseaseVariant.setActive(true);
-
-        beanTest.getCustomizableEnumValueService().ensurePersisted(diseaseVariant);
-
-        return beanTest.getCustomizableEnumFacade().getEnumValue(CustomizableEnumType.DISEASE_VARIANT, name);
-    }
-
-    public Pathogen createPathogen(String value, String caption) {
-
-        CustomizableEnumValue pathogen = new CustomizableEnumValue();
-        pathogen.setDataType(CustomizableEnumType.PATHOGEN);
-        pathogen.setValue(value);
-        pathogen.setCaption(caption);
-        pathogen.setActive(true);
-
-        beanTest.getCustomizableEnumValueService().ensurePersisted(pathogen);
-
-        beanTest.getCustomizableEnumFacade().loadData();
-
-        return beanTest.getCustomizableEnumFacade().getEnumValue(CustomizableEnumType.PATHOGEN, value);
-    }
-
-    public ExternalShareInfo createExternalShareInfo(
-            CaseReferenceDto caze,
-            UserReferenceDto sender,
-            ExternalShareStatus status,
-            Consumer<ExternalShareInfo> customConfig) {
-        ExternalShareInfo shareInfo = new ExternalShareInfo();
-        shareInfo.setUuid(DataHelper.createUuid());
-        shareInfo.setCaze(beanTest.getCaseService().getByUuid(caze.getUuid()));
-        shareInfo.setSender(beanTest.getUserService().getByUuid(sender.getUuid()));
-        shareInfo.setStatus(status);
-
-        if (customConfig != null) {
-            customConfig.accept(shareInfo);
-        }
-
-        beanTest.getExternalShareInfoService().ensurePersisted(shareInfo);
-
-        return shareInfo;
-    }
-
-    public ExternalShareInfo createExternalShareInfo(EventReferenceDto event, UserReferenceDto sender, ExternalShareStatus status) {
-        ExternalShareInfo shareInfo = new ExternalShareInfo();
-        shareInfo.setUuid(DataHelper.createUuid());
-        shareInfo.setEvent(beanTest.getEventService().getByUuid(event.getUuid()));
-        shareInfo.setSender(beanTest.getUserService().getByUuid(sender.getUuid()));
-        shareInfo.setStatus(status);
-
-        beanTest.getExternalShareInfoService().ensurePersisted(shareInfo);
-
-        return shareInfo;
-    }
-
-    /**
-     * Creates a list with {@code count} values of type {@code T}.
-     * The list index is given to the {@code valueSupplier} for each value to create.
-     */
-    public static <T> List<T> createValuesList(int count, Function<Integer, T> valueSupplier) {
-
-        List<T> values = new ArrayList<>(count);
-        for (int i = 0; i < count; i++) {
-            values.add(valueSupplier.apply(i));
-        }
-        return values;
-    }
-
-    public SormasToSormasOriginInfoDto createSormasToSormasOriginInfo(
-            String serverId,
-            boolean ownershipHandedOver,
-            Consumer<SormasToSormasOriginInfoDto> extraConfig) {
-        SormasToSormasOriginInfoDto originInfo = new SormasToSormasOriginInfoDto();
-        originInfo.setUuid(DataHelper.createUuid());
-        originInfo.setSenderName("Test Name");
-        originInfo.setSenderEmail("test@email.com");
-        originInfo.setOrganizationId(serverId);
-        originInfo.setOwnershipHandedOver(ownershipHandedOver);
-
-        if (extraConfig != null) {
-            extraConfig.accept(originInfo);
-        }
-
-        return beanTest.getSormasToSormasOriginInfoFacade().saveOriginInfo(originInfo);
-    }
-
-    public CaseDataDto createReceivedCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf, boolean ownershipHandedOver) {
-        return createCase(
-                user,
-                person,
-                rdcf,
-                (c) -> c.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", ownershipHandedOver, null)));
-    }
-
-    public CaseDataDto createSharedCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf, boolean ownershipHandedOver) {
-        CaseDataDto caze = createCase(user, person, rdcf, null);
-
-        createShareRequestInfo(
-                ShareRequestDataType.CASE,
-                beanTest.getUserService().getByReferenceDto(user),
-                "target_id",
-                ownershipHandedOver,
-                ShareRequestStatus.ACCEPTED,
-                (s) -> s.setCaze(beanTest.getCaseService().getByReferenceDto(caze.toReference())));
-
-        return caze;
-    }
-
-    public ContactDto createReceivedContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, boolean ownershipHandedOver) {
-        return createContact(
-                reportingUser,
-                contactPerson,
-                Disease.CORONAVIRUS,
-                (c) -> c.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", ownershipHandedOver, null)));
-    }
-
-    public ContactDto createSharedContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, boolean ownershipHandedOver) {
-        ContactDto contact = createContact(reportingUser, contactPerson, Disease.CORONAVIRUS);
-        createShareRequestInfo(
-                ShareRequestDataType.CONTACT,
-                beanTest.getUserService().getByReferenceDto(reportingUser),
-                "target_id",
-                ownershipHandedOver,
-                ShareRequestStatus.ACCEPTED,
-                (s) -> s.setContact(beanTest.getContactService().getByReferenceDto(contact.toReference())));
-
-        return contact;
-    }
-
-    public EventParticipantDto createReceivedEventParticipant(PersonDto eventPerson, UserReferenceDto reportingUser, RDCF rdcf) {
-        return createEventParticipant(createEvent(reportingUser).toReference(), eventPerson, "Test involvment", reportingUser, e -> {
-            e.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", true, null));
-        }, rdcf);
-    }
-
-    public ImmunizationDto createReceivedImmunization(PersonReferenceDto person, UserReferenceDto reportingUser, RDCF rdcf) {
-        return createImmunization(Disease.CORONAVIRUS, person, reportingUser, rdcf, i -> {
-            i.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", true, null));
-        });
-    }
-
-    public ShareRequestInfo createShareRequestInfo(
-            ShareRequestDataType dataType,
-            User sender,
-            String serverId,
-            boolean ownershipHandedOver,
-            ShareRequestStatus status,
-            Consumer<SormasToSormasShareInfo> setTarget) {
-
-        SormasToSormasShareInfo shareInfo = new SormasToSormasShareInfo();
-        shareInfo.setOwnershipHandedOver(ownershipHandedOver);
-        shareInfo.setOrganizationId(serverId);
-        setTarget.accept(shareInfo);
-
-        ShareRequestInfo requestInfo = new ShareRequestInfo();
-        requestInfo.setUuid(DataHelper.createUuid());
-        requestInfo.setDataType(dataType);
-        requestInfo.setSender(sender);
-        requestInfo.setRequestStatus(status);
-        requestInfo.setShares(new ArrayList<>());
-        requestInfo.getShares().add(shareInfo);
-
-        beanTest.getShareRequestInfoService().persist(requestInfo);
-
-        return requestInfo;
-    }
-
-    public EnvironmentDto createEnvironment(
-            String name,
-            EnvironmentMedia environmentMedia,
-            UserReferenceDto reportingUser,
-            RDCF rdcf,
-            Consumer<EnvironmentDto> extraConfig) {
-        EnvironmentDto environment = EnvironmentDto.build();
-        environment.setEnvironmentName(name);
-        environment.setEnvironmentMedia(environmentMedia);
-        environment.setReportDate(new Date());
-        environment.setReportingUser(reportingUser);
-
-        LocationDto location = environment.getLocation();
-        location.setLongitude(1.0);
-        location.setLatitude(1.0);
-        if (rdcf != null) {
-            location.setRegion(rdcf.region);
-            location.setDistrict(rdcf.district);
-            location.setCommunity(rdcf.community);
-        }
-
-        if (extraConfig != null) {
-            extraConfig.accept(environment);
-        }
-
-        environment = beanTest.getEnvironmentFacade().save(environment);
-
-        return environment;
-
-    }
-
-    public EnvironmentDto createEnvironment(String name, EnvironmentMedia environmentMedia, UserReferenceDto reportingUser, RDCF rdcf) {
-        return createEnvironment(name, environmentMedia, reportingUser, rdcf, null);
-    }
-
-    public EnvironmentSampleDto createEnvironmentSample(
-            EnvironmentReferenceDto environment,
-            UserReferenceDto reportingUser,
-            RDCF rdcf,
-            FacilityReferenceDto lab,
-            @Nullable Consumer<EnvironmentSampleDto> extraConfig) {
-        EnvironmentSampleDto sample = EnvironmentSampleDto.build(environment, reportingUser);
-        sample.setSampleMaterial(EnvironmentSampleMaterial.WATER);
-        sample.getLocation().setRegion(rdcf.region);
-        sample.getLocation().setDistrict(rdcf.district);
-        sample.getLocation().setLatitude(1.0);
-        sample.getLocation().setLongitude(1.0);
-        sample.setLaboratory(lab);
-
-        if (extraConfig != null) {
-            extraConfig.accept(sample);
-        }
-
-        return beanTest.getEnvironmentSampleFacade().save(sample);
-    }
-
-    public SpecialCaseAccessDto createSpecialCaseAccess(
-            CaseReferenceDto caze,
-            UserReferenceDto assignedBy,
-            UserReferenceDto assignedTo,
-            Date endDateTime) {
-        SpecialCaseAccessDto specialCaseAccess = SpecialCaseAccessDto.build(caze, assignedBy);
-        specialCaseAccess.setAssignedTo(assignedTo);
-        specialCaseAccess.setEndDateTime(endDateTime);
-
-        return beanTest.getSpecialCaseAccessFacade().save(specialCaseAccess);
-    }
-
-    /**
-     * @author MartinWahnschaffe
-     * @deprecated Use RDCF instead
-     */
-    @Deprecated
-    public static class RDCFEntities {
-
-        public Region region;
-        public District district;
-        public Community community;
-        public Facility facility;
-
-        public RDCFEntities(Region region, District district, Community community, Facility facility) {
-            this.region = region;
-            this.district = district;
-            this.community = community;
-            this.facility = facility;
-        }
-    }
-
-    public static class RDCF {
-
-        public RegionReferenceDto region;
-        public DistrictReferenceDto district;
-        public CommunityReferenceDto community;
-        public FacilityReferenceDto facility;
-        public PointOfEntryReferenceDto pointOfEntry;
-
-        public RDCF(RegionReferenceDto region, DistrictReferenceDto district, CommunityReferenceDto community, FacilityReferenceDto facility) {
-            this(region, district, community, facility, null);
-        }
-
-        public RDCF(
-                RegionReferenceDto region,
-                DistrictReferenceDto district,
-                CommunityReferenceDto community,
-                FacilityReferenceDto facility,
-                PointOfEntryReferenceDto pointOfEntry) {
-            this.region = region;
-            this.district = district;
-            this.community = community;
-            this.facility = facility;
-            this.pointOfEntry = pointOfEntry;
-        }
-
-        public RDCF(RDCFEntities rdcfEntities) {
-            this.region = new RegionReferenceDto(rdcfEntities.region.getUuid(), rdcfEntities.region.getName(), rdcfEntities.region.getExternalID());
-            this.district =
-                    new DistrictReferenceDto(rdcfEntities.district.getUuid(), rdcfEntities.district.getName(), rdcfEntities.district.getExternalID());
-            this.community =
-                    new CommunityReferenceDto(rdcfEntities.community.getUuid(), rdcfEntities.community.getName(), rdcfEntities.community.getExternalID());
-            this.facility =
-                    new FacilityReferenceDto(rdcfEntities.facility.getUuid(), rdcfEntities.facility.getName(), rdcfEntities.facility.getExternalID());
-        }
-    }
-
-    public static class RDP {
-
-        public RegionReferenceDto region;
-        public DistrictReferenceDto district;
-        public PointOfEntryReferenceDto pointOfEntry;
-
-        public RDP(RegionReferenceDto region, DistrictReferenceDto district, PointOfEntryReferenceDto pointOfEntry) {
-            this.region = region;
-            this.district = district;
-            this.pointOfEntry = pointOfEntry;
-        }
-    }
-
-    public User createTestUser() {
-        User user = new User();
-        user.setUserName("testuser");
-        user.setFirstName("Test");
-        user.setLastName("User");
-        user.setUuid(DataHelper.createUuid());
-        String password = "password";
-        String seed = "seed";
-        String encodedPassword = PasswordHelper.encodePassword(password, seed);
-        user.setPassword(encodedPassword);
-        user.setSeed(seed);
-        user.setActive(true);
-        user.setUserRoles(
-                new HashSet<>(Arrays.asList(
-                        getUserRole(DefaultUserRole.ADMIN),
-                        getUserRole(DefaultUserRole.NATIONAL_USER))));
-
-        beanTest.getUserService().persist(user);
-        return user;
-    }
-
+	private final AbstractBeanTest beanTest;
+	public final Map<DefaultUserRole, UserRoleReferenceDto> userRoleDtoMap = new HashMap<>();
+	public final Map<DefaultUserRole, UserRole> userRoleMap = new HashMap<>();
+
+	public TestDataCreator(AbstractBeanTest beanTest) {
+		this.beanTest = beanTest;
+	}
+
+	private void createUserRoles() {
+		Arrays.stream(DefaultUserRole.values()).forEach(defaultUserRole -> {
+			UserRoleDto userRoleDto =
+				UserRoleDto.build(defaultUserRole.getDefaultUserRights().toArray(new UserRight[defaultUserRole.getDefaultUserRights().size()]));
+			userRoleDto.setCaption(defaultUserRole.toString());
+			userRoleDto.setEnabled(true);
+			userRoleDto.setPortHealthUser(defaultUserRole.isPortHealthUser());
+			userRoleDto.setLinkedDefaultUserRole(defaultUserRole);
+			userRoleDto.setHasAssociatedDistrictUser(defaultUserRole.hasAssociatedDistrictUser());
+			userRoleDto.setHasOptionalHealthFacility(defaultUserRole.hasOptionalHealthFacility());
+			userRoleDto.setEmailNotificationTypes(defaultUserRole.getEmailNotificationTypes());
+			userRoleDto.setSmsNotificationTypes(defaultUserRole.getSmsNotificationTypes());
+			userRoleDto.setJurisdictionLevel(defaultUserRole.getJurisdictionLevel());
+			userRoleDto = beanTest.getUserRoleFacade().saveUserRole(userRoleDto);
+			userRoleDtoMap.put(defaultUserRole, userRoleDto.toReference());
+			UserRole userRole = beanTest.getEagerUserRole(userRoleDto.getUuid());
+			userRoleMap.put(defaultUserRole, userRole);
+		});
+	}
+
+	public UserRoleReferenceDto getUserRoleReference(DefaultUserRole userRole) {
+		if (userRoleDtoMap.isEmpty()) {
+			createUserRoles();
+		}
+		return userRoleDtoMap.get(userRole);
+	}
+
+	public UserRoleReferenceDto createUserRoleWithRestrictedAccessToAssignedEntitiesUsingTemplate(DefaultUserRole templateUserRole) {
+		UserRoleDto userRole = new UserRoleDto();
+		userRole.setCaption(templateUserRole.toString() + "Restricted");
+		userRole.setJurisdictionLevel(templateUserRole.getJurisdictionLevel());
+		userRole.setUserRights(Arrays.stream(templateUserRole.getDefaultUserRights().toArray(new UserRight[0])).collect(Collectors.toSet()));
+		userRole.setRestrictAccessToAssignedEntities(true);
+		return beanTest.getUserRoleFacade().saveUserRole(userRole).toReference();
+	}
+
+	public UserRole getUserRole(DefaultUserRole userRole) {
+		if (userRoleMap.isEmpty()) {
+			createUserRoles();
+		}
+		return userRoleMap.get(userRole);
+	}
+
+	public UserDto createNationalUser() {
+		return createUser("", "", "", "Nat", "Usr", getUserRoleReference(DefaultUserRole.NATIONAL_USER));
+	}
+
+	public UserDto createSurveillanceSupervisor(RDCF rdcf) {
+		if (rdcf == null) {
+			rdcf = createRDCF("Region", "District", "Community", "Facility");
+		}
+
+		return createUser(rdcf.region.getUuid(), null, null, "Surv", "Sup", getUserRoleReference(DefaultUserRole.SURVEILLANCE_SUPERVISOR));
+	}
+
+	public UserDto createSurveillanceOfficer(RDCF rdcf) {
+		if (rdcf == null) {
+			rdcf = createRDCF("Region", "District", "Community", "Facility");
+		}
+
+		return createUser(
+			rdcf.region.getUuid(),
+			rdcf.district.getUuid(),
+			rdcf.facility.getUuid(),
+			"Surv",
+			"Off",
+			getUserRoleReference(DefaultUserRole.SURVEILLANCE_OFFICER));
+	}
+
+	public UserDto createSurveillanceOfficerWithRestrictedAccessToAssignedEntities(RDCF rdcf) {
+		if (rdcf == null) {
+			rdcf = createRDCF("Region", "District", "Community", "Facility");
+		}
+
+		final UserDto user = createUser(
+			rdcf.region.getUuid(),
+			rdcf.district.getUuid(),
+			rdcf.facility.getUuid(),
+			"SurvOff",
+			"RestrictedAccess",
+			createUserRoleWithRestrictedAccessToAssignedEntitiesUsingTemplate(DefaultUserRole.SURVEILLANCE_OFFICER));
+
+		return user;
+	}
+
+	public UserDto createContactOfficer(RDCF rdcf) {
+		if (rdcf == null) {
+			rdcf = createRDCF("Region", "District", "Community", "Facility");
+		}
+
+		return createUser(
+			rdcf.region.getUuid(),
+			rdcf.district.getUuid(),
+			rdcf.facility.getUuid(),
+			"Cont",
+			"Off",
+			getUserRoleReference(DefaultUserRole.CONTACT_OFFICER));
+	}
+
+	public UserDto createUser(RDCF rdcf, UserRoleReferenceDto userRole, Consumer<UserDto> customConfig) {
+
+		UserDto user = UserDto.build();
+		user.setFirstName("User");
+		user.setLastName(userRole.getCaption());
+		user.setUserName(userRole.buildCaption());
+		user.setUserRoles(new HashSet(Arrays.asList(userRole)));
+		user.setRegion(rdcf.region);
+		user.setDistrict(rdcf.district);
+		user.setCommunity(rdcf.community);
+		user.setHealthFacility(rdcf.facility);
+
+		if (customConfig != null) {
+			customConfig.accept(user);
+		}
+
+		return beanTest.getUserFacade().saveUser(user, false);
+	}
+
+	public UserDto createUser(RDCF rdcf, UserRoleReferenceDto... roles) {
+		return createUser(
+			rdcf.region.getUuid(),
+			rdcf.district.getUuid(),
+			rdcf.facility.getUuid(),
+			roles.length > 0 ? roles[0].getCaption() : "First",
+			"User",
+			roles);
+	}
+
+	public UserDto createUser(RDCF rdcf, DefaultUserRole defaultUserRole) {
+		return createUser(rdcf, "User", defaultUserRole);
+	}
+
+	public UserDto createUser(RDCF rdcf, String lastName, DefaultUserRole defaultUserRole) {
+		UserRoleReferenceDto userRole = getUserRoleReference(defaultUserRole);
+		return createUser(rdcf.region.getUuid(), rdcf.district.getUuid(), rdcf.facility.getUuid(), userRole.getCaption(), lastName, userRole);
+	}
+
+	public UserDto createUser(RDCF rdcf, String firstName, String lastName, UserRoleReferenceDto... roles) {
+		return createUser(
+			rdcf.region.getUuid(),
+			rdcf.district.getUuid(),
+			rdcf.community.getUuid(),
+			rdcf.facility.getUuid(),
+			firstName,
+			lastName,
+			roles);
+	}
+
+	public UserDto createUser(
+		String regionUuid,
+		String districtUuid,
+		String facilityUuid,
+		String firstName,
+		String lastName,
+		UserRoleReferenceDto... roles) {
+		return createUser(regionUuid, districtUuid, null, facilityUuid, firstName, lastName, roles);
+	}
+
+	public UserDto createUser(
+		String regionUuid,
+		String districtUuid,
+		String communityUuid,
+		String facilityUuid,
+		String firstName,
+		String lastName,
+		UserRoleReferenceDto... roles) {
+		return createUser(regionUuid, districtUuid, communityUuid, facilityUuid, firstName, lastName, null, roles);
+	}
+
+	public UserDto createUser(RDCF rdcf, String firstName, String lastName, Disease limitedDisease, UserRoleReferenceDto... roles) {
+		return createUser(rdcf.region.getUuid(), rdcf.district.getUuid(), null, rdcf.facility.getUuid(), firstName, lastName, limitedDisease, roles);
+	}
+
+	public UserDto createUser(
+		String regionUuid,
+		String districtUuid,
+		String facilityUuid,
+		String firstName,
+		String lastName,
+		String caption,
+		JurisdictionLevel jurisdictionLevel,
+		UserRight... userRights) {
+		UserRoleReferenceDto userRole = createUserRole(caption, jurisdictionLevel, userRights);
+		return createUser(regionUuid, districtUuid, facilityUuid, firstName, lastName, userRole);
+	}
+
+	private UserDto createUser(
+		String regionUuid,
+		String districtUuid,
+		String communityUuid,
+		String facilityUuid,
+		String firstName,
+		String lastName,
+		Disease limitedDisease,
+		UserRoleReferenceDto... roles) {
+
+		UserDto user = UserDto.build();
+		user.setFirstName(firstName);
+		user.setLastName(lastName);
+		user.setUserName(firstName + lastName);
+		user.setUserRoles(new HashSet<>(Arrays.asList(roles)));
+		if (limitedDisease != null) {
+			user.setLimitedDiseases(Collections.singleton(limitedDisease));
+		}
+		user.setRegion(beanTest.getRegionFacade().getReferenceByUuid(regionUuid));
+		user.setDistrict(beanTest.getDistrictFacade().getReferenceByUuid(districtUuid));
+		user.setCommunity(beanTest.getCommunityFacade().getReferenceByUuid(communityUuid));
+		user.setHealthFacility(beanTest.getFacilityFacade().getReferenceByUuid(facilityUuid));
+		return beanTest.getUserFacade().saveUser(user, false);
+	}
+
+	public UserDto createPointOfEntryUser(RDP rdp) {
+		return createUser(
+			new RDCF(rdp.region, rdp.district, null, null),
+			userRoleDtoMap.get(DefaultUserRole.POE_INFORMANT),
+			user -> user.setPointOfEntry(rdp.pointOfEntry));
+	}
+
+	public UserRoleReferenceDto createUserRole(String caption, JurisdictionLevel jurisdictionLevel, UserRight... userRights) {
+		UserRoleDto userRole = new UserRoleDto();
+		userRole.setCaption(caption);
+		userRole.setJurisdictionLevel(jurisdictionLevel);
+		userRole.setUserRights(Arrays.stream(userRights).collect(Collectors.toSet()));
+		return beanTest.getUserRoleFacade().saveUserRole(userRole).toReference();
+	}
+
+	public UserRoleReferenceDto createUserRoleWithRequiredRights(String caption, JurisdictionLevel jurisdictionLevel, UserRight... userRights) {
+		UserRoleDto userRole = new UserRoleDto();
+		userRole.setCaption(caption);
+		userRole.setJurisdictionLevel(jurisdictionLevel);
+		userRole.setUserRights(UserRight.getWithRequiredUserRights(userRights));
+		return beanTest.getUserRoleFacade().saveUserRole(userRole).toReference();
+	}
+
+	public PersonDto createPerson() {
+		return createPerson("FirstName", "LastName");
+	}
+
+	public PersonDto createPerson(String firstName, String lastName) {
+		return createPerson(firstName, lastName, Sex.UNKNOWN, null);
+	}
+
+	public PersonDto createPerson(String firstName, String lastName, Sex sex) {
+		return createPerson(firstName, lastName, sex, null);
+	}
+
+	public PersonDto createPerson(String firstName, String lastName, Sex sex, Consumer<PersonDto> customConfig) {
+
+		PersonDto person = PersonDto.build();
+		person.setFirstName(firstName);
+		person.setLastName(lastName);
+		person.setSex(sex);
+
+		if (customConfig != null) {
+			customConfig.accept(person);
+		}
+
+		person = beanTest.getPersonFacade().save(person);
+
+		return person;
+	}
+
+	public PersonDto createPerson(String firstName, String lastName, Consumer<PersonDto> customConfig) {
+
+		PersonDto person = PersonDto.build();
+		person.setFirstName(firstName);
+		person.setLastName(lastName);
+		person.setSex(Sex.UNKNOWN);
+
+		if (customConfig != null) {
+			customConfig.accept(person);
+		}
+
+		person = beanTest.getPersonFacade().save(person);
+
+		return person;
+	}
+
+	public PersonDto createPerson(String firstName, String lastName, Sex sex, Integer birthdateYYYY, Integer birthdateMM, Integer birthdateDD) {
+		return createPerson(firstName, lastName, sex, birthdateYYYY, birthdateMM, birthdateDD, null, null, null);
+	}
+
+	public PersonDto createPerson(
+		String firstName,
+		String lastName,
+		Sex sex,
+		Integer birthdateYYYY,
+		Integer birthdateMM,
+		Integer birthdateDD,
+		String passportNr,
+		String nationalHealthId) {
+		return createPerson(firstName, lastName, sex, birthdateYYYY, birthdateMM, birthdateDD, null, passportNr, nationalHealthId);
+	}
+
+	private PersonDto createPerson(
+		String firstName,
+		String lastName,
+		Sex sex,
+		Integer birthdateYYYY,
+		Integer birthdateMM,
+		Integer birthdateDD,
+		LocationDto address,
+		String passportNr,
+		String nationalHealthId) {
+
+		PersonDto person = PersonDto.build();
+		person.setFirstName(firstName);
+		person.setLastName(lastName);
+		person.setSex(sex);
+		person.setBirthdateYYYY(birthdateYYYY);
+		person.setBirthdateMM(birthdateMM);
+		person.setBirthdateDD(birthdateDD);
+		person.setPassportNumber(passportNr);
+		person.setNationalHealthId(nationalHealthId);
+
+		if (address != null) {
+			person.setAddress(address);
+		}
+
+		person = beanTest.getPersonFacade().save(person);
+
+		return person;
+	}
+
+	public PersonDto createPerson(
+		String firstName,
+		String lastName,
+		Sex sex,
+		Integer birthdateYYYY,
+		Integer birthdateMM,
+		Integer birthdateDD,
+		Consumer<PersonDto> customConfig) {
+
+		PersonDto person = PersonDto.build();
+		person.setFirstName(firstName);
+		person.setLastName(lastName);
+		person.setSex(sex);
+		person.setBirthdateYYYY(birthdateYYYY);
+		person.setBirthdateMM(birthdateMM);
+		person.setBirthdateDD(birthdateDD);
+
+		if (customConfig != null) {
+			customConfig.accept(person);
+		}
+
+		person = beanTest.getPersonFacade().save(person);
+
+		return person;
+	}
+
+	public PersonContactDetailDto createPersonContactDetail(
+		PersonReferenceDto person,
+		boolean primaryContact,
+		PersonContactDetailType personContactDetailType,
+		String contactInformation) {
+		PersonContactDetailDto contactDetails =
+			PersonContactDetailDto.build(person, primaryContact, personContactDetailType, null, null, contactInformation, null, false, null, null);
+		return contactDetails;
+	}
+
+	public CaseDataDto createUnclassifiedCase(Disease disease) {
+
+		RDCF rdcf = createRDCF("Region", "District", "Community", "Facility");
+		UserDto user = beanTest.getUserFacade().getByUserName("SurvSup");
+		if (user == null) {
+			user = createSurveillanceSupervisor(rdcf);
+		}
+
+		PersonDto cazePerson = createPerson("Case", "Person", Sex.UNKNOWN);
+		return createCase(
+			user.toReference(),
+			cazePerson.toReference(),
+			disease,
+			CaseClassification.NOT_CLASSIFIED,
+			InvestigationStatus.PENDING,
+			new Date(),
+			rdcf);
+	}
+
+	public CaseDataDto createCase(UserReferenceDto user, RDCF rdcf, Consumer<CaseDataDto> setCustomFields) {
+		return createCase(
+			user,
+			createPerson().toReference(),
+			Disease.EVD,
+			CaseClassification.SUSPECT,
+			InvestigationStatus.PENDING,
+			new Date(),
+			rdcf,
+			setCustomFields);
+	}
+
+	public CaseDataDto createCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf) {
+		return createCase(user, person, Disease.EVD, CaseClassification.SUSPECT, InvestigationStatus.PENDING, new Date(), rdcf);
+	}
+
+	public CaseDataDto createCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf, Consumer<CaseDataDto> setCustomFields) {
+		return createCase(user, person, Disease.EVD, CaseClassification.SUSPECT, InvestigationStatus.PENDING, new Date(), rdcf, setCustomFields);
+	}
+
+	public CaseDataDto createCase(
+		UserReferenceDto user,
+		PersonReferenceDto cazePerson,
+		Disease disease,
+		CaseClassification caseClassification,
+		InvestigationStatus investigationStatus,
+		Date reportAndOnsetDate,
+		RDCF rdcf) {
+
+		return createCase(user, cazePerson, disease, caseClassification, investigationStatus, reportAndOnsetDate, rdcf, null);
+	}
+
+	public CaseDataDto createCase(
+		UserReferenceDto user,
+		PersonReferenceDto cazePerson,
+		Disease disease,
+		CaseClassification caseClassification,
+		InvestigationStatus investigationStatus,
+		Date reportAndOnsetDate,
+		RDCF rdcf,
+		Consumer<CaseDataDto> setCustomFields) {
+
+		CaseDataDto caze = CaseDataDto.build(cazePerson, disease);
+		caze.setReportDate(reportAndOnsetDate);
+		caze.setReportingUser(user);
+		caze.getSymptoms().setOnsetDate(reportAndOnsetDate);
+		caze.setCaseClassification(caseClassification);
+		caze.setInvestigationStatus(investigationStatus);
+		caze.setResponsibleRegion(rdcf.region);
+		caze.setResponsibleDistrict(rdcf.district);
+		caze.setResponsibleCommunity(rdcf.community);
+		caze.setFacilityType(beanTest.getFacilityFacade().getByUuid(rdcf.facility.getUuid()).getType());
+		caze.setHealthFacility(rdcf.facility);
+		caze.setPointOfEntry(rdcf.pointOfEntry);
+
+		if (setCustomFields != null) {
+			setCustomFields.accept(caze);
+		}
+
+		caze = beanTest.getCaseFacade().save(caze);
+
+		return caze;
+	}
+
+	public ImmunizationDto createImmunization(
+		Disease disease,
+		PersonReferenceDto person,
+		UserReferenceDto reportingUser,
+		ImmunizationStatus immunizationStatus,
+		MeansOfImmunization meansOfImmunization,
+		ImmunizationManagementStatus immunizationManagementStatus,
+		RDCF rdcf,
+		Date startDate,
+		Date endDate,
+		Date validFromDate,
+		Date validUntilDate) {
+		ImmunizationDto immunization =
+			createImmunizationDto(disease, person, reportingUser, immunizationStatus, meansOfImmunization, immunizationManagementStatus, rdcf);
+		immunization.setStartDate(startDate);
+		immunization.setEndDate(endDate);
+		immunization.setValidFrom(validFromDate);
+		immunization.setValidUntil(validUntilDate);
+
+		return beanTest.getImmunizationFacade().save(immunization);
+	}
+
+	public ImmunizationDto createImmunization(
+		Disease disease,
+		PersonReferenceDto person,
+		UserReferenceDto reportingUser,
+		ImmunizationStatus immunizationStatus,
+		MeansOfImmunization meansOfImmunization,
+		ImmunizationManagementStatus immunizationManagementStatus,
+		RDCF rdcf) {
+		ImmunizationDto immunization =
+			createImmunizationDto(disease, person, reportingUser, immunizationStatus, meansOfImmunization, immunizationManagementStatus, rdcf);
+
+		return beanTest.getImmunizationFacade().save(immunization);
+	}
+
+	public ImmunizationDto createImmunization(Disease disease, PersonReferenceDto person, UserReferenceDto reportingUser, RDCF rdcf) {
+
+		return createImmunization(disease, person, reportingUser, rdcf, null);
+	}
+
+	public ImmunizationDto createImmunization(
+		Disease disease,
+		PersonReferenceDto person,
+		UserReferenceDto reportingUser,
+		RDCF rdcf,
+		Consumer<ImmunizationDto> extraConfig) {
+
+		ImmunizationDto immunization = createImmunizationDto(
+			disease,
+			person,
+			reportingUser,
+			ImmunizationStatus.PENDING,
+			MeansOfImmunization.VACCINATION,
+			ImmunizationManagementStatus.ONGOING,
+			rdcf);
+
+		if (extraConfig != null) {
+			extraConfig.accept(immunization);
+		}
+
+		return beanTest.getImmunizationFacade().save(immunization);
+	}
+
+	@NotNull
+	public ImmunizationDto createImmunizationDto(
+		Disease disease,
+		PersonReferenceDto person,
+		UserReferenceDto reportingUser,
+		ImmunizationStatus immunizationStatus,
+		MeansOfImmunization meansOfImmunization,
+		ImmunizationManagementStatus immunizationManagementStatus,
+		RDCF rdcf) {
+		ImmunizationDto immunization = new ImmunizationDto();
+		immunization.setUuid(DataHelper.createUuid());
+		immunization.setDisease(disease);
+		immunization.setPerson(person);
+		immunization.setReportingUser(reportingUser);
+		immunization.setImmunizationStatus(immunizationStatus);
+		immunization.setMeansOfImmunization(meansOfImmunization);
+		immunization.setImmunizationManagementStatus(immunizationManagementStatus);
+		immunization.setResponsibleRegion(rdcf.region);
+		immunization.setResponsibleDistrict(rdcf.district);
+		immunization.setResponsibleCommunity(rdcf.community);
+
+		immunization.setReportDate(new Date());
+		return immunization;
+	}
+
+	public VaccinationDto createVaccination(
+		UserReferenceDto reportingUser,
+		ImmunizationReferenceDto immunization,
+		HealthConditionsDto healthConditions) {
+
+		return createVaccination(reportingUser, immunization, healthConditions, new Date(), null, null);
+	}
+
+	public VaccinationDto createVaccination(UserReferenceDto reportingUser, ImmunizationReferenceDto immunization) {
+		return createVaccination(reportingUser, immunization, new HealthConditionsDto());
+	}
+
+	@NotNull
+	public VaccinationDto createVaccinationDto(
+		UserReferenceDto reportingUser,
+		ImmunizationReferenceDto immunization,
+		HealthConditionsDto healthConditions) {
+		VaccinationDto vaccination = new VaccinationDto();
+		vaccination.setUuid(DataHelper.createUuid());
+		vaccination.setReportingUser(reportingUser);
+		vaccination.setReportDate(new Date());
+
+		vaccination.setImmunization(immunization);
+		vaccination.setHealthConditions(healthConditions);
+		return vaccination;
+	}
+
+	public VaccinationDto createVaccinationWithDetails(
+		UserReferenceDto reportingUser,
+		ImmunizationReferenceDto immunization,
+		HealthConditionsDto healthConditions,
+		Date vaccinationDate,
+		Vaccine vaccine,
+		VaccineManufacturer vaccineManufacturer,
+		VaccinationInfoSource infoSource,
+		String vaccineInn,
+		String vaccineBatchNumber,
+		String vaccineAtcCode,
+		String vaccineDose) {
+
+		VaccinationDto vaccinationDto =
+			createVaccination(reportingUser, immunization, healthConditions, vaccinationDate, vaccine, vaccineManufacturer);
+
+		vaccinationDto.setVaccinationInfoSource(infoSource);
+		vaccinationDto.setVaccineInn(vaccineInn);
+		vaccinationDto.setVaccineBatchNumber(vaccineBatchNumber);
+		vaccinationDto.setVaccineAtcCode(vaccineAtcCode);
+		vaccinationDto.setVaccineDose(vaccineDose);
+
+		return beanTest.getVaccinationFacade().save(vaccinationDto);
+	}
+
+	public VaccinationDto createVaccination(
+		UserReferenceDto reportingUser,
+		ImmunizationReferenceDto immunization,
+		HealthConditionsDto healthConditions,
+		Date vaccinationDate,
+		Vaccine vaccine,
+		VaccineManufacturer vaccineManufacturer) {
+
+		VaccinationDto vaccination = new VaccinationDto();
+		vaccination.setUuid(DataHelper.createUuid());
+		vaccination.setReportingUser(reportingUser);
+		vaccination.setReportDate(new Date());
+		vaccination.setVaccinationDate(new Date());
+		vaccination.setVaccineName(vaccine);
+		vaccination.setVaccineManufacturer(vaccineManufacturer);
+
+		vaccination.setVaccinationDate(vaccinationDate);
+		vaccination.setImmunization(immunization);
+		vaccination.setHealthConditions(healthConditions);
+
+		return beanTest.getVaccinationFacade().save(vaccination);
+	}
+
+	public TravelEntryDto createTravelEntry(PersonReferenceDto person, UserReferenceDto reportingUser, RDCF rdcf, Consumer<TravelEntryDto> config) {
+
+		TravelEntryDto travelEntry = TravelEntryDto.build(person);
+		travelEntry.setDisease(Disease.EVD);
+		travelEntry.setReportingUser(reportingUser);
+		travelEntry.setResponsibleRegion(rdcf.region);
+		travelEntry.setResponsibleDistrict(rdcf.district);
+		travelEntry.setPointOfEntry(rdcf.pointOfEntry);
+		travelEntry.setDateOfArrival(new Date());
+
+		if (config != null) {
+			config.accept(travelEntry);
+		}
+
+		return beanTest.getTravelEntryFacade().save(travelEntry);
+	}
+
+	public TravelEntryDto createTravelEntry(
+		PersonReferenceDto person,
+		UserReferenceDto reportingUser,
+		Disease disease,
+		RegionReferenceDto responsibleRegion,
+		DistrictReferenceDto responsibleDistrict,
+		PointOfEntryReferenceDto pointOfEntry) {
+
+		TravelEntryDto travelEntry = TravelEntryDto.build(person);
+		travelEntry.setDisease(disease);
+		travelEntry.setReportingUser(reportingUser);
+		travelEntry.setDateOfArrival(new Date());
+		travelEntry.setResponsibleRegion(responsibleRegion);
+		travelEntry.setResponsibleDistrict(responsibleDistrict);
+		travelEntry.setPointOfEntry(pointOfEntry);
+
+		return beanTest.getTravelEntryFacade().save(travelEntry);
+	}
+
+	public ClinicalVisitDto createClinicalVisit(CaseDataDto caze) {
+		return createClinicalVisit(caze, null);
+	}
+
+	public ClinicalVisitDto createClinicalVisit(CaseDataDto caze, Consumer<ClinicalVisitDto> extraConfig) {
+
+		ClinicalVisitDto clinicalVisit = ClinicalVisitDto.build(caze.getClinicalCourse().toReference(), caze.getDisease());
+
+		if (extraConfig != null) {
+			extraConfig.accept(clinicalVisit);
+		}
+
+		clinicalVisit = beanTest.getClinicalVisitFacade().saveClinicalVisit(clinicalVisit, caze.getUuid());
+		return clinicalVisit;
+	}
+
+	public PrescriptionDto createPrescription(CaseDataDto caze) {
+		return createPrescription(caze, null);
+	}
+
+	public PrescriptionDto createPrescription(CaseDataDto caze, Consumer<PrescriptionDto> customConfig) {
+
+		PrescriptionDto prescription = PrescriptionDto.buildPrescription(caze.getTherapy().toReference());
+		prescription.setPrescriptionType(TreatmentType.BLOOD_TRANSFUSION);
+
+		if (customConfig != null) {
+			customConfig.accept(prescription);
+		}
+
+		prescription = beanTest.getPrescriptionFacade().savePrescription(prescription);
+
+		return prescription;
+	}
+
+	public TreatmentDto createTreatment(CaseDataDto caze) {
+		return createTreatment(caze, null);
+	}
+
+	public TreatmentDto createTreatment(CaseDataDto caze, Consumer<TreatmentDto> customConfig) {
+
+		TreatmentDto treatment = TreatmentDto.build(caze.getTherapy().toReference());
+		treatment.setTreatmentType(TreatmentType.BLOOD_TRANSFUSION);
+
+		if (customConfig != null) {
+			customConfig.accept(treatment);
+		}
+
+		treatment = beanTest.getTreatmentFacade().saveTreatment(treatment);
+
+		return treatment;
+	}
+
+	public ContactDto createContact(RDCF rdcf, UserReferenceDto reportingUser, PersonReferenceDto contactPerson) {
+		return createContact(reportingUser, null, contactPerson, null, new Date(), null, null, rdcf);
+	}
+
+	public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson) {
+		return createContact(reportingUser, null, contactPerson, null, new Date(), null, null, null);
+	}
+
+	public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, Disease disease) {
+		return createContact(reportingUser, null, contactPerson, null, new Date(), null, disease, null);
+	}
+
+	public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, Disease disease, RDCF rdcf) {
+		return createContact(reportingUser, null, contactPerson, null, new Date(), null, disease, null);
+	}
+
+	public ContactDto createContact(
+		UserReferenceDto reportingUser,
+		PersonReferenceDto contactPerson,
+		Disease disease,
+		Consumer<ContactDto> customConfig) {
+		return createContact(reportingUser, null, contactPerson, null, new Date(), null, disease, null, customConfig);
+	}
+
+	public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, Date reportDateTime) {
+		return createContact(reportingUser, null, contactPerson, null, reportDateTime, null, null, null);
+	}
+
+	public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, CaseDataDto caze) {
+		return createContact(reportingUser, null, contactPerson, caze, new Date(), null, null, null);
+	}
+
+	public ContactDto createContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, CaseDataDto caze, RDCF rdcf) {
+		return createContact(reportingUser, null, contactPerson, caze, new Date(), null, null, rdcf);
+	}
+
+	public ContactDto createContact(
+		UserReferenceDto reportingUser,
+		UserReferenceDto contactOfficer,
+		PersonReferenceDto contactPerson,
+		CaseDataDto caze,
+		Date reportDateTime,
+		Date lastContactDate,
+		Disease disease) {
+
+		return createContact(reportingUser, contactOfficer, contactPerson, caze, reportDateTime, lastContactDate, disease, null);
+	}
+
+	public ContactDto createContact(
+		UserReferenceDto reportingUser,
+		UserReferenceDto contactOfficer,
+		PersonReferenceDto contactPerson,
+		CaseDataDto caze,
+		Date reportDateTime,
+		Date lastContactDate,
+		Disease disease,
+		RDCF rdcf) {
+		return createContact(reportingUser, contactOfficer, contactPerson, caze, reportDateTime, lastContactDate, disease, rdcf, null);
+	}
+
+	public ContactDto createContact(
+		UserReferenceDto reportingUser,
+		UserReferenceDto contactOfficer,
+		PersonReferenceDto contactPerson,
+		CaseDataDto caze,
+		Date reportDateTime,
+		Date lastContactDate,
+		Disease disease,
+		RDCF rdcf,
+		Consumer<ContactDto> customConfig) {
+		ContactDto contact;
+
+		if (caze != null) {
+			contact = ContactDto.build(caze);
+		} else {
+			contact = ContactDto.build(null, disease != null ? disease : Disease.EVD, null, null);
+			if (rdcf == null) {
+				rdcf = createRDCF();
+			}
+			contact.setRegion(rdcf.region);
+			contact.setDistrict(rdcf.district);
+		}
+		contact.setReportingUser(reportingUser);
+		contact.setContactOfficer(contactOfficer);
+		contact.setPerson(contactPerson);
+		contact.setReportDateTime(reportDateTime);
+		contact.setLastContactDate(lastContactDate);
+		contact.setEpiData(EpiDataDto.build());
+
+		if (customConfig != null) {
+			customConfig.accept(contact);
+		}
+
+		contact = beanTest.getContactFacade().save(contact);
+
+		return contact;
+	}
+
+	public TaskDto createTask(UserReferenceDto assigneeUser) {
+		return createTask(TaskContext.GENERAL, TaskType.OTHER, TaskStatus.PENDING, null, null, null, null, new Date(), assigneeUser);
+	}
+
+	public TaskDto createTask(TaskContext context, ReferenceDto entityRef, Consumer<TaskDto> customConfig) {
+
+		TaskDto task = TaskDto.build(context, entityRef);
+
+		if (customConfig != null) {
+			customConfig.accept(task);
+		}
+
+		task = beanTest.getTaskFacade().saveTask(task);
+
+		return task;
+	}
+
+	public TaskDto createTask(
+		TaskContext context,
+		TaskType type,
+		TaskStatus status,
+		CaseReferenceDto caze,
+		ContactReferenceDto contact,
+		EventReferenceDto event,
+		EnvironmentReferenceDto environment,
+		Date dueDate,
+		UserReferenceDto assigneeUser) {
+
+		ReferenceDto entityRef;
+		switch (context) {
+		case CASE:
+			entityRef = caze;
+			break;
+		case CONTACT:
+			entityRef = contact;
+			break;
+		case EVENT:
+			entityRef = event;
+			break;
+		case ENVIRONMENT:
+			entityRef = environment;
+			break;
+		case GENERAL:
+			entityRef = null;
+			break;
+		default:
+			throw new IllegalArgumentException(context.toString());
+		}
+
+		TaskDto task = TaskDto.build(context, entityRef);
+		task.setTaskType(type);
+		task.setTaskStatus(status);
+		task.setDueDate(dueDate);
+		task.setAssigneeUser(assigneeUser);
+
+		task = beanTest.getTaskFacade().saveTask(task);
+
+		return task;
+	}
+
+	public VisitDto createVisit(PersonReferenceDto person) {
+		return createVisit(Disease.EVD, person);
+	}
+
+	public VisitDto createVisit(Disease disease, PersonReferenceDto person) {
+		return createVisit(disease, person, new Date(), VisitStatus.COOPERATIVE, VisitOrigin.USER);
+	}
+
+	public VisitDto createVisit(Disease disease, PersonReferenceDto person, Date visitDateTime) {
+		return createVisit(disease, person, visitDateTime, VisitStatus.COOPERATIVE, VisitOrigin.USER);
+	}
+
+	public VisitDto createVisit(Disease disease, PersonReferenceDto person, Date visitDateTime, VisitStatus visitStatus, VisitOrigin visitOrigin) {
+		return createVisit(disease, person, visitDateTime, visitStatus, visitOrigin, null);
+	}
+
+	public VisitDto createVisit(
+		Disease disease,
+		PersonReferenceDto person,
+		Date visitDateTime,
+		VisitStatus visitStatus,
+		VisitOrigin visitOrigin,
+		Consumer<VisitDto> customConfig) {
+
+		VisitDto visit = VisitDto.build(person, disease, visitOrigin);
+		visit.setVisitDateTime(visitDateTime);
+		visit.setVisitStatus(visitStatus);
+
+		if (customConfig != null) {
+			customConfig.accept(visit);
+		}
+
+		visit = beanTest.getVisitFacade().save(visit);
+
+		return visit;
+	}
+
+	public EventDto createEvent(UserReferenceDto reportingUser) {
+
+		return createEvent(reportingUser, new Date());
+	}
+
+	public EventDto createEvent(UserReferenceDto reportingUser, EventStatus status) {
+
+		return createEvent(status, EventInvestigationStatus.PENDING, "eventTitle", "description", reportingUser, null, null);
+	}
+
+	public EventDto createEvent(UserReferenceDto reportingUser, Disease disease) {
+		return createEvent(
+			EventStatus.SIGNAL,
+			EventInvestigationStatus.PENDING,
+			"title",
+			"description",
+			"firstname",
+			"lastname",
+			null,
+			null,
+			new Date(),
+			new Date(),
+			reportingUser,
+			null,
+			disease,
+			null);
+	}
+
+	public EventDto createEvent(UserReferenceDto reportingUser, Disease disease, RDCF rdcf) {
+
+		return createEvent(EventStatus.SIGNAL, EventInvestigationStatus.PENDING, "title", "description", reportingUser, rdcf, (event) -> {
+			event.setReportDateTime(new Date());
+			event.setReportingUser(reportingUser);
+			event.setDisease(disease);
+		});
+	}
+
+	public EventDto createEvent(UserReferenceDto reportingUser, Disease disease, Consumer<EventDto> customConfig) {
+
+		return createEvent(EventStatus.SIGNAL, EventInvestigationStatus.PENDING, "title", "description", reportingUser, null, (event) -> {
+			event.setReportDateTime(new Date());
+			event.setReportingUser(reportingUser);
+			event.setDisease(disease);
+
+			customConfig.accept(event);
+		});
+	}
+
+	public EventDto createEvent(UserReferenceDto reportingUser, Date eventDate) {
+
+		return createEvent(
+			EventStatus.SIGNAL,
+			EventInvestigationStatus.PENDING,
+			"title",
+			"Description",
+			"FirstName",
+			"LastName",
+			null,
+			null,
+			eventDate,
+			new Date(),
+			reportingUser,
+			null,
+			null,
+			null);
+	}
+
+	public EventDto createEvent(
+		EventStatus eventStatus,
+		EventInvestigationStatus eventInvestigationStatus,
+		String eventTitle,
+		String eventDesc,
+		String srcFirstName,
+		String srcLastName,
+		String srcTelNo,
+		TypeOfPlace typeOfPlace,
+		Date eventDate,
+		Date reportDateTime,
+		UserReferenceDto reportingUser,
+		UserReferenceDto responsibleUser,
+		Disease disease,
+		RDCF rdcf) {
+
+		return createEvent(eventStatus, eventInvestigationStatus, eventTitle, eventDesc, reportingUser, rdcf, (event) -> {
+			event.setSrcFirstName(srcFirstName);
+			event.setSrcLastName(srcLastName);
+			event.setSrcTelNo(srcTelNo);
+			event.setTypeOfPlace(typeOfPlace);
+			event.setStartDate(eventDate);
+			event.setReportDateTime(reportDateTime);
+			event.setReportingUser(reportingUser);
+			event.setResponsibleUser(responsibleUser);
+			event.setDisease(disease);
+
+		});
+	}
+
+	public EventDto createEvent(
+		EventStatus eventStatus,
+		EventInvestigationStatus eventInvestigationStatus,
+		String eventTitle,
+		String eventDesc,
+		UserReferenceDto reportingUser,
+		RDCF rdcf,
+		Consumer<EventDto> customSettings) {
+
+		EventDto event = EventDto.build();
+		event.setEventStatus(eventStatus);
+		event.setEventInvestigationStatus(eventInvestigationStatus);
+		event.setEventTitle(eventTitle);
+		event.setEventDesc(eventDesc);
+		event.setReportingUser(reportingUser);
+
+		if (rdcf == null) {
+			rdcf = createRDCF();
+		}
+
+		event.getEventLocation().setRegion(rdcf.region);
+		event.getEventLocation().setDistrict(rdcf.district);
+
+		if (customSettings != null) {
+			customSettings.accept(event);
+		}
+
+		event = beanTest.getEventFacade().save(event);
+
+		return event;
+	}
+
+	public EventParticipantDto createEventParticipant(EventReferenceDto event, PersonDto eventPerson, UserReferenceDto reportingUser) {
+		return createEventParticipant(event, eventPerson, "Description", reportingUser, null, null);
+	}
+
+	public EventParticipantDto createEventParticipant(
+		EventReferenceDto event,
+		PersonDto eventPerson,
+		String involvementDescription,
+		UserReferenceDto reportingUser) {
+		return createEventParticipant(event, eventPerson, involvementDescription, reportingUser, null, null);
+	}
+
+	public EventParticipantDto createEventParticipant(
+		EventReferenceDto event,
+		PersonDto eventPerson,
+		String involvementDescription,
+		UserReferenceDto reportingUser,
+		RDCF rdcf) {
+		return createEventParticipant(event, eventPerson, involvementDescription, reportingUser, null, rdcf);
+	}
+
+	public EventParticipantDto createEventParticipant(
+		EventReferenceDto event,
+		PersonDto eventPerson,
+		String involvementDescription,
+		UserReferenceDto reportingUser,
+		Consumer<EventParticipantDto> customSettings,
+		RDCF rdcf) {
+
+		EventParticipantDto eventParticipant = EventParticipantDto.build(event, reportingUser);
+		eventParticipant.setPerson(eventPerson);
+		eventParticipant.setInvolvementDescription(involvementDescription);
+
+		if (customSettings != null) {
+			customSettings.accept(eventParticipant);
+		}
+		if (rdcf != null) {
+			eventParticipant.setRegion(rdcf.region);
+			eventParticipant.setDistrict(rdcf.district);
+		}
+
+		eventParticipant = beanTest.getEventParticipantFacade().save(eventParticipant);
+		return eventParticipant;
+	}
+
+	public SurveillanceReportDto createSurveillanceReport(UserReferenceDto reportingUser, CaseReferenceDto caseReference) {
+		return createSurveillanceReport(reportingUser, ReportingType.DOCTOR, caseReference);
+	}
+
+	public SurveillanceReportDto createSurveillanceReport(
+		UserReferenceDto reportingUser,
+		ReportingType reportingType,
+		CaseReferenceDto caseReference) {
+		return createSurveillanceReport(reportingUser, reportingType, caseReference, null);
+	}
+
+	public SurveillanceReportDto createSurveillanceReport(
+		UserReferenceDto reportingUser,
+		ReportingType reportingType,
+		CaseReferenceDto caseReference,
+		Consumer<SurveillanceReportDto> extraConfig) {
+		SurveillanceReportDto surveillanceReport = SurveillanceReportDto.build(caseReference, reportingUser);
+		surveillanceReport.setReportingType(reportingType);
+		surveillanceReport.setReportDate(new Date());
+
+		if (extraConfig != null) {
+			extraConfig.accept(surveillanceReport);
+		}
+
+		surveillanceReport = beanTest.getSurveillanceReportFacade().save(surveillanceReport);
+
+		return surveillanceReport;
+	}
+
+	public ActionDto createAction(EventReferenceDto event) {
+
+		ActionDto action = ActionDto.build(ActionContext.EVENT, event);
+
+		action = beanTest.getActionFacade().saveAction(action);
+		return action;
+	}
+
+	public SampleDto createSample(CaseReferenceDto associatedCase, UserReferenceDto reportingUser, Facility lab) {
+		return createSample(associatedCase, reportingUser, lab, null);
+	}
+
+	public SampleDto createSample(CaseReferenceDto associatedCase, UserReferenceDto reportingUser, Facility lab, Consumer<SampleDto> customConfig) {
+		return createSample(associatedCase, new Date(), new Date(), reportingUser, SampleMaterial.BLOOD, lab, customConfig);
+	}
+
+	public SampleDto createSample(CaseReferenceDto associatedCase, UserReferenceDto reportingUser, FacilityReferenceDto lab) {
+		return createSample(associatedCase, reportingUser, lab, null);
+	}
+
+	public SampleDto createSample(
+		CaseReferenceDto associatedCase,
+		UserReferenceDto reportingUser,
+		FacilityReferenceDto lab,
+		Consumer<SampleDto> customSettings) {
+
+		SampleDto sample = SampleDto.build(reportingUser, associatedCase);
+		sample.setSampleDateTime(new Date());
+		sample.setReportDateTime(new Date());
+		sample.setSampleMaterial(SampleMaterial.BLOOD);
+		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+		sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
+
+		if (customSettings != null) {
+			customSettings.accept(sample);
+		}
+
+		sample = beanTest.getSampleFacade().saveSample(sample);
+
+		return sample;
+	}
+
+	public SampleDto createSample(
+		CaseReferenceDto associatedCase,
+		Date sampleDateTime,
+		Date reportDateTime,
+		UserReferenceDto reportingUser,
+		SampleMaterial sampleMaterial,
+		Facility lab) {
+		return createSample(associatedCase, sampleDateTime, reportDateTime, reportingUser, sampleMaterial, lab, null);
+	}
+
+	public SampleDto createSample(
+		CaseReferenceDto associatedCase,
+		Date sampleDateTime,
+		Date reportDateTime,
+		UserReferenceDto reportingUser,
+		SampleMaterial sampleMaterial,
+		Facility lab,
+		Consumer<SampleDto> customConfig) {
+		SampleDto sample = SampleDto.build(reportingUser, associatedCase);
+		sample.setSampleDateTime(sampleDateTime);
+		sample.setReportDateTime(reportDateTime);
+		sample.setSampleMaterial(sampleMaterial);
+		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+		sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
+
+		if (customConfig != null) {
+			customConfig.accept(sample);
+		}
+
+		sample = beanTest.getSampleFacade().saveSample(sample);
+
+		return sample;
+	}
+
+	public SampleDto createSample(
+		CaseReferenceDto associatedCase,
+		Date sampleDateTime,
+		Date reportDateTime,
+		UserReferenceDto reportingUser,
+		SampleMaterial sampleMaterial,
+		FacilityReferenceDto lab) {
+
+		SampleDto sample = SampleDto.build(reportingUser, associatedCase);
+		sample.setSampleDateTime(sampleDateTime);
+		sample.setReportDateTime(reportDateTime);
+		sample.setSampleMaterial(sampleMaterial);
+		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+		sample.setLab(lab);
+
+		sample = beanTest.getSampleFacade().saveSample(sample);
+		return sample;
+	}
+
+	@Deprecated
+	public SampleDto createSample(
+		ContactReferenceDto associatedContact,
+		Date sampleDateTime,
+		Date reportDateTime,
+		UserReferenceDto reportingUser,
+		SampleMaterial sampleMaterial,
+		Facility lab) {
+
+		SampleDto sample = SampleDto.build(reportingUser, associatedContact);
+		sample.setSampleDateTime(sampleDateTime);
+		sample.setReportDateTime(reportDateTime);
+		sample.setSampleMaterial(sampleMaterial);
+		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+		sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
+
+		sample = beanTest.getSampleFacade().saveSample(sample);
+		return sample;
+	}
+
+	public SampleDto createSample(
+		ContactReferenceDto associatedContact,
+		Date sampleDateTime,
+		Date reportDateTime,
+		UserReferenceDto reportingUser,
+		SampleMaterial sampleMaterial,
+		FacilityReferenceDto lab) {
+
+		SampleDto sample = SampleDto.build(reportingUser, associatedContact);
+		sample.setSampleDateTime(sampleDateTime);
+		sample.setReportDateTime(reportDateTime);
+		sample.setSampleMaterial(sampleMaterial);
+		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+		sample.setLab(lab);
+
+		sample = beanTest.getSampleFacade().saveSample(sample);
+		return sample;
+	}
+
+	public SampleDto createSample(
+		ContactReferenceDto associatedContact,
+		UserReferenceDto reportingUser,
+		FacilityReferenceDto lab,
+		Consumer<SampleDto> customSettings) {
+
+		SampleDto sample = SampleDto.build(reportingUser, associatedContact);
+		sample.setSampleDateTime(new Date());
+		sample.setReportDateTime(new Date());
+		sample.setSampleMaterial(SampleMaterial.BLOOD);
+		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+		sample.setLab(beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()));
+
+		if (customSettings != null) {
+			customSettings.accept(sample);
+		}
+
+		sample = beanTest.getSampleFacade().saveSample(sample);
+
+		return sample;
+	}
+
+	public SampleDto createSample(EventParticipantReferenceDto associatedEventParticipant, UserReferenceDto reportingUser, FacilityReferenceDto lab) {
+		return createSample(associatedEventParticipant, new Date(), new Date(), reportingUser, SampleMaterial.BLOOD, lab);
+	}
+
+	public SampleDto createSample(
+		EventParticipantReferenceDto associatedEventParticipant,
+		UserReferenceDto reportingUser,
+		FacilityReferenceDto lab,
+		Consumer<SampleDto> customConfig) {
+		return createSample(associatedEventParticipant, new Date(), new Date(), reportingUser, SampleMaterial.BLOOD, lab, customConfig);
+	}
+
+	public SampleDto createSample(
+		EventParticipantReferenceDto associatedEventParticipant,
+		Date sampleDateTime,
+		Date reportDateTime,
+		UserReferenceDto reportingUser,
+		SampleMaterial sampleMaterial,
+		FacilityReferenceDto lab) {
+
+		SampleDto sample = SampleDto.build(reportingUser, associatedEventParticipant);
+		sample.setSampleDateTime(sampleDateTime);
+		sample.setReportDateTime(reportDateTime);
+		sample.setSampleMaterial(sampleMaterial);
+		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+		sample.setLab(lab);
+
+		sample = beanTest.getSampleFacade().saveSample(sample);
+		return sample;
+	}
+
+	public SampleDto createSample(
+		EventParticipantReferenceDto associatedEventParticipant,
+		Date sampleDateTime,
+		Date reportDateTime,
+		UserReferenceDto reportingUser,
+		SampleMaterial sampleMaterial,
+		FacilityReferenceDto lab,
+		Consumer<SampleDto> customConfig) {
+
+		SampleDto sample = SampleDto.build(reportingUser, associatedEventParticipant);
+		sample.setSampleDateTime(sampleDateTime);
+		sample.setReportDateTime(reportDateTime);
+		sample.setSampleMaterial(sampleMaterial);
+		sample.setSamplePurpose(SamplePurpose.EXTERNAL);
+		sample.setLab(lab);
+
+		if (customConfig != null) {
+			customConfig.accept(sample);
+		}
+
+		sample = beanTest.getSampleFacade().saveSample(sample);
+		return sample;
+	}
+
+	public PathogenTestDto createPathogenTest(
+		SampleReferenceDto sample,
+		PathogenTestType testType,
+		Disease testedDisease,
+		Date testDateTime,
+		FacilityReferenceDto lab,
+		UserReferenceDto labUser,
+		PathogenTestResultType testResult,
+		String testResultText,
+		boolean verified) {
+		return createPathogenTest(sample, testType, testedDisease, testDateTime, lab, labUser, testResult, testResultText, verified, null);
+	}
+
+	public PathogenTestDto createPathogenTest(SampleReferenceDto sample, UserReferenceDto labUser, Consumer<PathogenTestDto> extraConfig) {
+		return createPathogenTest(
+			sample,
+			PathogenTestType.ANTIGEN_DETECTION,
+			null,
+			new Date(),
+			(FacilityReferenceDto) null,
+			labUser,
+			PathogenTestResultType.PENDING,
+			null,
+			true,
+			extraConfig);
+	}
+
+	public PathogenTestDto createPathogenTest(
+		SampleReferenceDto sample,
+		PathogenTestType testType,
+		Disease testedDisease,
+		Date testDateTime,
+		Facility lab,
+		UserReferenceDto labUser,
+		PathogenTestResultType testResult,
+		String testResultText,
+		boolean verified,
+		Consumer<PathogenTestDto> extraConfig) {
+
+		PathogenTestDto sampleTest = PathogenTestDto.build(sample, labUser);
+		sampleTest.setTestedDisease(testedDisease);
+		sampleTest.setTestType(testType);
+		sampleTest.setTestDateTime(testDateTime);
+		sampleTest.setLab(lab != null ? beanTest.getFacilityFacade().getReferenceByUuid(lab.getUuid()) : null);
+		sampleTest.setTestResult(testResult);
+		sampleTest.setTestResultText(testResultText);
+		sampleTest.setTestResultVerified(verified);
+
+		if (extraConfig != null) {
+			extraConfig.accept(sampleTest);
+		}
+
+		sampleTest = beanTest.getPathogenTestFacade().savePathogenTest(sampleTest);
+		return sampleTest;
+	}
+
+	public PathogenTestDto createPathogenTest(
+		EnvironmentSampleReferenceDto sample,
+		PathogenTestType testType,
+		Pathogen testedPathogen,
+		FacilityReferenceDto lab,
+		UserReferenceDto labUser,
+		PathogenTestResultType testResult,
+		Consumer<PathogenTestDto> extraConfig) {
+
+		PathogenTestDto sampleTest = PathogenTestDto.build(sample, labUser);
+		sampleTest.setTestType(testType);
+		sampleTest.setLab(lab);
+		sampleTest.setTestedPathogen(testedPathogen);
+		sampleTest.setTestResult(testResult);
+		sampleTest.setTestResultVerified(true);
+		sampleTest.setTestDateTime(new Date());
+
+		if (extraConfig != null) {
+			extraConfig.accept(sampleTest);
+		}
+
+		sampleTest = beanTest.getPathogenTestFacade().savePathogenTest(sampleTest);
+		return sampleTest;
+	}
+
+	public PathogenTestDto createPathogenTest(
+		SampleReferenceDto sample,
+		PathogenTestType testType,
+		Disease testedDisease,
+		Date testDateTime,
+		FacilityReferenceDto lab,
+		UserReferenceDto labUser,
+		PathogenTestResultType testResult,
+		String testResultText,
+		boolean verified,
+		Consumer<PathogenTestDto> extraConfig) {
+
+		PathogenTestDto sampleTest = PathogenTestDto.build(sample, labUser);
+		sampleTest.setTestedDisease(testedDisease);
+		sampleTest.setTestType(testType);
+		sampleTest.setTestDateTime(testDateTime);
+		sampleTest.setLab(lab);
+		sampleTest.setTestResult(testResult);
+		sampleTest.setTestResultText(testResultText);
+		sampleTest.setTestResultVerified(verified);
+
+		if (extraConfig != null) {
+			extraConfig.accept(sampleTest);
+		}
+
+		sampleTest = beanTest.getPathogenTestFacade().savePathogenTest(sampleTest);
+		return sampleTest;
+	}
+
+	public PathogenTestDto createPathogenTest(CaseDataDto associatedCase, PathogenTestType testType, PathogenTestResultType resultType) {
+		return createPathogenTest(associatedCase, Disease.CORONAVIRUS, testType, resultType);
+	}
+
+	public PathogenTestDto createPathogenTest(SampleReferenceDto sample, CaseDataDto associatedCase) {
+		RDCF rdcf = createRDCF("LabRegion", "LabDistrict", "LabCommunity", "LabFacilty");
+
+		return createPathogenTest(
+			sample,
+			PathogenTestType.ANTIGEN_DETECTION,
+			associatedCase.getDisease(),
+			new Date(),
+			rdcf.facility,
+			associatedCase.getReportingUser(),
+			PathogenTestResultType.PENDING,
+			"",
+			false);
+	}
+
+	public PathogenTestDto createPathogenTest(
+		CaseDataDto associatedCase,
+		Disease testedDisease,
+		PathogenTestType testType,
+		PathogenTestResultType resultType) {
+
+		RDCF rdcf = createRDCF("Region", "District", "Community", "Facility");
+		SampleDto sample = createSample(
+			new CaseReferenceDto(associatedCase.getUuid()),
+			new Date(),
+			new Date(),
+			associatedCase.getReportingUser(),
+			SampleMaterial.BLOOD,
+			rdcf.facility);
+		return createPathogenTest(
+			new SampleReferenceDto(sample.getUuid()),
+			testType,
+			testedDisease,
+			new Date(),
+			rdcf.facility,
+			associatedCase.getReportingUser(),
+			resultType,
+			"",
+			true);
+	}
+
+	public PathogenTestDto buildPathogenTestDto(RDCF rdcf, UserDto user, SampleDto sample, Disease disease, Date testDateTime) {
+
+		final PathogenTestDto newPathogenTest = new PathogenTestDto();
+
+		newPathogenTest.setSample(sample.toReference());
+		newPathogenTest.setTestedDisease(disease);
+		newPathogenTest.setTestType(PathogenTestType.ISOLATION);
+
+		newPathogenTest.setTestDateTime(testDateTime);
+		newPathogenTest.setLab(new FacilityReferenceDto(rdcf.facility.getUuid(), null, null));
+		newPathogenTest.setLabUser(user.toReference());
+		newPathogenTest.setTestResult(PathogenTestResultType.PENDING);
+		newPathogenTest.setTestResultText("all bad!");
+		newPathogenTest.setTestResultVerified(false);
+		return newPathogenTest;
+	}
+
+	public AdditionalTestDto createAdditionalTest(SampleReferenceDto sample) {
+
+		AdditionalTestDto test = AdditionalTestDto.build(sample);
+		test.setTestDateTime(new Date());
+
+		test = beanTest.getAdditionalTestFacade().saveAdditionalTest(test);
+		return test;
+	}
+
+	public ExposureDto buildAnimalContactExposure(TypeOfAnimal typeOfAnimal) {
+
+		ExposureDto exposure = ExposureDto.build(ExposureType.ANIMAL_CONTACT);
+		exposure.setTypeOfAnimal(typeOfAnimal);
+		return exposure;
+	}
+
+	public CampaignDto createCampaign(UserDto user) {
+
+		CampaignDto campaign = CampaignDto.build();
+		campaign.setCreatingUser(user.toReference());
+		campaign.setName("CampaignName");
+		campaign.setDescription("Campaign description");
+
+		campaign = beanTest.getCampaignFacade().save(campaign);
+
+		return campaign;
+	}
+
+	public CampaignDiagramDefinitionDto createCampaignDiagramDefinition(String diagramId, String diagramCaption) {
+		CampaignDiagramDefinitionDto campaignDiagramDefinition = CampaignDiagramDefinitionDto.build();
+		campaignDiagramDefinition.setDiagramType(DiagramType.COLUMN);
+		campaignDiagramDefinition.setDiagramId(diagramId);
+		campaignDiagramDefinition.setDiagramCaption(diagramCaption);
+
+		return campaignDiagramDefinition;
+	}
+
+	public CampaignFormMetaDto createCampaignForm(CampaignDto campaign) throws IOException {
+
+		CampaignFormMetaDto campaignForm;
+
+		String schema =
+			"[{\"type\": \"text\",\"id\": \"teamNumber\",\"caption\": \"Team number\",\"styles\": [\"first\"]},{\"type\": \"text\",\"id\": "
+				+ "\"namesOfTeamMembers\",\"caption\": \"Names of team members\",\"styles\": [\"col-8\"]},{\"type\": \"text\",\"id\": "
+				+ "\"monitorName\",\"caption\": \"Name of monitor\",\"styles\": [\"first\"]},{\"type\": \"text\",\"id\": \"agencyName\",\"caption\": "
+				+ "\"Agency\"},{\"type\": \"section\",\"id\": \"questionsSection\"},{\"type\": \"label\",\"id\": \"questionsLabel\",\"caption\": \"<h2>Questions</h2>\"}"
+				+ ",{\"type\": \"yes-no\",\"id\": \"oneMemberResident\",\"caption\": \"1) At least one team member is resident of same area (villages)?\"},{\"type\": "
+				+ "\"yes-no\",\"id\": \"vaccinatorsTrained\",\"caption\": \"2) Both vaccinators trained before this campaign?\"},{\"type\": \"section\","
+				+ " \"id\": \"questionsSection2\"},{\"type\": \"label\",\"id\": \"q8To12Label\",\"caption\": \"Q 8-12: Based on observation of team only.\"},"
+				+ "{\"type\": \"yes-no\",\"id\": \"askingAboutMonthOlds\",\"caption\": \"8) Is team specially asking about 0-11 months children?\"},"
+				+ "{\"type\": \"section\", \"id\": \"questionsSection3\"},{\"type\": \"yes-no\",\"id\": \"atLeastOneMemberChw\","
+				+ "\"caption\": \"13) Is at least one member of the team CHW?\"},{\"type\": \"number\",\"id\": "
+				+ "\"numberOfChw\",\"caption\": \"No. of CHW\",\"styles\": [\"row\"],\"dependingOn\": \"atLeastOneMemberChw\",\"dependingOnValues\": [\"YES\"]},"
+				+ "{\"type\": \"yes-no\",\"id\": \"anyMemberFemale\",\"caption\": \"14) Is any member of the team female?\"},{\"type\": \"yes-no\","
+				+ "\"id\": \"accompaniedBySocialMobilizer\",\"caption\": \"15) Does social mobilizer accompany the vaccination team in the field?\"},"
+				+ "{\"type\": \"text\",\"id\": \"comments\",\"caption\": \"Comments\",\"styles\": [\"col-12\"]}]";
+		String translations =
+			"[{\"languageCode\": \"de-DE\", \"translations\": [{\"elementId\": \"teamNumber\", \"caption\": \"Teamnummer\"}, {\"elementId\": \"namesOfTeamMembers\","
+				+ " \"caption\": \"Namen der Teammitglieder\"}]}, {\"languageCode\": \"fr-FR\", \"translations\": [{\"elementId\": \"teamNumber\", "
+				+ "\"caption\": \"Numéro de l'équipe\"}]}]";
+
+		campaignForm = beanTest.getCampaignFormFacade().buildCampaignFormMetaFromJson("testForm", null, schema, translations);
+
+		campaignForm = beanTest.getCampaignFormFacade().saveCampaignFormMeta(campaignForm);
+
+		return campaignForm;
+	}
+
+	public String getCampaignFormData() {
+		return "[{\"id\": \"teamNumber\",\"value\": \"12\"},{\"id\": \"namesOfTeamMembers\", \"value\": \"Waldemar Stricker\"},"
+			+ "{\"id\": \"monitorName\", \"value\": \"Josef Saks\"},{\"id\": \"agencyName\",\"value\": \"HZI Institut\"},"
+			+ "{\"id\": \"oneMemberResident\", \"value\": \"yes\"},{\"id\": \"vaccinatorsTrained\",\"value\": \"no\"},"
+			+ "{\"id\": \"askingAboutMonthOlds\",\"value\": \"yes\"},{\"id\": \"atLeastOneMemberChw\",\"value\": \"yes\"},"
+			+ "{\"id\": \"numberOfChw\",\"value\": \"7\"},{\"id\": \"anyMemberFemale\",\"value\": \"yes\"},{\"id\": \"accompaniedBySocialMobilizer\",\"value\": \"no\"},"
+			+ "{\"id\": \"comments\",\"value\": \"other comments\"}]";
+	}
+
+	public CampaignFormDataDto buildCampaignFormDataDto(CampaignDto campaign, CampaignFormMetaDto campaignForm, RDCF rdcf, String formData) {
+		CampaignReferenceDto campaignReferenceDto = new CampaignReferenceDto(campaign.getUuid());
+		CampaignFormMetaReferenceDto campaignFormMetaReferenceDto = new CampaignFormMetaReferenceDto(campaignForm.getUuid());
+
+		CampaignFormDataDto campaignFormData =
+			CampaignFormDataDto.build(campaignReferenceDto, campaignFormMetaReferenceDto, rdcf.region, rdcf.district, rdcf.community);
+
+		try {
+			ObjectMapper mapper = new ObjectMapper();
+			campaignFormData.setFormValues(Arrays.asList(mapper.readValue(formData, CampaignFormDataEntry[].class)));
+			return campaignFormData;
+		} catch (IOException e) {
+			throw new RuntimeException(e);
+		}
+	}
+
+	public CampaignFormDataDto createCampaignFormData(CampaignDto campaign, CampaignFormMetaDto campaignForm, RDCF rdcf, String formData) {
+
+		CampaignFormDataDto campaignFormData = buildCampaignFormDataDto(campaign, campaignForm, rdcf, formData);
+
+		campaignFormData = beanTest.getCampaignFormDataFacade().saveCampaignFormData(campaignFormData);
+
+		return campaignFormData;
+	}
+
+	public RDCF createRDCF() {
+		return createRDCF("Region", "District", "Community", "Facility", FacilityType.HOSPITAL, "PointOfEntry", false);
+	}
+
+	public RDCF createRDCF(boolean deafultRdcf) {
+		return createRDCF("Region", "District", "Community", "Facility", FacilityType.HOSPITAL, "PointOfEntry", false, deafultRdcf);
+	}
+
+	public RDCF createRDCF(String regionName, String districtName, String communityName, String facilityName) {
+		return createRDCF(regionName, districtName, communityName, facilityName, FacilityType.HOSPITAL, null, false);
+	}
+
+	public RDCF createRDCF(String regionName, String districtName, String communityName, String facilityName, String pointOfEntryName) {
+		return createRDCF(regionName, districtName, communityName, facilityName, FacilityType.HOSPITAL, pointOfEntryName, false);
+	}
+
+	public RDCF createRDCF(
+		String regionName,
+		String districtName,
+		String communityName,
+		String facilityName,
+		FacilityType facilityType,
+		String pointOfEntryName,
+		boolean withExternalIds) {
+		return createRDCF(regionName, districtName, communityName, facilityName, facilityType, pointOfEntryName, withExternalIds, false);
+	}
+
+	public RDCF createRDCF(
+		String regionName,
+		String districtName,
+		String communityName,
+		String facilityName,
+		FacilityType facilityType,
+		String pointOfEntryName,
+		boolean withExternalIds,
+		boolean defaultRdcf) {
+
+		Region region = createRegion(regionName, withExternalIds ? regionName + "_externalId" : null, defaultRdcf);
+		District district = createDistrict(districtName, region, withExternalIds ? districtName + "_externalId" : null, defaultRdcf);
+		Community community = createCommunity(communityName, district, withExternalIds ? communityName + "_externalId" : null, defaultRdcf);
+		Facility facility =
+			createFacility(facilityName, facilityType, region, district, community, withExternalIds ? facilityName + "_externalId" : null);
+
+		PointOfEntry pointOfEntry = null;
+		if (pointOfEntryName != null) {
+			pointOfEntry = createPointOfEntry(pointOfEntryName, region, district);
+		}
+
+		return new RDCF(
+			new RegionReferenceDto(region.getUuid(), region.getName(), region.getExternalID()),
+			new DistrictReferenceDto(district.getUuid(), district.getName(), district.getExternalID()),
+			new CommunityReferenceDto(community.getUuid(), community.getName(), community.getExternalID()),
+			new FacilityReferenceDto(facility.getUuid(), facility.getName(), facility.getExternalID()),
+			pointOfEntry != null
+				? new PointOfEntryReferenceDto(
+					pointOfEntry.getUuid(),
+					pointOfEntry.getName(),
+					pointOfEntry.getPointOfEntryType(),
+					pointOfEntry.getExternalID())
+				: null);
+	}
+
+	public RDCFEntities createRDCFEntities() {
+		return createRDCFEntities("Region", "District", "Community", "Facility");
+	}
+
+	public RDCFEntities createRDCFEntities(String regionName, String districtName, String communityName, String facilityName) {
+
+		Region region = createRegion(regionName);
+		District district = createDistrict(districtName, region);
+		Community community = createCommunity(communityName, district);
+		Facility facility = createFacility(facilityName, region, district, community);
+
+		return new RDCFEntities(region, district, community, facility);
+	}
+
+	public RDP createRDP() {
+
+		var region = createRegion("Region");
+		var district = createDistrict("District", region);
+		var pointOfEntry = createPointOfEntry("POE", region, district);
+
+		return new RDP(
+			new RegionReferenceDto(region.getUuid(), region.getName(), region.getExternalID()),
+			new DistrictReferenceDto(district.getUuid(), district.getName(), district.getExternalID()),
+			new PointOfEntryReferenceDto(
+				pointOfEntry.getUuid(),
+				pointOfEntry.getName(),
+				pointOfEntry.getPointOfEntryType(),
+				pointOfEntry.getExternalID()));
+	}
+
+	public Continent createContinent(String name) {
+		Continent continent = new Continent();
+		continent.setUuid(DataHelper.createUuid());
+		continent.setDefaultName(name);
+		beanTest.getContinentService().persist(continent);
+
+		return continent;
+	}
+
+	public Country createCountry(String countryName, String isoCode, String unoCode) {
+		Country country = new Country();
+		country.setUuid(DataHelper.createUuid());
+		country.setDefaultName(countryName);
+		country.setIsoCode(isoCode);
+		country.setUnoCode(unoCode);
+		beanTest.getCountryService().persist(country);
+
+		return country;
+	}
+
+	public Region createRegion(String regionName) {
+		return createRegion(regionName, null, false);
+	}
+
+	public Region createRegion(String regionName, String externalId, boolean deafultRegion) {
+		Region region = getRegion(regionName, externalId);
+		region.setDefaultInfrastructure(deafultRegion);
+		beanTest.getRegionService().persist(region);
+		return region;
+	}
+
+	public Region createRegionCentrally(String regionName, String externalId) {
+		Region region = getRegion(regionName, externalId);
+		region.setCentrallyManaged(true);
+		beanTest.getRegionService().persist(region);
+		return region;
+	}
+
+	@NotNull
+	private Region getRegion(String regionName, String externalId) {
+		Region region = new Region();
+		region.setUuid(DataHelper.createUuid());
+		region.setName(regionName);
+		region.setEpidCode("COU-REG");
+		region.setExternalID(externalId);
+		return region;
+	}
+
+	public District createDistrict(String districtName, Region region) {
+		return createDistrict(districtName, region, null, false);
+	}
+
+	public District createDistrict(String districtName, Region region, String externalId, boolean defaultDistrict) {
+		District district = getDistrict(districtName, region, externalId);
+		district.setDefaultInfrastructure(defaultDistrict);
+		beanTest.getDistrictService().persist(district);
+		return district;
+	}
+
+	public District createDistrictCentrally(String districtName, Region region, String externalId) {
+		District district = getDistrict(districtName, region, externalId);
+		district.setCentrallyManaged(true);
+		beanTest.getDistrictService().persist(district);
+		return district;
+	}
+
+	@NotNull
+	private District getDistrict(String districtName, Region region, String externalId) {
+		District district = new District();
+		district.setUuid(DataHelper.createUuid());
+		district.setName(districtName);
+		district.setRegion(region);
+		district.setEpidCode("DIS");
+		district.setExternalID(externalId);
+		return district;
+	}
+
+	public Community createCommunity(String communityName, District district) {
+		return createCommunity(communityName, district, null, false);
+	}
+
+	public Community createCommunity(String communityName, District district, String externalId, boolean defaultCommunity) {
+		Community community = getCommunity(communityName, district, externalId);
+		community.setDefaultInfrastructure(defaultCommunity);
+		beanTest.getCommunityService().persist(community);
+		return community;
+	}
+
+	public Community createCommunityCentrally(String communityName, District district, String externalId) {
+		Community community = getCommunity(communityName, district, externalId);
+		community.setCentrallyManaged(true);
+		beanTest.getCommunityService().persist(community);
+		return community;
+
+	}
+
+	@NotNull
+	private Community getCommunity(String communityName, District district, String externalId) {
+		Community community = new Community();
+		community.setUuid(DataHelper.createUuid());
+		community.setName(communityName);
+		community.setDistrict(district);
+		community.setExternalID(externalId);
+		return community;
+	}
+
+	public CommunityDto createCommunity(String communityName, DistrictReferenceDto district) {
+		CommunityDto community = CommunityDto.build();
+		community.setName(communityName);
+		community.setDistrict(district);
+		beanTest.getCommunityFacade().save(community);
+		return community;
+	}
+
+	public Facility createFacility(String facilityName, Region region, District district, Community community) {
+		return createFacility(facilityName, FacilityType.HOSPITAL, region, district, community);
+	}
+
+	public Facility createFacility(String facilityName, FacilityType type, Region region, District district, Community community) {
+		return createFacility(facilityName, type, region, district, community, null);
+	}
+
+	public Facility createFacility(String facilityName, FacilityType type, Region region, District district, Community community, String externalId) {
+		Facility facility = new Facility();
+		facility.setUuid(DataHelper.createUuid());
+		facility.setName(facilityName);
+		facility.setCommunity(community);
+		facility.setDistrict(district);
+		facility.setRegion(region);
+		facility.setType(type);
+		facility.setExternalID(externalId);
+
+		beanTest.getFacilityService().persist(facility);
+
+		return facility;
+	}
+
+	public FacilityDto createFacility(
+		String facilityName,
+		RegionReferenceDto region,
+		DistrictReferenceDto district,
+		CommunityReferenceDto community) {
+		return createFacility(facilityName, region, district, community, null);
+	}
+
+	public FacilityDto createFacility(
+		String facilityName,
+		RegionReferenceDto region,
+		DistrictReferenceDto district,
+		CommunityReferenceDto community,
+		FacilityType type) {
+
+		FacilityDto facility = FacilityDto.build();
+		facility.setName(facilityName);
+		facility.setType(type == null ? FacilityType.HOSPITAL : type);
+		facility.setCommunity(community);
+		facility.setDistrict(district);
+		facility.setRegion(region);
+		beanTest.getFacilityFacade().save(facility);
+		return facility;
+	}
+
+	public FacilityDto createFacility(
+		String facilityName,
+		RegionReferenceDto region,
+		DistrictReferenceDto district,
+		Consumer<FacilityDto> extraConfig) {
+
+		FacilityDto facility = FacilityDto.build();
+		facility.setName(facilityName);
+		facility.setRegion(region);
+		facility.setDistrict(district);
+		facility.setType(FacilityType.HOSPITAL);
+
+		if (extraConfig != null) {
+			extraConfig.accept(facility);
+		}
+
+		beanTest.getFacilityFacade().save(facility);
+		return facility;
+	}
+
+	public PointOfEntry createPointOfEntry(String pointOfEntryName, Region region, District district) {
+		return createPointOfEntry(pointOfEntryName, region, district, null);
+	}
+
+	public PointOfEntry createPointOfEntry(String pointOfEntryName, Region region, District district, String externalId) {
+		PointOfEntry pointOfEntry = new PointOfEntry();
+		pointOfEntry.setUuid(DataHelper.createUuid());
+		pointOfEntry.setPointOfEntryType(PointOfEntryType.AIRPORT);
+		pointOfEntry.setName(pointOfEntryName);
+		pointOfEntry.setDistrict(district);
+		pointOfEntry.setRegion(region);
+		pointOfEntry.setExternalID(externalId);
+
+		beanTest.getPointOfEntryService().persist(pointOfEntry);
+
+		return pointOfEntry;
+	}
+
+	public PointOfEntryDto createPointOfEntry(String pointOfEntryName, RegionReferenceDto region, DistrictReferenceDto district) {
+		PointOfEntryDto pointOfEntry = PointOfEntryDto.build();
+		pointOfEntry.setUuid(DataHelper.createUuid());
+		pointOfEntry.setPointOfEntryType(PointOfEntryType.AIRPORT);
+		pointOfEntry.setName(pointOfEntryName);
+		pointOfEntry.setDistrict(district);
+		pointOfEntry.setRegion(region);
+		beanTest.getPointOfEntryFacade().save(pointOfEntry);
+
+		return pointOfEntry;
+	}
+
+	public PopulationDataDto createPopulationData(RegionReferenceDto region, DistrictReferenceDto district, Integer population, Date collectionDate) {
+		PopulationDataDto populationData = PopulationDataDto.build(collectionDate);
+		populationData.setRegion(region);
+		populationData.setDistrict(district);
+		populationData.setPopulation(population);
+		beanTest.getPopulationDataFacade().savePopulationData(Arrays.asList(populationData));
+		return populationData;
+	}
+
+	public void updateDiseaseConfiguration(
+		Disease disease,
+		Boolean active,
+		Boolean primary,
+		Boolean caseSurveillance,
+		Boolean aggregateReporting,
+		List<String> ageGroups) {
+		updateDiseaseConfiguration(disease, active, primary, caseSurveillance, aggregateReporting, ageGroups, null);
+	}
+
+	public void updateDiseaseConfiguration(
+		Disease disease,
+		Boolean active,
+		Boolean primary,
+		Boolean caseSurveillance,
+		Boolean aggregateReporting,
+		List<String> ageGroups,
+		Integer automaticSampleAssignmentThreshold) {
+		DiseaseConfigurationDto config =
+			DiseaseConfigurationFacadeEjbLocal.toDto(beanTest.getDiseaseConfigurationService().getDiseaseConfiguration(disease));
+		config.setActive(active);
+		config.setPrimaryDisease(primary);
+		config.setCaseSurveillanceEnabled(caseSurveillance);
+		config.setAggregateReportingEnabled(aggregateReporting);
+		config.setAgeGroups(ageGroups);
+		config.setAutomaticSampleAssignmentThreshold(automaticSampleAssignmentThreshold);
+		beanTest.getDiseaseConfigurationFacade().saveDiseaseConfiguration(config);
+	}
+
+	public DocumentDto createDocument(
+		UserReferenceDto uploadingUser,
+		String name,
+		String contentType,
+		long size,
+		EventReferenceDto event,
+		byte[] content)
+		throws IOException {
+		return createDocument(uploadingUser, name, contentType, size, DocumentRelatedEntityType.EVENT, event.getUuid(), content);
+	}
+
+	public DocumentDto createDocument(
+		UserReferenceDto uploadingUser,
+		String name,
+		String contentType,
+		long size,
+		DocumentRelatedEntityType relatedEntityType,
+		String relatedEntityUuid,
+		byte[] content)
+		throws IOException {
+		DocumentDto document = DocumentDto.build();
+		document.setUploadingUser(uploadingUser);
+		document.setName(name);
+		document.setMimeType(contentType);
+		document.setSize(size);
+		DocumentRelatedEntityDto documentRelatedEntities = DocumentRelatedEntityDto.build(relatedEntityType, relatedEntityUuid);
+
+		return beanTest.getDocumentFacade().saveDocument(document, content, Collections.singletonList(documentRelatedEntities));
+	}
+
+	public ExportConfigurationDto createExportConfiguration(String name, ExportType exportType, Set<String> properites, UserReferenceDto user) {
+		ExportConfigurationDto exportConfiguration = ExportConfigurationDto.build(user, exportType);
+		exportConfiguration.setName(name);
+		exportConfiguration.setProperties(properites);
+
+		beanTest.getExportFacade().saveExportConfiguration(exportConfiguration);
+
+		return exportConfiguration;
+	}
+
+	public SystemEventDto createSystemEvent(SystemEventType type, Date startDate, SystemEventStatus status) {
+		return createSystemEvent(type, startDate, new Date(startDate.getTime() + 1000), status, "Generated for test purposes");
+	}
+
+	public SystemEventDto createSystemEvent(SystemEventType type, Date startDate, Date endDate, SystemEventStatus status, String additionalInfo) {
+		SystemEventDto systemEvent = SystemEventDto.build();
+		systemEvent.setType(type);
+		systemEvent.setStartDate(startDate);
+		systemEvent.setEndDate(endDate);
+		systemEvent.setStatus(status);
+		systemEvent.setAdditionalInfo(additionalInfo);
+		return systemEvent;
+	}
+
+	public ExternalMessageDto createExternalMessage(Consumer<ExternalMessageDto> customSettings) {
+		ExternalMessageDto message = ExternalMessageDto.build();
+
+		if (customSettings != null) {
+			customSettings.accept(message);
+		}
+
+		beanTest.getExternalMessageFacade().save(message);
+
+		return message;
+	}
+
+	public ExternalMessageDto createLabMessageWithTestReportAndSurveillanceReport(
+		UserReferenceDto user,
+		CaseReferenceDto caze,
+		SampleReferenceDto sample) {
+		SurveillanceReportDto surveillanceReportDto = createSurveillanceReport(user, ReportingType.LABORATORY, caze);
+		ExternalMessageDto labMessage = createExternalMessage(lm -> {
+			lm.setType(ExternalMessageType.LAB_MESSAGE);
+			lm.setSurveillanceReport(surveillanceReportDto.toReference());
+			lm.setStatus(ExternalMessageStatus.PROCESSED);
+		});
+		SampleReportDto sampleReport = createSampleReport(labMessage, sample);
+		createTestReport(sampleReport);
+		return labMessage;
+
+	}
+
+	public ExternalMessageDto createLabMessageWithSurveillanceReport(UserReferenceDto user, CaseReferenceDto caze) {
+		SurveillanceReportDto surveillanceReportDto = createSurveillanceReport(user, ReportingType.LABORATORY, caze);
+		ExternalMessageDto labMessage = createExternalMessage(lm -> {
+			lm.setType(ExternalMessageType.LAB_MESSAGE);
+			lm.setSurveillanceReport(surveillanceReportDto.toReference());
+			lm.setStatus(ExternalMessageStatus.PROCESSED);
+		});
+
+		return labMessage;
+
+	}
+
+	public ExternalMessageDto createLabMessageWithTestReport(SampleReferenceDto sample) {
+		ExternalMessageDto labMessage = createExternalMessage(lm -> lm.setType(ExternalMessageType.LAB_MESSAGE));
+		SampleReportDto sampleReport = createSampleReport(labMessage, sample);
+		createTestReport(sampleReport);
+		return labMessage;
+
+	}
+
+	public SampleReportDto createSampleReport(ExternalMessageDto labMessage, SampleReferenceDto sample) {
+		SampleReportDto sampleReport = createSampleReport(labMessage);
+		sampleReport.setSample(sample);
+		sampleReport.setChangeDate(new Date());
+		beanTest.getSampleReportFacade().saveSampleReport(sampleReport);
+		return sampleReport;
+	}
+
+	public SampleReportDto createSampleReport(ExternalMessageDto labMessage) {
+		SampleReportDto sampleReport = SampleReportDto.build();
+		labMessage.addSampleReport(sampleReport);
+		beanTest.getSampleReportFacade().saveSampleReport(sampleReport);
+		labMessage.setChangeDate(new Date());
+		beanTest.getExternalMessageFacade().save(labMessage);
+		return sampleReport;
+	}
+
+	public TestReportDto createTestReport(SampleReportDto sampleReport) {
+		TestReportDto testReport = TestReportDto.build();
+		sampleReport.addTestReport(testReport);
+
+		beanTest.getTestReportFacade().saveTestReport(testReport);
+		sampleReport.setChangeDate(new Date());
+		beanTest.getSampleReportFacade().saveSampleReport(sampleReport);
+
+		return testReport;
+	}
+
+	public DiseaseVariant createDiseaseVariant(String name, Disease disease) {
+
+		CustomizableEnumValue diseaseVariant = new CustomizableEnumValue();
+		diseaseVariant.setDataType(CustomizableEnumType.DISEASE_VARIANT);
+		diseaseVariant.setValue("BF.1.2");
+		Set<Disease> diseases = new HashSet<>();
+		diseases.add(disease);
+		diseaseVariant.setDiseases(diseases);
+		diseaseVariant.setCaption(name + " variant");
+		diseaseVariant.setActive(true);
+
+		beanTest.getCustomizableEnumValueService().ensurePersisted(diseaseVariant);
+
+		return beanTest.getCustomizableEnumFacade().getEnumValue(CustomizableEnumType.DISEASE_VARIANT, name);
+	}
+
+	public Pathogen createPathogen(String value, String caption) {
+
+		CustomizableEnumValue pathogen = new CustomizableEnumValue();
+		pathogen.setDataType(CustomizableEnumType.PATHOGEN);
+		pathogen.setValue(value);
+		pathogen.setCaption(caption);
+		pathogen.setActive(true);
+
+		beanTest.getCustomizableEnumValueService().ensurePersisted(pathogen);
+
+		beanTest.getCustomizableEnumFacade().loadData();
+
+		return beanTest.getCustomizableEnumFacade().getEnumValue(CustomizableEnumType.PATHOGEN, value);
+	}
+
+	public ExternalShareInfo createExternalShareInfo(
+		CaseReferenceDto caze,
+		UserReferenceDto sender,
+		ExternalShareStatus status,
+		Consumer<ExternalShareInfo> customConfig) {
+		ExternalShareInfo shareInfo = new ExternalShareInfo();
+		shareInfo.setUuid(DataHelper.createUuid());
+		shareInfo.setCaze(beanTest.getCaseService().getByUuid(caze.getUuid()));
+		shareInfo.setSender(beanTest.getUserService().getByUuid(sender.getUuid()));
+		shareInfo.setStatus(status);
+
+		if (customConfig != null) {
+			customConfig.accept(shareInfo);
+		}
+
+		beanTest.getExternalShareInfoService().ensurePersisted(shareInfo);
+
+		return shareInfo;
+	}
+
+	public ExternalShareInfo createExternalShareInfo(EventReferenceDto event, UserReferenceDto sender, ExternalShareStatus status) {
+		ExternalShareInfo shareInfo = new ExternalShareInfo();
+		shareInfo.setUuid(DataHelper.createUuid());
+		shareInfo.setEvent(beanTest.getEventService().getByUuid(event.getUuid()));
+		shareInfo.setSender(beanTest.getUserService().getByUuid(sender.getUuid()));
+		shareInfo.setStatus(status);
+
+		beanTest.getExternalShareInfoService().ensurePersisted(shareInfo);
+
+		return shareInfo;
+	}
+
+	/**
+	 * Creates a list with {@code count} values of type {@code T}.
+	 * The list index is given to the {@code valueSupplier} for each value to create.
+	 */
+	public static <T> List<T> createValuesList(int count, Function<Integer, T> valueSupplier) {
+
+		List<T> values = new ArrayList<>(count);
+		for (int i = 0; i < count; i++) {
+			values.add(valueSupplier.apply(i));
+		}
+		return values;
+	}
+
+	public SormasToSormasOriginInfoDto createSormasToSormasOriginInfo(
+		String serverId,
+		boolean ownershipHandedOver,
+		Consumer<SormasToSormasOriginInfoDto> extraConfig) {
+		SormasToSormasOriginInfoDto originInfo = new SormasToSormasOriginInfoDto();
+		originInfo.setUuid(DataHelper.createUuid());
+		originInfo.setSenderName("Test Name");
+		originInfo.setSenderEmail("test@email.com");
+		originInfo.setOrganizationId(serverId);
+		originInfo.setOwnershipHandedOver(ownershipHandedOver);
+
+		if (extraConfig != null) {
+			extraConfig.accept(originInfo);
+		}
+
+		return beanTest.getSormasToSormasOriginInfoFacade().saveOriginInfo(originInfo);
+	}
+
+	public CaseDataDto createReceivedCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf, boolean ownershipHandedOver) {
+		return createCase(
+			user,
+			person,
+			rdcf,
+			(c) -> c.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", ownershipHandedOver, null)));
+	}
+
+	public CaseDataDto createSharedCase(UserReferenceDto user, PersonReferenceDto person, RDCF rdcf, boolean ownershipHandedOver) {
+		CaseDataDto caze = createCase(user, person, rdcf, null);
+
+		createShareRequestInfo(
+			ShareRequestDataType.CASE,
+			beanTest.getUserService().getByReferenceDto(user),
+			"target_id",
+			ownershipHandedOver,
+			ShareRequestStatus.ACCEPTED,
+			(s) -> s.setCaze(beanTest.getCaseService().getByReferenceDto(caze.toReference())));
+
+		return caze;
+	}
+
+	public ContactDto createReceivedContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, boolean ownershipHandedOver) {
+		return createContact(
+			reportingUser,
+			contactPerson,
+			Disease.CORONAVIRUS,
+			(c) -> c.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", ownershipHandedOver, null)));
+	}
+
+	public ContactDto createSharedContact(UserReferenceDto reportingUser, PersonReferenceDto contactPerson, boolean ownershipHandedOver) {
+		ContactDto contact = createContact(reportingUser, contactPerson, Disease.CORONAVIRUS);
+		createShareRequestInfo(
+			ShareRequestDataType.CONTACT,
+			beanTest.getUserService().getByReferenceDto(reportingUser),
+			"target_id",
+			ownershipHandedOver,
+			ShareRequestStatus.ACCEPTED,
+			(s) -> s.setContact(beanTest.getContactService().getByReferenceDto(contact.toReference())));
+
+		return contact;
+	}
+
+	public EventParticipantDto createReceivedEventParticipant(PersonDto eventPerson, UserReferenceDto reportingUser, RDCF rdcf) {
+		return createEventParticipant(createEvent(reportingUser).toReference(), eventPerson, "Test involvment", reportingUser, e -> {
+			e.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", true, null));
+		}, rdcf);
+	}
+
+	public ImmunizationDto createReceivedImmunization(PersonReferenceDto person, UserReferenceDto reportingUser, RDCF rdcf) {
+		return createImmunization(Disease.CORONAVIRUS, person, reportingUser, rdcf, i -> {
+			i.setSormasToSormasOriginInfo(createSormasToSormasOriginInfo("source_id", true, null));
+		});
+	}
+
+	public ShareRequestInfo createShareRequestInfo(
+		ShareRequestDataType dataType,
+		User sender,
+		String serverId,
+		boolean ownershipHandedOver,
+		ShareRequestStatus status,
+		Consumer<SormasToSormasShareInfo> setTarget) {
+
+		SormasToSormasShareInfo shareInfo = new SormasToSormasShareInfo();
+		shareInfo.setOwnershipHandedOver(ownershipHandedOver);
+		shareInfo.setOrganizationId(serverId);
+		setTarget.accept(shareInfo);
+
+		ShareRequestInfo requestInfo = new ShareRequestInfo();
+		requestInfo.setUuid(DataHelper.createUuid());
+		requestInfo.setDataType(dataType);
+		requestInfo.setSender(sender);
+		requestInfo.setRequestStatus(status);
+		requestInfo.setShares(new ArrayList<>());
+		requestInfo.getShares().add(shareInfo);
+
+		beanTest.getShareRequestInfoService().persist(requestInfo);
+
+		return requestInfo;
+	}
+
+	public EnvironmentDto createEnvironment(
+		String name,
+		EnvironmentMedia environmentMedia,
+		UserReferenceDto reportingUser,
+		RDCF rdcf,
+		Consumer<EnvironmentDto> extraConfig) {
+		EnvironmentDto environment = EnvironmentDto.build();
+		environment.setEnvironmentName(name);
+		environment.setEnvironmentMedia(environmentMedia);
+		environment.setReportDate(new Date());
+		environment.setReportingUser(reportingUser);
+
+		LocationDto location = environment.getLocation();
+		location.setLongitude(1.0);
+		location.setLatitude(1.0);
+		if (rdcf != null) {
+			location.setRegion(rdcf.region);
+			location.setDistrict(rdcf.district);
+			location.setCommunity(rdcf.community);
+		}
+
+		if (extraConfig != null) {
+			extraConfig.accept(environment);
+		}
+
+		environment = beanTest.getEnvironmentFacade().save(environment);
+
+		return environment;
+
+	}
+
+	public EnvironmentDto createEnvironment(String name, EnvironmentMedia environmentMedia, UserReferenceDto reportingUser, RDCF rdcf) {
+		return createEnvironment(name, environmentMedia, reportingUser, rdcf, null);
+	}
+
+	public EnvironmentSampleDto createEnvironmentSample(
+		EnvironmentReferenceDto environment,
+		UserReferenceDto reportingUser,
+		RDCF rdcf,
+		FacilityReferenceDto lab,
+		@Nullable Consumer<EnvironmentSampleDto> extraConfig) {
+		EnvironmentSampleDto sample = EnvironmentSampleDto.build(environment, reportingUser);
+		sample.setSampleMaterial(EnvironmentSampleMaterial.WATER);
+		sample.getLocation().setRegion(rdcf.region);
+		sample.getLocation().setDistrict(rdcf.district);
+		sample.getLocation().setLatitude(1.0);
+		sample.getLocation().setLongitude(1.0);
+		sample.setLaboratory(lab);
+
+		if (extraConfig != null) {
+			extraConfig.accept(sample);
+		}
+
+		return beanTest.getEnvironmentSampleFacade().save(sample);
+	}
+
+	public SpecialCaseAccessDto createSpecialCaseAccess(
+		CaseReferenceDto caze,
+		UserReferenceDto assignedBy,
+		UserReferenceDto assignedTo,
+		Date endDateTime) {
+		SpecialCaseAccessDto specialCaseAccess = SpecialCaseAccessDto.build(caze, assignedBy);
+		specialCaseAccess.setAssignedTo(assignedTo);
+		specialCaseAccess.setEndDateTime(endDateTime);
+
+		return beanTest.getSpecialCaseAccessFacade().save(specialCaseAccess);
+	}
+
+	/**
+	 * @author MartinWahnschaffe
+	 * @deprecated Use RDCF instead
+	 */
+	@Deprecated
+	public static class RDCFEntities {
+
+		public Region region;
+		public District district;
+		public Community community;
+		public Facility facility;
+
+		public RDCFEntities(Region region, District district, Community community, Facility facility) {
+			this.region = region;
+			this.district = district;
+			this.community = community;
+			this.facility = facility;
+		}
+	}
+
+	public static class RDCF {
+
+		public RegionReferenceDto region;
+		public DistrictReferenceDto district;
+		public CommunityReferenceDto community;
+		public FacilityReferenceDto facility;
+		public PointOfEntryReferenceDto pointOfEntry;
+
+		public RDCF(RegionReferenceDto region, DistrictReferenceDto district, CommunityReferenceDto community, FacilityReferenceDto facility) {
+			this(region, district, community, facility, null);
+		}
+
+		public RDCF(
+			RegionReferenceDto region,
+			DistrictReferenceDto district,
+			CommunityReferenceDto community,
+			FacilityReferenceDto facility,
+			PointOfEntryReferenceDto pointOfEntry) {
+			this.region = region;
+			this.district = district;
+			this.community = community;
+			this.facility = facility;
+			this.pointOfEntry = pointOfEntry;
+		}
+
+		public RDCF(RDCFEntities rdcfEntities) {
+			this.region = new RegionReferenceDto(rdcfEntities.region.getUuid(), rdcfEntities.region.getName(), rdcfEntities.region.getExternalID());
+			this.district =
+				new DistrictReferenceDto(rdcfEntities.district.getUuid(), rdcfEntities.district.getName(), rdcfEntities.district.getExternalID());
+			this.community =
+				new CommunityReferenceDto(rdcfEntities.community.getUuid(), rdcfEntities.community.getName(), rdcfEntities.community.getExternalID());
+			this.facility =
+				new FacilityReferenceDto(rdcfEntities.facility.getUuid(), rdcfEntities.facility.getName(), rdcfEntities.facility.getExternalID());
+		}
+	}
+
+	public static class RDP {
+
+		public RegionReferenceDto region;
+		public DistrictReferenceDto district;
+		public PointOfEntryReferenceDto pointOfEntry;
+
+		public RDP(RegionReferenceDto region, DistrictReferenceDto district, PointOfEntryReferenceDto pointOfEntry) {
+			this.region = region;
+			this.district = district;
+			this.pointOfEntry = pointOfEntry;
+		}
+	}
+
+	public User createTestUser() {
+		User user = new User();
+		user.setUserName("testuser");
+		user.setFirstName("Test");
+		user.setLastName("User");
+		user.setUuid(DataHelper.createUuid());
+		String password = "password";
+		String seed = "seed";
+		String encodedPassword = PasswordHelper.encodePassword(password, seed);
+		user.setPassword(encodedPassword);
+		user.setSeed(seed);
+		user.setActive(true);
+		user.setUserRoles(new HashSet<>(Arrays.asList(getUserRole(DefaultUserRole.ADMIN), getUserRole(DefaultUserRole.NATIONAL_USER))));
+
+		beanTest.getUserService().persist(user);
+		return user;
+	}
 }

From 836968e2b56497d9a217572ba4d9dccdd69291b2 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 23 Oct 2024 14:08:14 +0000
Subject: [PATCH 67/95] update with upstream development branch

---
 .../environmentsample/EnvironmentSampleEditForm.java   | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/samples/environmentsample/EnvironmentSampleEditForm.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/samples/environmentsample/EnvironmentSampleEditForm.java
index 884df0d1fca..530e5d69aea 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/samples/environmentsample/EnvironmentSampleEditForm.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/samples/environmentsample/EnvironmentSampleEditForm.java
@@ -369,10 +369,14 @@ private void addValidators() {
 	}
 
 	private Date getEarliestPathogenTestDate() {
-		List<PathogenTestDto> pathogenTests = FacadeProvider.getPathogenTestFacade().getAllByEnvironmentSample(getValue().toReference());
-		if (pathogenTests.isEmpty()) {
+		if (!isCreate) {
+			List<PathogenTestDto> pathogenTests = FacadeProvider.getPathogenTestFacade().getAllByEnvironmentSample(getValue().toReference());
+			if (pathogenTests.isEmpty()) {
+				return null;
+			}
+			return pathogenTests.stream().map(PathogenTestDto::getTestDateTime).filter(Objects::nonNull).min(Date::compareTo).orElseGet(() -> null);
+		} else {
 			return null;
 		}
-		return pathogenTests.stream().map(PathogenTestDto::getTestDateTime).filter(Objects::nonNull).min(Date::compareTo).orElseGet(() -> null);
 	}
 }

From 6e93bc42ffbb7230403d1bc04f1404e83db44c94 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 23 Oct 2024 14:36:57 +0000
Subject: [PATCH 68/95] white spaces removed from existing code

---
 .../symeda/sormas/api/task/TaskAssignee.java  | 16 +++++-----
 .../api/task/TaskContextIndexCriteria.java    | 32 +++++++++----------
 .../symeda/sormas/api/task/TaskDateType.java  | 12 +++----
 3 files changed, 30 insertions(+), 30 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskAssignee.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskAssignee.java
index b94998f9426..439b1e5dd06 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskAssignee.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskAssignee.java
@@ -4,12 +4,12 @@
 
 public enum TaskAssignee {
 
-    ALL,
-    CURRENT_USER,
-    OTHER_USERS;
-
-    @Override
-    public String toString() {
-        return I18nProperties.getEnumCaption(this);
-    }
+	ALL,
+	CURRENT_USER,
+	OTHER_USERS;
+
+	@Override
+	public String toString() {
+		return I18nProperties.getEnumCaption(this);
+	}
 }
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
index eea003bc3db..e80c4f30992 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
@@ -1,29 +1,29 @@
 package de.symeda.sormas.api.task;
 
+import java.io.Serializable;
+
 import de.symeda.sormas.api.audit.AuditIncludeProperty;
 import de.symeda.sormas.api.audit.AuditedClass;
 
-import java.io.Serializable;
-
 @AuditedClass
 public class TaskContextIndexCriteria implements Serializable, Cloneable {
 
-    private TaskContext taskContext;
-    @AuditIncludeProperty
-    private String uuid;
+	private TaskContext taskContext;
+	@AuditIncludeProperty
+	private String uuid;
 
-    public TaskContextIndexCriteria() {
-    }
+	public TaskContextIndexCriteria() {
+	}
 
-    public TaskContextIndexCriteria(TaskContext taskContext) {
-        this.taskContext = taskContext;
-    }
+	public TaskContextIndexCriteria(TaskContext taskContext) {
+		this.taskContext = taskContext;
+	}
 
-    public TaskContext getTaskContext() {
-        return taskContext;
-    }
+	public TaskContext getTaskContext() {
+		return taskContext;
+	}
 
-    public String getUuid() {
-        return uuid;
-    }
+	public String getUuid() {
+		return uuid;
+	}
 }
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskDateType.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskDateType.java
index 007b4704a14..30d065e2610 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskDateType.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskDateType.java
@@ -4,11 +4,11 @@
 
 public enum TaskDateType {
 
-    SUGGESTED_START_DATE,
-    DUE_DATE;
+	SUGGESTED_START_DATE,
+	DUE_DATE;
 
-    @Override
-    public String toString() {
-        return I18nProperties.getEnumCaption(this);
-    }
+	@Override
+	public String toString() {
+		return I18nProperties.getEnumCaption(this);
+	}
 }

From 7dd53724817780ad7002e179bef512c58fc17100 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 23 Oct 2024 15:35:12 +0000
Subject: [PATCH 69/95] removing white spaces and redundant changes

---
 .../de/symeda/sormas/api/task/TaskContextIndexCriteria.java   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
index e80c4f30992..488c7102514 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/task/TaskContextIndexCriteria.java
@@ -1,10 +1,10 @@
 package de.symeda.sormas.api.task;
 
-import java.io.Serializable;
-
 import de.symeda.sormas.api.audit.AuditIncludeProperty;
 import de.symeda.sormas.api.audit.AuditedClass;
 
+import java.io.Serializable;
+
 @AuditedClass
 public class TaskContextIndexCriteria implements Serializable, Cloneable {
 

From 8a023054b0e3d0f0d8f28ff3195a14b448c6d3f0 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 23 Oct 2024 15:35:52 +0000
Subject: [PATCH 70/95] removing white spaces and redundant changes on existing
 classes

---
 .../de/symeda/sormas/api/user/UserDto.java    |   2 +-
 .../de/symeda/sormas/api/user/UserFacade.java | 165 ++++++++-------
 .../symeda/sormas/api/user/UserRoleDto.java   | 194 +++++++++---------
 .../sormas/api/utils/PasswordHelper.java      |   1 -
 sormas-app/app/src/main/AndroidManifest.xml   |   4 +-
 .../app/backend/config/ConfigProvider.java    |   1 -
 .../app/login/ChangePasswordActivity.java     |   2 +-
 .../app/login/ChangePasswordViewModel.java    |   2 +-
 sormas-app/app/src/main/res/values/dimens.xml |  13 +-
 .../app/src/main/res/values/strings.xml       |   2 +-
 .../sormas/backend/user/UserService.java      |  14 +-
 .../backend/util/PasswordValidator.java       |   3 +-
 .../sormas/backend/AbstractBeanTest.java      |   3 -
 .../sormas/backend/TestDataCreator.java       |   2 +-
 .../backend/user/UserFacadeEjbTest.java       |  15 +-
 .../sormas/rest/resources/UserResource.java   |   1 +
 .../main/java/de/symeda/sormas/ui/Menu.java   |   1 +
 .../symeda/sormas/ui/user/UserController.java |  11 +-
 .../ui/utils/ConfirmationComponent.java       |   2 +-
 19 files changed, 231 insertions(+), 207 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
index 715e11a9ad1..ab9462a6465 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java
@@ -64,7 +64,7 @@ public class UserDto extends EntityDto {
 	public static final String ASSOCIATED_OFFICER = "associatedOfficer";
 	public static final String LABORATORY = "laboratory";
 	public static final String POINT_OF_ENTRY = "pointOfEntry";
-	public static final String LIMITED_DISEASES = "limitedDiseases";
+    public static final String LIMITED_DISEASES = "limitedDiseases";
 	public static final String LANGUAGE = "language";
 	public static final String HAS_CONSENTED_TO_GDPR = "hasConsentedToGdpr";
 	public static final String EXTERNAL_ID = "externalId";
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
index f7e58bff6e7..11e233b1533 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
@@ -42,15 +42,15 @@
 @Remote
 public interface UserFacade {
 
-    UserDto getByUuid(String uuid);
+	UserDto getByUuid(String uuid);
 
-    UserDto saveUser(@Valid UserDto dto, boolean isUserSettingsUpdate);
+	UserDto saveUser(@Valid UserDto dto, boolean isUserSettingsUpdate);
 
-    UserDto saveUserRolesAndRestrictions(UserDto user, Set<UserRoleReferenceDto> userRoles);
+	UserDto saveUserRolesAndRestrictions(UserDto user, Set<UserRoleReferenceDto> userRoles);
 
-    boolean isLoginUnique(String uuid, String userName);
+	boolean isLoginUnique(String uuid, String userName);
 
-    String resetPassword(String uuid);
+	String resetPassword(String uuid);
 
     String updateUserPassword(String uuid, String newPassword, String currentPassword);
 
@@ -62,109 +62,122 @@ public interface UserFacade {
 
     String generatePassword();
 
-    List<UserDto> getAllAfter(Date date);
+	List<UserDto> getAllAfter(Date date);
 
-    UserDto getByUserName(String userName);
+	UserDto getByUserName(String userName);
 
-    /**
-     * @param regionRef      reference of the region to be filtered for. When this region is null, it is not filtered in this regard.
-     *                       NOTE: some users don't have a region (often users with NATIONAL_USER role, for example). They will
-     *                       not be included when a region is specified, but otherwise they will.
-     * @param limitedDisease can be used to remove users from the return value that are limited to diseases other that limitedDisease.
-     * @param userRights     user rights to be filtered for.
-     * @return
-     */
-    List<UserReferenceDto> getUsersByRegionAndRights(RegionReferenceDto regionRef, Disease limitedDisease, UserRight... userRights);
+	/**
+	 *
+	 * @param regionRef
+	 *            reference of the region to be filtered for. When this region is null, it is not filtered in this regard.
+	 *            NOTE: some users don't have a region (often users with NATIONAL_USER role, for example). They will
+	 *            not be included when a region is specified, but otherwise they will.
+	 * @param limitedDisease
+	 *            can be used to remove users from the return value that are limited to diseases other that limitedDisease.
+	 * @param userRights
+	 *            user rights to be filtered for.
+	 * @return
+	 */
+	List<UserReferenceDto> getUsersByRegionAndRights(RegionReferenceDto regionRef, Disease limitedDisease, UserRight... userRights);
 
-    List<UserReferenceDto> getUsersWithSuperiorJurisdiction(UserDto user);
+	List<UserReferenceDto> getUsersWithSuperiorJurisdiction(UserDto user);
 
-    List<UserDto> getIndexList(UserCriteria userCriteria, Integer first, Integer max, List<SortProperty> sortProperties);
+	List<UserDto> getIndexList(UserCriteria userCriteria, Integer first, Integer max, List<SortProperty> sortProperties);
 
-    Page<UserDto> getIndexPage(UserCriteria userCriteria, int offset, int size, List<SortProperty> sortProperties);
+	Page<UserDto> getIndexPage(UserCriteria userCriteria, int offset, int size, List<SortProperty> sortProperties);
 
-    long count(UserCriteria userCriteria);
+	long count(UserCriteria userCriteria);
 
-    /**
-     * @param district       reference of the district to be filtered for. When this district is null, it is not filtered in this regard.
-     *                       NOTE: some users don't have a district (often users with NATIONAL_USER role, for example). They will
-     *                       not be included when a district is specified, but otherwise they will.
-     * @param limitedDisease can be used to remove users from the return value that are limited to diseases other that limitedDisease.
-     * @param userRights     user rights to be filtered for.
-     * @return
-     */
-    List<UserReferenceDto> getUserRefsByDistrict(DistrictReferenceDto district, Disease limitedDisease, UserRight... userRights);
+	/**
+	 *
+	 * @param district
+	 *            reference of the district to be filtered for. When this district is null, it is not filtered in this regard.
+	 *            NOTE: some users don't have a district (often users with NATIONAL_USER role, for example). They will
+	 *            not be included when a district is specified, but otherwise they will.
+	 * @param limitedDisease
+	 *            can be used to remove users from the return value that are limited to diseases other that limitedDisease.
+	 * @param userRights
+	 *            user rights to be filtered for.
+	 * @return
+	 */
+	List<UserReferenceDto> getUserRefsByDistrict(DistrictReferenceDto district, Disease limitedDisease, UserRight... userRights);
 
-    /**
-     * @param district                   reference of the district to be filtered for. When this district is null, it is not filtered in this regard.
-     *                                   NOTE: some users don't have a district (often users with NATIONAL_USER role, for example). They will
-     *                                   * not be included when a district is specified, but otherwise they will.
-     * @param excludeLimitedDiseaseUsers if true, all users limited to diseases are excluded from the return value.
-     * @param userRights                 user rights to be filtered for.
-     * @return
-     */
-    List<UserReferenceDto> getUserRefsByDistrict(DistrictReferenceDto district, boolean excludeLimitedDiseaseUsers, UserRight... userRights);
+	/**
+	 *
+	 * @param district
+	 *            reference of the district to be filtered for. When this district is null, it is not filtered in this regard.
+	 *            NOTE: some users don't have a district (often users with NATIONAL_USER role, for example). They will
+	 *            * not be included when a district is specified, but otherwise they will.
+	 * @param excludeLimitedDiseaseUsers
+	 *            if true, all users limited to diseases are excluded from the return value.
+	 * @param userRights
+	 *            user rights to be filtered for.
+	 * @return
+	 */
+	List<UserReferenceDto> getUserRefsByDistrict(DistrictReferenceDto district, boolean excludeLimitedDiseaseUsers, UserRight... userRights);
 
-    List<UserReferenceDto> getUserRefsByDistricts(List<DistrictReferenceDto> districts, Disease limitedDisease, UserRight... userRights);
+	List<UserReferenceDto> getUserRefsByDistricts(List<DistrictReferenceDto> districts, Disease limitedDisease, UserRight... userRights);
 
-    List<UserReferenceDto> getUserRefsByInfrastructure(
-            InfrastructureDataReferenceDto infrastructure,
-            JurisdictionLevel jurisdictionLevel,
-            JurisdictionLevel allowedJurisdictionLevel,
-            Disease limitedDisease,
-            UserRight... userRights);
+	List<UserReferenceDto> getUserRefsByInfrastructure(
+		InfrastructureDataReferenceDto infrastructure,
+		JurisdictionLevel jurisdictionLevel,
+		JurisdictionLevel allowedJurisdictionLevel,
+		Disease limitedDisease,
+		UserRight... userRights);
 
-    List<UserReferenceDto> getAllUserRefs(boolean includeInactive);
+	List<UserReferenceDto> getAllUserRefs(boolean includeInactive);
 
-    List<UserDto> getUsersByAssociatedOfficer(UserReferenceDto associatedOfficer, UserRight... userRights);
+	List<UserDto> getUsersByAssociatedOfficer(UserReferenceDto associatedOfficer, UserRight... userRights);
 
-    List<String> getAllUuids();
+	List<String> getAllUuids();
 
-    List<UserDto> getByUuids(List<String> uuids);
+	List<UserDto> getByUuids(List<String> uuids);
 
-    UserDto getCurrentUser();
+	UserDto getCurrentUser();
 
-    UserReferenceDto getCurrentUserAsReference();
+	UserReferenceDto getCurrentUserAsReference();
 
-    Set<UserRight> getValidLoginRights(String userName, String password);
+	Set<UserRight> getValidLoginRights(String userName, String password);
 
-    void removeUserAsSurveillanceAndContactOfficer(String userUuid);
+	void removeUserAsSurveillanceAndContactOfficer(String userUuid);
 
-    UserSyncResult syncUser(String userUuid);
+	UserSyncResult syncUser(String userUuid);
 
-    List<UserDto> getUsersWithDefaultPassword();
+	List<UserDto> getUsersWithDefaultPassword();
 
-    List<ProcessedEntity> enableUsers(List<String> userUuids);
+	List<ProcessedEntity> enableUsers(List<String> userUuids);
 
-    List<ProcessedEntity> disableUsers(List<String> userUuids);
+	List<ProcessedEntity> disableUsers(List<String> userUuids);
 
-    List<UserReferenceDto> getUsersHavingCaseInJurisdiction(CaseReferenceDto caseReferenceDto);
+	List<UserReferenceDto> getUsersHavingCaseInJurisdiction(CaseReferenceDto caseReferenceDto);
 
-    List<UserReferenceDto> getUsersHavingContactInJurisdiction(ContactReferenceDto contactReferenceDto);
+	List<UserReferenceDto> getUsersHavingContactInJurisdiction(ContactReferenceDto contactReferenceDto);
 
-    List<UserReferenceDto> getUsersHavingEventInJurisdiction(EventReferenceDto event);
+	List<UserReferenceDto> getUsersHavingEventInJurisdiction(EventReferenceDto event);
 
-    List<UserReferenceDto> getUsersHavingTravelEntryInJurisdiction(TravelEntryReferenceDto travelEntryReferenceDto);
+	List<UserReferenceDto> getUsersHavingTravelEntryInJurisdiction(TravelEntryReferenceDto travelEntryReferenceDto);
 
-    List<UserReferenceDto> getUsersHavingEnvironmentInJurisdiction(EnvironmentReferenceDto environmentReferenceDto);
+	List<UserReferenceDto> getUsersHavingEnvironmentInJurisdiction(EnvironmentReferenceDto environmentReferenceDto);
 
-    List<UserReferenceWithTaskNumbersDto> getAssignableUsersWithTaskNumbers(@NotNull TaskContextIndexCriteria taskContextIndexCriteria);
+	List<UserReferenceWithTaskNumbersDto> getAssignableUsersWithTaskNumbers(@NotNull TaskContextIndexCriteria taskContextIndexCriteria);
 
-    Set<UserRoleDto> getUserRoles(UserDto user);
+	Set<UserRoleDto> getUserRoles(UserDto user);
 
-    long getUserCountHavingRole(UserRoleReferenceDto userRoleRef);
+	long getUserCountHavingRole(UserRoleReferenceDto userRoleRef);
 
-    List<UserReferenceDto> getUsersHavingOnlyRole(UserRoleReferenceDto userRoleRef);
+	List<UserReferenceDto> getUsersHavingOnlyRole(UserRoleReferenceDto userRoleRef);
 
-    /**
-     * Retrieves the user rights of the user specified by the passed UUID, or those of the current user if no UUID is specified.
-     * Requesting the user rights of another user without the rights to view users and user roles results in an AccessDeniedException.
-     *
-     * @param userUuid The UUID of the user to request the user rights for
-     * @return A set containing the user rights associated to all user roles assigned to the user
-     */
-    List<UserRight> getUserRights(String userUuid);
+	/**
+	 * Retrieves the user rights of the user specified by the passed UUID, or those of the current user if no UUID is specified.
+	 * Requesting the user rights of another user without the rights to view users and user roles results in an AccessDeniedException.
+	 *
+	 * @param userUuid
+	 *            The UUID of the user to request the user rights for
+	 * @return A set containing the user rights associated to all user roles assigned to the user
+	 */
+	List<UserRight> getUserRights(String userUuid);
 
-    void syncUsersFromAuthenticationProvider();
+	void syncUsersFromAuthenticationProvider();
 
-    boolean isSyncEnabled();
+	boolean isSyncEnabled();
 }
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
index a8c54c57b0e..d319f444150 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
@@ -39,103 +39,103 @@
 
 public class UserRoleDto extends EntityDto {
 
-    private static final long serialVersionUID = -547459523041494446L;
-
-    public static final String I18N_PREFIX = "UserRole";
-
-    public static final String USER_RIGHTS = "userRights";
-    public static final String CAPTION = "caption";
-    public static final String JURISDICTION_LEVEL = "jurisdictionLevel";
-    public static final String DESCRIPTION = "description";
-    public static final String ENABLED = "enabled";
-    public static final String HAS_OPTIONAL_HEALTH_FACILITY = "hasOptionalHealthFacility";
-    public static final String HAS_ASSOCIATED_DISTRICT_USER = "hasAssociatedDistrictUser";
-    public static final String PORT_HEALTH_USER = "portHealthUser";
-    public static final String NOTIFICATION_TYPES = "notificationTypes";
-    public static final String LINKED_DEFAULT_USER_ROLE = "linkedDefaultUserRole";
-    public static final String RESTRICT_ACCESS_TO_ASSIGNED_ENTITIES = "restrictAccessToAssignedEntities";
-
-    private Set<UserRight> userRights;
-    private boolean enabled = true;
-
-    @Size(max = FieldConstraints.CHARACTER_LIMIT_DEFAULT, message = Validations.textTooLong)
-    private String caption;
-    @Size(max = FieldConstraints.CHARACTER_LIMIT_BIG, message = Validations.textTooLong)
-    private String description;
-    private boolean hasOptionalHealthFacility = false;
-    private boolean hasAssociatedDistrictUser = true;
-    private boolean portHealthUser = false;
-    private DefaultUserRole linkedDefaultUserRole;
-    private JurisdictionLevel jurisdictionLevel;
-    private Set<NotificationType> emailNotificationTypes = Collections.emptySet();
-    private Set<NotificationType> smsNotificationTypes = Collections.emptySet();
-    private boolean restrictAccessToAssignedEntities = false;
-
-    public static UserRoleDto build(UserRight... userRights) {
-
-        UserRoleDto dto = new UserRoleDto();
-        dto.setUuid(DataHelper.createUuid());
-        Set<UserRight> userRightsSet = new HashSet<>();
-        userRightsSet.addAll(Arrays.asList(userRights));
-        dto.setUserRights(userRightsSet);
-        return dto;
-    }
-
-    public Set<UserRight> getUserRights() {
-        return userRights;
-    }
-
-    public void setUserRights(Set<UserRight> userRights) {
-        this.userRights = userRights;
-    }
-
-    public boolean isEnabled() {
-        return enabled;
-    }
-
-    public void setEnabled(boolean enabled) {
-        this.enabled = enabled;
-    }
-
-    public String getCaption() {
-        return caption;
-    }
-
-    public void setCaption(String caption) {
-        this.caption = caption;
-    }
-
-    public String getDescription() {
-        return description;
-    }
-
-    public void setDescription(String description) {
-        this.description = description;
-    }
-
-    public boolean getHasOptionalHealthFacility() {
-        return hasOptionalHealthFacility;
-    }
-
-    public void setHasOptionalHealthFacility(boolean hasOptionalHealthFacility) {
-        this.hasOptionalHealthFacility = hasOptionalHealthFacility;
-    }
-
-    public boolean getHasAssociatedDistrictUser() {
-        return hasAssociatedDistrictUser;
-    }
-
-    public void setHasAssociatedDistrictUser(boolean hasAssociatedDistrictUser) {
-        this.hasAssociatedDistrictUser = hasAssociatedDistrictUser;
-    }
-
-    public boolean isPortHealthUser() {
-        return portHealthUser;
-    }
-
-    public void setPortHealthUser(boolean portHealthUser) {
-        this.portHealthUser = portHealthUser;
-    }
+	private static final long serialVersionUID = -547459523041494446L;
+
+	public static final String I18N_PREFIX = "UserRole";
+
+	public static final String USER_RIGHTS = "userRights";
+	public static final String CAPTION = "caption";
+	public static final String JURISDICTION_LEVEL = "jurisdictionLevel";
+	public static final String DESCRIPTION = "description";
+	public static final String ENABLED = "enabled";
+	public static final String HAS_OPTIONAL_HEALTH_FACILITY = "hasOptionalHealthFacility";
+	public static final String HAS_ASSOCIATED_DISTRICT_USER = "hasAssociatedDistrictUser";
+	public static final String PORT_HEALTH_USER = "portHealthUser";
+	public static final String NOTIFICATION_TYPES = "notificationTypes";
+	public static final String LINKED_DEFAULT_USER_ROLE = "linkedDefaultUserRole";
+	public static final String RESTRICT_ACCESS_TO_ASSIGNED_ENTITIES = "restrictAccessToAssignedEntities";
+
+	private Set<UserRight> userRights;
+	private boolean enabled = true;
+
+	@Size(max = FieldConstraints.CHARACTER_LIMIT_DEFAULT, message = Validations.textTooLong)
+	private String caption;
+	@Size(max = FieldConstraints.CHARACTER_LIMIT_BIG, message = Validations.textTooLong)
+	private String description;
+	private boolean hasOptionalHealthFacility = false;
+	private boolean hasAssociatedDistrictUser = true;
+	private boolean portHealthUser = false;
+	private DefaultUserRole linkedDefaultUserRole;
+	private JurisdictionLevel jurisdictionLevel;
+	private Set<NotificationType> emailNotificationTypes = Collections.emptySet();
+	private Set<NotificationType> smsNotificationTypes = Collections.emptySet();
+	private boolean restrictAccessToAssignedEntities = false;
+
+	public static UserRoleDto build(UserRight... userRights) {
+
+		UserRoleDto dto = new UserRoleDto();
+		dto.setUuid(DataHelper.createUuid());
+		Set<UserRight> userRightsSet = new HashSet<>();
+		userRightsSet.addAll(Arrays.asList(userRights));
+		dto.setUserRights(userRightsSet);
+		return dto;
+	}
+
+	public Set<UserRight> getUserRights() {
+		return userRights;
+	}
+
+	public void setUserRights(Set<UserRight> userRights) {
+		this.userRights = userRights;
+	}
+
+	public boolean isEnabled() {
+		return enabled;
+	}
+
+	public void setEnabled(boolean enabled) {
+		this.enabled = enabled;
+	}
+
+	public String getCaption() {
+		return caption;
+	}
+
+	public void setCaption(String caption) {
+		this.caption = caption;
+	}
+
+	public String getDescription() {
+		return description;
+	}
+
+	public void setDescription(String description) {
+		this.description = description;
+	}
+
+	public boolean getHasOptionalHealthFacility() {
+		return hasOptionalHealthFacility;
+	}
+
+	public void setHasOptionalHealthFacility(boolean hasOptionalHealthFacility) {
+		this.hasOptionalHealthFacility = hasOptionalHealthFacility;
+	}
+
+	public boolean getHasAssociatedDistrictUser() {
+		return hasAssociatedDistrictUser;
+	}
+
+	public void setHasAssociatedDistrictUser(boolean hasAssociatedDistrictUser) {
+		this.hasAssociatedDistrictUser = hasAssociatedDistrictUser;
+	}
+
+	public boolean isPortHealthUser() {
+		return portHealthUser;
+	}
+
+	public void setPortHealthUser(boolean portHealthUser) {
+		this.portHealthUser = portHealthUser;
+	}
 
     public JurisdictionLevel getJurisdictionLevel() {
         return jurisdictionLevel;
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java b/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
index 449736d4977..e453d69ea63 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
@@ -33,7 +33,6 @@ private PasswordHelper() {
     }
 
     private static final char[] PASSWORD_CHARS = new char[26 - 2 + 26 - 3 + 8];
-
     static {
         int i = 0;
         for (char ch = 'a'; ch <= 'z'; ch++) {
diff --git a/sormas-app/app/src/main/AndroidManifest.xml b/sormas-app/app/src/main/AndroidManifest.xml
index 04da6058191..866ec00ebf0 100644
--- a/sormas-app/app/src/main/AndroidManifest.xml
+++ b/sormas-app/app/src/main/AndroidManifest.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <manifest xmlns:android="http://schemas.android.com/apk/res/android">
 
-    <uses-permission android:name="android.permission.VIBRATE" />
+    <uses-permission android:name="android.permission.VIBRATE"/>
     <uses-permission android:name="android.permission.INTERNET" />
     <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
     <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
@@ -12,7 +12,7 @@
     <uses-permission android:name="android.permission.WAKE_LOCK" />
     <uses-feature android:name="android.hardware.location.gps" />
     <uses-permission android:name="android.permission.CAMERA" />
-    <uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
+    <uses-permission android:name="android.permission.FOREGROUND_SERVICE"/>
     <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
 
     <application
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
index b151a4d578c..78a6e6bfaea 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
@@ -130,7 +130,6 @@ private ConfigProvider(Context context) {
         this.context = context;
     }
 
-
     private boolean hasDeviceEncryption() {
 
         // Device encryption is no longer used, because it's not reliably implemented
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index ef2150d57a2..f57460d900e 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -340,4 +340,4 @@ public void hidePreloader() {
             fragmentFrame.setVisibility(View.VISIBLE);
         }
     }
-}
+}
\ No newline at end of file
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordViewModel.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordViewModel.java
index 103f80c0004..fc09783a63a 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordViewModel.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordViewModel.java
@@ -46,4 +46,4 @@ public String getConfirmPassword() {
     public void setConfirmPassword(String confirmPassword) {
         this.confirmPassword = confirmPassword;
     }
-}
+}
\ No newline at end of file
diff --git a/sormas-app/app/src/main/res/values/dimens.xml b/sormas-app/app/src/main/res/values/dimens.xml
index c587d96ed40..f015359ef87 100644
--- a/sormas-app/app/src/main/res/values/dimens.xml
+++ b/sormas-app/app/src/main/res/values/dimens.xml
@@ -16,7 +16,7 @@
   ~ along with this program.  If not, see <https://www.gnu.org/licenses/>.
   -->
 
-<resources xmlns:tools="http://schemas.android.com/tools">
+<resources xmlns:tools="http://schemas.android.com/tools" >
     <!-- Default screen margins, per the Android Design guidelines. -->
     <!-- Martin -->
     <dimen name="activity_vertical_margin">16dp</dimen>
@@ -60,6 +60,7 @@
     <dimen name="simple_dialog_button_margin">12dp</dimen>
 
 
+
     <dimen name="defaultControlVerticalPadding">16dp</dimen>
     <dimen name="defaultControlHorizontalPadding">16dp</dimen>
     <dimen name="defaultControlRadius">5dp</dimen>
@@ -191,6 +192,9 @@
     <dimen name="drawerNotificationCounterRadius">10dp</dimen>
 
 
+
+
+
     <dimen name="activitySubHeadingHeight">48dp</dimen>
     <dimen name="activitySubHeadingHorizontalPadding">24dp</dimen>
     <dimen name="activitySubHeadingVerticalPadding">0dp</dimen>
@@ -217,6 +221,7 @@
     <dimen name="overflowMenuElevation">4dp</dimen>
 
 
+
     <!-- List Layoutrs -->
     <dimen name="rowListItemPadding">24dp</dimen>
     <dimen name="rowListItemHorizontalMargin">24dp</dimen>
@@ -257,6 +262,7 @@
     <dimen name="navigationNumberTextSize">34sp</dimen>
 
 
+
     <!-- Landing Page Menu -->
     <dimen name="subMenuPadding">1dp</dimen>
     <dimen name="subMenuHeaderHeight">48dp</dimen>
@@ -278,6 +284,10 @@
     <dimen name="subMenuCounterPadding">8dp</dimen>
 
 
+
+
+
+
     <!-- Landing Summary -->
     <dimen name="summaryCellHeight">146dp</dimen>
     <dimen name="summaryCellTitleTextSize">12sp</dimen>
@@ -340,6 +350,7 @@
     <dimen name="sectionListRowSelectedStrokeSize">1.5dp</dimen>
 
 
+
     <dimen name="verySmallTextSize">10sp</dimen>
     <dimen name="textSizeNormal">14sp</dimen>
     <dimen name="textSizeLarge">16sp</dimen>
diff --git a/sormas-app/app/src/main/res/values/strings.xml b/sormas-app/app/src/main/res/values/strings.xml
index 8b19cbeac4c..0a79179a865 100644
--- a/sormas-app/app/src/main/res/values/strings.xml
+++ b/sormas-app/app/src/main/res/values/strings.xml
@@ -212,7 +212,7 @@
     <string name="caption_not_a_contact">Not a Contact</string>
     <string name="caption_not_an_event">Not an Event</string>
     <string name="caption_outbreak">Outbreaks</string>
-    <string name="caption_password">Enter Password</string>
+    <string name="caption_password">Password</string>
     <string name="caption_patient_information">Patient Information</string>
     <string name="caption_pending">Pending</string>
     <string name="caption_period_end">Period End</string>
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
index 3574089354f..26ec7b0be64 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
@@ -111,7 +111,8 @@ public User createUser() {
     /**
      * Fetches a use from the DB by its username. The check is done case-insensitive.
      *
-     * @param userName The username in any casing.
+	 * @param userName
+	 *            The username in any casing.
      * @return The corresponding User object from the DB.
      */
     public User getByUserName(String userName) {
@@ -188,12 +189,12 @@ public List<User> getAllByDistrictsAndUserRights(List<District> districts, Colle
      * Condition combination if parameter is set:<br />
      * {@code ((regionUuids & districtUuids & filterByJurisdiction & userRoles) | includeSupervisors) & activeOnly}
      *
+	 * @see #createCurrentUserJurisdictionFilter(CriteriaBuilder, From)
      * @param regionUuids
      * @param districtUuids
      * @param filterByCurrentUserJurisdiction
      * @param activeOnly
      * @param userRights
-     * @see #createCurrentUserJurisdictionFilter(CriteriaBuilder, From)
      */
     public List<UserReference> getUserReferences(List<String> regionUuids, List<String> districtUuids, boolean activeOnly, UserRight... userRights) {
 
@@ -224,13 +225,13 @@ public List<UserReference> getUserReferences(
      * Condition combination if parameter is set:<br />
      * {@code ((regionUuids & districtUuids & communityUuids & filterByJurisdiction & userRoles) | includeSupervisors) & activeOnly}
      *
+	 * @see #createCurrentUserJurisdictionFilter(CriteriaBuilder, From)
      * @param regionUuids
      * @param districtUuids
      * @param communityUuids
      * @param filterByJurisdiction
      * @param activeOnly
      * @param userRights
-     * @see #createCurrentUserJurisdictionFilter(CriteriaBuilder, From)
      */
     public List<UserReference> getUserReferences(
             List<String> regionUuids,
@@ -766,6 +767,7 @@ public Long countByAssignedOfficer(User officer, UserRight userRights) {
     }
 
     /**
+	 *
      * @param districts
      * @param userRight
      * @return Number of users with specified UserRight on district level
@@ -784,6 +786,7 @@ public Long countByDistricts(List<District> districts, UserRight userRight) {
     }
 
     /**
+	 *
      * @param districts
      * @return Number of users with specified UserRight on community level
      */
@@ -801,6 +804,7 @@ public Long countByCommunities(List<District> districts, UserRight userRight) {
     }
 
     /**
+	 *
      * @param districts
      * @return Number of users with specified UserRight on health facility level
      */
@@ -818,6 +822,7 @@ public Long countByHealthFacilities(List<District> districts, UserRight userRigh
     }
 
     /**
+	 *
      * @param districts
      * @return Number of users with specified UserRight on pointOfEntry level
      */
@@ -847,7 +852,8 @@ public boolean hasRegion(RegionReferenceDto regionReference) {
     }
 
     /**
-     * @param root root to {@link User} or {@link UserReference}.
+	 * @param root
+	 *            root to {@link User} or {@link UserReference}.
      */
     private Predicate createDefaultFilter(CriteriaBuilder cb, From<?, ?> root) {
         return cb.isTrue(root.get(User.ACTIVE));
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
index c642dd867c4..35303633cbe 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
@@ -40,5 +40,4 @@ private static boolean hasCapitalLetter(String password) {
     private static boolean hasLowercaseLetter(String password) {
         return password.chars().anyMatch(Character::isLowerCase);
     }
-
-}
+}
\ No newline at end of file
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
index 8376ca63389..78acb59a7a1 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
@@ -860,7 +860,6 @@ protected UserDto useNationalUserLogin() {
     }
 
     protected UserDto useNationalAdminLogin() {
-
         if (nationalAdmin == null) {
             // we don't use TestDataCreator.createUser here, because we first need any user to have the user right to access backend facades
             User user = new User();
@@ -876,9 +875,7 @@ protected UserDto useNationalAdminLogin() {
 
             getUserService().persist(user);
             nationalAdmin = getUserFacade().getByUuid(user.getUuid());
-
         }
-
         return loginWith(nationalAdmin);
     }
 
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
index 1cb7eb43884..73002f0f7b9 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
@@ -145,7 +145,6 @@
 import de.symeda.sormas.api.user.UserRoleDto;
 import de.symeda.sormas.api.user.UserRoleReferenceDto;
 import de.symeda.sormas.api.utils.DataHelper;
-import de.symeda.sormas.api.utils.PasswordHelper;
 import de.symeda.sormas.api.vaccination.VaccinationDto;
 import de.symeda.sormas.api.visit.VisitDto;
 import de.symeda.sormas.api.visit.VisitStatus;
@@ -163,6 +162,7 @@
 import de.symeda.sormas.backend.sormastosormas.share.outgoing.SormasToSormasShareInfo;
 import de.symeda.sormas.backend.user.User;
 import de.symeda.sormas.backend.user.UserRole;
+import de.symeda.sormas.api.utils.PasswordHelper;
 
 public class TestDataCreator {
 
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
index 76106a9d831..5b42307a30c 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
@@ -64,7 +64,6 @@
 import de.symeda.sormas.backend.infrastructure.region.RegionFacadeEjb;
 import de.symeda.sormas.backend.infrastructure.region.RegionService;
 import static org.junit.jupiter.api.Assertions.assertNotEquals;
-import static org.mockito.Mockito.when;
 
 public class UserFacadeEjbTest extends AbstractBeanTest {
 
@@ -189,7 +188,7 @@ public void testGetValidLoginRoles() {
         AuthProvider authProvider = mock(AuthProvider.class);
 
         MockedStatic<AuthProvider> mockAuthProvider = mockStatic(AuthProvider.class);
-        when(AuthProvider.getProvider(any())).thenReturn(authProvider);
+		Mockito.when(AuthProvider.getProvider(any())).thenReturn(authProvider);
 
         RDCF rdcf = creator.createRDCF();
         UserDto user = creator.createUser(rdcf, creator.getUserRoleReference(SURVEILLANCE_SUPERVISOR));
@@ -199,7 +198,7 @@ public void testGetValidLoginRoles() {
         assertThat(
                 validLoginRights,
                 containsInAnyOrder(
-                        UserRole.getUserRights(Collections.singletonList(creator.getUserRole(SURVEILLANCE_SUPERVISOR))).toArray(new UserRight[]{})));
+				UserRole.getUserRights(Collections.singletonList(creator.getUserRole(SURVEILLANCE_SUPERVISOR))).toArray(new UserRight[] {})));
 
         user.setActive(false);
         getUserFacade().saveUser(user, false);
@@ -225,20 +224,20 @@ public void testGetExistentDefaultUsers() {
         }
 
         for (User user : testUsers) {
-            loginWith(getUserFacade().toDto(user));
+			loginWith(UserFacadeEjb.toDto(user));
             List<UserDto> persistedDefaultUsers = getUserFacade().getUsersWithDefaultPassword();
 
             if (user.hasUserRight(UserRight.USER_EDIT)) {
                 assertEquals(defaultUsers.size(), persistedDefaultUsers.size());
                 for (User defUser : defaultUsers) {
-                    assertThat(persistedDefaultUsers, hasItem(getUserFacade().toDto(defUser)));
+					assertThat(persistedDefaultUsers, hasItem(UserFacadeEjb.toDto(defUser)));
                 }
                 for (User randomUser : randomUsers) {
-                    assertThat(persistedDefaultUsers, not(hasItem(getUserFacade().toDto(randomUser))));
+					assertThat(persistedDefaultUsers, not(hasItem(UserFacadeEjb.toDto(randomUser))));
                 }
             } else if (defaultUsers.contains(user)) {
                 assertEquals(1, persistedDefaultUsers.size());
-                assertEquals(getUserFacade().toDto(user), persistedDefaultUsers.get(0));
+				assertEquals(UserFacadeEjb.toDto(user), persistedDefaultUsers.get(0));
             } else {
                 assertEquals(0, persistedDefaultUsers.size());
             }
@@ -465,7 +464,7 @@ void getUserRights() {
         RDCF rdcf = creator.createRDCF();
         UserDto userWithoutAccess = creator.createSurveillanceOfficer(rdcf);
         UserRight[] surveillanceOfficerRights =
-                UserRole.getUserRights(Collections.singletonList(creator.getUserRole(SURVEILLANCE_OFFICER))).toArray(new UserRight[]{});
+			UserRole.getUserRights(Collections.singletonList(creator.getUserRole(SURVEILLANCE_OFFICER))).toArray(new UserRight[] {});
 
         // Successfully retrieve user rights of other user
         loginWith(nationalAdmin);
diff --git a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
index 561b3d4762f..9e555fe6270 100644
--- a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
+++ b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
@@ -40,6 +40,7 @@
 /**
  * @see <a href="https://jersey.java.net/documentation/latest/">Jersey documentation</a>
  * @see <a href="https://jersey.java.net/documentation/latest/jaxrs-resources.html#d0e2051">Jersey documentation HTTP Methods</a>
+ *
  */
 @Path("/users")
 @Produces(MediaType.APPLICATION_JSON + "; charset=UTF-8")
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
index fa18733bd69..f91433a3106 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
@@ -75,6 +75,7 @@ public Menu(Navigator navigator) {
         setPrimaryStyleName(ValoTheme.MENU_ROOT);
         menuPart = new CssLayout();
         menuPart.addStyleName(ValoTheme.MENU_PART);
+
         // header of the menu
         final HorizontalLayout top = new HorizontalLayout();
         top.setDefaultComponentAlignment(Alignment.MIDDLE_CENTER);
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 60ba400f983..aa194552119 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -17,13 +17,9 @@
  *******************************************************************************/
 package de.symeda.sormas.ui.user;
 
-import static de.symeda.sormas.ui.utils.CssStyles.LABEL_CRITICAL;
-import static de.symeda.sormas.ui.utils.CssStyles.LABEL_POSITIVE;
-
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
-import java.util.Objects;
 import java.util.Set;
 import java.util.function.Consumer;
 import java.util.stream.Collectors;
@@ -59,10 +55,8 @@
 import de.symeda.sormas.api.user.UserRight;
 import de.symeda.sormas.api.user.UserRoleDto;
 import de.symeda.sormas.api.utils.DataHelper;
-import de.symeda.sormas.ui.ControllerProvider;
 import de.symeda.sormas.ui.SormasUI;
 import de.symeda.sormas.ui.UiUtil;
-import de.symeda.sormas.ui.UserProvider;
 import de.symeda.sormas.ui.utils.BulkOperationHandler;
 import de.symeda.sormas.ui.utils.ButtonHelper;
 import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent;
@@ -70,6 +64,11 @@
 import de.symeda.sormas.ui.utils.ConfirmationComponent;
 import de.symeda.sormas.ui.utils.CssStyles;
 import de.symeda.sormas.ui.utils.VaadinUiUtil;
+import static de.symeda.sormas.ui.utils.CssStyles.LABEL_CRITICAL;
+import static de.symeda.sormas.ui.utils.CssStyles.LABEL_POSITIVE;
+import de.symeda.sormas.ui.UserProvider;
+import java.util.Objects;
+import de.symeda.sormas.ui.ControllerProvider;
 
 public class UserController {
 
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/ConfirmationComponent.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/ConfirmationComponent.java
index 692b9f48cf0..04ace91340f 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/ConfirmationComponent.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/utils/ConfirmationComponent.java
@@ -108,7 +108,7 @@ public void removeDoneListener(DoneListener listener) {
 		doneListeners.remove(listener);
 	}
 
-	public void onDone() {
+	protected void onDone() {
 		for (DoneListener listener : doneListeners)
 			listener.onDone();
 	}

From 20e51a2bd5c7585bb3f294041f56e90b8c130405 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 23 Oct 2024 16:10:13 +0000
Subject: [PATCH 71/95] clear white spaces and redundant code after review

---
 .../symeda/sormas/api/user/UserRoleDto.java   | 282 +++++++++---------
 .../main/res/drawable/button_round_edges.xml  |   7 -
 .../main/res/drawable/ic_baseline_check_.xml  |  10 -
 3 files changed, 141 insertions(+), 158 deletions(-)
 delete mode 100644 sormas-app/app/src/main/res/drawable/button_round_edges.xml
 delete mode 100644 sormas-app/app/src/main/res/drawable/ic_baseline_check_.xml

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
index d319f444150..8016b1f17db 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserRoleDto.java
@@ -137,145 +137,145 @@ public void setPortHealthUser(boolean portHealthUser) {
 		this.portHealthUser = portHealthUser;
 	}
 
-    public JurisdictionLevel getJurisdictionLevel() {
-        return jurisdictionLevel;
-    }
-
-    public void setJurisdictionLevel(JurisdictionLevel jurisdictionLevel) {
-        this.jurisdictionLevel = jurisdictionLevel;
-    }
-
-    public Set<NotificationType> getEmailNotificationTypes() {
-        return emailNotificationTypes;
-    }
-
-    public void setEmailNotificationTypes(Set<NotificationType> emailNotificationTypes) {
-        this.emailNotificationTypes = emailNotificationTypes;
-    }
-
-    public Set<NotificationType> getSmsNotificationTypes() {
-        return smsNotificationTypes;
-    }
-
-    public void setSmsNotificationTypes(Set<NotificationType> smsNotificationTypes) {
-        this.smsNotificationTypes = smsNotificationTypes;
-    }
-
-    public UserRoleReferenceDto toReference() {
-        return new UserRoleReferenceDto(getUuid(), getCaption());
-    }
-
-    public static Set<UserRight> getUserRights(Collection<UserRoleDto> userRoles) {
-
-        return userRoles != null ? userRoles.stream().flatMap(role -> role.getUserRights().stream()).collect(Collectors.toSet()) : null;
-    }
-
-    public DefaultUserRole getLinkedDefaultUserRole() {
-        return linkedDefaultUserRole;
-    }
-
-    public void setLinkedDefaultUserRole(DefaultUserRole linkedDefaultUserRole) {
-        this.linkedDefaultUserRole = linkedDefaultUserRole;
-    }
-
-    public static JurisdictionLevel getJurisdictionLevel(Collection<UserRoleDto> roles) {
-
-        boolean laboratoryJurisdictionPresent = false;
-        for (UserRoleDto role : roles) {
-            final JurisdictionLevel jurisdictionLevel = role.getJurisdictionLevel();
-            if (roles.size() == 1 || (jurisdictionLevel != JurisdictionLevel.NONE && jurisdictionLevel != JurisdictionLevel.LABORATORY)) {
-                return jurisdictionLevel;
-            } else if (jurisdictionLevel == JurisdictionLevel.LABORATORY) {
-                laboratoryJurisdictionPresent = true;
-            }
-        }
-
-        return laboratoryJurisdictionPresent ? JurisdictionLevel.LABORATORY : JurisdictionLevel.NONE;
-    }
-
-    @JsonIgnore
-    public String i18nPrefix() {
-        return I18N_PREFIX;
-    }
-
-    @Transient
-    public NotificationTypes getNotificationTypes() {
-        return NotificationTypes.of(smsNotificationTypes, emailNotificationTypes);
-    }
-
-    @Transient
-    public void setNotificationTypes(NotificationTypes notificationTypes) {
-        this.smsNotificationTypes = notificationTypes.sms;
-        this.emailNotificationTypes = notificationTypes.email;
-    }
-
-    public boolean isRestrictAccessToAssignedEntities() {
-        return restrictAccessToAssignedEntities;
-    }
-
-    public void setRestrictAccessToAssignedEntities(boolean restrictAccessToAssignedEntities) {
-        this.restrictAccessToAssignedEntities = restrictAccessToAssignedEntities;
-    }
-
-    @Override
-    public String buildCaption() {
-        return caption;
-    }
-
-    @SuppressWarnings("serial")
-    public static class UserRoleValidationException extends ValidationException {
-
-        private final UserRoleDto checkedUserRole;
-        private final UserRoleDto forbiddenUserRole;
-
-        public UserRoleValidationException(UserRoleDto checkedUserRole, UserRoleDto forbiddenUserRole) {
-            super(
-                    checkedUserRole.getCaption() + " " + I18nProperties.getString(Strings.messageUserRoleCombination) + " "
-                            + forbiddenUserRole.getCaption());
-            this.checkedUserRole = checkedUserRole;
-            this.forbiddenUserRole = forbiddenUserRole;
-        }
-
-        public UserRoleDto getCheckedUserRole() {
-            return checkedUserRole;
-        }
-
-        public UserRoleDto getForbiddenUserRole() {
-            return forbiddenUserRole;
-        }
-    }
-
-    public static class NotificationTypes {
-
-        private final Set<NotificationType> sms;
-        private final Set<NotificationType> email;
-
-        private NotificationTypes(Set<NotificationType> sms, Set<NotificationType> email) {
-            this.sms = sms;
-            this.email = email;
-        }
-
-        public static NotificationTypes of(Set<NotificationType> sms, Set<NotificationType> email) {
-            return new NotificationTypes(sms, email);
-        }
-
-        public Set<NotificationType> getSms() {
-            return sms;
-        }
-
-        public Set<NotificationType> getEmail() {
-            return email;
-        }
-
-        @Override
-        public boolean equals(Object obj) {
-            if (!(obj instanceof NotificationTypes)) {
-                return false;
-            }
-
-            NotificationTypes notificationTypes = (NotificationTypes) obj;
-
-            return sms.equals(notificationTypes.sms) && email.equals(notificationTypes.email);
-        }
-    }
+	public JurisdictionLevel getJurisdictionLevel() {
+		return jurisdictionLevel;
+	}
+
+	public void setJurisdictionLevel(JurisdictionLevel jurisdictionLevel) {
+		this.jurisdictionLevel = jurisdictionLevel;
+	}
+
+	public Set<NotificationType> getEmailNotificationTypes() {
+		return emailNotificationTypes;
+	}
+
+	public void setEmailNotificationTypes(Set<NotificationType> emailNotificationTypes) {
+		this.emailNotificationTypes = emailNotificationTypes;
+	}
+
+	public Set<NotificationType> getSmsNotificationTypes() {
+		return smsNotificationTypes;
+	}
+
+	public void setSmsNotificationTypes(Set<NotificationType> smsNotificationTypes) {
+		this.smsNotificationTypes = smsNotificationTypes;
+	}
+
+	public UserRoleReferenceDto toReference() {
+		return new UserRoleReferenceDto(getUuid(), getCaption());
+	}
+
+	public static Set<UserRight> getUserRights(Collection<UserRoleDto> userRoles) {
+
+		return userRoles != null ? userRoles.stream().flatMap(role -> role.getUserRights().stream()).collect(Collectors.toSet()) : null;
+	}
+
+	public DefaultUserRole getLinkedDefaultUserRole() {
+		return linkedDefaultUserRole;
+	}
+
+	public void setLinkedDefaultUserRole(DefaultUserRole linkedDefaultUserRole) {
+		this.linkedDefaultUserRole = linkedDefaultUserRole;
+	}
+
+	public static JurisdictionLevel getJurisdictionLevel(Collection<UserRoleDto> roles) {
+
+		boolean laboratoryJurisdictionPresent = false;
+		for (UserRoleDto role : roles) {
+			final JurisdictionLevel jurisdictionLevel = role.getJurisdictionLevel();
+			if (roles.size() == 1 || (jurisdictionLevel != JurisdictionLevel.NONE && jurisdictionLevel != JurisdictionLevel.LABORATORY)) {
+				return jurisdictionLevel;
+			} else if (jurisdictionLevel == JurisdictionLevel.LABORATORY) {
+				laboratoryJurisdictionPresent = true;
+			}
+		}
+
+		return laboratoryJurisdictionPresent ? JurisdictionLevel.LABORATORY : JurisdictionLevel.NONE;
+	}
+
+	@JsonIgnore
+	public String i18nPrefix() {
+		return I18N_PREFIX;
+	}
+
+	@Transient
+	public NotificationTypes getNotificationTypes() {
+		return NotificationTypes.of(smsNotificationTypes, emailNotificationTypes);
+	}
+
+	@Transient
+	public void setNotificationTypes(NotificationTypes notificationTypes) {
+		this.smsNotificationTypes = notificationTypes.sms;
+		this.emailNotificationTypes = notificationTypes.email;
+	}
+
+	public boolean isRestrictAccessToAssignedEntities() {
+		return restrictAccessToAssignedEntities;
+	}
+
+	public void setRestrictAccessToAssignedEntities(boolean restrictAccessToAssignedEntities) {
+		this.restrictAccessToAssignedEntities = restrictAccessToAssignedEntities;
+	}
+
+	@Override
+	public String buildCaption() {
+		return caption;
+	}
+
+	@SuppressWarnings("serial")
+	public static class UserRoleValidationException extends ValidationException {
+
+		private final UserRoleDto checkedUserRole;
+		private final UserRoleDto forbiddenUserRole;
+
+		public UserRoleValidationException(UserRoleDto checkedUserRole, UserRoleDto forbiddenUserRole) {
+			super(
+				checkedUserRole.getCaption() + " " + I18nProperties.getString(Strings.messageUserRoleCombination) + " "
+					+ forbiddenUserRole.getCaption());
+			this.checkedUserRole = checkedUserRole;
+			this.forbiddenUserRole = forbiddenUserRole;
+		}
+
+		public UserRoleDto getCheckedUserRole() {
+			return checkedUserRole;
+		}
+
+		public UserRoleDto getForbiddenUserRole() {
+			return forbiddenUserRole;
+		}
+	}
+
+	public static class NotificationTypes {
+
+		private final Set<NotificationType> sms;
+		private final Set<NotificationType> email;
+
+		private NotificationTypes(Set<NotificationType> sms, Set<NotificationType> email) {
+			this.sms = sms;
+			this.email = email;
+		}
+
+		public static NotificationTypes of(Set<NotificationType> sms, Set<NotificationType> email) {
+			return new NotificationTypes(sms, email);
+		}
+
+		public Set<NotificationType> getSms() {
+			return sms;
+		}
+
+		public Set<NotificationType> getEmail() {
+			return email;
+		}
+
+		@Override
+		public boolean equals(Object obj) {
+			if (!(obj instanceof NotificationTypes)) {
+				return false;
+			}
+
+			NotificationTypes notificationTypes = (NotificationTypes) obj;
+
+			return sms.equals(notificationTypes.sms) && email.equals(notificationTypes.email);
+		}
+	}
 }
diff --git a/sormas-app/app/src/main/res/drawable/button_round_edges.xml b/sormas-app/app/src/main/res/drawable/button_round_edges.xml
deleted file mode 100644
index 2f91b0416a5..00000000000
--- a/sormas-app/app/src/main/res/drawable/button_round_edges.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<shape xmlns:android="http://schemas.android.com/apk/res/android">
-    <stroke android:color="@color/colorPrimary" android:width="1dp" />
-    <corners
-        android:radius="5dp"
-        />
-</shape>
\ No newline at end of file
diff --git a/sormas-app/app/src/main/res/drawable/ic_baseline_check_.xml b/sormas-app/app/src/main/res/drawable/ic_baseline_check_.xml
deleted file mode 100644
index 0432fa69bb7..00000000000
--- a/sormas-app/app/src/main/res/drawable/ic_baseline_check_.xml
+++ /dev/null
@@ -1,10 +0,0 @@
-<vector xmlns:android="http://schemas.android.com/apk/res/android"
-    android:width="24dp"
-    android:height="24dp"
-    android:viewportWidth="24"
-    android:viewportHeight="24"
-    android:tint="?attr/colorControlNormal">
-  <path
-      android:fillColor="@android:color/white"
-      android:pathData="M9,16.17L4.83,12l-1.42,1.41L9,19 21,7l-1.41,-1.41z"/>
-</vector>

From 002831412dcc9a92c90fe1c9c85869af0d093537 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 23 Oct 2024 16:19:47 +0000
Subject: [PATCH 72/95] trimming spaces after review

---
 .../app/backend/config/ConfigProvider.java    | 1668 ++++++++---------
 .../app/src/main/res/values/strings.xml       |    4 +-
 2 files changed, 836 insertions(+), 836 deletions(-)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
index 78a6e6bfaea..afd3ae0fd54 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
@@ -68,842 +68,842 @@
 
 public final class ConfigProvider {
 
-    private static String KEY_USERNAME = "username";
-    private static String KEY_PASSWORD = "password";
-    private static String KEY_PIN = "pin";
-    private static String KEY_SERVER_REST_URL = "serverRestUrl";
-    private static String KEY_ACCESS_GRANTED = "accessGranted";
-    private static String KEY_REPULL_NEEDED = "repullNeeded";
-    private static String LAST_NOTIFICATION_DATE = "lastNotificationDate";
-    private static final String LAST_OBSOLETE_UUIDS_SYNC_DATE = "lastObsoleteUuidsSyncDate";
-    private static String CURRENT_APP_DOWNLOAD_ID = "currentAppDownloadId";
-    private static String SERVER_LOCALE = "locale";
-    private static String SERVER_COUNTRY_NAME = "countryname";
-    private static String INITIAL_SYNC_REQUIRED = "initialSyncRequired";
-
-    private static String LBDS_SORMAS_PRIVATE_KEY_AES_SECRET = "lbdsSormasPrivateKeyAesSecret";
-    private static String LBDS_SORMAS_PRIVATE_KEY = "lbdsSormasPrivateKey";
-    private static String LBDS_SORMAS_PUBLIC_KEY = "lbdsSormasPublicKey";
-    private static String LBDS_SERVICE_PUBLIC_KEY = "lbdsServicePublicKey";
-    private static String LBDS_AES_SECRET = "lbdsAesSecret";
-    private static String LBDS_DEBUG_URL = "lbdsDebugUrl";
-
-    private static String LBDS_KEYSTORE_ALIAS_SORMAS_PRIVATE_KEY_AES_SECRET = "LBDS_PRIVATE_KEY_AES_SECRET";
-    private static String LBDS_KEYSTORE_ALIAS_AES_SECRET = "LBDS_AES_SECRET";
-
-    private static final String FULL_COUNTRY_LOCALE_PATTERN = "[a-zA-Z]*-[a-zA-Z]*";
-
-    public static ConfigProvider instance = null;
-
-    public static void init(Context context) {
-        if (instance != null) {
-            Log.e(ConfigProvider.class.getName(), "ConfigProvider has already been initalized");
-        }
-        instance = new ConfigProvider(context);
-    }
-
-    private final Context context;
-
-    private String serverRestUrl;
-    private String username;
-    private String password;
-    private String pin;
-    private User user;
-    private Set<UserRight> userRights; // just a cache
-    private Date lastNotificationDate;
-    private Date lastObsoleteUuidsSyncDate;
-    private Long currentAppDownloadId;
-    private Boolean accessGranted;
-    private String serverLocale;
-    private String serverCountryName;
-    private Boolean repullNeeded;
-    private Boolean initialSyncRequired;
-
-    private String lbdsSormasPrivateKeyAesSecret;
-    private String lbdsSormasPrivateKeyPKCS8;
-    private PublicKey lbdsSormasPublicKey;
-    private PublicKey lbdsServicePublicKey;
-    private String lbdsAesSecret;
-    private String serverLbdsDebugUrl;
-
-    private ConfigProvider(Context context) {
-        this.context = context;
-    }
-
-    private boolean hasDeviceEncryption() {
-
-        // Device encryption is no longer used, because it's not reliably implemented
-        // on old android devices (versions 5 and 6) - see #410
-        // As a replacement the database should be encrypted #905
-        return true;
+	private static String KEY_USERNAME = "username";
+	private static String KEY_PASSWORD = "password";
+	private static String KEY_PIN = "pin";
+	private static String KEY_SERVER_REST_URL = "serverRestUrl";
+	private static String KEY_ACCESS_GRANTED = "accessGranted";
+	private static String KEY_REPULL_NEEDED = "repullNeeded";
+	private static String LAST_NOTIFICATION_DATE = "lastNotificationDate";
+	private static final String LAST_OBSOLETE_UUIDS_SYNC_DATE = "lastObsoleteUuidsSyncDate";
+	private static String CURRENT_APP_DOWNLOAD_ID = "currentAppDownloadId";
+	private static String SERVER_LOCALE = "locale";
+	private static String SERVER_COUNTRY_NAME = "countryname";
+	private static String INITIAL_SYNC_REQUIRED = "initialSyncRequired";
+
+	private static String LBDS_SORMAS_PRIVATE_KEY_AES_SECRET = "lbdsSormasPrivateKeyAesSecret";
+	private static String LBDS_SORMAS_PRIVATE_KEY = "lbdsSormasPrivateKey";
+	private static String LBDS_SORMAS_PUBLIC_KEY = "lbdsSormasPublicKey";
+	private static String LBDS_SERVICE_PUBLIC_KEY = "lbdsServicePublicKey";
+	private static String LBDS_AES_SECRET = "lbdsAesSecret";
+	private static String LBDS_DEBUG_URL = "lbdsDebugUrl";
+
+	private static String LBDS_KEYSTORE_ALIAS_SORMAS_PRIVATE_KEY_AES_SECRET = "LBDS_PRIVATE_KEY_AES_SECRET";
+	private static String LBDS_KEYSTORE_ALIAS_AES_SECRET = "LBDS_AES_SECRET";
+
+	private static final String FULL_COUNTRY_LOCALE_PATTERN = "[a-zA-Z]*-[a-zA-Z]*";
+
+	public static ConfigProvider instance = null;
+
+	public static void init(Context context) {
+		if (instance != null) {
+			Log.e(ConfigProvider.class.getName(), "ConfigProvider has already been initalized");
+		}
+		instance = new ConfigProvider(context);
+	}
+
+	private final Context context;
+
+	private String serverRestUrl;
+	private String username;
+	private String password;
+	private String pin;
+	private User user;
+	private Set<UserRight> userRights; // just a cache
+	private Date lastNotificationDate;
+	private Date lastObsoleteUuidsSyncDate;
+	private Long currentAppDownloadId;
+	private Boolean accessGranted;
+	private String serverLocale;
+	private String serverCountryName;
+	private Boolean repullNeeded;
+	private Boolean initialSyncRequired;
+
+	private String lbdsSormasPrivateKeyAesSecret;
+	private String lbdsSormasPrivateKeyPKCS8;
+	private PublicKey lbdsSormasPublicKey;
+	private PublicKey lbdsServicePublicKey;
+	private String lbdsAesSecret;
+	private String serverLbdsDebugUrl;
+
+	private ConfigProvider(Context context) {
+		this.context = context;
+	}
+
+	private boolean hasDeviceEncryption() {
+
+		// Device encryption is no longer used, because it's not reliably implemented
+		// on old android devices (versions 5 and 6) - see #410
+		// As a replacement the database should be encrypted #905
+		return true;
 //        DevicePolicyManager dpm = (DevicePolicyManager) context.getSystemService(Context.DEVICE_POLICY_SERVICE);
 //        return dpm.getStorageEncryptionStatus() == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE ||
 //                dpm.getStorageEncryptionStatus() == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE_PER_USER ||
 //                dpm.getStorageEncryptionStatus() == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY;
-    }
-
-    /**
-     * If device encryption is not active, show a non-cancelable alert that blocks app usage
-     *
-     * @param activity
-     * @return
-     */
-    public static boolean ensureDeviceEncryption(final Activity activity) {
-
-        if (!instance.hasDeviceEncryption()) {
-            AlertDialog.Builder builder = new AlertDialog.Builder(activity);
-            builder.setCancelable(false);
-            builder.setMessage(R.string.message_encryption);
-            AlertDialog dialog = builder.create();
-            dialog.setButton(AlertDialog.BUTTON_POSITIVE, activity.getString(R.string.action_ok), new DialogInterface.OnClickListener() {
-
-                @Override
-                public void onClick(DialogInterface dialog, int which) {
-                    Activity finishActivity = activity;
-                    do {
-                        finishActivity.finish();
-                        finishActivity = finishActivity.getParent();
-                    }
-                    while (finishActivity != null);
-                }
-            });
-            dialog.show();
-            return false;
-        }
-        return true;
-    }
-
-    public static User getUser() {
-        synchronized (ConfigProvider.class) {
-            if (instance.user == null || instance.userRights == null) {
-                String username = getUsername();
-                String password = getPassword(); // needed to not automatically "login" again on logout with missing server connection
-                if (username != null && password != null) {
-                    instance.user = DatabaseHelper.getUserDao().getByUsername(username);
-                }
-            }
-            return instance.user;
-        }
-    }
-
-    public static Set<UserRight> getUserRights() {
-        synchronized (ConfigProvider.class) {
-            if (instance.userRights == null) {
-                User user = getUser();
-                if (user != null) {
-                    Set<UserRight> userRights = new HashSet();
-                    for (UserRole userRole : user.getUserRoles()) {
-                        userRights.addAll(userRole.getUserRights());
-                    }
-                    instance.userRights = userRights;
-                } else {
-                    return new HashSet();
-                }
-            }
-            return instance.userRights;
-        }
-    }
-
-    public static boolean hasUserRight(UserRight userRight) {
-        Set<UserRight> userRights = getUserRights();
-        return userRights != null && userRights.contains(userRight);
-    }
-
-    public static void clearUserRights() {
-        instance.userRights = null;
-    }
-
-    public static String getUsername() {
-        synchronized (ConfigProvider.class) {
-            if (instance.username == null) {
-                Config config = DatabaseHelper.getConfigDao().queryForId(KEY_USERNAME);
-                if (config != null) {
-                    instance.username = config.getValue();
-                }
-            }
-            return instance.username;
-        }
-    }
-
-    public static String getPassword() {
-        synchronized (ConfigProvider.class) {
-            if (instance.password == null) {
-                Config config = DatabaseHelper.getConfigDao().queryForId(KEY_PASSWORD);
-                if (config != null) {
-                    instance.password = config.getValue();
-                }
-            }
-            return instance.decodeCredential(instance.password, "Password");
-        }
-    }
-
-    public static String getPin() {
-        if (instance.pin == null) {
-            Config config = DatabaseHelper.getConfigDao().queryForId(KEY_PIN);
-            if (config != null) {
-                instance.pin = config.getValue();
-            }
-        }
-        return instance.decodeCredential(instance.pin, "PIN");
-    }
-
-    public static void clearUserLogin() {
-        // synchronized to make sure this does not interfere with setUserNameAndPassword or getUsername/getPassword
-        synchronized (ConfigProvider.class) {
-
-            ConfigDao configDao = DatabaseHelper.getConfigDao();
-            if (configDao.queryForId(KEY_PASSWORD) != null) {
-                configDao.delete(new Config(KEY_PASSWORD, ""));
-            }
-            instance.password = null;
-
-            // remember the username - needed to decide whether non-infrastructure data has to be cleared
-            // instance.username = null;
-
-            instance.user = null;
-            instance.accessGranted = null;
-            instance.lastNotificationDate = null;
-            instance.lastObsoleteUuidsSyncDate = null;
-            instance.userRights = null;
-
-            // old credentials are no longer valid
-            RetroProvider.disconnect();
-        }
-    }
-
-    public static void clearPin() {
-        instance.pin = null;
-
-        ConfigDao configDao = DatabaseHelper.getConfigDao();
-        if (configDao.queryForId(KEY_PIN) == null) {
-            return;
-        }
-
-        configDao.delete(new Config(KEY_PIN, ""));
-
-        setAccessGranted(false);
-    }
-
-    public static void setUsernameAndPassword(String username, String password) {
-        synchronized (ConfigProvider.class) {
-            if (username == null)
-                throw new NullPointerException("username");
-            if (password == null)
-                throw new NullPointerException("password");
-
-            password = instance.encodeCredential(password, "Password");
-
-            if (username.equals(instance.username) && password.equals(instance.password)) {
-                return;
-            }
-
-            if (!username.equals(instance.username)) {
-                DatabaseHelper.clearTables(false);
-            }
-
-            instance.user = null;
-            instance.username = username;
-            instance.password = password;
-
-            DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_USERNAME, username));
-            DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PASSWORD, password));
-
-            setRepullNeeded(true);
-        }
-    }
-
-    public static void setNewPassword(String password) {
-        
-        if (password == null)
-            throw new NullPointerException("password");
-        password = instance.encodeCredential(password, "Password");
-
-        instance.password = password;
-        DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PASSWORD, password));
-
-    }
-
-    public static void setPin(String pin) {
-        if (pin == null) {
-            throw new NullPointerException("pin");
-        }
-
-        pin = instance.encodeCredential(pin, "PIN");
-
-        if (pin.equals(instance.pin)) {
-            return;
-        }
-
-        instance.pin = pin;
-
-        DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PIN, pin));
-    }
-
-    private String encodeCredential(String clearCredential, String keyStoreAlias) {
-
-        if (clearCredential == null) {
-            return null;
-        }
-
-        if (!hasDeviceEncryption()) {
-            throw new IllegalStateException(context.getString(R.string.message_encryption));
-        }
-
-        try {
-            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
-            keyStore.load(null);
-
-            if (!keyStore.containsAlias(keyStoreAlias)) {
-                Calendar start = Calendar.getInstance();
-                Calendar end = Calendar.getInstance();
-                end.add(Calendar.YEAR, 1);
-
-                KeyPairGeneratorSpec credentialsSpec = new KeyPairGeneratorSpec.Builder(instance.context).setAlias(keyStoreAlias)
-                        .setSubject(new X500Principal("CN=SORMAS, O=symeda, C=Germany"))
-                        .setSerialNumber(BigInteger.ONE)
-                        .setStartDate(start.getTime())
-                        .setEndDate(end.getTime())
-                        .build();
-
-                KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
-                generator.initialize(credentialsSpec);
-                generator.generateKeyPair();
-            }
-
-            PublicKey publicKey;
-            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
-                publicKey = keyStore.getCertificate(keyStoreAlias).getPublicKey();
-            } else {
-                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(keyStoreAlias, null);
-                publicKey = privateKeyEntry.getCertificate().getPublicKey();
-            }
-
-            if (publicKey == null) {
-                return null;
-            }
-
-            Cipher input = Cipher.getInstance("RSA/ECB/PKCS1Padding");
-            input.init(Cipher.ENCRYPT_MODE, publicKey);
-
-            ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-            CipherOutputStream cipherOutputStream = new CipherOutputStream(outputStream, input);
-            cipherOutputStream.write(clearCredential.getBytes("UTF-8"));
-            cipherOutputStream.close();
-
-            byte[] resultByteArray = outputStream.toByteArray();
-            String result = Base64.encodeToString(resultByteArray, Base64.DEFAULT);
-            return result;
-
-        } catch (KeyStoreException
-                 | NoSuchAlgorithmException
-                 | NoSuchProviderException
-                 | UnrecoverableEntryException
-                 | IOException
-                 | NoSuchPaddingException
-                 | InvalidKeyException
-                 | CertificateException
-                 | InvalidAlgorithmParameterException e) {
-            throw new RuntimeException(e);
-        }
-    }
-
-    private String decodeCredential(String encodedCredential, String keyStoreAlias) {
-
-        if (encodedCredential == null) {
-            return null;
-        }
-
-        if (!hasDeviceEncryption()) {
-            throw new IllegalStateException(context.getString(R.string.message_encryption));
-        }
-
-        try {
-            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
-            keyStore.load(null);
-
-            PrivateKey privateKey;
-            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
-                privateKey = (PrivateKey) keyStore.getKey(keyStoreAlias, null);
-            } else {
-                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(keyStoreAlias, null);
-                privateKey = privateKeyEntry.getPrivateKey();
-            }
-
-            if (privateKey == null) {
-                return null;
-            }
-
-            Cipher decryptCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
-            decryptCipher.init(Cipher.DECRYPT_MODE, privateKey);
-
-            byte[] encodedBytes = Base64.decode(encodedCredential, Base64.DEFAULT);
-            InputStream inputStream = new ByteArrayInputStream(encodedBytes);
-            CipherInputStream cipherStream = new CipherInputStream(inputStream, decryptCipher);
-            byte[] passwordBytes = new byte[1024];
-            int passwordByteLength = cipherStream.read(passwordBytes);
-            cipherStream.close();
-
-            if (passwordByteLength <= 0) {
-                return null;
-            }
-
-            String result = new String(passwordBytes, 0, passwordByteLength, "UTF-8");
-            return result;
-
-        } catch (KeyStoreException
-                 | UnrecoverableEntryException
-                 | NoSuchAlgorithmException
-                 | CertificateException
-                 | InvalidKeyException
-                 | NoSuchPaddingException
-                 | IOException e) {
-            throw new RuntimeException(e);
-        }
-    }
-
-    private static void saveConfigEntry(String configKey, String configValue) {
-        if (configValue == null) {
-            DatabaseHelper.getConfigDao().delete(new Config(configKey, ""));
-        } else {
-            DatabaseHelper.getConfigDao().createOrUpdate(new Config(configKey, configValue));
-        }
-    }
-
-    public static String getServerRestUrl() {
-        if (instance.serverRestUrl == null)
-            synchronized (ConfigProvider.class) {
-                if (instance.serverRestUrl == null) {
-                    Config config = DatabaseHelper.getConfigDao().queryForId(KEY_SERVER_REST_URL);
-                    if (config != null) {
-                        instance.serverRestUrl = config.getValue();
-
-                        // take care of old mal-formatted urls
-                        String properServerRestUrl = toProperRestUrl(instance.serverRestUrl);
-                        if (!DataHelper.equal(instance.serverRestUrl, properServerRestUrl)) {
-                            instance.serverRestUrl = properServerRestUrl;
-                            saveConfigEntry(KEY_SERVER_REST_URL, instance.serverRestUrl);
-                        }
-                    }
-
-                    if (instance.serverRestUrl == null) {
-                        // fallback to default
-
-                        String serverUrlDefault = toProperRestUrl(SormasProperties.getServerUrlDefault());
-                        if (serverUrlDefault != null) {
-                            instance.serverRestUrl = serverUrlDefault;
-                            saveConfigEntry(KEY_SERVER_REST_URL, instance.serverRestUrl);
-                        }
-                    }
-                }
-            }
-        return instance.serverRestUrl;
-    }
-
-    public static void setServerRestUrl(String serverRestUrl) {
-
-        serverRestUrl = toProperRestUrl(serverRestUrl);
-        String currentServerRestUrl = getServerRestUrl();
-
-        if (DataHelper.equal(serverRestUrl, currentServerRestUrl))
-            return;
-
-        boolean wasNull = currentServerRestUrl == null;
-
-        instance.serverRestUrl = serverRestUrl;
-        saveConfigEntry(KEY_SERVER_REST_URL, serverRestUrl);
-
-        if (!wasNull) {
-            // new server: clear everything
-            clearUserLogin();
-            DatabaseHelper.clearTables(true);
-        }
-    }
-
-    private static String toProperRestUrl(String serverRestUrl) {
-        // clean up url
-        if (serverRestUrl != null) {
-            serverRestUrl = serverRestUrl.trim();
-        }
-        if (serverRestUrl != null && serverRestUrl.isEmpty()) {
-            serverRestUrl = null;
-        }
-        if (serverRestUrl != null && !serverRestUrl.endsWith("/")) {
-            serverRestUrl += "/";
-        }
-        return serverRestUrl;
-    }
-
-    public static Date getLastNotificationDate() {
-        if (instance.lastNotificationDate == null)
-            synchronized (ConfigProvider.class) {
-                if (instance.lastNotificationDate == null) {
-                    Config config = DatabaseHelper.getConfigDao().queryForId(LAST_NOTIFICATION_DATE);
-                    if (config != null) {
-                        instance.lastNotificationDate = new Date(Long.parseLong(config.getValue()));
-                    }
-
-                }
-            }
-        return instance.lastNotificationDate;
-    }
-
-    public static void setLastNotificationDate(Date lastNotificationDate) {
-        if (lastNotificationDate != null && lastNotificationDate.equals(instance.lastNotificationDate)) {
-            return;
-        }
-
-        instance.lastNotificationDate = lastNotificationDate;
-        saveConfigEntry(LAST_NOTIFICATION_DATE, lastNotificationDate != null ? String.valueOf(lastNotificationDate.getTime()) : null);
-    }
-
-    public static Date getLastObsoleteUuidsSyncDate() {
-        if (instance.lastObsoleteUuidsSyncDate == null) {
-            synchronized (ConfigProvider.class) {
-                if (instance.lastObsoleteUuidsSyncDate == null) {
-                    Config config = DatabaseHelper.getConfigDao().queryForId(LAST_OBSOLETE_UUIDS_SYNC_DATE);
-                    if (config != null) {
-                        instance.lastObsoleteUuidsSyncDate = new Date(Long.parseLong(config.getValue()));
-                    }
-
-                }
-            }
-        }
-
-        return instance.lastObsoleteUuidsSyncDate;
-    }
-
-    public static void setLastObsoleteUuidsSyncDate(Date lastObsoleteUuidsSyncDate) {
-        if (lastObsoleteUuidsSyncDate != null && lastObsoleteUuidsSyncDate.equals(instance.lastObsoleteUuidsSyncDate)) {
-            return;
-        }
-
-        instance.lastObsoleteUuidsSyncDate = lastObsoleteUuidsSyncDate;
-        saveConfigEntry(
-                LAST_OBSOLETE_UUIDS_SYNC_DATE,
-                lastObsoleteUuidsSyncDate != null ? String.valueOf(lastObsoleteUuidsSyncDate.getTime()) : null);
-    }
-
-    public static Long getCurrentAppDownloadId() {
-        if (instance.currentAppDownloadId == null) {
-            synchronized (ConfigProvider.class) {
-                if (instance.currentAppDownloadId == null) {
-                    Config config = DatabaseHelper.getConfigDao().queryForId(CURRENT_APP_DOWNLOAD_ID);
-                    if (config != null) {
-                        instance.currentAppDownloadId = DataHelper.tryParseLong(config.getValue());
-                    }
-                }
-            }
-        }
-        return instance.currentAppDownloadId;
-    }
-
-    public static void setCurrentAppDownloadId(Long currentAppDownloadId) {
-        if (currentAppDownloadId != null && currentAppDownloadId.equals(instance.currentAppDownloadId)) {
-            return;
-        }
-
-        instance.currentAppDownloadId = currentAppDownloadId;
-        saveConfigEntry(CURRENT_APP_DOWNLOAD_ID, currentAppDownloadId != null ? String.valueOf(currentAppDownloadId) : null);
-    }
-
-    public static Boolean isAccessGranted() {
-        if (instance.accessGranted == null) {
-            Config config = DatabaseHelper.getConfigDao().queryForId(KEY_ACCESS_GRANTED);
-            if (config != null) {
-                instance.accessGranted = Boolean.parseBoolean(config.getValue());
-            }
-        }
-        return instance.accessGranted;
-    }
-
-    public static void setAccessGranted(Boolean accessGranted) {
-        if (accessGranted == null) {
-            throw new NullPointerException("accessGranted");
-        }
-
-        if (accessGranted.equals(instance.accessGranted)) {
-            return;
-        }
-
-        instance.accessGranted = accessGranted;
-        DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_ACCESS_GRANTED, String.valueOf(accessGranted)));
-    }
-
-    /**
-     * When no locale is set Locale.getDefault is set.
-     * (Actually not relevant, because the locale is always updated to the server's, so this is just a fallback).
-     *
-     * @return Will never be null.
-     */
-    public static String getServerLocale() {
-        if (instance.serverLocale == null)
-            synchronized (ConfigProvider.class) {
-                if (instance.serverLocale == null) {
-                    Config config = DatabaseHelper.getConfigDao().queryForId(SERVER_LOCALE);
-                    if (config != null) {
-                        instance.serverLocale = config.getValue();
-                    }
-
-                    if (instance.serverLocale == null) {
-                        setServerLocale(Locale.getDefault().toString());
-                    }
-                }
-            }
-        return instance.serverLocale;
-    }
-
-    public static String getServerCountryCode() {
-        String locale = getServerLocale();
-        String normalizedLocale = normalizeLocaleString(locale);
-
-        if (normalizedLocale.contains("-")) {
-            return normalizedLocale.substring(normalizedLocale.lastIndexOf("-") + 1);
-        } else {
-            return normalizedLocale;
-        }
-    }
-
-    public static String getServerCountryName() {
-        if (instance.serverCountryName == null) {
-            synchronized (ConfigProvider.class) {
-                if (instance.serverCountryName == null) {
-                    Config config = DatabaseHelper.getConfigDao().queryForId(SERVER_COUNTRY_NAME);
-                    if (config != null) {
-                        instance.serverCountryName = config.getValue();
-                    }
-
-                    if (instance.serverCountryName == null) {
-                        setServerCountryName("");
-                    }
-                }
-            }
-        }
-        return instance.serverCountryName;
-    }
-
-    public static String normalizeLocaleString(String locale) {
-        locale = locale.trim();
-        int pos = Math.max(locale.indexOf('-'), locale.indexOf('_'));
-        if (pos < 0) {
-            locale = locale.toLowerCase();
-        } else {
-            locale = locale.substring(0, pos).toLowerCase(Locale.ENGLISH) + '-' + locale.substring(pos + 1).toUpperCase(Locale.ENGLISH);
-        }
-        return locale;
-    }
-
-    public static boolean isConfiguredServer(String countryCode) {
-        if (Pattern.matches(FULL_COUNTRY_LOCALE_PATTERN, getServerLocale())) {
-            return getServerLocale().toLowerCase().endsWith(countryCode.toLowerCase());
-        } else {
-            return getServerLocale().toLowerCase().startsWith(countryCode.toLowerCase());
-        }
-    }
-
-    /**
-     * Note: This will only take effect after the app has been restarted
-     */
-    public static void setServerLocale(String serverLocale) {
-        if (serverLocale != null && serverLocale.isEmpty()) {
-            serverLocale = null;
-        }
-
-        if (serverLocale == instance.serverLocale || (serverLocale != null && serverLocale.equals(instance.serverLocale)))
-            return;
-
-        instance.serverLocale = serverLocale;
-        saveConfigEntry(SERVER_LOCALE, serverLocale);
-    }
-
-    public static void setServerCountryName(String serverCountryName) {
-        if (serverCountryName != null && serverCountryName.isEmpty()) {
-            serverCountryName = null;
-        }
-
-        if (serverCountryName == instance.serverCountryName || (serverCountryName != null && serverCountryName.equals(instance.serverCountryName)))
-            return;
-
-        instance.serverCountryName = serverCountryName;
-        saveConfigEntry(SERVER_COUNTRY_NAME, serverCountryName);
-    }
-
-    public static boolean isRepullNeeded() {
-        if (instance.repullNeeded == null) {
-            Config config = DatabaseHelper.getConfigDao().queryForId(KEY_REPULL_NEEDED);
-            if (config != null) {
-                instance.repullNeeded = Boolean.parseBoolean(config.getValue());
-            }
-        }
-        return instance.repullNeeded != null && instance.repullNeeded;
-    }
-
-    public static void setRepullNeeded(boolean repullNeeded) {
-        if (instance.repullNeeded != null && instance.repullNeeded == repullNeeded) {
-            return;
-        }
-
-        instance.repullNeeded = repullNeeded;
-        DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_REPULL_NEEDED, String.valueOf(repullNeeded)));
-    }
-
-    public static boolean isInitialSyncRequired() {
-        if (instance.initialSyncRequired == null) {
-            Config config = DatabaseHelper.getConfigDao().queryForId(INITIAL_SYNC_REQUIRED);
-            if (config != null) {
-                instance.initialSyncRequired = Boolean.parseBoolean(config.getValue());
-            }
-        }
-        return instance.initialSyncRequired == null || instance.initialSyncRequired;
-    }
-
-    public static void setInitialSyncRequired(boolean initialSyncRequired) {
-        if (instance.initialSyncRequired != null && instance.initialSyncRequired == initialSyncRequired) {
-            return;
-        }
-
-        instance.initialSyncRequired = initialSyncRequired;
-        DatabaseHelper.getConfigDao().createOrUpdate(new Config(INITIAL_SYNC_REQUIRED, String.valueOf(initialSyncRequired)));
-    }
-
-    public static void resetLbdsSormasKeys() {
-        try {
-            KeyPair rsa = KeyPairGenerator.getInstance("RSA").genKeyPair();
-            instance.lbdsSormasPublicKey = rsa.getPublic();
-            PrivateKey lbdsSormasPrivateKey = rsa.getPrivate();
-
-            String aesKey = LbdsKeyHelper.generateAESKey();
-            instance.lbdsSormasPrivateKeyPKCS8 = LbdsKeyHelper.encryptAES(LbdsKeyHelper.getPKCS8FromPrivateKey(lbdsSormasPrivateKey), aesKey);
-
-            instance.lbdsSormasPrivateKeyAesSecret = instance.encodeCredential(aesKey, LBDS_KEYSTORE_ALIAS_SORMAS_PRIVATE_KEY_AES_SECRET);
-            DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_SORMAS_PRIVATE_KEY_AES_SECRET, instance.lbdsSormasPrivateKeyAesSecret));
-            DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_SORMAS_PRIVATE_KEY, instance.lbdsSormasPrivateKeyPKCS8));
-            DatabaseHelper.getConfigDao()
-                    .createOrUpdate(new Config(LBDS_SORMAS_PUBLIC_KEY, LbdsKeyHelper.getX509FromPublicKey(instance.lbdsSormasPublicKey)));
-        } catch (GeneralSecurityException e) {
-            throw new RuntimeException(e);
-        }
-    }
-
-    private static String getLbdsSormasPrivateKeyAesSecret() {
-        if (instance.lbdsSormasPrivateKeyAesSecret == null) {
-            Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SORMAS_PRIVATE_KEY_AES_SECRET);
-            if (config != null) {
-                instance.lbdsSormasPrivateKeyAesSecret = config.getValue();
-            }
-        }
-        return instance.decodeCredential(instance.lbdsSormasPrivateKeyAesSecret, LBDS_KEYSTORE_ALIAS_SORMAS_PRIVATE_KEY_AES_SECRET);
-    }
-
-    public static PrivateKey getLbdsSormasPrivateKey() {
-        if (instance.lbdsSormasPrivateKeyPKCS8 == null) {
-            Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SORMAS_PRIVATE_KEY);
-            if (config != null) {
-                instance.lbdsSormasPrivateKeyPKCS8 = config.getValue();
-            } else {
-                resetLbdsSormasKeys();
-            }
-        }
-        try {
-            String aesKey = getLbdsSormasPrivateKeyAesSecret();
-            String lbdsSormasPrivateKeyPKCS8 = LbdsKeyHelper.decryptAES(instance.lbdsSormasPrivateKeyPKCS8, aesKey);
-            return LbdsKeyHelper.getPrivateKeyFromPKCS8(lbdsSormasPrivateKeyPKCS8);
-        } catch (GeneralSecurityException e) {
-            throw new RuntimeException(e);
-        }
-    }
-
-    public static PublicKey getLbdsSormasPublicKey() {
-        if (instance.lbdsSormasPublicKey == null) {
-            Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SORMAS_PUBLIC_KEY);
-            if (config != null) {
-                try {
-                    instance.lbdsSormasPublicKey = LbdsKeyHelper.getPublicKeyFromX509(config.getValue());
-                } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
-                    throw new RuntimeException(e);
-                }
-            } else {
-                resetLbdsSormasKeys();
-            }
-        }
-        return instance.lbdsSormasPublicKey;
-    }
-
-    public static PublicKey getLbdsServicePublicKey() {
-        if (instance.lbdsServicePublicKey == null) {
-            Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SERVICE_PUBLIC_KEY);
-            if (config != null) {
-                try {
-                    instance.lbdsServicePublicKey = LbdsKeyHelper.getPublicKeyFromX509(config.getValue());
-                } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
-                    throw new RuntimeException(e);
-                }
-            }
-        }
-        return instance.lbdsServicePublicKey;
-    }
-
-    public static void setLbdsServicePublicKey(PublicKey lbdsServicePublicKey) {
-        instance.lbdsServicePublicKey = lbdsServicePublicKey;
-        DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_SERVICE_PUBLIC_KEY, LbdsKeyHelper.getX509FromPublicKey(lbdsServicePublicKey)));
-    }
-
-    public static String getLbdsAesSecret() {
-        if (instance.lbdsAesSecret == null) {
-            Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_AES_SECRET);
-            if (config != null) {
-                instance.lbdsAesSecret = config.getValue();
-            }
-        }
-        return instance.decodeCredential(instance.lbdsAesSecret, LBDS_KEYSTORE_ALIAS_AES_SECRET);
-    }
-
-    public static void setLbdsAesSecret(String lbdsAesSecret) {
-        if (lbdsAesSecret == null) {
-            throw new NullPointerException("lbdsAesSecret");
-        }
-
-        lbdsAesSecret = instance.encodeCredential(lbdsAesSecret, LBDS_KEYSTORE_ALIAS_AES_SECRET);
-
-        if (lbdsAesSecret.equals(instance.lbdsAesSecret)) {
-            return;
-        }
-
-        instance.lbdsAesSecret = lbdsAesSecret;
-
-        DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_AES_SECRET, lbdsAesSecret));
-    }
-
-    public static String getServerLbdsDebugUrl() {
-        if (instance.serverLbdsDebugUrl == null)
-            synchronized (ConfigProvider.class) {
-                if (instance.serverLbdsDebugUrl == null) {
-                    Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_DEBUG_URL);
-                    if (config != null) {
-                        instance.serverLbdsDebugUrl = config.getValue();
-
-                        // take care of old mal-formatted urls
-                        String properServerRestUrl = toProperRestUrl(instance.serverLbdsDebugUrl);
-                        if (!DataHelper.equal(instance.serverLbdsDebugUrl, properServerRestUrl)) {
-                            instance.serverLbdsDebugUrl = properServerRestUrl;
-                            saveConfigEntry(LBDS_DEBUG_URL, instance.serverLbdsDebugUrl);
-                        }
-                    }
-                }
-            }
-        return instance.serverLbdsDebugUrl;
-    }
-
-    public static void setServerLbdsDebugUrl(String serverRestUrl) {
-
-        serverRestUrl = toProperRestUrl(serverRestUrl);
-        String currentServerRestUrl = getServerRestUrl();
-
-        if (DataHelper.equal(serverRestUrl, currentServerRestUrl))
-            return;
-
-        boolean wasNull = currentServerRestUrl == null;
-
-        instance.serverLbdsDebugUrl = serverRestUrl;
-        saveConfigEntry(LBDS_DEBUG_URL, serverRestUrl);
-    }
+	}
+
+	/**
+	 * If device encryption is not active, show a non-cancelable alert that blocks app usage
+	 *
+	 * @param activity
+	 * @return
+	 */
+	public static boolean ensureDeviceEncryption(final Activity activity) {
+
+		if (!instance.hasDeviceEncryption()) {
+			AlertDialog.Builder builder = new AlertDialog.Builder(activity);
+			builder.setCancelable(false);
+			builder.setMessage(R.string.message_encryption);
+			AlertDialog dialog = builder.create();
+			dialog.setButton(AlertDialog.BUTTON_POSITIVE, activity.getString(R.string.action_ok), new DialogInterface.OnClickListener() {
+
+				@Override
+				public void onClick(DialogInterface dialog, int which) {
+					Activity finishActivity = activity;
+					do {
+						finishActivity.finish();
+						finishActivity = finishActivity.getParent();
+					}
+					while (finishActivity != null);
+				}
+			});
+			dialog.show();
+			return false;
+		}
+		return true;
+	}
+
+	public static User getUser() {
+		synchronized (ConfigProvider.class) {
+			if (instance.user == null || instance.userRights == null) {
+				String username = getUsername();
+				String password = getPassword(); // needed to not automatically "login" again on logout with missing server connection
+				if (username != null && password != null) {
+					instance.user = DatabaseHelper.getUserDao().getByUsername(username);
+				}
+			}
+			return instance.user;
+		}
+	}
+
+	public static Set<UserRight> getUserRights() {
+		synchronized (ConfigProvider.class) {
+			if (instance.userRights == null) {
+				User user = getUser();
+				if (user != null) {
+					Set<UserRight> userRights = new HashSet();
+					for (UserRole userRole : user.getUserRoles()) {
+						userRights.addAll(userRole.getUserRights());
+					}
+					instance.userRights = userRights;
+				} else {
+					return new HashSet();
+				}
+			}
+			return instance.userRights;
+		}
+	}
+
+	public static boolean hasUserRight(UserRight userRight) {
+		Set<UserRight> userRights = getUserRights();
+		return userRights != null && userRights.contains(userRight);
+	}
+
+	public static void clearUserRights() {
+		instance.userRights = null;
+	}
+
+	public static String getUsername() {
+		synchronized (ConfigProvider.class) {
+			if (instance.username == null) {
+				Config config = DatabaseHelper.getConfigDao().queryForId(KEY_USERNAME);
+				if (config != null) {
+					instance.username = config.getValue();
+				}
+			}
+			return instance.username;
+		}
+	}
+
+	public static String getPassword() {
+		synchronized (ConfigProvider.class) {
+			if (instance.password == null) {
+				Config config = DatabaseHelper.getConfigDao().queryForId(KEY_PASSWORD);
+				if (config != null) {
+					instance.password = config.getValue();
+				}
+			}
+			return instance.decodeCredential(instance.password, "Password");
+		}
+	}
+
+	public static String getPin() {
+		if (instance.pin == null) {
+			Config config = DatabaseHelper.getConfigDao().queryForId(KEY_PIN);
+			if (config != null) {
+				instance.pin = config.getValue();
+			}
+		}
+		return instance.decodeCredential(instance.pin, "PIN");
+	}
+
+	public static void clearUserLogin() {
+		// synchronized to make sure this does not interfere with setUserNameAndPassword or getUsername/getPassword
+		synchronized (ConfigProvider.class) {
+
+			ConfigDao configDao = DatabaseHelper.getConfigDao();
+			if (configDao.queryForId(KEY_PASSWORD) != null) {
+				configDao.delete(new Config(KEY_PASSWORD, ""));
+			}
+			instance.password = null;
+
+			// remember the username - needed to decide whether non-infrastructure data has to be cleared
+			// instance.username = null;
+
+			instance.user = null;
+			instance.accessGranted = null;
+			instance.lastNotificationDate = null;
+			instance.lastObsoleteUuidsSyncDate = null;
+			instance.userRights = null;
+
+			// old credentials are no longer valid
+			RetroProvider.disconnect();
+		}
+	}
+
+	public static void clearPin() {
+		instance.pin = null;
+
+		ConfigDao configDao = DatabaseHelper.getConfigDao();
+		if (configDao.queryForId(KEY_PIN) == null) {
+			return;
+		}
+
+		configDao.delete(new Config(KEY_PIN, ""));
+
+		setAccessGranted(false);
+	}
+
+	public static void setUsernameAndPassword(String username, String password) {
+		synchronized (ConfigProvider.class) {
+			if (username == null)
+				throw new NullPointerException("username");
+			if (password == null)
+				throw new NullPointerException("password");
+
+			password = instance.encodeCredential(password, "Password");
+
+			if (username.equals(instance.username) && password.equals(instance.password)) {
+				return;
+			}
+
+			if (!username.equals(instance.username)) {
+				DatabaseHelper.clearTables(false);
+			}
+
+			instance.user = null;
+			instance.username = username;
+			instance.password = password;
+
+			DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_USERNAME, username));
+			DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PASSWORD, password));
+
+			setRepullNeeded(true);
+		}
+	}
+
+	public static void setNewPassword(String password) {
+
+		if (password == null)
+			throw new NullPointerException("password");
+		password = instance.encodeCredential(password, "Password");
+
+		instance.password = password;
+		DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PASSWORD, password));
+
+	}
+
+	public static void setPin(String pin) {
+		if (pin == null) {
+			throw new NullPointerException("pin");
+		}
+
+		pin = instance.encodeCredential(pin, "PIN");
+
+		if (pin.equals(instance.pin)) {
+			return;
+		}
+
+		instance.pin = pin;
+
+		DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PIN, pin));
+	}
+
+	private String encodeCredential(String clearCredential, String keyStoreAlias) {
+
+		if (clearCredential == null) {
+			return null;
+		}
+
+		if (!hasDeviceEncryption()) {
+			throw new IllegalStateException(context.getString(R.string.message_encryption));
+		}
+
+		try {
+			KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
+			keyStore.load(null);
+
+			if (!keyStore.containsAlias(keyStoreAlias)) {
+				Calendar start = Calendar.getInstance();
+				Calendar end = Calendar.getInstance();
+				end.add(Calendar.YEAR, 1);
+
+				KeyPairGeneratorSpec credentialsSpec = new KeyPairGeneratorSpec.Builder(instance.context).setAlias(keyStoreAlias)
+					.setSubject(new X500Principal("CN=SORMAS, O=symeda, C=Germany"))
+					.setSerialNumber(BigInteger.ONE)
+					.setStartDate(start.getTime())
+					.setEndDate(end.getTime())
+					.build();
+
+				KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
+				generator.initialize(credentialsSpec);
+				generator.generateKeyPair();
+			}
+
+			PublicKey publicKey;
+			if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
+				publicKey = keyStore.getCertificate(keyStoreAlias).getPublicKey();
+			} else {
+				KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(keyStoreAlias, null);
+				publicKey = privateKeyEntry.getCertificate().getPublicKey();
+			}
+
+			if (publicKey == null) {
+				return null;
+			}
+
+			Cipher input = Cipher.getInstance("RSA/ECB/PKCS1Padding");
+			input.init(Cipher.ENCRYPT_MODE, publicKey);
+
+			ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+			CipherOutputStream cipherOutputStream = new CipherOutputStream(outputStream, input);
+			cipherOutputStream.write(clearCredential.getBytes("UTF-8"));
+			cipherOutputStream.close();
+
+			byte[] resultByteArray = outputStream.toByteArray();
+			String result = Base64.encodeToString(resultByteArray, Base64.DEFAULT);
+			return result;
+
+		} catch (KeyStoreException
+			| NoSuchAlgorithmException
+			| NoSuchProviderException
+			| UnrecoverableEntryException
+			| IOException
+			| NoSuchPaddingException
+			| InvalidKeyException
+			| CertificateException
+			| InvalidAlgorithmParameterException e) {
+			throw new RuntimeException(e);
+		}
+	}
+
+	private String decodeCredential(String encodedCredential, String keyStoreAlias) {
+
+		if (encodedCredential == null) {
+			return null;
+		}
+
+		if (!hasDeviceEncryption()) {
+			throw new IllegalStateException(context.getString(R.string.message_encryption));
+		}
+
+		try {
+			KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
+			keyStore.load(null);
+
+			PrivateKey privateKey;
+			if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
+				privateKey = (PrivateKey) keyStore.getKey(keyStoreAlias, null);
+			} else {
+				KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(keyStoreAlias, null);
+				privateKey = privateKeyEntry.getPrivateKey();
+			}
+
+			if (privateKey == null) {
+				return null;
+			}
+
+			Cipher decryptCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
+			decryptCipher.init(Cipher.DECRYPT_MODE, privateKey);
+
+			byte[] encodedBytes = Base64.decode(encodedCredential, Base64.DEFAULT);
+			InputStream inputStream = new ByteArrayInputStream(encodedBytes);
+			CipherInputStream cipherStream = new CipherInputStream(inputStream, decryptCipher);
+			byte[] passwordBytes = new byte[1024];
+			int passwordByteLength = cipherStream.read(passwordBytes);
+			cipherStream.close();
+
+			if (passwordByteLength <= 0) {
+				return null;
+			}
+
+			String result = new String(passwordBytes, 0, passwordByteLength, "UTF-8");
+			return result;
+
+		} catch (KeyStoreException
+			| UnrecoverableEntryException
+			| NoSuchAlgorithmException
+			| CertificateException
+			| InvalidKeyException
+			| NoSuchPaddingException
+			| IOException e) {
+			throw new RuntimeException(e);
+		}
+	}
+
+	private static void saveConfigEntry(String configKey, String configValue) {
+		if (configValue == null) {
+			DatabaseHelper.getConfigDao().delete(new Config(configKey, ""));
+		} else {
+			DatabaseHelper.getConfigDao().createOrUpdate(new Config(configKey, configValue));
+		}
+	}
+
+	public static String getServerRestUrl() {
+		if (instance.serverRestUrl == null)
+			synchronized (ConfigProvider.class) {
+				if (instance.serverRestUrl == null) {
+					Config config = DatabaseHelper.getConfigDao().queryForId(KEY_SERVER_REST_URL);
+					if (config != null) {
+						instance.serverRestUrl = config.getValue();
+
+						// take care of old mal-formatted urls
+						String properServerRestUrl = toProperRestUrl(instance.serverRestUrl);
+						if (!DataHelper.equal(instance.serverRestUrl, properServerRestUrl)) {
+							instance.serverRestUrl = properServerRestUrl;
+							saveConfigEntry(KEY_SERVER_REST_URL, instance.serverRestUrl);
+						}
+					}
+
+					if (instance.serverRestUrl == null) {
+						// fallback to default
+
+						String serverUrlDefault = toProperRestUrl(SormasProperties.getServerUrlDefault());
+						if (serverUrlDefault != null) {
+							instance.serverRestUrl = serverUrlDefault;
+							saveConfigEntry(KEY_SERVER_REST_URL, instance.serverRestUrl);
+						}
+					}
+				}
+			}
+		return instance.serverRestUrl;
+	}
+
+	public static void setServerRestUrl(String serverRestUrl) {
+
+		serverRestUrl = toProperRestUrl(serverRestUrl);
+		String currentServerRestUrl = getServerRestUrl();
+
+		if (DataHelper.equal(serverRestUrl, currentServerRestUrl))
+			return;
+
+		boolean wasNull = currentServerRestUrl == null;
+
+		instance.serverRestUrl = serverRestUrl;
+		saveConfigEntry(KEY_SERVER_REST_URL, serverRestUrl);
+
+		if (!wasNull) {
+			// new server: clear everything
+			clearUserLogin();
+			DatabaseHelper.clearTables(true);
+		}
+	}
+
+	private static String toProperRestUrl(String serverRestUrl) {
+		// clean up url
+		if (serverRestUrl != null) {
+			serverRestUrl = serverRestUrl.trim();
+		}
+		if (serverRestUrl != null && serverRestUrl.isEmpty()) {
+			serverRestUrl = null;
+		}
+		if (serverRestUrl != null && !serverRestUrl.endsWith("/")) {
+			serverRestUrl += "/";
+		}
+		return serverRestUrl;
+	}
+
+	public static Date getLastNotificationDate() {
+		if (instance.lastNotificationDate == null)
+			synchronized (ConfigProvider.class) {
+				if (instance.lastNotificationDate == null) {
+					Config config = DatabaseHelper.getConfigDao().queryForId(LAST_NOTIFICATION_DATE);
+					if (config != null) {
+						instance.lastNotificationDate = new Date(Long.parseLong(config.getValue()));
+					}
+
+				}
+			}
+		return instance.lastNotificationDate;
+	}
+
+	public static void setLastNotificationDate(Date lastNotificationDate) {
+		if (lastNotificationDate != null && lastNotificationDate.equals(instance.lastNotificationDate)) {
+			return;
+		}
+
+		instance.lastNotificationDate = lastNotificationDate;
+		saveConfigEntry(LAST_NOTIFICATION_DATE, lastNotificationDate != null ? String.valueOf(lastNotificationDate.getTime()) : null);
+	}
+
+	public static Date getLastObsoleteUuidsSyncDate() {
+		if (instance.lastObsoleteUuidsSyncDate == null) {
+			synchronized (ConfigProvider.class) {
+				if (instance.lastObsoleteUuidsSyncDate == null) {
+					Config config = DatabaseHelper.getConfigDao().queryForId(LAST_OBSOLETE_UUIDS_SYNC_DATE);
+					if (config != null) {
+						instance.lastObsoleteUuidsSyncDate = new Date(Long.parseLong(config.getValue()));
+					}
+
+				}
+			}
+		}
+
+		return instance.lastObsoleteUuidsSyncDate;
+	}
+
+	public static void setLastObsoleteUuidsSyncDate(Date lastObsoleteUuidsSyncDate) {
+		if (lastObsoleteUuidsSyncDate != null && lastObsoleteUuidsSyncDate.equals(instance.lastObsoleteUuidsSyncDate)) {
+			return;
+		}
+
+		instance.lastObsoleteUuidsSyncDate = lastObsoleteUuidsSyncDate;
+		saveConfigEntry(
+			LAST_OBSOLETE_UUIDS_SYNC_DATE,
+			lastObsoleteUuidsSyncDate != null ? String.valueOf(lastObsoleteUuidsSyncDate.getTime()) : null);
+	}
+
+	public static Long getCurrentAppDownloadId() {
+		if (instance.currentAppDownloadId == null) {
+			synchronized (ConfigProvider.class) {
+				if (instance.currentAppDownloadId == null) {
+					Config config = DatabaseHelper.getConfigDao().queryForId(CURRENT_APP_DOWNLOAD_ID);
+					if (config != null) {
+						instance.currentAppDownloadId = DataHelper.tryParseLong(config.getValue());
+					}
+				}
+			}
+		}
+		return instance.currentAppDownloadId;
+	}
+
+	public static void setCurrentAppDownloadId(Long currentAppDownloadId) {
+		if (currentAppDownloadId != null && currentAppDownloadId.equals(instance.currentAppDownloadId)) {
+			return;
+		}
+
+		instance.currentAppDownloadId = currentAppDownloadId;
+		saveConfigEntry(CURRENT_APP_DOWNLOAD_ID, currentAppDownloadId != null ? String.valueOf(currentAppDownloadId) : null);
+	}
+
+	public static Boolean isAccessGranted() {
+		if (instance.accessGranted == null) {
+			Config config = DatabaseHelper.getConfigDao().queryForId(KEY_ACCESS_GRANTED);
+			if (config != null) {
+				instance.accessGranted = Boolean.parseBoolean(config.getValue());
+			}
+		}
+		return instance.accessGranted;
+	}
+
+	public static void setAccessGranted(Boolean accessGranted) {
+		if (accessGranted == null) {
+			throw new NullPointerException("accessGranted");
+		}
+
+		if (accessGranted.equals(instance.accessGranted)) {
+			return;
+		}
+
+		instance.accessGranted = accessGranted;
+		DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_ACCESS_GRANTED, String.valueOf(accessGranted)));
+	}
+
+	/**
+	 * When no locale is set Locale.getDefault is set.
+	 * (Actually not relevant, because the locale is always updated to the server's, so this is just a fallback).
+	 *
+	 * @return Will never be null.
+	 */
+	public static String getServerLocale() {
+		if (instance.serverLocale == null)
+			synchronized (ConfigProvider.class) {
+				if (instance.serverLocale == null) {
+					Config config = DatabaseHelper.getConfigDao().queryForId(SERVER_LOCALE);
+					if (config != null) {
+						instance.serverLocale = config.getValue();
+					}
+
+					if (instance.serverLocale == null) {
+						setServerLocale(Locale.getDefault().toString());
+					}
+				}
+			}
+		return instance.serverLocale;
+	}
+
+	public static String getServerCountryCode() {
+		String locale = getServerLocale();
+		String normalizedLocale = normalizeLocaleString(locale);
+
+		if (normalizedLocale.contains("-")) {
+			return normalizedLocale.substring(normalizedLocale.lastIndexOf("-") + 1);
+		} else {
+			return normalizedLocale;
+		}
+	}
+
+	public static String getServerCountryName() {
+		if (instance.serverCountryName == null) {
+			synchronized (ConfigProvider.class) {
+				if (instance.serverCountryName == null) {
+					Config config = DatabaseHelper.getConfigDao().queryForId(SERVER_COUNTRY_NAME);
+					if (config != null) {
+						instance.serverCountryName = config.getValue();
+					}
+
+					if (instance.serverCountryName == null) {
+						setServerCountryName("");
+					}
+				}
+			}
+		}
+		return instance.serverCountryName;
+	}
+
+	public static String normalizeLocaleString(String locale) {
+		locale = locale.trim();
+		int pos = Math.max(locale.indexOf('-'), locale.indexOf('_'));
+		if (pos < 0) {
+			locale = locale.toLowerCase();
+		} else {
+			locale = locale.substring(0, pos).toLowerCase(Locale.ENGLISH) + '-' + locale.substring(pos + 1).toUpperCase(Locale.ENGLISH);
+		}
+		return locale;
+	}
+
+	public static boolean isConfiguredServer(String countryCode) {
+		if (Pattern.matches(FULL_COUNTRY_LOCALE_PATTERN, getServerLocale())) {
+			return getServerLocale().toLowerCase().endsWith(countryCode.toLowerCase());
+		} else {
+			return getServerLocale().toLowerCase().startsWith(countryCode.toLowerCase());
+		}
+	}
+
+	/**
+	 * Note: This will only take effect after the app has been restarted
+	 */
+	public static void setServerLocale(String serverLocale) {
+		if (serverLocale != null && serverLocale.isEmpty()) {
+			serverLocale = null;
+		}
+
+		if (serverLocale == instance.serverLocale || (serverLocale != null && serverLocale.equals(instance.serverLocale)))
+			return;
+
+		instance.serverLocale = serverLocale;
+		saveConfigEntry(SERVER_LOCALE, serverLocale);
+	}
+
+	public static void setServerCountryName(String serverCountryName) {
+		if (serverCountryName != null && serverCountryName.isEmpty()) {
+			serverCountryName = null;
+		}
+
+		if (serverCountryName == instance.serverCountryName || (serverCountryName != null && serverCountryName.equals(instance.serverCountryName)))
+			return;
+
+		instance.serverCountryName = serverCountryName;
+		saveConfigEntry(SERVER_COUNTRY_NAME, serverCountryName);
+	}
+
+	public static boolean isRepullNeeded() {
+		if (instance.repullNeeded == null) {
+			Config config = DatabaseHelper.getConfigDao().queryForId(KEY_REPULL_NEEDED);
+			if (config != null) {
+				instance.repullNeeded = Boolean.parseBoolean(config.getValue());
+			}
+		}
+		return instance.repullNeeded != null && instance.repullNeeded;
+	}
+
+	public static void setRepullNeeded(boolean repullNeeded) {
+		if (instance.repullNeeded != null && instance.repullNeeded == repullNeeded) {
+			return;
+		}
+
+		instance.repullNeeded = repullNeeded;
+		DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_REPULL_NEEDED, String.valueOf(repullNeeded)));
+	}
+
+	public static boolean isInitialSyncRequired() {
+		if (instance.initialSyncRequired == null) {
+			Config config = DatabaseHelper.getConfigDao().queryForId(INITIAL_SYNC_REQUIRED);
+			if (config != null) {
+				instance.initialSyncRequired = Boolean.parseBoolean(config.getValue());
+			}
+		}
+		return instance.initialSyncRequired == null || instance.initialSyncRequired;
+	}
+
+	public static void setInitialSyncRequired(boolean initialSyncRequired) {
+		if (instance.initialSyncRequired != null && instance.initialSyncRequired == initialSyncRequired) {
+			return;
+		}
+
+		instance.initialSyncRequired = initialSyncRequired;
+		DatabaseHelper.getConfigDao().createOrUpdate(new Config(INITIAL_SYNC_REQUIRED, String.valueOf(initialSyncRequired)));
+	}
+
+	public static void resetLbdsSormasKeys() {
+		try {
+			KeyPair rsa = KeyPairGenerator.getInstance("RSA").genKeyPair();
+			instance.lbdsSormasPublicKey = rsa.getPublic();
+			PrivateKey lbdsSormasPrivateKey = rsa.getPrivate();
+
+			String aesKey = LbdsKeyHelper.generateAESKey();
+			instance.lbdsSormasPrivateKeyPKCS8 = LbdsKeyHelper.encryptAES(LbdsKeyHelper.getPKCS8FromPrivateKey(lbdsSormasPrivateKey), aesKey);
+
+			instance.lbdsSormasPrivateKeyAesSecret = instance.encodeCredential(aesKey, LBDS_KEYSTORE_ALIAS_SORMAS_PRIVATE_KEY_AES_SECRET);
+			DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_SORMAS_PRIVATE_KEY_AES_SECRET, instance.lbdsSormasPrivateKeyAesSecret));
+			DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_SORMAS_PRIVATE_KEY, instance.lbdsSormasPrivateKeyPKCS8));
+			DatabaseHelper.getConfigDao()
+				.createOrUpdate(new Config(LBDS_SORMAS_PUBLIC_KEY, LbdsKeyHelper.getX509FromPublicKey(instance.lbdsSormasPublicKey)));
+		} catch (GeneralSecurityException e) {
+			throw new RuntimeException(e);
+		}
+	}
+
+	private static String getLbdsSormasPrivateKeyAesSecret() {
+		if (instance.lbdsSormasPrivateKeyAesSecret == null) {
+			Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SORMAS_PRIVATE_KEY_AES_SECRET);
+			if (config != null) {
+				instance.lbdsSormasPrivateKeyAesSecret = config.getValue();
+			}
+		}
+		return instance.decodeCredential(instance.lbdsSormasPrivateKeyAesSecret, LBDS_KEYSTORE_ALIAS_SORMAS_PRIVATE_KEY_AES_SECRET);
+	}
+
+	public static PrivateKey getLbdsSormasPrivateKey() {
+		if (instance.lbdsSormasPrivateKeyPKCS8 == null) {
+			Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SORMAS_PRIVATE_KEY);
+			if (config != null) {
+				instance.lbdsSormasPrivateKeyPKCS8 = config.getValue();
+			} else {
+				resetLbdsSormasKeys();
+			}
+		}
+		try {
+			String aesKey = getLbdsSormasPrivateKeyAesSecret();
+			String lbdsSormasPrivateKeyPKCS8 = LbdsKeyHelper.decryptAES(instance.lbdsSormasPrivateKeyPKCS8, aesKey);
+			return LbdsKeyHelper.getPrivateKeyFromPKCS8(lbdsSormasPrivateKeyPKCS8);
+		} catch (GeneralSecurityException e) {
+			throw new RuntimeException(e);
+		}
+	}
+
+	public static PublicKey getLbdsSormasPublicKey() {
+		if (instance.lbdsSormasPublicKey == null) {
+			Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SORMAS_PUBLIC_KEY);
+			if (config != null) {
+				try {
+					instance.lbdsSormasPublicKey = LbdsKeyHelper.getPublicKeyFromX509(config.getValue());
+				} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
+					throw new RuntimeException(e);
+				}
+			} else {
+				resetLbdsSormasKeys();
+			}
+		}
+		return instance.lbdsSormasPublicKey;
+	}
+
+	public static PublicKey getLbdsServicePublicKey() {
+		if (instance.lbdsServicePublicKey == null) {
+			Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_SERVICE_PUBLIC_KEY);
+			if (config != null) {
+				try {
+					instance.lbdsServicePublicKey = LbdsKeyHelper.getPublicKeyFromX509(config.getValue());
+				} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
+					throw new RuntimeException(e);
+				}
+			}
+		}
+		return instance.lbdsServicePublicKey;
+	}
+
+	public static void setLbdsServicePublicKey(PublicKey lbdsServicePublicKey) {
+		instance.lbdsServicePublicKey = lbdsServicePublicKey;
+		DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_SERVICE_PUBLIC_KEY, LbdsKeyHelper.getX509FromPublicKey(lbdsServicePublicKey)));
+	}
+
+	public static String getLbdsAesSecret() {
+		if (instance.lbdsAesSecret == null) {
+			Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_AES_SECRET);
+			if (config != null) {
+				instance.lbdsAesSecret = config.getValue();
+			}
+		}
+		return instance.decodeCredential(instance.lbdsAesSecret, LBDS_KEYSTORE_ALIAS_AES_SECRET);
+	}
+
+	public static void setLbdsAesSecret(String lbdsAesSecret) {
+		if (lbdsAesSecret == null) {
+			throw new NullPointerException("lbdsAesSecret");
+		}
+
+		lbdsAesSecret = instance.encodeCredential(lbdsAesSecret, LBDS_KEYSTORE_ALIAS_AES_SECRET);
+
+		if (lbdsAesSecret.equals(instance.lbdsAesSecret)) {
+			return;
+		}
+
+		instance.lbdsAesSecret = lbdsAesSecret;
+
+		DatabaseHelper.getConfigDao().createOrUpdate(new Config(LBDS_AES_SECRET, lbdsAesSecret));
+	}
+
+	public static String getServerLbdsDebugUrl() {
+		if (instance.serverLbdsDebugUrl == null)
+			synchronized (ConfigProvider.class) {
+				if (instance.serverLbdsDebugUrl == null) {
+					Config config = DatabaseHelper.getConfigDao().queryForId(LBDS_DEBUG_URL);
+					if (config != null) {
+						instance.serverLbdsDebugUrl = config.getValue();
+
+						// take care of old mal-formatted urls
+						String properServerRestUrl = toProperRestUrl(instance.serverLbdsDebugUrl);
+						if (!DataHelper.equal(instance.serverLbdsDebugUrl, properServerRestUrl)) {
+							instance.serverLbdsDebugUrl = properServerRestUrl;
+							saveConfigEntry(LBDS_DEBUG_URL, instance.serverLbdsDebugUrl);
+						}
+					}
+				}
+			}
+		return instance.serverLbdsDebugUrl;
+	}
+
+	public static void setServerLbdsDebugUrl(String serverRestUrl) {
+
+		serverRestUrl = toProperRestUrl(serverRestUrl);
+		String currentServerRestUrl = getServerRestUrl();
+
+		if (DataHelper.equal(serverRestUrl, currentServerRestUrl))
+			return;
+
+		boolean wasNull = currentServerRestUrl == null;
+
+		instance.serverLbdsDebugUrl = serverRestUrl;
+		saveConfigEntry(LBDS_DEBUG_URL, serverRestUrl);
+	}
 }
diff --git a/sormas-app/app/src/main/res/values/strings.xml b/sormas-app/app/src/main/res/values/strings.xml
index 0a79179a865..426c42196c9 100644
--- a/sormas-app/app/src/main/res/values/strings.xml
+++ b/sormas-app/app/src/main/res/values/strings.xml
@@ -297,7 +297,7 @@
     <string name="description_epi_week">Epi Week</string>
     <string name="description_first_name">First Name</string>
     <string name="description_last_name">Last Name</string>
-    <string name="description_password">Enter Password</string>
+    <string name="description_password">Password</string>
     <string name="description_period_end">Period End</string>
     <string name="description_period_start">Period Start</string>
     <string name="description_report_message">Your Message</string>
@@ -477,7 +477,7 @@
     <string name="hint_enter_location">Please enter a location</string>
     <string name="hint_first_name">First Name</string>
     <string name="hint_last_name">Last Name</string>
-    <string name="hint_login_password">Password</string>
+    <string name="hint_login_password">Your Password</string>
     <string name="hint_login_username">Username</string>
     <string name="hint_new_pin">Please choose a new four-digit PIN to authenticate when opening the SORMAS app in the future.</string>
     <string name="hint_new_pin_again">Please enter the new PIN again.</string>

From 57541fc1b8916e62f4b0442bd7afc45b22d6b826 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 23 Oct 2024 16:43:37 +0000
Subject: [PATCH 73/95] cleaning white space

---
 .../de/symeda/sormas/api/user/UserFacade.java |   10 +-
 .../sormas/api/utils/PasswordHelper.java      |  110 +-
 .../backend/user/CurrentUserService.java      |  232 +--
 .../sormas/backend/user/UserService.java      | 1718 ++++++++---------
 .../user/event/PasswordResetEvent.java        |   17 +-
 .../sormas/backend/AbstractBeanTest.java      | 1488 +++++++-------
 .../EnvironmentSampleServiceTest.java         |  211 +-
 7 files changed, 1891 insertions(+), 1895 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
index 11e233b1533..74737c9ccbe 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
@@ -52,15 +52,15 @@ public interface UserFacade {
 
 	String resetPassword(String uuid);
 
-    String updateUserPassword(String uuid, String newPassword, String currentPassword);
+	String updateUserPassword(String uuid, String newPassword, String currentPassword);
 
-    boolean validatePassword(String uuid, String password);
+	boolean validatePassword(String uuid, String password);
 
-    String checkPasswordStrength(String password);
+	String checkPasswordStrength(String password);
 
-    boolean isPasswordStrong(String password);
+	boolean isPasswordStrong(String password);
 
-    String generatePassword();
+	String generatePassword();
 
 	List<UserDto> getAllAfter(Date date);
 
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java b/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
index e453d69ea63..7ccdb33428d 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/utils/PasswordHelper.java
@@ -28,68 +28,68 @@
 
 public final class PasswordHelper {
 
-    private PasswordHelper() {
-        // Hide Utility Class Constructor
-    }
+	private PasswordHelper() {
+		// Hide Utility Class Constructor
+	}
 
-    private static final char[] PASSWORD_CHARS = new char[26 - 2 + 26 - 3 + 8];
-    static {
-        int i = 0;
-        for (char ch = 'a'; ch <= 'z'; ch++) {
-            switch (ch) {
-                case 'l':
-                    continue;
-                case 'v':
-                    continue;
-                default:
-                    PASSWORD_CHARS[i++] = ch;
-            }
-        }
-        for (char ch = 'A'; ch <= 'Z'; ch++) {
-            switch (ch) {
-                case 'I':
-                    continue;
-                case 'O':
-                    continue;
-                case 'V':
-                    continue;
-                default:
-                    PASSWORD_CHARS[i++] = ch;
-            }
-        }
-        for (char ch = '2'; ch <= '9'; ch++) {
-            PASSWORD_CHARS[i++] = ch;
-        }
+	private static final char[] PASSWORD_CHARS = new char[26 - 2 + 26 - 3 + 8];
+	static {
+		int i = 0;
+		for (char ch = 'a'; ch <= 'z'; ch++) {
+			switch (ch) {
+			case 'l':
+				continue;
+			case 'v':
+				continue;
+			default:
+				PASSWORD_CHARS[i++] = ch;
+			}
+		}
+		for (char ch = 'A'; ch <= 'Z'; ch++) {
+			switch (ch) {
+			case 'I':
+				continue;
+			case 'O':
+				continue;
+			case 'V':
+				continue;
+			default:
+				PASSWORD_CHARS[i++] = ch;
+			}
+		}
+		for (char ch = '2'; ch <= '9'; ch++) {
+			PASSWORD_CHARS[i++] = ch;
+		}
 
-        if (i != PASSWORD_CHARS.length) {
-            throw new ValidationException("Size of password char array does not match defined values.");
-        }
-    }
+		if (i != PASSWORD_CHARS.length) {
+			throw new ValidationException("Size of password char array does not match defined values.");
+		}
+	}
 
-    public static String createPass(final int length) {
+	public static String createPass(final int length) {
 
-        SecureRandom rnd = new SecureRandom();
+		SecureRandom rnd = new SecureRandom();
 
-        char[] chs = new char[length];
-        for (int i = 0; i < length; i++)
-            chs[i] = PASSWORD_CHARS[rnd.nextInt(PASSWORD_CHARS.length)];
-        final String val = new String(chs);
+		char[] chs = new char[length];
+		for (int i = 0; i < length; i++)
+			chs[i] = PASSWORD_CHARS[rnd.nextInt(PASSWORD_CHARS.length)];
+		final String val = new String(chs);
 
-        return val;
-    }
+		return val;
+	}
 
-    public static String encodePassword(String password, String seed) {
+	public static String encodePassword(String password, String seed) {
 
-        MessageDigest digest;
-        try {
-            digest = MessageDigest.getInstance("SHA-256");
-            digest.reset();
-            byte[] digested = digest.digest((password + seed).getBytes(StandardCharsets.UTF_8));
-            String encoded = Hex.encodeHexString(digested);
-            return encoded;
+		MessageDigest digest;
+		try {
+			digest = MessageDigest.getInstance("SHA-256");
+			digest.reset();
+			byte[] digested = digest.digest((password + seed).getBytes(StandardCharsets.UTF_8));
+			String encoded = Hex.encodeHexString(digested);
+			return encoded;
 
-        } catch (NoSuchAlgorithmException e) {
-            throw new RuntimeException(e);
-        }
-    }
+		} catch (NoSuchAlgorithmException e) {
+			throw new RuntimeException(e);
+		}
+	}
 }
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java
index fe9269cf989..ddfad704911 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/CurrentUserService.java
@@ -33,120 +33,120 @@
 @AuditIgnore
 public class CurrentUserService {
 
-    @Resource
-    private SessionContext context;
-
-    @PersistenceContext(unitName = ModelConstants.PERSISTENCE_UNIT_NAME)
-    private EntityManager em;
-
-    private final UserCache userCache;
-
-    public CurrentUserService() {
-        this.userCache = UserCache.getInstance();
-    }
-
-    /**
-     * Returns the User entity corresponding to the current user.
-     *
-     * @TransactionScoped would be better for performance, but is not supported by the CDI based testing framework
-     */
-    @RequestScoped
-    public User getCurrentUser() {
-        final String currentUsername = context.getCallerPrincipal().getName();
-
-        if (currentUsername == null) {
-            return null;
-        }
-
-        User cachedUser = userCache.get(currentUsername);
-        if (cachedUser != null) {
-            return cachedUser;
-        }
-
-        // todo prohibit these names
-        if (currentUsername.equals("ANONYMOUS") || currentUsername.equals("SYSTEM")) {
-            return null;
-        }
-
-        final User currentUser = fetchUser(currentUsername);
-
-        if (currentUser == null) {
-            return null;
-        } else {
-            userCache.put(currentUsername, currentUser);
-            return currentUser;
-        }
-    }
-
-    public boolean hasUserRight(UserRight userRight) {
-        // this only works for user rights that are used in RolesAllowed or DeclareRoles annotations.
-        // return context.isCallerInRole(userRight.name());
-        // We don't want to have to do this for all the user rights, so we check against the user rights of the current user instead
-        if (getCurrentUser() == null || getCurrentUser().getUserRoles() == null) {
-            return false;
-        }
-
-        return getCurrentUser().hasUserRight(userRight); // todo cache this?
-    }
-
-    public boolean hasAnyUserRight(Set<UserRight> userRights) {
-        // this only works for user rights that are used in RolesAllowed or DeclareRoles annotations.
-        // return context.isCallerInRole(userRight.name());
-        // We don't want to have to do this for all the user rights, so we check against the user rights of the current user instead
-        if (getCurrentUser() == null || getCurrentUser().getUserRoles() == null) {
-            return false;
-        }
-
-        return getCurrentUser().hasAnyUserRight(userRights);
-    }
-
-    public boolean isRestrictedToAssignedEntities() {
-        return isRestrictedToAssignEntities(getCurrentUser());
-    }
-
-    // We need a clean transaction as we do not want call potential entity listeners which would lead to recursion
-    @Transactional(Transactional.TxType.REQUIRES_NEW)
-    User fetchUser(String userName) {
-        final CriteriaBuilder cb = em.getCriteriaBuilder();
-        final ParameterExpression<String> userNameParam = cb.parameter(String.class, User.USER_NAME);
-        final CriteriaQuery<User> cq = cb.createQuery(User.class);
-
-        // avoid "Hibernate could not initialize proxy – no Session" Exception
-        // do eager loading in this case
-        final Root<User> user = cq.from(User.class);
-        user.fetch(User.ADDRESS);
-        Fetch<Object, Object> fetch = user.fetch(User.USER_ROLES);
-        fetch.fetch(UserRole.EMAIL_NOTIFICATIONS, JoinType.LEFT);
-        fetch.fetch(UserRole.SMS_NOTIFICATIONS, JoinType.LEFT);
-
-        final Predicate equal = cb.equal(cb.lower(user.get(User.USER_NAME)), userNameParam);
-        cq.select(user).distinct(true);
-        cq.where(equal);
-
-        final TypedQuery<User> q = em.createQuery(cq).setParameter(userNameParam, userName.toLowerCase());
-
-        User currentUser = q.getResultList().stream().findFirst().orElse(null);
-        if (currentUser != null) {
-            unproxy(currentUser.getRegion());
-            unproxy(currentUser.getDistrict());
-            unproxy(currentUser.getCommunity());
-            unproxy(currentUser.getHealthFacility());
-            unproxy(currentUser.getPointOfEntry());
-            unproxy(currentUser.getLaboratory());
-            unproxy(currentUser.getAssociatedOfficer());
-        }
-
-        return currentUser;
-    }
-
-    public static <T> T unproxy(T proxied) {
-        if (proxied instanceof HibernateProxy) {
-            Hibernate.initialize(proxied);
-            @SuppressWarnings("unchecked")
-            T obj = (T) ((HibernateProxy) proxied).getHibernateLazyInitializer().getImplementation();
-            return obj;
-        } else {
-            return proxied;
-        }
-    }
+	@Resource
+	private SessionContext context;
+
+	@PersistenceContext(unitName = ModelConstants.PERSISTENCE_UNIT_NAME)
+	private EntityManager em;
+
+	private final UserCache userCache;
+
+	public CurrentUserService() {
+		this.userCache = UserCache.getInstance();
+	}
+
+	/**
+	 * Returns the User entity corresponding to the current user.
+	 *
+	 * @TransactionScoped would be better for performance, but is not supported by the CDI based testing framework
+	 */
+	@RequestScoped
+	public User getCurrentUser() {
+		final String currentUsername = context.getCallerPrincipal().getName();
+
+		if (currentUsername == null) {
+			return null;
+		}
+
+		User cachedUser = userCache.get(currentUsername);
+		if (cachedUser != null) {
+			return cachedUser;
+		}
+
+		// todo prohibit these names
+		if (currentUsername.equals("ANONYMOUS") || currentUsername.equals("SYSTEM")) {
+			return null;
+		}
+
+		final User currentUser = fetchUser(currentUsername);
+
+		if (currentUser == null) {
+			return null;
+		} else {
+			userCache.put(currentUsername, currentUser);
+			return currentUser;
+		}
+	}
+
+	public boolean hasUserRight(UserRight userRight) {
+		// this only works for user rights that are used in RolesAllowed or DeclareRoles annotations.
+		// return context.isCallerInRole(userRight.name());
+		// We don't want to have to do this for all the user rights, so we check against the user rights of the current user instead
+		if (getCurrentUser() == null || getCurrentUser().getUserRoles() == null) {
+			return false;
+		}
+
+		return getCurrentUser().hasUserRight(userRight); // todo cache this?
+	}
+
+	public boolean hasAnyUserRight(Set<UserRight> userRights) {
+		// this only works for user rights that are used in RolesAllowed or DeclareRoles annotations.
+		// return context.isCallerInRole(userRight.name());
+		// We don't want to have to do this for all the user rights, so we check against the user rights of the current user instead
+		if (getCurrentUser() == null || getCurrentUser().getUserRoles() == null) {
+			return false;
+		}
+
+		return getCurrentUser().hasAnyUserRight(userRights);
+	}
+
+	public boolean isRestrictedToAssignedEntities() {
+		return isRestrictedToAssignEntities(getCurrentUser());
+	}
+
+	// We need a clean transaction as we do not want call potential entity listeners which would lead to recursion
+	@Transactional(Transactional.TxType.REQUIRES_NEW)
+	User fetchUser(String userName) {
+		final CriteriaBuilder cb = em.getCriteriaBuilder();
+		final ParameterExpression<String> userNameParam = cb.parameter(String.class, User.USER_NAME);
+		final CriteriaQuery<User> cq = cb.createQuery(User.class);
+
+		// avoid "Hibernate could not initialize proxy – no Session" Exception
+		// do eager loading in this case
+		final Root<User> user = cq.from(User.class);
+		user.fetch(User.ADDRESS);
+		Fetch<Object, Object> fetch = user.fetch(User.USER_ROLES);
+		fetch.fetch(UserRole.EMAIL_NOTIFICATIONS, JoinType.LEFT);
+		fetch.fetch(UserRole.SMS_NOTIFICATIONS, JoinType.LEFT);
+
+		final Predicate equal = cb.equal(cb.lower(user.get(User.USER_NAME)), userNameParam);
+		cq.select(user).distinct(true);
+		cq.where(equal);
+
+		final TypedQuery<User> q = em.createQuery(cq).setParameter(userNameParam, userName.toLowerCase());
+
+		User currentUser = q.getResultList().stream().findFirst().orElse(null);
+		if (currentUser != null) {
+			unproxy(currentUser.getRegion());
+			unproxy(currentUser.getDistrict());
+			unproxy(currentUser.getCommunity());
+			unproxy(currentUser.getHealthFacility());
+			unproxy(currentUser.getPointOfEntry());
+			unproxy(currentUser.getLaboratory());
+			unproxy(currentUser.getAssociatedOfficer());
+		}
+
+		return currentUser;
+	}
+
+	public static <T> T unproxy(T proxied) {
+		if (proxied instanceof HibernateProxy) {
+			Hibernate.initialize(proxied);
+			@SuppressWarnings("unchecked")
+			T obj = (T) ((HibernateProxy) proxied).getHibernateLazyInitializer().getImplementation();
+			return obj;
+		} else {
+			return proxied;
+		}
+	}
 }
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
index 26ec7b0be64..8b352835109 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
@@ -81,873 +81,873 @@
 @LocalBean
 public class UserService extends AdoServiceWithUserFilterAndJurisdiction<User> {
 
-    @EJB
-    private UserRoleFacadeEjb.UserRoleFacadeEjbLocal userRoleFacade;
-    @EJB
-    private RegionService regionService;
-    @EJB
-    private DistrictService districtService;
-    @EJB
-    private CommunityService communityService;
-    @EJB
-    private FacilityService facilityService;
-    @EJB
-    private PointOfEntryService pointOfEntryService;
-    @Inject
-    private javax.enterprise.event.Event<UserUpdateEvent> userUpdateEvent;
-
-    public UserService() {
-        super(User.class);
-    }
-
-    public User createUser() {
-
-        User user = new User();
-        // dummy password to make sure no one can login with this user
-        setNewPassword(user);
-        return user;
-    }
-
-    /**
-     * Fetches a use from the DB by its username. The check is done case-insensitive.
-     *
+	@EJB
+	private UserRoleFacadeEjb.UserRoleFacadeEjbLocal userRoleFacade;
+	@EJB
+	private RegionService regionService;
+	@EJB
+	private DistrictService districtService;
+	@EJB
+	private CommunityService communityService;
+	@EJB
+	private FacilityService facilityService;
+	@EJB
+	private PointOfEntryService pointOfEntryService;
+	@Inject
+	private javax.enterprise.event.Event<UserUpdateEvent> userUpdateEvent;
+
+	public UserService() {
+		super(User.class);
+	}
+
+	public User createUser() {
+
+		User user = new User();
+		// dummy password to make sure no one can login with this user
+		setNewPassword(user);
+		return user;
+	}
+
+	/**
+	 * Fetches a use from the DB by its username. The check is done case-insensitive.
+	 *
 	 * @param userName
 	 *            The username in any casing.
-     * @return The corresponding User object from the DB.
-     */
-    public User getByUserName(String userName) {
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        ParameterExpression<String> userNameParam = cb.parameter(String.class, User.USER_NAME);
-        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-        Root<User> from = cq.from(getElementClass());
-
-        // lowercase everything for case-insensitive check
-        Expression<String> userNameExpression = cb.lower(from.get(User.USER_NAME));
-        String userNameParamValue = userName.toLowerCase();
-
-        cq.where(cb.equal(userNameExpression, userNameParam));
-
-        TypedQuery<User> q = em.createQuery(cq).setParameter(userNameParam, userNameParamValue);
-
-        return q.getResultList().stream().findFirst().orElse(null);
-    }
-
-    public List<User> getAllByRegionsAndNotificationTypes(
-            List<Region> regions,
-            NotificationProtocol notificationProtocol,
-            Collection<NotificationType> notificationTypes,
-            boolean fetchNotificationTypes) {
-
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-        Root<User> from = cq.from(getElementClass());
-
-        Predicate filter = from.get(User.REGION).in(regions);
-        if (!notificationTypes.isEmpty()) {
-            Join<User, UserRole> rolesJoin = from.join(User.USER_ROLES, JoinType.LEFT);
-            Join<UserRole, NotificationType> notificationsJoin = rolesJoin.join(
-                    NotificationProtocol.EMAIL.equals(notificationProtocol) ? UserRole.EMAIL_NOTIFICATIONS : UserRole.SMS_NOTIFICATIONS,
-                    JoinType.LEFT);
-            Predicate notificationsFilter = notificationsJoin.in(notificationTypes);
-            filter = CriteriaBuilderHelper.and(cb, filter, notificationsFilter);
-        }
-        if (fetchNotificationTypes) {
-            from.fetch(User.USER_ROLES, JoinType.LEFT)
-                    .fetch(
-                            NotificationProtocol.EMAIL.equals(notificationProtocol) ? UserRole.EMAIL_NOTIFICATIONS : UserRole.SMS_NOTIFICATIONS,
-                            JoinType.LEFT);
-        }
-        cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
-
-        cq.distinct(true).orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
-
-        return em.createQuery(cq).getResultList();
-    }
-
-    /**
-     * @param districts
-     * @param userRights
-     * @return List of users with specified UserRights on district level in the specified districts
-     */
-    public List<User> getAllByDistrictsAndUserRights(List<District> districts, Collection<UserRight> userRights) {
-
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-        Root<User> from = cq.from(getElementClass());
-
-        Predicate filter = from.get(User.DISTRICT).in(districts);
-        filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.DISTRICT));
-        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, userRights));
-        cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
-        cq.distinct(true).orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
-
-        return em.createQuery(cq).getResultList();
-    }
-
-    /**
-     * Loads users filtered by combinable filter conditions.<br />
-     * Condition combination if parameter is set:<br />
-     * {@code ((regionUuids & districtUuids & filterByJurisdiction & userRoles) | includeSupervisors) & activeOnly}
-     *
+	 * @return The corresponding User object from the DB.
+	 */
+	public User getByUserName(String userName) {
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		ParameterExpression<String> userNameParam = cb.parameter(String.class, User.USER_NAME);
+		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+		Root<User> from = cq.from(getElementClass());
+
+		// lowercase everything for case-insensitive check
+		Expression<String> userNameExpression = cb.lower(from.get(User.USER_NAME));
+		String userNameParamValue = userName.toLowerCase();
+
+		cq.where(cb.equal(userNameExpression, userNameParam));
+
+		TypedQuery<User> q = em.createQuery(cq).setParameter(userNameParam, userNameParamValue);
+
+		return q.getResultList().stream().findFirst().orElse(null);
+	}
+
+	public List<User> getAllByRegionsAndNotificationTypes(
+		List<Region> regions,
+		NotificationProtocol notificationProtocol,
+		Collection<NotificationType> notificationTypes,
+		boolean fetchNotificationTypes) {
+
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+		Root<User> from = cq.from(getElementClass());
+
+		Predicate filter = from.get(User.REGION).in(regions);
+		if (!notificationTypes.isEmpty()) {
+			Join<User, UserRole> rolesJoin = from.join(User.USER_ROLES, JoinType.LEFT);
+			Join<UserRole, NotificationType> notificationsJoin = rolesJoin.join(
+				NotificationProtocol.EMAIL.equals(notificationProtocol) ? UserRole.EMAIL_NOTIFICATIONS : UserRole.SMS_NOTIFICATIONS,
+				JoinType.LEFT);
+			Predicate notificationsFilter = notificationsJoin.in(notificationTypes);
+			filter = CriteriaBuilderHelper.and(cb, filter, notificationsFilter);
+		}
+		if (fetchNotificationTypes) {
+			from.fetch(User.USER_ROLES, JoinType.LEFT)
+				.fetch(
+					NotificationProtocol.EMAIL.equals(notificationProtocol) ? UserRole.EMAIL_NOTIFICATIONS : UserRole.SMS_NOTIFICATIONS,
+					JoinType.LEFT);
+		}
+		cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
+
+		cq.distinct(true).orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
+
+		return em.createQuery(cq).getResultList();
+	}
+
+	/**
+	 * @param districts
+	 * @param userRights
+	 * @return List of users with specified UserRights on district level in the specified districts
+	 */
+	public List<User> getAllByDistrictsAndUserRights(List<District> districts, Collection<UserRight> userRights) {
+
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+		Root<User> from = cq.from(getElementClass());
+
+		Predicate filter = from.get(User.DISTRICT).in(districts);
+		filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.DISTRICT));
+		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, userRights));
+		cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
+		cq.distinct(true).orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
+
+		return em.createQuery(cq).getResultList();
+	}
+
+	/**
+	 * Loads users filtered by combinable filter conditions.<br />
+	 * Condition combination if parameter is set:<br />
+	 * {@code ((regionUuids & districtUuids & filterByJurisdiction & userRoles) | includeSupervisors) & activeOnly}
+	 *
 	 * @see #createCurrentUserJurisdictionFilter(CriteriaBuilder, From)
-     * @param regionUuids
-     * @param districtUuids
-     * @param filterByCurrentUserJurisdiction
-     * @param activeOnly
-     * @param userRights
-     */
-    public List<UserReference> getUserReferences(List<String> regionUuids, List<String> districtUuids, boolean activeOnly, UserRight... userRights) {
-
-        return getUserReferences(regionUuids, districtUuids, null, activeOnly, userRights);
-    }
-
-    public List<UserReference> getUserReferences(
-            List<String> regionUuids,
-            List<String> districtUuids,
-            List<String> communityUuids,
-            boolean activeOnly,
-            UserRight... userRights) {
-        return getUserReferences(regionUuids, districtUuids, communityUuids, activeOnly, null, userRights);
-    }
-
-    public List<UserReference> getUserReferences(
-            List<String> regionUuids,
-            List<String> districtUuids,
-            List<String> communityUuids,
-            boolean activeOnly,
-            Disease limitedDisease,
-            UserRight... userRights) {
-        return getUserReferences(regionUuids, districtUuids, communityUuids, activeOnly, limitedDisease, false, Arrays.asList(userRights));
-    }
-
-    /**
-     * Loads users filtered by combinable filter conditions.<br />
-     * Condition combination if parameter is set:<br />
-     * {@code ((regionUuids & districtUuids & communityUuids & filterByJurisdiction & userRoles) | includeSupervisors) & activeOnly}
-     *
+	 * @param regionUuids
+	 * @param districtUuids
+	 * @param filterByCurrentUserJurisdiction
+	 * @param activeOnly
+	 * @param userRights
+	 */
+	public List<UserReference> getUserReferences(List<String> regionUuids, List<String> districtUuids, boolean activeOnly, UserRight... userRights) {
+
+		return getUserReferences(regionUuids, districtUuids, null, activeOnly, userRights);
+	}
+
+	public List<UserReference> getUserReferences(
+		List<String> regionUuids,
+		List<String> districtUuids,
+		List<String> communityUuids,
+		boolean activeOnly,
+		UserRight... userRights) {
+		return getUserReferences(regionUuids, districtUuids, communityUuids, activeOnly, null, userRights);
+	}
+
+	public List<UserReference> getUserReferences(
+		List<String> regionUuids,
+		List<String> districtUuids,
+		List<String> communityUuids,
+		boolean activeOnly,
+		Disease limitedDisease,
+		UserRight... userRights) {
+		return getUserReferences(regionUuids, districtUuids, communityUuids, activeOnly, limitedDisease, false, Arrays.asList(userRights));
+	}
+
+	/**
+	 * Loads users filtered by combinable filter conditions.<br />
+	 * Condition combination if parameter is set:<br />
+	 * {@code ((regionUuids & districtUuids & communityUuids & filterByJurisdiction & userRoles) | includeSupervisors) & activeOnly}
+	 *
 	 * @see #createCurrentUserJurisdictionFilter(CriteriaBuilder, From)
-     * @param regionUuids
-     * @param districtUuids
-     * @param communityUuids
-     * @param filterByJurisdiction
-     * @param activeOnly
-     * @param userRights
-     */
-    public List<UserReference> getUserReferences(
-            List<String> regionUuids,
-            List<String> districtUuids,
-            List<String> communityUuids,
-            boolean activeOnly,
-            Disease limitedDisease,
-            boolean excludeLimitedDiseaseUsers,
-            List<UserRight> userRights) {
-
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
-        Root<UserReference> root = cq.from(UserReference.class);
-        Root<User> userRoot = cq.from(User.class);
-        cq.select(root);
-
-        // WHERE inner AND
-        Predicate filter = null;
-        boolean userEntityJoinUsed = false;
-
-        if (CollectionUtils.isNotEmpty(regionUuids)) {
-            Join<User, Region> regionJoin = userRoot.join(User.REGION, JoinType.LEFT);
-            filter = CriteriaBuilderHelper.and(cb, filter, cb.in(regionJoin.get(AbstractDomainObject.UUID)).value(regionUuids));
-            userEntityJoinUsed = true;
-        }
-        if (CollectionUtils.isNotEmpty(districtUuids)) {
-            Join<User, District> districtJoin = userRoot.join(User.DISTRICT, JoinType.LEFT);
-            Join<User, Region> userRegionJoin = userRoot.join(User.REGION, JoinType.LEFT);
-            Join<Region, District> districtRegionJoin = userRegionJoin.join(Region.DISTRICTS, JoinType.LEFT);
-
-            Predicate districtFilter = cb.or(
-                    cb.in(districtJoin.get(AbstractDomainObject.UUID)).value(districtUuids),
-                    cb.and(
-                            cb.in(districtRegionJoin.get(AbstractDomainObject.UUID)).value(districtUuids),
-                            cb.equal(root.get(UserReference.JURISDICTION_LEVEL), JurisdictionLevel.REGION)));
-
-            filter = CriteriaBuilderHelper.and(cb, filter, districtFilter);
-            userEntityJoinUsed = true;
-        }
-        if (!hasRight(UserRight.SEE_PERSONAL_DATA_OUTSIDE_JURISDICTION)) {
-            filter = CriteriaBuilderHelper.and(cb, filter, createCurrentUserJurisdictionFilter(cb, userRoot));
-            userEntityJoinUsed = true;
-        }
-
-        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(userRoot, userRights));
-
-        if (userEntityJoinUsed) {
-            filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(root.get(UserReference.ID), userRoot.get(AbstractDomainObject.ID)));
-        }
-
-        // WHERE outer AND
-        if (activeOnly) {
-            filter = CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, root));
-        }
-
-        // eliminate users that are limited to others diseases
-        if (limitedDisease != null) {
-            Predicate restrictOtherLimitedDiseaseUsers = cb.or(
-                    cb.isNull(userRoot.get(User.LIMITED_DISEASES)),
-                    cb.like(userRoot.get(User.LIMITED_DISEASES).as(String.class), "%" + limitedDisease.name() + '%'));
-            filter = CriteriaBuilderHelper.and(cb, filter, restrictOtherLimitedDiseaseUsers);
-        }
-
-        //exlude users with limited diseases
-        if (excludeLimitedDiseaseUsers) {
-            filter = CriteriaBuilderHelper.and(cb, filter, cb.isNull(userRoot.get(User.LIMITED_DISEASES)));
-        }
-
-        if (CollectionUtils.isNotEmpty(communityUuids)) {
-            Join<User, Community> communityJoin = userRoot.join(User.COMMUNITY, JoinType.LEFT);
-            filter = CriteriaBuilderHelper.and(cb, filter, cb.in(communityJoin.get(AbstractDomainObject.UUID)).value(communityUuids));
-        }
-
-        if (filter != null) {
-            cq.where(filter);
-        }
-
-        cq.distinct(true);
-        cq.orderBy(cb.asc(root.get(AbstractDomainObject.ID)));
-
-        return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
-    }
-
-    public List<UserReference> getUserRefsByInfrastructure(
-            String infrastructureUuid,
-            JurisdictionLevel jurisdictionLevel,
-            JurisdictionLevel allowedJurisdictionLevel,
-            Disease limitedDisease,
-            UserRight... userRights) {
-
-        if (jurisdictionLevel.getOrder() < allowedJurisdictionLevel.getOrder()) {
-            return Collections.emptyList();
-        }
-
-        InfrastructureAdo baseInfrastructure;
-        switch (jurisdictionLevel) {
-            case HEALTH_FACILITY:
-            case LABORATORY:
-            case EXTERNAL_LABORATORY:
-                baseInfrastructure = facilityService.getByUuid(infrastructureUuid);
-                break;
-            case POINT_OF_ENTRY:
-                baseInfrastructure = pointOfEntryService.getByUuid(infrastructureUuid);
-                break;
-            case COMMUNITY:
-                baseInfrastructure = communityService.getByUuid(infrastructureUuid);
-                break;
-            case DISTRICT:
-                baseInfrastructure = districtService.getByUuid(infrastructureUuid);
-                break;
-            case REGION:
-                baseInfrastructure = regionService.getByUuid(infrastructureUuid);
-                break;
-            case NATION:
-                baseInfrastructure = null;
-                break;
-            default:
-                throw new IllegalArgumentException("Unsupported jurisdiction level: " + jurisdictionLevel.name());
-        }
-
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
-        Root<UserReference> root = cq.from(UserReference.class);
-        Root<User> userRoot = cq.from(User.class);
-        UserQueryContext queryContext = new UserQueryContext(cb, cq, userRoot);
-        UserJoins joins = queryContext.getJoins();
-        cq.select(root);
-
-        Predicate filter = CriteriaBuilderHelper.and(cb, createDefaultFilter(cb, root), cb.equal(root.get(UserReference.ID), userRoot.get(User.ID)));
-
-        Predicate jurisdictionFilter = null;
-        while (jurisdictionLevel.getOrder() >= allowedJurisdictionLevel.getOrder()) {
-            Predicate jurisdictionPredicate = createUserRefsByInfrastructurePredicate(
-                    cb,
-                    joins,
-                    baseInfrastructure != null ? baseInfrastructure.getUuid() : null,
-                    jurisdictionLevel);
-            jurisdictionFilter = CriteriaBuilderHelper.or(cb, jurisdictionFilter, jurisdictionPredicate);
-
-            if (jurisdictionLevel.getOrder() > 1) {
-                jurisdictionLevel = baseInfrastructure instanceof Facility && ((Facility) baseInfrastructure).getCommunity() != null
-                        ? JurisdictionLevel.COMMUNITY
-                        : InfrastructureHelper.getSuperordinateJurisdiction(jurisdictionLevel);
-                if (jurisdictionLevel.getOrder() > 1 && baseInfrastructure != null) {
-                    baseInfrastructure = JurisdictionHelper.getParentInfrastructure(baseInfrastructure, jurisdictionLevel);
-                }
-            } else {
-                break;
-            }
-        }
-
-        filter = CriteriaBuilderHelper.and(cb, filter, jurisdictionFilter);
-
-        if (limitedDisease != null) {
-            Predicate restrictOtherLimitedDiseaseUsers = cb.or(
-                    cb.isNull(userRoot.get(User.LIMITED_DISEASES)),
-                    cb.like(userRoot.get(User.LIMITED_DISEASES).as(String.class), "%" + limitedDisease.name() + "%"));
-            filter = CriteriaBuilderHelper.and(cb, filter, restrictOtherLimitedDiseaseUsers);
-        }
-
-        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(userRoot, Arrays.asList(userRights)));
-
-        cq.where(filter);
-        cq.distinct(true);
-        cq.orderBy(cb.asc(root.get(AbstractDomainObject.ID)));
-
-        return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
-    }
-
-    private Predicate createUserRefsByInfrastructurePredicate(
-            CriteriaBuilder cb,
-            UserJoins joins,
-            String infrastructureUuid,
-            JurisdictionLevel jurisdictionLevel) {
-
-        Predicate predicate = null;
-
-        switch (jurisdictionLevel) {
-            case HEALTH_FACILITY:
-                predicate = cb.equal(joins.getHealthFacility().get(Facility.UUID), infrastructureUuid);
-                break;
-            case LABORATORY:
-            case EXTERNAL_LABORATORY:
-                predicate = cb.equal(joins.getLaboratory().get(Facility.UUID), infrastructureUuid);
-                break;
-            case COMMUNITY:
-                predicate = cb.and(
-                        cb.isNull(joins.getHealthFacility()),
-                        cb.isNull(joins.getLaboratory()),
-                        cb.equal(joins.getCommunity().get(Community.UUID), infrastructureUuid));
-                break;
-            case POINT_OF_ENTRY:
-                predicate = cb.equal(joins.getPointOfEntry().get(PointOfEntry.UUID), infrastructureUuid);
-                break;
-            case DISTRICT:
-                predicate = cb.and(
-                        cb.isNull(joins.getCommunity()),
-                        cb.isNull(joins.getHealthFacility()),
-                        cb.isNull(joins.getLaboratory()),
-                        cb.isNull(joins.getPointOfEntry()),
-                        cb.equal(joins.getDistrict().get(District.UUID), infrastructureUuid));
-                break;
-            case REGION:
-                predicate = cb.and(
-                        cb.isNull(joins.getDistrict()),
-                        cb.isNull(joins.getLaboratory()),
-                        cb.equal(joins.getRegion().get(Region.UUID), infrastructureUuid));
-                break;
-            case NATION:
-                predicate = cb.and(cb.isNull(joins.getRegion()), cb.isNull(joins.getLaboratory()));
-                break;
-            default:
-                break;
-        }
-
-        return predicate;
-    }
-
-    public List<UserReference> getUserReferencesByJurisdictions(
-            List<String> regionUuids,
-            List<String> districtUuids,
-            List<String> communityUuids,
-            Collection<JurisdictionLevel> jurisdictionLevels,
-            Collection<UserRight> userRights) {
-
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
-        Root<UserReference> root = cq.from(UserReference.class);
-        Root<User> userRoot = cq.from(User.class);
-        cq.select(root);
-
-        // WHERE inner AND
-        Predicate filter = createDefaultFilter(cb, root);
-        boolean userEntityJoinUsed = false;
-
-        if (CollectionUtils.isNotEmpty(regionUuids)) {
-            Join<User, Region> regionJoin = userRoot.join(User.REGION, JoinType.LEFT);
-            filter = CriteriaBuilderHelper.and(cb, filter, cb.in(regionJoin.get(AbstractDomainObject.UUID)).value(regionUuids));
-            userEntityJoinUsed = true;
-        }
-        if (CollectionUtils.isNotEmpty(districtUuids)) {
-            Join<User, District> districtJoin = userRoot.join(User.DISTRICT, JoinType.LEFT);
-            filter = CriteriaBuilderHelper.and(cb, filter, cb.in(districtJoin.get(AbstractDomainObject.UUID)).value(districtUuids));
-            userEntityJoinUsed = true;
-        }
-        if (CollectionUtils.isNotEmpty(communityUuids)) {
-            Join<User, Community> communityJoin = userRoot.join(User.COMMUNITY, JoinType.LEFT);
-            filter = CriteriaBuilderHelper.and(cb, filter, cb.in(communityJoin.get(AbstractDomainObject.UUID)).value(communityUuids));
-            userEntityJoinUsed = true;
-        }
-        if (CollectionUtils.isNotEmpty(jurisdictionLevels)) {
-            filter = CriteriaBuilderHelper.and(cb, filter, root.get(UserReference.JURISDICTION_LEVEL).in(jurisdictionLevels));
-        }
-        Predicate userRightsFilter = buildUserRightsFilter(userRoot, userRights);
-        if (userRightsFilter != null) {
-            filter = CriteriaBuilderHelper.and(cb, filter, userRightsFilter);
-            userEntityJoinUsed = true;
-        }
-
-        if (userEntityJoinUsed) {
-            filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(root.get(UserReference.ID), userRoot.get(AbstractDomainObject.ID)));
-        }
-
-        Join<Object, Object> rolesJoin = root.join(User.USER_ROLES, JoinType.LEFT);
-        filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(rolesJoin.get(UserRole.RESTRICT_ACCESS_TO_ASSIGNED_ENTITIES), false));
-
-        if (filter != null) {
-            cq.where(filter);
-        }
-
-        cq.distinct(true);
-        cq.orderBy(cb.asc(root.get(AbstractDomainObject.ID)));
-
-        return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
-    }
-
-    public List<UserReference> getUserReferencesByIds(Collection<Long> userIds) {
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
-        Root<UserReference> root = cq.from(UserReference.class);
-
-        cq.where(root.get(UserReference.ID).in(userIds));
-
-        return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
-    }
-
-    public User getRandomDistrictUser(District district, UserRight... userRights) {
-
-        return getRandomUser(
-                getUserReferencesByJurisdictions(
-                        null,
-                        Collections.singletonList(district.getUuid()),
-                        null,
-                        Collections.singletonList(JurisdictionLevel.DISTRICT),
-                        Arrays.asList(userRights)));
-    }
-
-    public User getRandomRegionUser(Region region, UserRight... userRights) {
-
-        return getRandomUser(
-                getUserReferencesByJurisdictions(
-                        Collections.singletonList(region.getUuid()),
-                        null,
-                        null,
-                        Collections.singletonList(JurisdictionLevel.REGION),
-                        Arrays.asList(userRights)));
-    }
-
-    public User getRandomUser(List<UserReference> candidates) {
-
-        if (CollectionUtils.isEmpty(candidates)) {
-            return null;
-        }
-
-        UserReference chosenUser = candidates.get(new Random().nextInt(candidates.size()));
-        return getByUuid(chosenUser.getUuid());
-    }
-
-    public List<User> getFacilityUsersOfHospital(Facility facility) {
-
-        if (facility == null || !FacilityType.HOSPITAL.equals(facility.getType())) {
-            throw new IllegalArgumentException("Facility needs to be a hospital");
-        }
-
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-        Root<User> from = cq.from(getElementClass());
-
-        Predicate filter = cb.and(
-                createDefaultFilter(cb, from),
-                cb.equal(from.get(User.HEALTH_FACILITY), facility),
-                cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.HEALTH_FACILITY));
-
-        cq.where(filter).distinct(true);
-        return em.createQuery(cq).getResultList();
-    }
-
-    public List<User> getLabUsersOfLab(Facility facility) {
-
-        if (facility == null || facility.getType() != FacilityType.LABORATORY) {
-            throw new IllegalArgumentException("Facility needs to be a laboratory");
-        }
-
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-        Root<User> from = cq.from(getElementClass());
-
-        Predicate filter = cb.and(
-                createDefaultFilter(cb, from),
-                cb.equal(from.get(User.LABORATORY), facility),
-                from.get(User.JURISDICTION_LEVEL).in(JurisdictionLevel.LABORATORY, JurisdictionLevel.EXTERNAL_LABORATORY));
-
-        cq.where(filter).distinct(true);
-
-        return em.createQuery(cq).getResultList();
-    }
-
-    /**
-     * @param associatedOfficer
-     * @param userRights
-     * @return
-     */
-    public List<User> getAllByAssociatedOfficer(User associatedOfficer, UserRight[] userRights) {
-
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-        Root<User> from = cq.from(getElementClass());
-
-        Predicate filter = cb.and(createDefaultFilter(cb, from), cb.equal(from.get(User.ASSOCIATED_OFFICER), associatedOfficer));
-        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRights)));
-        cq.where(filter);
-
-        cq.orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
-
-        return em.createQuery(cq).getResultList();
-    }
-
-    public Map<String, User> getResponsibleUsersByEventUuids(List<String> eventUuids) {
-
-        Map<String, User> responsibleUserByEventUuid = new HashMap<>();
-        IterableHelper.executeBatched(eventUuids, ModelConstants.PARAMETER_LIMIT, batchedEventUuids -> {
-            CriteriaBuilder cb = em.getCriteriaBuilder();
-            CriteriaQuery<Object[]> cq = cb.createQuery(Object[].class);
-            Root<Event> eventRoot = cq.from(Event.class);
-            Join<Event, User> responsibleUserJoin = eventRoot.join(Event.RESPONSIBLE_USER, JoinType.LEFT);
-
-            cq.where(cb.and(createDefaultFilter(cb, responsibleUserJoin), eventRoot.get(Event.UUID).in(batchedEventUuids)));
-            cq.multiselect(eventRoot.get(Event.UUID), responsibleUserJoin);
-
-            cq.orderBy(cb.asc(eventRoot.get(Event.UUID)));
-
-            responsibleUserByEventUuid
-                    .putAll(em.createQuery(cq).getResultList().stream().collect(Collectors.toMap(row -> (String) row[0], row -> (User) row[1])));
-        });
-        return responsibleUserByEventUuid;
-    }
-
-    public boolean isLoginUnique(String excludedUuid, String userName) {
-        User user = getByUserName(userName);
-        return user == null || user.getUuid().equals(excludedUuid);
-    }
-
-    public String resetPassword(String userUuid) {
-        User user = getByUuid(userUuid);
-        if (user == null) {
-            return null;
-        }
-
-        String password = setNewPassword(user);
-        ensurePersisted(user);
-
-        return password;
-    }
-
-    public static String setNewPassword(User user) {
-        String password = PasswordHelper.createPass(12);
-        user.setSeed(PasswordHelper.createPass(16));
-        user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
-
-        return password;
-    }
-
-    public String generatePassword() {
-        return PasswordHelper.createPass(12);
-    }
-
-    public String updatePassword(String userUuid, String password) {
-        
-        User user = getByUuid(userUuid);
-        if (user == null && password == null) {
-            return null;
-        }
-        if (user == null) {
-            throw new IllegalArgumentException("User not found for UUID: " + userUuid);
-        }
-        user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
-        ensurePersisted(user);
-
-        return password;
-    }
-
-    public Predicate buildCriteriaFilter(UserCriteria userCriteria, CriteriaBuilder cb, Root<User> from) {
-
-        Predicate filter = null;
-        if (userCriteria.getActive() != null) {
-            filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.ACTIVE), userCriteria.getActive()));
-        }
-        if (userCriteria.getUserRole() != null) {
-            filter = CriteriaBuilderHelper.and(
-                    cb,
-                    filter,
-                    cb.equal(from.join(User.USER_ROLES, JoinType.LEFT).get(AbstractDomainObject.UUID), userCriteria.getUserRole().getUuid()));
-        }
-        if (userCriteria.getRegion() != null) {
-            filter = CriteriaBuilderHelper
-                    .and(cb, filter, cb.equal(from.join(User.REGION, JoinType.LEFT).get(AbstractDomainObject.UUID), userCriteria.getRegion().getUuid()));
-        }
-        if (userCriteria.getDistrict() != null) {
-            filter = CriteriaBuilderHelper.and(
-                    cb,
-                    filter,
-                    cb.equal(from.join(User.DISTRICT, JoinType.LEFT).get(AbstractDomainObject.UUID), userCriteria.getDistrict().getUuid()));
-        }
-        if (userCriteria.getFreeText() != null) {
-            String[] textFilters = userCriteria.getFreeText().split("\\s+");
-            for (String textFilter : textFilters) {
-                if (DataHelper.isNullOrEmpty(textFilter)) {
-                    continue;
-                }
-
-                Predicate likeFilters = cb.or(
-                        CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.FIRST_NAME), textFilter),
-                        CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.LAST_NAME), textFilter),
-                        CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.USER_NAME), textFilter),
-                        CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.USER_EMAIL), textFilter),
-                        CriteriaBuilderHelper.ilike(cb, from.get(User.PHONE), textFilter),
-                        CriteriaBuilderHelper.ilike(cb, from.get(User.UUID), textFilter));
-                filter = CriteriaBuilderHelper.and(cb, filter, likeFilters);
-            }
-        }
-
-        return filter;
-    }
-
-    @SuppressWarnings("rawtypes")
-    @Override
-    public Predicate createUserFilter(CriteriaBuilder cb, CriteriaQuery cq, From<?, User> from) {
-        // a user can read all other users
-        return null;
-    }
-
-    public Predicate createCurrentUserJurisdictionFilter(CriteriaBuilder cb, From<?, User> from) {
-        User currentUser = getCurrentUser();
-
-        if (currentUser.getHealthFacility() != null) {
-            return cb.equal(from.get(User.HEALTH_FACILITY), currentUser.getHealthFacility());
-        } else if (currentUser.getPointOfEntry() != null) {
-            return cb.equal(from.get(User.POINT_OF_ENTRY), currentUser.getPointOfEntry());
-        } else if (currentUser.getLaboratory() != null) {
-            return cb.equal(from.get(User.LABORATORY), currentUser.getLaboratory());
-        } else if (currentUser.getCommunity() != null) {
-            return cb.equal(from.get(User.COMMUNITY), currentUser.getCommunity());
-        } else if (currentUser.getDistrict() != null) {
-            return cb.equal(from.get(User.DISTRICT), currentUser.getDistrict());
-        } else if (currentUser.getRegion() != null) {
-            return cb.equal(from.get(User.REGION), currentUser.getRegion());
-        } else {
-            return cb.conjunction();
-        }
-    }
-
-    public Predicate buildUserRightsFilter(Root<User> from, Collection<UserRight> userRights) {
-
-        if (userRights != null && !userRights.isEmpty()) {
-            Join<User, UserRole> rolesJoin = from.join(User.USER_ROLES, JoinType.LEFT);
-            Join<UserRole, UserRight> rightsJoin = rolesJoin.join(UserRole.USER_RIGHTS, JoinType.LEFT);
-            return rightsJoin.in(Collections.singletonList(userRights));
-        }
-
-        return null;
-    }
-
-    public Long countByAssignedOfficer(User officer, UserRight userRights) {
-
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<Long> cq = cb.createQuery(Long.class);
-        Root<User> from = cq.from(getElementClass());
-        Predicate filter = cb.equal(from.get(User.ASSOCIATED_OFFICER), officer);
-        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRights)));
-        cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
-        cq.select(cb.count(from));
-        return em.createQuery(cq).getSingleResult();
-    }
-
-    /**
+	 * @param regionUuids
+	 * @param districtUuids
+	 * @param communityUuids
+	 * @param filterByJurisdiction
+	 * @param activeOnly
+	 * @param userRights
+	 */
+	public List<UserReference> getUserReferences(
+		List<String> regionUuids,
+		List<String> districtUuids,
+		List<String> communityUuids,
+		boolean activeOnly,
+		Disease limitedDisease,
+		boolean excludeLimitedDiseaseUsers,
+		List<UserRight> userRights) {
+
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
+		Root<UserReference> root = cq.from(UserReference.class);
+		Root<User> userRoot = cq.from(User.class);
+		cq.select(root);
+
+		// WHERE inner AND
+		Predicate filter = null;
+		boolean userEntityJoinUsed = false;
+
+		if (CollectionUtils.isNotEmpty(regionUuids)) {
+			Join<User, Region> regionJoin = userRoot.join(User.REGION, JoinType.LEFT);
+			filter = CriteriaBuilderHelper.and(cb, filter, cb.in(regionJoin.get(AbstractDomainObject.UUID)).value(regionUuids));
+			userEntityJoinUsed = true;
+		}
+		if (CollectionUtils.isNotEmpty(districtUuids)) {
+			Join<User, District> districtJoin = userRoot.join(User.DISTRICT, JoinType.LEFT);
+			Join<User, Region> userRegionJoin = userRoot.join(User.REGION, JoinType.LEFT);
+			Join<Region, District> districtRegionJoin = userRegionJoin.join(Region.DISTRICTS, JoinType.LEFT);
+
+			Predicate districtFilter = cb.or(
+				cb.in(districtJoin.get(AbstractDomainObject.UUID)).value(districtUuids),
+				cb.and(
+					cb.in(districtRegionJoin.get(AbstractDomainObject.UUID)).value(districtUuids),
+					cb.equal(root.get(UserReference.JURISDICTION_LEVEL), JurisdictionLevel.REGION)));
+
+			filter = CriteriaBuilderHelper.and(cb, filter, districtFilter);
+			userEntityJoinUsed = true;
+		}
+		if (!hasRight(UserRight.SEE_PERSONAL_DATA_OUTSIDE_JURISDICTION)) {
+			filter = CriteriaBuilderHelper.and(cb, filter, createCurrentUserJurisdictionFilter(cb, userRoot));
+			userEntityJoinUsed = true;
+		}
+
+		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(userRoot, userRights));
+
+		if (userEntityJoinUsed) {
+			filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(root.get(UserReference.ID), userRoot.get(AbstractDomainObject.ID)));
+		}
+
+		// WHERE outer AND
+		if (activeOnly) {
+			filter = CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, root));
+		}
+
+		// eliminate users that are limited to others diseases
+		if (limitedDisease != null) {
+			Predicate restrictOtherLimitedDiseaseUsers = cb.or(
+				cb.isNull(userRoot.get(User.LIMITED_DISEASES)),
+				cb.like(userRoot.get(User.LIMITED_DISEASES).as(String.class), "%" + limitedDisease.name() + '%'));
+			filter = CriteriaBuilderHelper.and(cb, filter, restrictOtherLimitedDiseaseUsers);
+		}
+
+		//exlude users with limited diseases
+		if (excludeLimitedDiseaseUsers) {
+			filter = CriteriaBuilderHelper.and(cb, filter, cb.isNull(userRoot.get(User.LIMITED_DISEASES)));
+		}
+
+		if (CollectionUtils.isNotEmpty(communityUuids)) {
+			Join<User, Community> communityJoin = userRoot.join(User.COMMUNITY, JoinType.LEFT);
+			filter = CriteriaBuilderHelper.and(cb, filter, cb.in(communityJoin.get(AbstractDomainObject.UUID)).value(communityUuids));
+		}
+
+		if (filter != null) {
+			cq.where(filter);
+		}
+
+		cq.distinct(true);
+		cq.orderBy(cb.asc(root.get(AbstractDomainObject.ID)));
+
+		return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
+	}
+
+	public List<UserReference> getUserRefsByInfrastructure(
+		String infrastructureUuid,
+		JurisdictionLevel jurisdictionLevel,
+		JurisdictionLevel allowedJurisdictionLevel,
+		Disease limitedDisease,
+		UserRight... userRights) {
+
+		if (jurisdictionLevel.getOrder() < allowedJurisdictionLevel.getOrder()) {
+			return Collections.emptyList();
+		}
+
+		InfrastructureAdo baseInfrastructure;
+		switch (jurisdictionLevel) {
+		case HEALTH_FACILITY:
+		case LABORATORY:
+		case EXTERNAL_LABORATORY:
+			baseInfrastructure = facilityService.getByUuid(infrastructureUuid);
+			break;
+		case POINT_OF_ENTRY:
+			baseInfrastructure = pointOfEntryService.getByUuid(infrastructureUuid);
+			break;
+		case COMMUNITY:
+			baseInfrastructure = communityService.getByUuid(infrastructureUuid);
+			break;
+		case DISTRICT:
+			baseInfrastructure = districtService.getByUuid(infrastructureUuid);
+			break;
+		case REGION:
+			baseInfrastructure = regionService.getByUuid(infrastructureUuid);
+			break;
+		case NATION:
+			baseInfrastructure = null;
+			break;
+		default:
+			throw new IllegalArgumentException("Unsupported jurisdiction level: " + jurisdictionLevel.name());
+		}
+
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
+		Root<UserReference> root = cq.from(UserReference.class);
+		Root<User> userRoot = cq.from(User.class);
+		UserQueryContext queryContext = new UserQueryContext(cb, cq, userRoot);
+		UserJoins joins = queryContext.getJoins();
+		cq.select(root);
+
+		Predicate filter = CriteriaBuilderHelper.and(cb, createDefaultFilter(cb, root), cb.equal(root.get(UserReference.ID), userRoot.get(User.ID)));
+
+		Predicate jurisdictionFilter = null;
+		while (jurisdictionLevel.getOrder() >= allowedJurisdictionLevel.getOrder()) {
+			Predicate jurisdictionPredicate = createUserRefsByInfrastructurePredicate(
+				cb,
+				joins,
+				baseInfrastructure != null ? baseInfrastructure.getUuid() : null,
+				jurisdictionLevel);
+			jurisdictionFilter = CriteriaBuilderHelper.or(cb, jurisdictionFilter, jurisdictionPredicate);
+
+			if (jurisdictionLevel.getOrder() > 1) {
+				jurisdictionLevel = baseInfrastructure instanceof Facility && ((Facility) baseInfrastructure).getCommunity() != null
+					? JurisdictionLevel.COMMUNITY
+					: InfrastructureHelper.getSuperordinateJurisdiction(jurisdictionLevel);
+				if (jurisdictionLevel.getOrder() > 1 && baseInfrastructure != null) {
+					baseInfrastructure = JurisdictionHelper.getParentInfrastructure(baseInfrastructure, jurisdictionLevel);
+				}
+			} else {
+				break;
+			}
+		}
+
+		filter = CriteriaBuilderHelper.and(cb, filter, jurisdictionFilter);
+
+		if (limitedDisease != null) {
+			Predicate restrictOtherLimitedDiseaseUsers = cb.or(
+				cb.isNull(userRoot.get(User.LIMITED_DISEASES)),
+				cb.like(userRoot.get(User.LIMITED_DISEASES).as(String.class), "%" + limitedDisease.name() + "%"));
+			filter = CriteriaBuilderHelper.and(cb, filter, restrictOtherLimitedDiseaseUsers);
+		}
+
+		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(userRoot, Arrays.asList(userRights)));
+
+		cq.where(filter);
+		cq.distinct(true);
+		cq.orderBy(cb.asc(root.get(AbstractDomainObject.ID)));
+
+		return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
+	}
+
+	private Predicate createUserRefsByInfrastructurePredicate(
+		CriteriaBuilder cb,
+		UserJoins joins,
+		String infrastructureUuid,
+		JurisdictionLevel jurisdictionLevel) {
+
+		Predicate predicate = null;
+
+		switch (jurisdictionLevel) {
+		case HEALTH_FACILITY:
+			predicate = cb.equal(joins.getHealthFacility().get(Facility.UUID), infrastructureUuid);
+			break;
+		case LABORATORY:
+		case EXTERNAL_LABORATORY:
+			predicate = cb.equal(joins.getLaboratory().get(Facility.UUID), infrastructureUuid);
+			break;
+		case COMMUNITY:
+			predicate = cb.and(
+				cb.isNull(joins.getHealthFacility()),
+				cb.isNull(joins.getLaboratory()),
+				cb.equal(joins.getCommunity().get(Community.UUID), infrastructureUuid));
+			break;
+		case POINT_OF_ENTRY:
+			predicate = cb.equal(joins.getPointOfEntry().get(PointOfEntry.UUID), infrastructureUuid);
+			break;
+		case DISTRICT:
+			predicate = cb.and(
+				cb.isNull(joins.getCommunity()),
+				cb.isNull(joins.getHealthFacility()),
+				cb.isNull(joins.getLaboratory()),
+				cb.isNull(joins.getPointOfEntry()),
+				cb.equal(joins.getDistrict().get(District.UUID), infrastructureUuid));
+			break;
+		case REGION:
+			predicate = cb.and(
+				cb.isNull(joins.getDistrict()),
+				cb.isNull(joins.getLaboratory()),
+				cb.equal(joins.getRegion().get(Region.UUID), infrastructureUuid));
+			break;
+		case NATION:
+			predicate = cb.and(cb.isNull(joins.getRegion()), cb.isNull(joins.getLaboratory()));
+			break;
+		default:
+			break;
+		}
+
+		return predicate;
+	}
+
+	public List<UserReference> getUserReferencesByJurisdictions(
+		List<String> regionUuids,
+		List<String> districtUuids,
+		List<String> communityUuids,
+		Collection<JurisdictionLevel> jurisdictionLevels,
+		Collection<UserRight> userRights) {
+
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
+		Root<UserReference> root = cq.from(UserReference.class);
+		Root<User> userRoot = cq.from(User.class);
+		cq.select(root);
+
+		// WHERE inner AND
+		Predicate filter = createDefaultFilter(cb, root);
+		boolean userEntityJoinUsed = false;
+
+		if (CollectionUtils.isNotEmpty(regionUuids)) {
+			Join<User, Region> regionJoin = userRoot.join(User.REGION, JoinType.LEFT);
+			filter = CriteriaBuilderHelper.and(cb, filter, cb.in(regionJoin.get(AbstractDomainObject.UUID)).value(regionUuids));
+			userEntityJoinUsed = true;
+		}
+		if (CollectionUtils.isNotEmpty(districtUuids)) {
+			Join<User, District> districtJoin = userRoot.join(User.DISTRICT, JoinType.LEFT);
+			filter = CriteriaBuilderHelper.and(cb, filter, cb.in(districtJoin.get(AbstractDomainObject.UUID)).value(districtUuids));
+			userEntityJoinUsed = true;
+		}
+		if (CollectionUtils.isNotEmpty(communityUuids)) {
+			Join<User, Community> communityJoin = userRoot.join(User.COMMUNITY, JoinType.LEFT);
+			filter = CriteriaBuilderHelper.and(cb, filter, cb.in(communityJoin.get(AbstractDomainObject.UUID)).value(communityUuids));
+			userEntityJoinUsed = true;
+		}
+		if (CollectionUtils.isNotEmpty(jurisdictionLevels)) {
+			filter = CriteriaBuilderHelper.and(cb, filter, root.get(UserReference.JURISDICTION_LEVEL).in(jurisdictionLevels));
+		}
+		Predicate userRightsFilter = buildUserRightsFilter(userRoot, userRights);
+		if (userRightsFilter != null) {
+			filter = CriteriaBuilderHelper.and(cb, filter, userRightsFilter);
+			userEntityJoinUsed = true;
+		}
+
+		if (userEntityJoinUsed) {
+			filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(root.get(UserReference.ID), userRoot.get(AbstractDomainObject.ID)));
+		}
+
+		Join<Object, Object> rolesJoin = root.join(User.USER_ROLES, JoinType.LEFT);
+		filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(rolesJoin.get(UserRole.RESTRICT_ACCESS_TO_ASSIGNED_ENTITIES), false));
+
+		if (filter != null) {
+			cq.where(filter);
+		}
+
+		cq.distinct(true);
+		cq.orderBy(cb.asc(root.get(AbstractDomainObject.ID)));
+
+		return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
+	}
+
+	public List<UserReference> getUserReferencesByIds(Collection<Long> userIds) {
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<UserReference> cq = cb.createQuery(UserReference.class);
+		Root<UserReference> root = cq.from(UserReference.class);
+
+		cq.where(root.get(UserReference.ID).in(userIds));
+
+		return em.createQuery(cq).setHint(ModelConstants.READ_ONLY, true).getResultList();
+	}
+
+	public User getRandomDistrictUser(District district, UserRight... userRights) {
+
+		return getRandomUser(
+			getUserReferencesByJurisdictions(
+				null,
+				Collections.singletonList(district.getUuid()),
+				null,
+				Collections.singletonList(JurisdictionLevel.DISTRICT),
+				Arrays.asList(userRights)));
+	}
+
+	public User getRandomRegionUser(Region region, UserRight... userRights) {
+
+		return getRandomUser(
+			getUserReferencesByJurisdictions(
+				Collections.singletonList(region.getUuid()),
+				null,
+				null,
+				Collections.singletonList(JurisdictionLevel.REGION),
+				Arrays.asList(userRights)));
+	}
+
+	public User getRandomUser(List<UserReference> candidates) {
+
+		if (CollectionUtils.isEmpty(candidates)) {
+			return null;
+		}
+
+		UserReference chosenUser = candidates.get(new Random().nextInt(candidates.size()));
+		return getByUuid(chosenUser.getUuid());
+	}
+
+	public List<User> getFacilityUsersOfHospital(Facility facility) {
+
+		if (facility == null || !FacilityType.HOSPITAL.equals(facility.getType())) {
+			throw new IllegalArgumentException("Facility needs to be a hospital");
+		}
+
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+		Root<User> from = cq.from(getElementClass());
+
+		Predicate filter = cb.and(
+			createDefaultFilter(cb, from),
+			cb.equal(from.get(User.HEALTH_FACILITY), facility),
+			cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.HEALTH_FACILITY));
+
+		cq.where(filter).distinct(true);
+		return em.createQuery(cq).getResultList();
+	}
+
+	public List<User> getLabUsersOfLab(Facility facility) {
+
+		if (facility == null || facility.getType() != FacilityType.LABORATORY) {
+			throw new IllegalArgumentException("Facility needs to be a laboratory");
+		}
+
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+		Root<User> from = cq.from(getElementClass());
+
+		Predicate filter = cb.and(
+			createDefaultFilter(cb, from),
+			cb.equal(from.get(User.LABORATORY), facility),
+			from.get(User.JURISDICTION_LEVEL).in(JurisdictionLevel.LABORATORY, JurisdictionLevel.EXTERNAL_LABORATORY));
+
+		cq.where(filter).distinct(true);
+
+		return em.createQuery(cq).getResultList();
+	}
+
+	/**
+	 * @param associatedOfficer
+	 * @param userRights
+	 * @return
+	 */
+	public List<User> getAllByAssociatedOfficer(User associatedOfficer, UserRight[] userRights) {
+
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+		Root<User> from = cq.from(getElementClass());
+
+		Predicate filter = cb.and(createDefaultFilter(cb, from), cb.equal(from.get(User.ASSOCIATED_OFFICER), associatedOfficer));
+		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRights)));
+		cq.where(filter);
+
+		cq.orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
+
+		return em.createQuery(cq).getResultList();
+	}
+
+	public Map<String, User> getResponsibleUsersByEventUuids(List<String> eventUuids) {
+
+		Map<String, User> responsibleUserByEventUuid = new HashMap<>();
+		IterableHelper.executeBatched(eventUuids, ModelConstants.PARAMETER_LIMIT, batchedEventUuids -> {
+			CriteriaBuilder cb = em.getCriteriaBuilder();
+			CriteriaQuery<Object[]> cq = cb.createQuery(Object[].class);
+			Root<Event> eventRoot = cq.from(Event.class);
+			Join<Event, User> responsibleUserJoin = eventRoot.join(Event.RESPONSIBLE_USER, JoinType.LEFT);
+
+			cq.where(cb.and(createDefaultFilter(cb, responsibleUserJoin), eventRoot.get(Event.UUID).in(batchedEventUuids)));
+			cq.multiselect(eventRoot.get(Event.UUID), responsibleUserJoin);
+
+			cq.orderBy(cb.asc(eventRoot.get(Event.UUID)));
+
+			responsibleUserByEventUuid
+				.putAll(em.createQuery(cq).getResultList().stream().collect(Collectors.toMap(row -> (String) row[0], row -> (User) row[1])));
+		});
+		return responsibleUserByEventUuid;
+	}
+
+	public boolean isLoginUnique(String excludedUuid, String userName) {
+		User user = getByUserName(userName);
+		return user == null || user.getUuid().equals(excludedUuid);
+	}
+
+	public String resetPassword(String userUuid) {
+		User user = getByUuid(userUuid);
+		if (user == null) {
+			return null;
+		}
+
+		String password = setNewPassword(user);
+		ensurePersisted(user);
+
+		return password;
+	}
+
+	public static String setNewPassword(User user) {
+		String password = PasswordHelper.createPass(12);
+		user.setSeed(PasswordHelper.createPass(16));
+		user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
+
+		return password;
+	}
+
+	public String generatePassword() {
+		return PasswordHelper.createPass(12);
+	}
+
+	public String updatePassword(String userUuid, String password) {
+
+		User user = getByUuid(userUuid);
+		if (user == null && password == null) {
+			return null;
+		}
+		if (user == null) {
+			throw new IllegalArgumentException("User not found for UUID: " + userUuid);
+		}
+		user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
+		ensurePersisted(user);
+
+		return password;
+	}
+
+	public Predicate buildCriteriaFilter(UserCriteria userCriteria, CriteriaBuilder cb, Root<User> from) {
+
+		Predicate filter = null;
+		if (userCriteria.getActive() != null) {
+			filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.ACTIVE), userCriteria.getActive()));
+		}
+		if (userCriteria.getUserRole() != null) {
+			filter = CriteriaBuilderHelper.and(
+				cb,
+				filter,
+				cb.equal(from.join(User.USER_ROLES, JoinType.LEFT).get(AbstractDomainObject.UUID), userCriteria.getUserRole().getUuid()));
+		}
+		if (userCriteria.getRegion() != null) {
+			filter = CriteriaBuilderHelper
+				.and(cb, filter, cb.equal(from.join(User.REGION, JoinType.LEFT).get(AbstractDomainObject.UUID), userCriteria.getRegion().getUuid()));
+		}
+		if (userCriteria.getDistrict() != null) {
+			filter = CriteriaBuilderHelper.and(
+				cb,
+				filter,
+				cb.equal(from.join(User.DISTRICT, JoinType.LEFT).get(AbstractDomainObject.UUID), userCriteria.getDistrict().getUuid()));
+		}
+		if (userCriteria.getFreeText() != null) {
+			String[] textFilters = userCriteria.getFreeText().split("\\s+");
+			for (String textFilter : textFilters) {
+				if (DataHelper.isNullOrEmpty(textFilter)) {
+					continue;
+				}
+
+				Predicate likeFilters = cb.or(
+					CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.FIRST_NAME), textFilter),
+					CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.LAST_NAME), textFilter),
+					CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.USER_NAME), textFilter),
+					CriteriaBuilderHelper.unaccentedIlike(cb, from.get(User.USER_EMAIL), textFilter),
+					CriteriaBuilderHelper.ilike(cb, from.get(User.PHONE), textFilter),
+					CriteriaBuilderHelper.ilike(cb, from.get(User.UUID), textFilter));
+				filter = CriteriaBuilderHelper.and(cb, filter, likeFilters);
+			}
+		}
+
+		return filter;
+	}
+
+	@SuppressWarnings("rawtypes")
+	@Override
+	public Predicate createUserFilter(CriteriaBuilder cb, CriteriaQuery cq, From<?, User> from) {
+		// a user can read all other users
+		return null;
+	}
+
+	public Predicate createCurrentUserJurisdictionFilter(CriteriaBuilder cb, From<?, User> from) {
+		User currentUser = getCurrentUser();
+
+		if (currentUser.getHealthFacility() != null) {
+			return cb.equal(from.get(User.HEALTH_FACILITY), currentUser.getHealthFacility());
+		} else if (currentUser.getPointOfEntry() != null) {
+			return cb.equal(from.get(User.POINT_OF_ENTRY), currentUser.getPointOfEntry());
+		} else if (currentUser.getLaboratory() != null) {
+			return cb.equal(from.get(User.LABORATORY), currentUser.getLaboratory());
+		} else if (currentUser.getCommunity() != null) {
+			return cb.equal(from.get(User.COMMUNITY), currentUser.getCommunity());
+		} else if (currentUser.getDistrict() != null) {
+			return cb.equal(from.get(User.DISTRICT), currentUser.getDistrict());
+		} else if (currentUser.getRegion() != null) {
+			return cb.equal(from.get(User.REGION), currentUser.getRegion());
+		} else {
+			return cb.conjunction();
+		}
+	}
+
+	public Predicate buildUserRightsFilter(Root<User> from, Collection<UserRight> userRights) {
+
+		if (userRights != null && !userRights.isEmpty()) {
+			Join<User, UserRole> rolesJoin = from.join(User.USER_ROLES, JoinType.LEFT);
+			Join<UserRole, UserRight> rightsJoin = rolesJoin.join(UserRole.USER_RIGHTS, JoinType.LEFT);
+			return rightsJoin.in(Collections.singletonList(userRights));
+		}
+
+		return null;
+	}
+
+	public Long countByAssignedOfficer(User officer, UserRight userRights) {
+
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<Long> cq = cb.createQuery(Long.class);
+		Root<User> from = cq.from(getElementClass());
+		Predicate filter = cb.equal(from.get(User.ASSOCIATED_OFFICER), officer);
+		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRights)));
+		cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
+		cq.select(cb.count(from));
+		return em.createQuery(cq).getSingleResult();
+	}
+
+	/**
 	 *
-     * @param districts
-     * @param userRight
-     * @return Number of users with specified UserRight on district level
-     */
-    public Long countByDistricts(List<District> districts, UserRight userRight) {
-
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<Long> cq = cb.createQuery(Long.class);
-        Root<User> from = cq.from(getElementClass());
-        Predicate filter = from.get(User.DISTRICT).in(districts);
-        filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.DISTRICT));
-        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
-        cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
-        cq.select(cb.count(from));
-        return em.createQuery(cq).getSingleResult();
-    }
-
-    /**
+	 * @param districts
+	 * @param userRight
+	 * @return Number of users with specified UserRight on district level
+	 */
+	public Long countByDistricts(List<District> districts, UserRight userRight) {
+
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<Long> cq = cb.createQuery(Long.class);
+		Root<User> from = cq.from(getElementClass());
+		Predicate filter = from.get(User.DISTRICT).in(districts);
+		filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.DISTRICT));
+		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
+		cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
+		cq.select(cb.count(from));
+		return em.createQuery(cq).getSingleResult();
+	}
+
+	/**
 	 *
-     * @param districts
-     * @return Number of users with specified UserRight on community level
-     */
-    public Long countByCommunities(List<District> districts, UserRight userRight) {
-
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<Long> cq = cb.createQuery(Long.class);
-        Root<User> from = cq.from(getElementClass());
-        Predicate filter = from.get(User.COMMUNITY).get(Community.DISTRICT).in(districts);
-        filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.COMMUNITY));
-        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
-        cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
-        cq.select(cb.count(from));
-        return em.createQuery(cq).getSingleResult();
-    }
-
-    /**
+	 * @param districts
+	 * @return Number of users with specified UserRight on community level
+	 */
+	public Long countByCommunities(List<District> districts, UserRight userRight) {
+
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<Long> cq = cb.createQuery(Long.class);
+		Root<User> from = cq.from(getElementClass());
+		Predicate filter = from.get(User.COMMUNITY).get(Community.DISTRICT).in(districts);
+		filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.COMMUNITY));
+		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
+		cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
+		cq.select(cb.count(from));
+		return em.createQuery(cq).getSingleResult();
+	}
+
+	/**
 	 *
-     * @param districts
-     * @return Number of users with specified UserRight on health facility level
-     */
-    public Long countByHealthFacilities(List<District> districts, UserRight userRight) {
-
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<Long> cq = cb.createQuery(Long.class);
-        Root<User> from = cq.from(getElementClass());
-        Predicate filter = from.get(User.HEALTH_FACILITY).get(Facility.DISTRICT).in(districts);
-        filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.HEALTH_FACILITY));
-        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
-        cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
-        cq.select(cb.count(from));
-        return em.createQuery(cq).getSingleResult();
-    }
-
-    /**
+	 * @param districts
+	 * @return Number of users with specified UserRight on health facility level
+	 */
+	public Long countByHealthFacilities(List<District> districts, UserRight userRight) {
+
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<Long> cq = cb.createQuery(Long.class);
+		Root<User> from = cq.from(getElementClass());
+		Predicate filter = from.get(User.HEALTH_FACILITY).get(Facility.DISTRICT).in(districts);
+		filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.HEALTH_FACILITY));
+		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
+		cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
+		cq.select(cb.count(from));
+		return em.createQuery(cq).getSingleResult();
+	}
+
+	/**
 	 *
-     * @param districts
-     * @return Number of users with specified UserRight on pointOfEntry level
-     */
-    public Long countByPointOfEntries(List<District> districts, UserRight userRight) {
-
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<Long> cq = cb.createQuery(Long.class);
-        Root<User> from = cq.from(getElementClass());
-        Predicate filter = from.get(User.POINT_OF_ENTRY).get(PointOfEntry.DISTRICT).in(districts);
-        filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.POINT_OF_ENTRY));
-        filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
-        cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
-        cq.select(cb.count(from));
-        return em.createQuery(cq).getSingleResult();
-    }
-
-    public boolean hasRole(UserRole userRole) {
-        return getCurrentUser().getUserRoles().contains(userRole);
-    }
-
-    public boolean hasRegion(RegionReferenceDto regionReference) {
-        User currentUser = getCurrentUser();
-        if (currentUser.getRegion() == null) {
-            return false;
-        }
-        return currentUser.getRegion().getUuid().equals(regionReference.getUuid());
-    }
-
-    /**
+	 * @param districts
+	 * @return Number of users with specified UserRight on pointOfEntry level
+	 */
+	public Long countByPointOfEntries(List<District> districts, UserRight userRight) {
+
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<Long> cq = cb.createQuery(Long.class);
+		Root<User> from = cq.from(getElementClass());
+		Predicate filter = from.get(User.POINT_OF_ENTRY).get(PointOfEntry.DISTRICT).in(districts);
+		filter = CriteriaBuilderHelper.and(cb, filter, cb.equal(from.get(User.JURISDICTION_LEVEL), JurisdictionLevel.POINT_OF_ENTRY));
+		filter = CriteriaBuilderHelper.and(cb, filter, buildUserRightsFilter(from, Arrays.asList(userRight)));
+		cq.where(CriteriaBuilderHelper.and(cb, filter, createDefaultFilter(cb, from)));
+		cq.select(cb.count(from));
+		return em.createQuery(cq).getSingleResult();
+	}
+
+	public boolean hasRole(UserRole userRole) {
+		return getCurrentUser().getUserRoles().contains(userRole);
+	}
+
+	public boolean hasRegion(RegionReferenceDto regionReference) {
+		User currentUser = getCurrentUser();
+		if (currentUser.getRegion() == null) {
+			return false;
+		}
+		return currentUser.getRegion().getUuid().equals(regionReference.getUuid());
+	}
+
+	/**
 	 * @param root
 	 *            root to {@link User} or {@link UserReference}.
-     */
-    private Predicate createDefaultFilter(CriteriaBuilder cb, From<?, ?> root) {
-        return cb.isTrue(root.get(User.ACTIVE));
-    }
-
-    public List<User> getAllActive() {
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-        Root<User> from = cq.from(getElementClass());
-        cq.where(createDefaultFilter(cb, from));
-        cq.orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
-
-        return em.createQuery(cq).getResultList();
-    }
-
-    public List<User> getAllDefaultUsers() {
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-        Root<User> from = cq.from(getElementClass());
-        cq.where(cb.and(createDefaultFilter(cb, from), from.get(User.USER_NAME).in(DefaultEntityHelper.getDefaultUserNames())));
-        cq.orderBy(cb.asc(from.get(User.USER_NAME)));
-
-        return em.createQuery(cq).getResultList();
-    }
-
-    public List<User> getAllByFacilityType(FacilityType facilityType) {
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<User> cq = cb.createQuery(getElementClass());
-        Root<User> from = cq.from(getElementClass());
-        cq.where(cb.equal(from.join(User.HEALTH_FACILITY, JoinType.LEFT).get(Facility.TYPE), facilityType));
-
-        return em.createQuery(cq).getResultList();
-    }
-
-    public long countWithRole(UserRoleReferenceDto userRoleRef) {
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<Long> cq = cb.createQuery(Long.class);
-        Root<User> from = cq.from(getElementClass());
-
-        cq.select(cb.count(from));
-        cq.where(cb.equal(from.join(User.USER_ROLES, JoinType.LEFT).get(UserRole.UUID), userRoleRef.getUuid()));
-
-        return em.createQuery(cq).getSingleResult();
-
-    }
-
-    public List<User> getAllWithRole(UserRole userRoleRef) {
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<User> cq = cb.createQuery(User.class);
-        Root<User> from = cq.from(getElementClass());
-
-        cq.where(cb.equal(from.join(User.USER_ROLES, JoinType.LEFT).get(UserRole.UUID), userRoleRef.getUuid()));
-
-        return em.createQuery(cq).getResultList();
-    }
-
-    public List<User> getAllWithOnlyRole(UserRoleReferenceDto userRoleRef) {
-        CriteriaBuilder cb = em.getCriteriaBuilder();
-        CriteriaQuery<User> cq = cb.createQuery(User.class);
-        Root<User> from = cq.from(getElementClass());
-        Join<Object, Object> rolesJoin = from.join(User.USER_ROLES, JoinType.LEFT);
-
-        Subquery<Long> roleCount = cq.subquery(Long.class);
-        Root<User> roleCountFrom = roleCount.from(User.class);
-
-        roleCount.select(cb.count(roleCountFrom.join(User.USER_ROLES, JoinType.LEFT).get(UserRole.ID)));
-        roleCount.where(cb.equal(from.get(User.ID), roleCountFrom.get(User.ID)));
-
-        cq.where(cb.equal(rolesJoin.get(UserRole.UUID), userRoleRef.getUuid()), cb.equal(roleCount, 1));
-
-        return em.createQuery(cq).getResultList();
-    }
-
-    /**
-     * Triggers the user sync asynchronously to not block the deployment step
-     */
-    public void syncUserAsync(User user) {
-        try {
-            UserUpdateEvent event = new UserUpdateEvent(user);
-            event.setExceptionCallback(exceptionMessage -> logger.error("Could not synchronize user {} due to {}", user.getUuid(), exceptionMessage));
-
-            this.userUpdateEvent.fireAsync(event);
-        } catch (Throwable e) {
-            logger.error(MessageFormat.format("Unexpected exception when synchronizing user {0}", user.getUuid()), e);
-        }
-    }
-
-    public boolean isPortHealthUser() {
-        User user = getCurrentUser();
-        Set<UserRoleDto> userRoleDtos = user.getUserRoles().stream().map(UserRoleFacadeEjb::toDto).collect(Collectors.toSet());
-        return userRoleFacade.isPortHealthUser(userRoleDtos);
-    }
-
-    public Predicate inJurisdictionOrOwned(CriteriaBuilder cb, UserJoins joins) {
-        return new UserJurisdictionPredicateValidator(cb, getCurrentUser(), null, joins).inJurisdictionOrOwned();
-    }
+	 */
+	private Predicate createDefaultFilter(CriteriaBuilder cb, From<?, ?> root) {
+		return cb.isTrue(root.get(User.ACTIVE));
+	}
+
+	public List<User> getAllActive() {
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+		Root<User> from = cq.from(getElementClass());
+		cq.where(createDefaultFilter(cb, from));
+		cq.orderBy(cb.asc(from.get(AbstractDomainObject.ID)));
+
+		return em.createQuery(cq).getResultList();
+	}
+
+	public List<User> getAllDefaultUsers() {
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+		Root<User> from = cq.from(getElementClass());
+		cq.where(cb.and(createDefaultFilter(cb, from), from.get(User.USER_NAME).in(DefaultEntityHelper.getDefaultUserNames())));
+		cq.orderBy(cb.asc(from.get(User.USER_NAME)));
+
+		return em.createQuery(cq).getResultList();
+	}
+
+	public List<User> getAllByFacilityType(FacilityType facilityType) {
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<User> cq = cb.createQuery(getElementClass());
+		Root<User> from = cq.from(getElementClass());
+		cq.where(cb.equal(from.join(User.HEALTH_FACILITY, JoinType.LEFT).get(Facility.TYPE), facilityType));
+
+		return em.createQuery(cq).getResultList();
+	}
+
+	public long countWithRole(UserRoleReferenceDto userRoleRef) {
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<Long> cq = cb.createQuery(Long.class);
+		Root<User> from = cq.from(getElementClass());
+
+		cq.select(cb.count(from));
+		cq.where(cb.equal(from.join(User.USER_ROLES, JoinType.LEFT).get(UserRole.UUID), userRoleRef.getUuid()));
+
+		return em.createQuery(cq).getSingleResult();
+
+	}
+
+	public List<User> getAllWithRole(UserRole userRoleRef) {
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<User> cq = cb.createQuery(User.class);
+		Root<User> from = cq.from(getElementClass());
+
+		cq.where(cb.equal(from.join(User.USER_ROLES, JoinType.LEFT).get(UserRole.UUID), userRoleRef.getUuid()));
+
+		return em.createQuery(cq).getResultList();
+	}
+
+	public List<User> getAllWithOnlyRole(UserRoleReferenceDto userRoleRef) {
+		CriteriaBuilder cb = em.getCriteriaBuilder();
+		CriteriaQuery<User> cq = cb.createQuery(User.class);
+		Root<User> from = cq.from(getElementClass());
+		Join<Object, Object> rolesJoin = from.join(User.USER_ROLES, JoinType.LEFT);
+
+		Subquery<Long> roleCount = cq.subquery(Long.class);
+		Root<User> roleCountFrom = roleCount.from(User.class);
+
+		roleCount.select(cb.count(roleCountFrom.join(User.USER_ROLES, JoinType.LEFT).get(UserRole.ID)));
+		roleCount.where(cb.equal(from.get(User.ID), roleCountFrom.get(User.ID)));
+
+		cq.where(cb.equal(rolesJoin.get(UserRole.UUID), userRoleRef.getUuid()), cb.equal(roleCount, 1));
+
+		return em.createQuery(cq).getResultList();
+	}
+
+	/**
+	 * Triggers the user sync asynchronously to not block the deployment step
+	 */
+	public void syncUserAsync(User user) {
+		try {
+			UserUpdateEvent event = new UserUpdateEvent(user);
+			event.setExceptionCallback(exceptionMessage -> logger.error("Could not synchronize user {} due to {}", user.getUuid(), exceptionMessage));
+
+			this.userUpdateEvent.fireAsync(event);
+		} catch (Throwable e) {
+			logger.error(MessageFormat.format("Unexpected exception when synchronizing user {0}", user.getUuid()), e);
+		}
+	}
+
+	public boolean isPortHealthUser() {
+		User user = getCurrentUser();
+		Set<UserRoleDto> userRoleDtos = user.getUserRoles().stream().map(UserRoleFacadeEjb::toDto).collect(Collectors.toSet());
+		return userRoleFacade.isPortHealthUser(userRoleDtos);
+	}
+
+	public Predicate inJurisdictionOrOwned(CriteriaBuilder cb, UserJoins joins) {
+		return new UserJurisdictionPredicateValidator(cb, getCurrentUser(), null, joins).inJurisdictionOrOwned();
+	}
 }
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java
index 8b4e79a9112..5c7f19a1a79 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java
@@ -1,17 +1,14 @@
 /*
  * SORMAS® - Surveillance Outbreak Response Management & Analysis System
  * Copyright © 2016-2020 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
- *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.
- *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  * GNU General Public License for more details.
- *
  * You should have received a copy of the GNU General Public License
  * along with this program. If not, see <https://www.gnu.org/licenses/>.
  */
@@ -28,14 +25,14 @@
  */
 public class PasswordResetEvent {
 
-    private final User user;
+	private final User user;
 
-    public PasswordResetEvent(User user) {
-        this.user = user;
-    }
+	public PasswordResetEvent(User user) {
+		this.user = user;
+	}
 
-    public User getUser() {
-        return user;
-    }
+	public User getUser() {
+		return user;
+	}
 
 }
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
index 78acb59a7a1..88959f4315d 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
@@ -280,811 +280,811 @@
 @MockitoSettings(strictness = Strictness.LENIENT)
 public abstract class AbstractBeanTest {
 
-    protected final TestDataCreator creator = new TestDataCreator(this);
-
-    protected UserDto nationalAdmin;
-
-    @BeforeAll
-    public static void beforeAll() {
-
-    }
-
-    @BeforeEach
-    public void beforeEach() {
-        // so we can override init
-        init();
-    }
-
-    @AfterEach
-    public void afterEach() {
-
-    }
-
-    /**
-     * Resets mocks to their initial state so that mock configurations are not
-     * shared between tests.
-     */
-    public void init() {
-
-        initH2Functions();
-
-        MockProducer.resetMocks();
-
-        // this is used to provide the current user to the ADO Listener taking care of updating the last change user
-        System.setProperty("java.naming.factory.initial", MockProducer.class.getCanonicalName());
-        try {
-            when(InitialContext.doLookup("java:global/sormas-ear/sormas-backend/CurrentUserService")).thenReturn(getCurrentUserService());
-        } catch (NamingException e) {
-            e.printStackTrace();
-        }
-
-        useNationalAdminLogin();
-
-        when(MockProducer.getSessionContext().isCallerInRole(any(String.class))).thenAnswer(invocationOnMock -> {
-            String role = invocationOnMock.getArgument(0);
-            UserRight userRight = UserRight.valueOf(role);
-            return getCurrentUserService().getCurrentUser()
-                    .getUserRoles()
-                    .stream()
-                    .anyMatch(userRole -> userRole.getUserRights().contains(userRight));
-        });
-
-        I18nProperties.setUserLanguage(Language.EN);
-
-        createDiseaseConfigurations();
-    }
-
-    protected void initH2Functions() {
-        executeInTransaction(em -> {
-            Query nativeQuery = em.createNativeQuery("CREATE ALIAS similarity FOR \"de.symeda.sormas.backend.H2Function.similarity\"");
-            nativeQuery.executeUpdate();
-            nativeQuery = em.createNativeQuery("CREATE ALIAS date_part FOR \"de.symeda.sormas.backend.H2Function.date_part\"");
-            nativeQuery.executeUpdate();
-            nativeQuery = em.createNativeQuery("CREATE ALIAS epi_week FOR \"de.symeda.sormas.backend.H2Function.epi_week\"");
-            nativeQuery.executeUpdate();
-            nativeQuery = em.createNativeQuery("CREATE ALIAS epi_year FOR \"de.symeda.sormas.backend.H2Function.epi_year\"");
-            nativeQuery.executeUpdate();
-            nativeQuery = em.createNativeQuery("CREATE ALIAS similarity_operator FOR \"de.symeda.sormas.backend.H2Function.similarity_operator\"");
-            nativeQuery.executeUpdate();
-            nativeQuery = em.createNativeQuery("CREATE ALIAS set_limit FOR \"de.symeda.sormas.backend.H2Function.set_limit\"");
-            nativeQuery.executeUpdate();
-            nativeQuery = em.createNativeQuery("CREATE ALIAS date FOR \"de.symeda.sormas.backend.H2Function.date\"");
-            nativeQuery.executeUpdate();
-            nativeQuery = em
-                    .createNativeQuery("CREATE ALIAS timestamp_subtract_14_days FOR \"de.symeda.sormas.backend.H2Function.timestamp_subtract_14_days\"");
-            nativeQuery.executeUpdate();
-            nativeQuery = em.createNativeQuery("CREATE ALIAS at_end_of_day FOR \"de.symeda.sormas.backend.H2Function.at_end_of_day\"");
-            nativeQuery.executeUpdate();
-        });
-    }
-
-    private void createDiseaseConfigurations() {
-        List<DiseaseConfiguration> diseaseConfigurations = getDiseaseConfigurationService().getAll();
-        List<Disease> configuredDiseases = diseaseConfigurations.stream().map(DiseaseConfiguration::getDisease).collect(Collectors.toList());
-        Arrays.stream(Disease.values()).filter(d -> !configuredDiseases.contains(d)).forEach(d -> {
-            DiseaseConfiguration configuration = DiseaseConfiguration.build(d);
-            getDiseaseConfigurationService().ensurePersisted(configuration);
-        });
-    }
-
-    protected <T> T getBean(Class<T> beanClass, Annotation... qualifiers) {
-        return ContextControlWrapper.getInstance().getContextualReference(beanClass, qualifiers);
-    }
-
-    public void executeInTransaction(Consumer<EntityManager> callback) {
-        getBean(TransactionalTestEjb.class).executeInTransaction(callback);
-    }
-
-    public <R> R executeInTransaction(Function<EntityManager, R> callback) {
-        return getBean(TransactionalTestEjb.class).executeInTransaction(callback);
-    }
-
-    public <T, R> R executeInTransaction(BiFunction<EntityManager, T, R> callback, T param) {
-        return getBean(TransactionalTestEjb.class).executeInTransaction(callback, param);
-    }
-
-    /**
-     * This is private, because the entity manager does not have an active transaction when called from a test method
-     * and should not be used in test code.
-     * Use executeInTransaction or getEntityAttached instead!
-     */
-    private EntityManager getEntityManager() {
-        return getBean(EntityManager.class);
-    }
-
-    /**
-     * Attaches the entity to the persistence context
-     * <b>Important</b>: The entity will only be attached until the next ejb call is concluded, which clears the entity manager.
-     */
-    public <E extends AbstractDomainObject> E mergeToEntityManager(E entity) {
-        return getEntityManager().contains(entity) ? entity : getEntityManager().merge(entity);
-    }
-
-    public UserRole getEagerUserRole(String uuid) {
-        return executeInTransaction(em -> {
-            UserRole userRole = getUserRoleService().getByUuid(uuid);
-            initUserRole(userRole);
-            return userRole;
-        });
-    }
-
-    public User getEagerUser(String uuid) {
-        return executeInTransaction(em -> {
-            User user = getUserService().getByUuid(uuid);
-            for (UserRole userRole : user.getUserRoles()) {
-                initUserRole(userRole);
-            }
-            return user;
-        });
-    }
-
-    /**
-     * Initializes lazy references.
-     */
-    private void initUserRole(UserRole userRole) {
-        userRole.getEmailNotificationTypes().size();
-        userRole.getSmsNotificationTypes().size();
-    }
-
-    protected void createDeletionConfigurations() {
-        createDeletionConfigurations(DeletableEntityType.CASE, DeletionReference.CREATION);
-        createDeletionConfigurations(DeletableEntityType.CONTACT, DeletionReference.CREATION);
-        createDeletionConfigurations(DeletableEntityType.EVENT, DeletionReference.CREATION);
-        createDeletionConfigurations(DeletableEntityType.EVENT_PARTICIPANT, DeletionReference.CREATION);
-        createDeletionConfigurations(DeletableEntityType.IMMUNIZATION, DeletionReference.CREATION);
-        createDeletionConfigurations(DeletableEntityType.TRAVEL_ENTRY, DeletionReference.CREATION);
-    }
-
-    protected void createDeletionConfigurations(DeletableEntityType deletableEntityType, DeletionReference automaticDeletionReference) {
-        DeletionConfigurationService deletionConfigurationService = getBean(DeletionConfigurationService.class);
-        deletionConfigurationService.ensurePersisted(DeletionConfiguration.build(deletableEntityType, automaticDeletionReference, 3650));
-        deletionConfigurationService.ensurePersisted(DeletionConfiguration.build(deletableEntityType, DeletionReference.MANUAL_DELETION, 90));
-    }
-
-    protected void createFeatureConfiguration(FeatureType featureType, boolean enabled) {
-        createFeatureConfiguration(featureType, enabled, null);
-    }
-
-    protected void createFeatureConfiguration(FeatureType featureType, boolean enabled, Map<FeatureTypeProperty, Object> properties) {
-        FeatureConfigurationIndexDto featureConfiguration =
-                new FeatureConfigurationIndexDto(DataHelper.createUuid(), null, null, null, null, null, enabled, null);
-        getFeatureConfigurationFacade().saveFeatureConfiguration(featureConfiguration, featureType);
-        if (properties != null) {
-            executeInTransaction(em -> {
-                Query query = em.createQuery("select f from featureconfiguration f where featureType = '" + featureType.name() + "'");
-                FeatureConfiguration singleResult = (FeatureConfiguration) query.getSingleResult();
-                singleResult.setProperties(properties);
-                em.persist(singleResult);
-            });
-        }
-    }
-
-    public ConfigFacade getConfigFacade() {
-        return getBean(ConfigFacadeEjbLocal.class);
-    }
-
-    /**
-     * Using local bean here to avoid multiple transactions in test.
-     *
-     * @return
-     */
-    public CaseFacadeEjb getCaseFacade() {
-        return getBean(CaseFacadeEjbLocal.class);
-    }
-
-    public CaseService getCaseService() {
-        return getBean(CaseService.class);
-    }
-
-    public ImmunizationFacadeEjbLocal getImmunizationFacade() {
-        return getBean(ImmunizationFacadeEjbLocal.class);
-    }
-
-    public ImmunizationService getImmunizationService() {
-        return getBean(ImmunizationService.class);
-    }
-
-    public VaccinationFacade getVaccinationFacade() {
-        return getBean(VaccinationFacadeEjb.VaccinationFacadeEjbLocal.class);
-    }
-
-    public VaccinationService getVaccinationService() {
-        return getBean(VaccinationService.class);
-    }
-
-    public TravelEntryFacade getTravelEntryFacade() {
-        return getBean(TravelEntryFacadeEjb.TravelEntryFacadeEjbLocal.class);
-    }
-
-    public TravelEntryService getTravelEntryService() {
-        return getBean(TravelEntryService.class);
-    }
-
-    public CaseStatisticsFacade getCaseStatisticsFacade() {
-        return getBean(CaseStatisticsFacadeEjbLocal.class);
-    }
-
-    public ContactFacadeEjbLocal getContactFacade() {
-        return getBean(ContactFacadeEjbLocal.class);
-    }
-
-    public ContactService getContactService() {
-        return getBean(ContactService.class);
-    }
-
-    public DashboardFacade getDashboardFacade() {
-        return getBean(DashboardFacadeEjb.DashboardFacadeEjbLocal.class);
-    }
-
-    public SampleDashboardFacade getSampleDashboardFacade() {
-        return getBean(SampleDashboardFacadeEjb.SampleDashboardFacadeEjbLocal.class);
-    }
-
-    public DashboardService getDashboardService() {
-        return getBean(DashboardService.class);
-    }
-
-    public EventFacadeEjbLocal getEventFacade() {
-        return getBean(EventFacadeEjbLocal.class);
-    }
-
-    public EventService getEventService() {
-        return getBean(EventService.class);
-    }
-
-    public EventParticipantFacadeEjbLocal getEventParticipantFacade() {
-        return getBean(EventParticipantFacadeEjbLocal.class);
-    }
-
-    public EventParticipantService getEventParticipantService() {
-        return getBean(EventParticipantService.class);
-    }
-
-    public SurveillanceReportFacade getSurveillanceReportFacade() {
-        return getBean(SurveillanceReportFacadeEjb.SurveillanceReportFacadeEjbLocal.class);
-    }
-
-    public SurveillanceReportService getSurveillanceReportService() {
-        return getBean(SurveillanceReportService.class);
-    }
-
-    public ActionFacade getActionFacade() {
-        return getBean(ActionFacadeEjb.ActionFacadeEjbLocal.class);
-    }
-
-    public AggregateReportFacade getAggregateReportFacade() {
-        return getBean(AggregateReportFacadeEjb.AggregateReportFacadeEjbLocal.class);
-    }
-
-    public VisitFacade getVisitFacade() {
-        return getBean(VisitFacadeEjbLocal.class);
-    }
-
-    public VisitService getVisitService() {
-        return getBean(VisitService.class);
-    }
-
-    public PersonFacadeEjbLocal getPersonFacade() {
-        return getBean(PersonFacadeEjbLocal.class);
-    }
+	protected final TestDataCreator creator = new TestDataCreator(this);
+
+	protected UserDto nationalAdmin;
+
+	@BeforeAll
+	public static void beforeAll() {
+
+	}
+
+	@BeforeEach
+	public void beforeEach() {
+		// so we can override init
+		init();
+	}
+
+	@AfterEach
+	public void afterEach() {
+
+	}
+
+	/**
+	 * Resets mocks to their initial state so that mock configurations are not
+	 * shared between tests.
+	 */
+	public void init() {
+
+		initH2Functions();
+
+		MockProducer.resetMocks();
+
+		// this is used to provide the current user to the ADO Listener taking care of updating the last change user
+		System.setProperty("java.naming.factory.initial", MockProducer.class.getCanonicalName());
+		try {
+			when(InitialContext.doLookup("java:global/sormas-ear/sormas-backend/CurrentUserService")).thenReturn(getCurrentUserService());
+		} catch (NamingException e) {
+			e.printStackTrace();
+		}
+
+		useNationalAdminLogin();
+
+		when(MockProducer.getSessionContext().isCallerInRole(any(String.class))).thenAnswer(invocationOnMock -> {
+			String role = invocationOnMock.getArgument(0);
+			UserRight userRight = UserRight.valueOf(role);
+			return getCurrentUserService().getCurrentUser()
+				.getUserRoles()
+				.stream()
+				.anyMatch(userRole -> userRole.getUserRights().contains(userRight));
+		});
+
+		I18nProperties.setUserLanguage(Language.EN);
+
+		createDiseaseConfigurations();
+	}
+
+	protected void initH2Functions() {
+		executeInTransaction(em -> {
+			Query nativeQuery = em.createNativeQuery("CREATE ALIAS similarity FOR \"de.symeda.sormas.backend.H2Function.similarity\"");
+			nativeQuery.executeUpdate();
+			nativeQuery = em.createNativeQuery("CREATE ALIAS date_part FOR \"de.symeda.sormas.backend.H2Function.date_part\"");
+			nativeQuery.executeUpdate();
+			nativeQuery = em.createNativeQuery("CREATE ALIAS epi_week FOR \"de.symeda.sormas.backend.H2Function.epi_week\"");
+			nativeQuery.executeUpdate();
+			nativeQuery = em.createNativeQuery("CREATE ALIAS epi_year FOR \"de.symeda.sormas.backend.H2Function.epi_year\"");
+			nativeQuery.executeUpdate();
+			nativeQuery = em.createNativeQuery("CREATE ALIAS similarity_operator FOR \"de.symeda.sormas.backend.H2Function.similarity_operator\"");
+			nativeQuery.executeUpdate();
+			nativeQuery = em.createNativeQuery("CREATE ALIAS set_limit FOR \"de.symeda.sormas.backend.H2Function.set_limit\"");
+			nativeQuery.executeUpdate();
+			nativeQuery = em.createNativeQuery("CREATE ALIAS date FOR \"de.symeda.sormas.backend.H2Function.date\"");
+			nativeQuery.executeUpdate();
+			nativeQuery = em
+				.createNativeQuery("CREATE ALIAS timestamp_subtract_14_days FOR \"de.symeda.sormas.backend.H2Function.timestamp_subtract_14_days\"");
+			nativeQuery.executeUpdate();
+			nativeQuery = em.createNativeQuery("CREATE ALIAS at_end_of_day FOR \"de.symeda.sormas.backend.H2Function.at_end_of_day\"");
+			nativeQuery.executeUpdate();
+		});
+	}
+
+	private void createDiseaseConfigurations() {
+		List<DiseaseConfiguration> diseaseConfigurations = getDiseaseConfigurationService().getAll();
+		List<Disease> configuredDiseases = diseaseConfigurations.stream().map(DiseaseConfiguration::getDisease).collect(Collectors.toList());
+		Arrays.stream(Disease.values()).filter(d -> !configuredDiseases.contains(d)).forEach(d -> {
+			DiseaseConfiguration configuration = DiseaseConfiguration.build(d);
+			getDiseaseConfigurationService().ensurePersisted(configuration);
+		});
+	}
+
+	protected <T> T getBean(Class<T> beanClass, Annotation... qualifiers) {
+		return ContextControlWrapper.getInstance().getContextualReference(beanClass, qualifiers);
+	}
+
+	public void executeInTransaction(Consumer<EntityManager> callback) {
+		getBean(TransactionalTestEjb.class).executeInTransaction(callback);
+	}
+
+	public <R> R executeInTransaction(Function<EntityManager, R> callback) {
+		return getBean(TransactionalTestEjb.class).executeInTransaction(callback);
+	}
+
+	public <T, R> R executeInTransaction(BiFunction<EntityManager, T, R> callback, T param) {
+		return getBean(TransactionalTestEjb.class).executeInTransaction(callback, param);
+	}
+
+	/**
+	 * This is private, because the entity manager does not have an active transaction when called from a test method
+	 * and should not be used in test code.
+	 * Use executeInTransaction or getEntityAttached instead!
+	 */
+	private EntityManager getEntityManager() {
+		return getBean(EntityManager.class);
+	}
+
+	/**
+	 * Attaches the entity to the persistence context
+	 * <b>Important</b>: The entity will only be attached until the next ejb call is concluded, which clears the entity manager.
+	 */
+	public <E extends AbstractDomainObject> E mergeToEntityManager(E entity) {
+		return getEntityManager().contains(entity) ? entity : getEntityManager().merge(entity);
+	}
+
+	public UserRole getEagerUserRole(String uuid) {
+		return executeInTransaction(em -> {
+			UserRole userRole = getUserRoleService().getByUuid(uuid);
+			initUserRole(userRole);
+			return userRole;
+		});
+	}
+
+	public User getEagerUser(String uuid) {
+		return executeInTransaction(em -> {
+			User user = getUserService().getByUuid(uuid);
+			for (UserRole userRole : user.getUserRoles()) {
+				initUserRole(userRole);
+			}
+			return user;
+		});
+	}
+
+	/**
+	 * Initializes lazy references.
+	 */
+	private void initUserRole(UserRole userRole) {
+		userRole.getEmailNotificationTypes().size();
+		userRole.getSmsNotificationTypes().size();
+	}
+
+	protected void createDeletionConfigurations() {
+		createDeletionConfigurations(DeletableEntityType.CASE, DeletionReference.CREATION);
+		createDeletionConfigurations(DeletableEntityType.CONTACT, DeletionReference.CREATION);
+		createDeletionConfigurations(DeletableEntityType.EVENT, DeletionReference.CREATION);
+		createDeletionConfigurations(DeletableEntityType.EVENT_PARTICIPANT, DeletionReference.CREATION);
+		createDeletionConfigurations(DeletableEntityType.IMMUNIZATION, DeletionReference.CREATION);
+		createDeletionConfigurations(DeletableEntityType.TRAVEL_ENTRY, DeletionReference.CREATION);
+	}
+
+	protected void createDeletionConfigurations(DeletableEntityType deletableEntityType, DeletionReference automaticDeletionReference) {
+		DeletionConfigurationService deletionConfigurationService = getBean(DeletionConfigurationService.class);
+		deletionConfigurationService.ensurePersisted(DeletionConfiguration.build(deletableEntityType, automaticDeletionReference, 3650));
+		deletionConfigurationService.ensurePersisted(DeletionConfiguration.build(deletableEntityType, DeletionReference.MANUAL_DELETION, 90));
+	}
+
+	protected void createFeatureConfiguration(FeatureType featureType, boolean enabled) {
+		createFeatureConfiguration(featureType, enabled, null);
+	}
+
+	protected void createFeatureConfiguration(FeatureType featureType, boolean enabled, Map<FeatureTypeProperty, Object> properties) {
+		FeatureConfigurationIndexDto featureConfiguration =
+			new FeatureConfigurationIndexDto(DataHelper.createUuid(), null, null, null, null, null, enabled, null);
+		getFeatureConfigurationFacade().saveFeatureConfiguration(featureConfiguration, featureType);
+		if (properties != null) {
+			executeInTransaction(em -> {
+				Query query = em.createQuery("select f from featureconfiguration f where featureType = '" + featureType.name() + "'");
+				FeatureConfiguration singleResult = (FeatureConfiguration) query.getSingleResult();
+				singleResult.setProperties(properties);
+				em.persist(singleResult);
+			});
+		}
+	}
+
+	public ConfigFacade getConfigFacade() {
+		return getBean(ConfigFacadeEjbLocal.class);
+	}
+
+	/**
+	 * Using local bean here to avoid multiple transactions in test.
+	 *
+	 * @return
+	 */
+	public CaseFacadeEjb getCaseFacade() {
+		return getBean(CaseFacadeEjbLocal.class);
+	}
+
+	public CaseService getCaseService() {
+		return getBean(CaseService.class);
+	}
+
+	public ImmunizationFacadeEjbLocal getImmunizationFacade() {
+		return getBean(ImmunizationFacadeEjbLocal.class);
+	}
+
+	public ImmunizationService getImmunizationService() {
+		return getBean(ImmunizationService.class);
+	}
+
+	public VaccinationFacade getVaccinationFacade() {
+		return getBean(VaccinationFacadeEjb.VaccinationFacadeEjbLocal.class);
+	}
+
+	public VaccinationService getVaccinationService() {
+		return getBean(VaccinationService.class);
+	}
+
+	public TravelEntryFacade getTravelEntryFacade() {
+		return getBean(TravelEntryFacadeEjb.TravelEntryFacadeEjbLocal.class);
+	}
+
+	public TravelEntryService getTravelEntryService() {
+		return getBean(TravelEntryService.class);
+	}
+
+	public CaseStatisticsFacade getCaseStatisticsFacade() {
+		return getBean(CaseStatisticsFacadeEjbLocal.class);
+	}
+
+	public ContactFacadeEjbLocal getContactFacade() {
+		return getBean(ContactFacadeEjbLocal.class);
+	}
+
+	public ContactService getContactService() {
+		return getBean(ContactService.class);
+	}
+
+	public DashboardFacade getDashboardFacade() {
+		return getBean(DashboardFacadeEjb.DashboardFacadeEjbLocal.class);
+	}
+
+	public SampleDashboardFacade getSampleDashboardFacade() {
+		return getBean(SampleDashboardFacadeEjb.SampleDashboardFacadeEjbLocal.class);
+	}
+
+	public DashboardService getDashboardService() {
+		return getBean(DashboardService.class);
+	}
+
+	public EventFacadeEjbLocal getEventFacade() {
+		return getBean(EventFacadeEjbLocal.class);
+	}
+
+	public EventService getEventService() {
+		return getBean(EventService.class);
+	}
+
+	public EventParticipantFacadeEjbLocal getEventParticipantFacade() {
+		return getBean(EventParticipantFacadeEjbLocal.class);
+	}
+
+	public EventParticipantService getEventParticipantService() {
+		return getBean(EventParticipantService.class);
+	}
+
+	public SurveillanceReportFacade getSurveillanceReportFacade() {
+		return getBean(SurveillanceReportFacadeEjb.SurveillanceReportFacadeEjbLocal.class);
+	}
+
+	public SurveillanceReportService getSurveillanceReportService() {
+		return getBean(SurveillanceReportService.class);
+	}
+
+	public ActionFacade getActionFacade() {
+		return getBean(ActionFacadeEjb.ActionFacadeEjbLocal.class);
+	}
+
+	public AggregateReportFacade getAggregateReportFacade() {
+		return getBean(AggregateReportFacadeEjb.AggregateReportFacadeEjbLocal.class);
+	}
+
+	public VisitFacade getVisitFacade() {
+		return getBean(VisitFacadeEjbLocal.class);
+	}
+
+	public VisitService getVisitService() {
+		return getBean(VisitService.class);
+	}
+
+	public PersonFacadeEjbLocal getPersonFacade() {
+		return getBean(PersonFacadeEjbLocal.class);
+	}
 
-    public PersonService getPersonService() {
-        return getBean(PersonService.class);
-    }
+	public PersonService getPersonService() {
+		return getBean(PersonService.class);
+	}
 
-    public TaskFacade getTaskFacade() {
-        return getBean(TaskFacadeEjbLocal.class);
-    }
+	public TaskFacade getTaskFacade() {
+		return getBean(TaskFacadeEjbLocal.class);
+	}
 
-    public SampleFacade getSampleFacade() {
-        return getBean(SampleFacadeEjbLocal.class);
-    }
+	public SampleFacade getSampleFacade() {
+		return getBean(SampleFacadeEjbLocal.class);
+	}
 
-    public SampleService getSampleService() {
-        return getBean(SampleService.class);
-    }
+	public SampleService getSampleService() {
+		return getBean(SampleService.class);
+	}
 
-    public AdditionalTestFacade getAdditionalTestFacade() {
-        return getBean(AdditionalTestFacadeEjbLocal.class);
-    }
+	public AdditionalTestFacade getAdditionalTestFacade() {
+		return getBean(AdditionalTestFacadeEjbLocal.class);
+	}
 
-    public SymptomsService getSymptomsService() {
-        return getBean(SymptomsService.class);
-    }
+	public SymptomsService getSymptomsService() {
+		return getBean(SymptomsService.class);
+	}
 
-    public PointOfEntryFacade getPointOfEntryFacade() {
-        return getBean(PointOfEntryFacadeEjbLocal.class);
-    }
+	public PointOfEntryFacade getPointOfEntryFacade() {
+		return getBean(PointOfEntryFacadeEjbLocal.class);
+	}
 
-    public PortHealthInfoFacade getPortHealthInfoFacade() {
-        return getBean(PortHealthInfoFacadeEjbLocal.class);
-    }
+	public PortHealthInfoFacade getPortHealthInfoFacade() {
+		return getBean(PortHealthInfoFacadeEjbLocal.class);
+	}
 
-    public FacilityFacade getFacilityFacade() {
-        return getBean(FacilityFacadeEjbLocal.class);
-    }
+	public FacilityFacade getFacilityFacade() {
+		return getBean(FacilityFacadeEjbLocal.class);
+	}
 
-    public ContinentFacade getContinentFacade() {
-        return getBean(ContinentFacadeEjb.ContinentFacadeEjbLocal.class);
-    }
+	public ContinentFacade getContinentFacade() {
+		return getBean(ContinentFacadeEjb.ContinentFacadeEjbLocal.class);
+	}
 
-    public SubcontinentFacade getSubcontinentFacade() {
-        return getBean(SubcontinentFacadeEjb.SubcontinentFacadeEjbLocal.class);
-    }
+	public SubcontinentFacade getSubcontinentFacade() {
+		return getBean(SubcontinentFacadeEjb.SubcontinentFacadeEjbLocal.class);
+	}
 
-    public CountryFacade getCountryFacade() {
-        return getBean(CountryFacadeEjb.CountryFacadeEjbLocal.class);
-    }
+	public CountryFacade getCountryFacade() {
+		return getBean(CountryFacadeEjb.CountryFacadeEjbLocal.class);
+	}
 
-    public RegionFacade getRegionFacade() {
-        return getBean(RegionFacadeEjbLocal.class);
-    }
+	public RegionFacade getRegionFacade() {
+		return getBean(RegionFacadeEjbLocal.class);
+	}
 
-    public DistrictFacade getDistrictFacade() {
-        return getBean(DistrictFacadeEjbLocal.class);
-    }
+	public DistrictFacade getDistrictFacade() {
+		return getBean(DistrictFacadeEjbLocal.class);
+	}
 
-    public CommunityFacade getCommunityFacade() {
-        return getBean(CommunityFacadeEjbLocal.class);
-    }
+	public CommunityFacade getCommunityFacade() {
+		return getBean(CommunityFacadeEjbLocal.class);
+	}
 
-    public UserFacadeEjbLocal getUserFacade() {
-        return getBean(UserFacadeEjbLocal.class);
-    }
+	public UserFacadeEjbLocal getUserFacade() {
+		return getBean(UserFacadeEjbLocal.class);
+	}
 
-    public UserService getUserService() {
-        return getBean(UserService.class);
-    }
+	public UserService getUserService() {
+		return getBean(UserService.class);
+	}
 
-    public UserRoleFacadeEjbLocal getUserRoleFacade() {
-        return getBean(UserRoleFacadeEjbLocal.class);
-    }
+	public UserRoleFacadeEjbLocal getUserRoleFacade() {
+		return getBean(UserRoleFacadeEjbLocal.class);
+	}
 
-    public UserRoleService getUserRoleService() {
-        return getBean(UserRoleService.class);
-    }
+	public UserRoleService getUserRoleService() {
+		return getBean(UserRoleService.class);
+	}
 
-    public WeeklyReportFacade getWeeklyReportFacade() {
-        return getBean(WeeklyReportFacadeEjbLocal.class);
-    }
+	public WeeklyReportFacade getWeeklyReportFacade() {
+		return getBean(WeeklyReportFacadeEjbLocal.class);
+	}
 
-    public GeoShapeProvider getGeoShapeProvider() {
-        return getBean(GeoShapeProviderEjbLocal.class);
-    }
+	public GeoShapeProvider getGeoShapeProvider() {
+		return getBean(GeoShapeProviderEjbLocal.class);
+	}
 
-    public OutbreakFacade getOutbreakFacade() {
-        return getBean(OutbreakFacadeEjbLocal.class);
-    }
+	public OutbreakFacade getOutbreakFacade() {
+		return getBean(OutbreakFacadeEjbLocal.class);
+	}
 
-    public ImportFacade getImportFacade() {
-        return getBean(ImportFacadeEjbLocal.class);
-    }
+	public ImportFacade getImportFacade() {
+		return getBean(ImportFacadeEjbLocal.class);
+	}
 
-    public FacilityService getFacilityService() {
-        return getBean(FacilityService.class);
-    }
+	public FacilityService getFacilityService() {
+		return getBean(FacilityService.class);
+	}
 
-    public PointOfEntryService getPointOfEntryService() {
-        return getBean(PointOfEntryService.class);
-    }
+	public PointOfEntryService getPointOfEntryService() {
+		return getBean(PointOfEntryService.class);
+	}
 
-    public ContinentService getContinentService() {
-        return getBean(ContinentService.class);
-    }
+	public ContinentService getContinentService() {
+		return getBean(ContinentService.class);
+	}
 
-    public SubcontinentService getSubcontinentService() {
-        return getBean(SubcontinentService.class);
-    }
+	public SubcontinentService getSubcontinentService() {
+		return getBean(SubcontinentService.class);
+	}
 
-    public CountryService getCountryService() {
-        return getBean(CountryService.class);
-    }
+	public CountryService getCountryService() {
+		return getBean(CountryService.class);
+	}
 
-    public RegionService getRegionService() {
-        return getBean(RegionService.class);
-    }
+	public RegionService getRegionService() {
+		return getBean(RegionService.class);
+	}
 
-    public DistrictService getDistrictService() {
-        return getBean(DistrictService.class);
-    }
+	public DistrictService getDistrictService() {
+		return getBean(DistrictService.class);
+	}
 
-    public CommunityService getCommunityService() {
-        return getBean(CommunityService.class);
-    }
+	public CommunityService getCommunityService() {
+		return getBean(CommunityService.class);
+	}
 
-    public ClinicalCourseFacade getClinicalCourseFacade() {
-        return getBean(ClinicalCourseFacadeEjbLocal.class);
-    }
+	public ClinicalCourseFacade getClinicalCourseFacade() {
+		return getBean(ClinicalCourseFacadeEjbLocal.class);
+	}
 
-    public ClinicalVisitFacade getClinicalVisitFacade() {
-        return getBean(ClinicalVisitFacadeEjbLocal.class);
-    }
+	public ClinicalVisitFacade getClinicalVisitFacade() {
+		return getBean(ClinicalVisitFacadeEjbLocal.class);
+	}
 
-    public ClinicalVisitService getClinicalVisitService() {
-        return getBean(ClinicalVisitService.class);
-    }
+	public ClinicalVisitService getClinicalVisitService() {
+		return getBean(ClinicalVisitService.class);
+	}
 
-    public TherapyFacade getTherapyFacade() {
-        return getBean(TherapyFacadeEjbLocal.class);
-    }
+	public TherapyFacade getTherapyFacade() {
+		return getBean(TherapyFacadeEjbLocal.class);
+	}
 
-    public PrescriptionFacade getPrescriptionFacade() {
-        return getBean(PrescriptionFacadeEjbLocal.class);
-    }
+	public PrescriptionFacade getPrescriptionFacade() {
+		return getBean(PrescriptionFacadeEjbLocal.class);
+	}
 
-    public PrescriptionService getPrescriptionService() {
-        return getBean(PrescriptionService.class);
-    }
+	public PrescriptionService getPrescriptionService() {
+		return getBean(PrescriptionService.class);
+	}
 
-    public TreatmentFacade getTreatmentFacade() {
-        return getBean(TreatmentFacadeEjbLocal.class);
-    }
+	public TreatmentFacade getTreatmentFacade() {
+		return getBean(TreatmentFacadeEjbLocal.class);
+	}
 
-    public TreatmentService getTreatmentService() {
-        return getBean(TreatmentService.class);
-    }
+	public TreatmentService getTreatmentService() {
+		return getBean(TreatmentService.class);
+	}
 
-    public DiseaseConfigurationFacade getDiseaseConfigurationFacade() {
-        return getBean(DiseaseConfigurationFacadeEjbLocal.class);
-    }
+	public DiseaseConfigurationFacade getDiseaseConfigurationFacade() {
+		return getBean(DiseaseConfigurationFacadeEjbLocal.class);
+	}
 
-    public DiseaseConfigurationService getDiseaseConfigurationService() {
-        return getBean(DiseaseConfigurationService.class);
-    }
+	public DiseaseConfigurationService getDiseaseConfigurationService() {
+		return getBean(DiseaseConfigurationService.class);
+	}
 
-    public PopulationDataFacade getPopulationDataFacade() {
-        return getBean(PopulationDataFacadeEjbLocal.class);
-    }
+	public PopulationDataFacade getPopulationDataFacade() {
+		return getBean(PopulationDataFacadeEjbLocal.class);
+	}
 
-    public FeatureConfigurationFacade getFeatureConfigurationFacade() {
-        return getBean(FeatureConfigurationFacadeEjbLocal.class);
-    }
+	public FeatureConfigurationFacade getFeatureConfigurationFacade() {
+		return getBean(FeatureConfigurationFacadeEjbLocal.class);
+	}
 
-    public PathogenTestFacade getPathogenTestFacade() {
-        return getBean(PathogenTestFacadeEjbLocal.class);
-    }
+	public PathogenTestFacade getPathogenTestFacade() {
+		return getBean(PathogenTestFacadeEjbLocal.class);
+	}
 
-    public CampaignFormMetaFacade getCampaignFormFacade() {
-        return getBean(CampaignFormMetaFacadeEjbLocal.class);
-    }
+	public CampaignFormMetaFacade getCampaignFormFacade() {
+		return getBean(CampaignFormMetaFacadeEjbLocal.class);
+	}
 
-    public SormasToSormasFacadeEjbLocal getSormasToSormasFacade() {
-        return getBean(SormasToSormasFacadeEjbLocal.class);
-    }
+	public SormasToSormasFacadeEjbLocal getSormasToSormasFacade() {
+		return getBean(SormasToSormasFacadeEjbLocal.class);
+	}
 
-    public SormasToSormasOriginInfoFacadeEjbLocal getSormasToSormasOriginInfoFacade() {
-        return getBean(SormasToSormasOriginInfoFacadeEjbLocal.class);
-    }
+	public SormasToSormasOriginInfoFacadeEjbLocal getSormasToSormasOriginInfoFacade() {
+		return getBean(SormasToSormasOriginInfoFacadeEjbLocal.class);
+	}
 
-    public SormasToSormasShareInfoFacadeEjbLocal getSormasToSormasShareInfoFacade() {
-        return getBean(SormasToSormasShareInfoFacadeEjbLocal.class);
-    }
+	public SormasToSormasShareInfoFacadeEjbLocal getSormasToSormasShareInfoFacade() {
+		return getBean(SormasToSormasShareInfoFacadeEjbLocal.class);
+	}
 
-    public SormasToSormasCaseFacade getSormasToSormasCaseFacade() {
-        return getBean(SormasToSormasCaseFacadeEjbLocal.class);
-    }
-
-    public SormasToSormasContactFacade getSormasToSormasContactFacade() {
-        return getBean(SormasToSormasContactFacadeEjbLocal.class);
-    }
-
-    public SormasToSormasEventFacade getSormasToSormasEventFacade() {
-        return getBean(SormasToSormasEventFacadeEjbLocal.class);
-    }
-
-    public ExternalMessageFacade getExternalMessageFacade() {
-        return getBean(ExternalMessageFacadeEjbLocal.class);
-    }
-
-    public ExternalMessageService getExternalMessageService() {
-        return getBean(ExternalMessageService.class);
-    }
-
-    public SormasToSormasExternalMessageFacade getSormasToSormasLabMessageFacade() {
-        return getBean(SormasToSormasExternalMessageFacadeEjbLocal.class);
-    }
-
-    public SormasToSormasShareInfoService getSormasToSormasShareInfoService() {
-        return getBean(SormasToSormasShareInfoService.class);
-    }
-
-    public ShareRequestInfoService getShareRequestInfoService() {
-        return getBean(ShareRequestInfoService.class);
-    }
-
-    public SormasToSormasEncryptionFacade getSormasToSormasEncryptionFacade() {
-        return getBean(SormasToSormasEncryptionFacadeEjb.SormasToSormasEncryptionFacadeEjbLocal.class);
-    }
-
-    public GeocodingService getGeocodingService() {
-        return getBean(GeocodingService.class);
-    }
-
-    public CurrentUserService getCurrentUserService() {
-        return getBean(CurrentUserService.class);
-    }
-
-    public CustomizableEnumValueService getCustomizableEnumValueService() {
-        return getBean(CustomizableEnumValueService.class);
-    }
-
-    public CustomizableEnumFacade getCustomizableEnumFacade() {
-        return getBean(CustomizableEnumFacadeEjb.CustomizableEnumFacadeEjbLocal.class);
-    }
-
-    public ShareDataBuilderHelper getShareDataBuilderHelper() {
-        return getBean(ShareDataBuilderHelper.class);
-    }
-
-    public ReceivedCaseProcessor getReceivedCaseProcessor() {
-        return getBean(ReceivedCaseProcessor.class);
-    }
-
-    public ReceivedContactProcessor getReceivedContactProcessor() {
-        return getBean(ReceivedContactProcessor.class);
-    }
-
-    public ReceivedEventProcessor getReceivedEventProcessor() {
-        return getBean(ReceivedEventProcessor.class);
-    }
-
-    public ReceivedImmunizationProcessor getReceivedImmunizationProcessor() {
-        return getBean(ReceivedImmunizationProcessor.class);
-    }
-
-    public ReceivedSampleProcessor getReceivedSampleProcessor() {
-        return getBean(ReceivedSampleProcessor.class);
-    }
-
-    public CampaignFormDataFacade getCampaignFormDataFacade() {
-        return getBean(CampaignFormDataFacadeEjbLocal.class);
-    }
-
-    public CampaignFacadeEjbLocal getCampaignFacade() {
-        return getBean(CampaignFacadeEjbLocal.class);
-    }
-
-    public CampaignDiagramDefinitionFacade getCampaignDiagramDefinitionFacade() {
-        return getBean(CampaignDiagramDefinitionFacadeEjb.CampaignDiagramDefinitionFacadeEjbLocal.class);
-    }
-
-    protected UserDto loginWith(UserDto user) {
-        when(MockProducer.getPrincipal().getName()).thenReturn(user.getUserName());
-        // load into cache, to work-around CurrentUserService.fetchUser @Transactional annotation not working in tests
-        getCurrentUserService().getCurrentUser();
-        return user;
-    }
-
-    protected UserDto useNationalUserLogin() {
-        return loginWith(creator.createNationalUser());
-    }
-
-    protected UserDto useNationalAdminLogin() {
-        if (nationalAdmin == null) {
-            // we don't use TestDataCreator.createUser here, because we first need any user to have the user right to access backend facades
-            User user = new User();
-            user.setUuid(DataHelper.createUuid());
-            user.setFirstName("ad");
-            user.setLastName("min");
-            user.setUserName("admin");
-            String password = PasswordHelper.createPass(12);
-            user.setSeed(PasswordHelper.createPass(16));
-            user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
-            user.setUserRoles(
-                    new HashSet<>(Arrays.asList(creator.getUserRole(DefaultUserRole.ADMIN), creator.getUserRole(DefaultUserRole.NATIONAL_USER))));
-
-            getUserService().persist(user);
-            nationalAdmin = getUserFacade().getByUuid(user.getUuid());
-        }
-        return loginWith(nationalAdmin);
-    }
-
-    protected UserDto useSurveillanceOfficerLogin(TestDataCreator.RDCF rdcf) {
-        return loginWith(creator.createSurveillanceOfficer(rdcf));
-    }
-
-    protected void useSystemUser() {
-        when(MockProducer.getPrincipal().getName()).thenReturn("SYSTEM");
-    }
-
-    public PathogenTestService getPathogenTestService() {
-        return getBean(PathogenTestService.class);
-    }
-
-    public AdditionalTestService getAdditionalTestService() {
-        return getBean(AdditionalTestService.class);
-    }
-
-    public DocumentTemplateFacade getDocumentTemplateFacade() {
-        return getBean(DocumentTemplateFacadeEjbLocal.class);
-    }
-
-    public QuarantineOrderFacade getQuarantineOrderFacade() {
-        return getBean(QuarantineOrderFacadeEjb.QuarantineOrderFacadeEjbLocal.class);
-    }
-
-    public EventDocumentFacade getEventDocumentFacade() {
-        return getBean(EventDocumentFacadeEjb.class);
-    }
-
-    public BAGExportFacade getBAGExportFacade() {
-        return getBean(BAGExportFacadeEjb.BAGExportFacadeEjbLocal.class);
-    }
-
-    public ExternalJournalService getExternalJournalService() {
-        return getBean(ExternalJournalService.class);
-    }
-
-    public DocumentFacade getDocumentFacade() {
-        return getBean(DocumentFacadeEjb.DocumentFacadeEjbLocal.class);
-    }
-
-    public DocumentService getDocumentService() {
-        return getBean(DocumentService.class);
-    }
-
-    public DocumentRelatedEntityService getDocumentRelatedEntitiesService() {
-        return getBean(DocumentRelatedEntityService.class);
-    }
-
-    public ExportFacade getExportFacade() {
-        return getBean(ExportFacadeEjb.ExportFacadeEjbLocal.class);
-    }
-
-    public SystemEventFacade getSystemEventFacade() {
-        return getBean(SystemEventFacadeEjb.SystemEventFacadeEjbLocal.class);
-    }
-
-    public ExternalSurveillanceToolFacade getExternalSurveillanceToolGatewayFacade() {
-        return getBean(ExternalSurveillanceToolGatewayFacadeEjbLocal.class);
-    }
-
-    public ExternalShareInfoFacade getExternalShareInfoFacade() {
-        return getBean(ExternalShareInfoFacadeEjbLocal.class);
-    }
-
-    public ExternalShareInfoService getExternalShareInfoService() {
-        return getBean(ExternalShareInfoService.class);
-    }
-
-    public SormasToSormasShareRequestFacade getSormasToSormasShareRequestFacade() {
-        return getBean(SormasToSormasShareRequestFacadeEJBLocal.class);
-    }
-
-    public SormasToSormasShareRequestService getSormasToSormasShareRequestService() {
-        return getBean(SormasToSormasShareRequestService.class);
-    }
-
-    public TestReportFacade getTestReportFacade() {
-        return getBean(TestReportFacadeEjb.TestReportFacadeEjbLocal.class);
-    }
-
-    public TestReportService getTestReportService() {
-        return getBean(TestReportService.class);
-    }
-
-    public ImportParserService getImportParserService() {
-        return getBean(ImportParserService.class);
-    }
-
-    public AreaFacade getAreaFacade() {
-        return getBean(AreaFacadeEjbLocal.class);
-    }
-
-    public SormasToSormasCaseDtoValidator getSormasToSormasCaseDtoValidator() {
-        return getBean(SormasToSormasCaseDtoValidator.class);
-    }
-
-    public SormasToSormasContactDtoValidator getSormasToSormasContactDtoValidator() {
-        return getBean(SormasToSormasContactDtoValidator.class);
-    }
+	public SormasToSormasCaseFacade getSormasToSormasCaseFacade() {
+		return getBean(SormasToSormasCaseFacadeEjbLocal.class);
+	}
+
+	public SormasToSormasContactFacade getSormasToSormasContactFacade() {
+		return getBean(SormasToSormasContactFacadeEjbLocal.class);
+	}
+
+	public SormasToSormasEventFacade getSormasToSormasEventFacade() {
+		return getBean(SormasToSormasEventFacadeEjbLocal.class);
+	}
+
+	public ExternalMessageFacade getExternalMessageFacade() {
+		return getBean(ExternalMessageFacadeEjbLocal.class);
+	}
+
+	public ExternalMessageService getExternalMessageService() {
+		return getBean(ExternalMessageService.class);
+	}
+
+	public SormasToSormasExternalMessageFacade getSormasToSormasLabMessageFacade() {
+		return getBean(SormasToSormasExternalMessageFacadeEjbLocal.class);
+	}
+
+	public SormasToSormasShareInfoService getSormasToSormasShareInfoService() {
+		return getBean(SormasToSormasShareInfoService.class);
+	}
+
+	public ShareRequestInfoService getShareRequestInfoService() {
+		return getBean(ShareRequestInfoService.class);
+	}
+
+	public SormasToSormasEncryptionFacade getSormasToSormasEncryptionFacade() {
+		return getBean(SormasToSormasEncryptionFacadeEjb.SormasToSormasEncryptionFacadeEjbLocal.class);
+	}
+
+	public GeocodingService getGeocodingService() {
+		return getBean(GeocodingService.class);
+	}
+
+	public CurrentUserService getCurrentUserService() {
+		return getBean(CurrentUserService.class);
+	}
+
+	public CustomizableEnumValueService getCustomizableEnumValueService() {
+		return getBean(CustomizableEnumValueService.class);
+	}
+
+	public CustomizableEnumFacade getCustomizableEnumFacade() {
+		return getBean(CustomizableEnumFacadeEjb.CustomizableEnumFacadeEjbLocal.class);
+	}
+
+	public ShareDataBuilderHelper getShareDataBuilderHelper() {
+		return getBean(ShareDataBuilderHelper.class);
+	}
+
+	public ReceivedCaseProcessor getReceivedCaseProcessor() {
+		return getBean(ReceivedCaseProcessor.class);
+	}
+
+	public ReceivedContactProcessor getReceivedContactProcessor() {
+		return getBean(ReceivedContactProcessor.class);
+	}
+
+	public ReceivedEventProcessor getReceivedEventProcessor() {
+		return getBean(ReceivedEventProcessor.class);
+	}
+
+	public ReceivedImmunizationProcessor getReceivedImmunizationProcessor() {
+		return getBean(ReceivedImmunizationProcessor.class);
+	}
+
+	public ReceivedSampleProcessor getReceivedSampleProcessor() {
+		return getBean(ReceivedSampleProcessor.class);
+	}
+
+	public CampaignFormDataFacade getCampaignFormDataFacade() {
+		return getBean(CampaignFormDataFacadeEjbLocal.class);
+	}
+
+	public CampaignFacadeEjbLocal getCampaignFacade() {
+		return getBean(CampaignFacadeEjbLocal.class);
+	}
+
+	public CampaignDiagramDefinitionFacade getCampaignDiagramDefinitionFacade() {
+		return getBean(CampaignDiagramDefinitionFacadeEjb.CampaignDiagramDefinitionFacadeEjbLocal.class);
+	}
+
+	protected UserDto loginWith(UserDto user) {
+		when(MockProducer.getPrincipal().getName()).thenReturn(user.getUserName());
+		// load into cache, to work-around CurrentUserService.fetchUser @Transactional annotation not working in tests
+		getCurrentUserService().getCurrentUser();
+		return user;
+	}
+
+	protected UserDto useNationalUserLogin() {
+		return loginWith(creator.createNationalUser());
+	}
+
+	protected UserDto useNationalAdminLogin() {
+		if (nationalAdmin == null) {
+			// we don't use TestDataCreator.createUser here, because we first need any user to have the user right to access backend facades
+			User user = new User();
+			user.setUuid(DataHelper.createUuid());
+			user.setFirstName("ad");
+			user.setLastName("min");
+			user.setUserName("admin");
+			String password = PasswordHelper.createPass(12);
+			user.setSeed(PasswordHelper.createPass(16));
+			user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
+			user.setUserRoles(
+				new HashSet<>(Arrays.asList(creator.getUserRole(DefaultUserRole.ADMIN), creator.getUserRole(DefaultUserRole.NATIONAL_USER))));
+
+			getUserService().persist(user);
+			nationalAdmin = getUserFacade().getByUuid(user.getUuid());
+		}
+		return loginWith(nationalAdmin);
+	}
+
+	protected UserDto useSurveillanceOfficerLogin(TestDataCreator.RDCF rdcf) {
+		return loginWith(creator.createSurveillanceOfficer(rdcf));
+	}
+
+	protected void useSystemUser() {
+		when(MockProducer.getPrincipal().getName()).thenReturn("SYSTEM");
+	}
+
+	public PathogenTestService getPathogenTestService() {
+		return getBean(PathogenTestService.class);
+	}
+
+	public AdditionalTestService getAdditionalTestService() {
+		return getBean(AdditionalTestService.class);
+	}
+
+	public DocumentTemplateFacade getDocumentTemplateFacade() {
+		return getBean(DocumentTemplateFacadeEjbLocal.class);
+	}
+
+	public QuarantineOrderFacade getQuarantineOrderFacade() {
+		return getBean(QuarantineOrderFacadeEjb.QuarantineOrderFacadeEjbLocal.class);
+	}
+
+	public EventDocumentFacade getEventDocumentFacade() {
+		return getBean(EventDocumentFacadeEjb.class);
+	}
+
+	public BAGExportFacade getBAGExportFacade() {
+		return getBean(BAGExportFacadeEjb.BAGExportFacadeEjbLocal.class);
+	}
+
+	public ExternalJournalService getExternalJournalService() {
+		return getBean(ExternalJournalService.class);
+	}
+
+	public DocumentFacade getDocumentFacade() {
+		return getBean(DocumentFacadeEjb.DocumentFacadeEjbLocal.class);
+	}
+
+	public DocumentService getDocumentService() {
+		return getBean(DocumentService.class);
+	}
+
+	public DocumentRelatedEntityService getDocumentRelatedEntitiesService() {
+		return getBean(DocumentRelatedEntityService.class);
+	}
+
+	public ExportFacade getExportFacade() {
+		return getBean(ExportFacadeEjb.ExportFacadeEjbLocal.class);
+	}
+
+	public SystemEventFacade getSystemEventFacade() {
+		return getBean(SystemEventFacadeEjb.SystemEventFacadeEjbLocal.class);
+	}
+
+	public ExternalSurveillanceToolFacade getExternalSurveillanceToolGatewayFacade() {
+		return getBean(ExternalSurveillanceToolGatewayFacadeEjbLocal.class);
+	}
+
+	public ExternalShareInfoFacade getExternalShareInfoFacade() {
+		return getBean(ExternalShareInfoFacadeEjbLocal.class);
+	}
+
+	public ExternalShareInfoService getExternalShareInfoService() {
+		return getBean(ExternalShareInfoService.class);
+	}
+
+	public SormasToSormasShareRequestFacade getSormasToSormasShareRequestFacade() {
+		return getBean(SormasToSormasShareRequestFacadeEJBLocal.class);
+	}
+
+	public SormasToSormasShareRequestService getSormasToSormasShareRequestService() {
+		return getBean(SormasToSormasShareRequestService.class);
+	}
+
+	public TestReportFacade getTestReportFacade() {
+		return getBean(TestReportFacadeEjb.TestReportFacadeEjbLocal.class);
+	}
+
+	public TestReportService getTestReportService() {
+		return getBean(TestReportService.class);
+	}
+
+	public ImportParserService getImportParserService() {
+		return getBean(ImportParserService.class);
+	}
+
+	public AreaFacade getAreaFacade() {
+		return getBean(AreaFacadeEjbLocal.class);
+	}
+
+	public SormasToSormasCaseDtoValidator getSormasToSormasCaseDtoValidator() {
+		return getBean(SormasToSormasCaseDtoValidator.class);
+	}
+
+	public SormasToSormasContactDtoValidator getSormasToSormasContactDtoValidator() {
+		return getBean(SormasToSormasContactDtoValidator.class);
+	}
 
-    public SormasToSormasEventDtoValidator getSormasToSormasEventDtoValidator() {
-        return getBean(SormasToSormasEventDtoValidator.class);
-    }
+	public SormasToSormasEventDtoValidator getSormasToSormasEventDtoValidator() {
+		return getBean(SormasToSormasEventDtoValidator.class);
+	}
 
-    public SormasToSormasEventParticipantDtoValidator getSormasToSormasEventParticipantDtoValidator() {
-        return getBean(SormasToSormasEventParticipantDtoValidator.class);
-    }
+	public SormasToSormasEventParticipantDtoValidator getSormasToSormasEventParticipantDtoValidator() {
+		return getBean(SormasToSormasEventParticipantDtoValidator.class);
+	}
 
-    public SormasToSormasImmunizationDtoValidator getSormasToSormasImmunizationDtoValidator() {
-        return getBean(SormasToSormasImmunizationDtoValidator.class);
-    }
+	public SormasToSormasImmunizationDtoValidator getSormasToSormasImmunizationDtoValidator() {
+		return getBean(SormasToSormasImmunizationDtoValidator.class);
+	}
 
-    public SormasToSormasSampleDtoValidator getSormasToSormasSampleDtoValidator() {
-        return getBean(SormasToSormasSampleDtoValidator.class);
-    }
+	public SormasToSormasSampleDtoValidator getSormasToSormasSampleDtoValidator() {
+		return getBean(SormasToSormasSampleDtoValidator.class);
+	}
 
-    public SormasToSormasExternalMessageDtoValidator getSormasToSormasLabMessageDtoValidator() {
-        return getBean(SormasToSormasExternalMessageDtoValidator.class);
-    }
+	public SormasToSormasExternalMessageDtoValidator getSormasToSormasLabMessageDtoValidator() {
+		return getBean(SormasToSormasExternalMessageDtoValidator.class);
+	}
 
-    public SormasToSormasSurveillanceReportDtoValidator getSormasToSormasSurveillanceReportDtoValidator() {
-        return getBean(SormasToSormasSurveillanceReportDtoValidator.class);
-    }
+	public SormasToSormasSurveillanceReportDtoValidator getSormasToSormasSurveillanceReportDtoValidator() {
+		return getBean(SormasToSormasSurveillanceReportDtoValidator.class);
+	}
 
-    public DefaultEntitiesCreator getDefaultEntitiesCreator() {
-        return getBean(DefaultEntitiesCreator.class);
-    }
+	public DefaultEntitiesCreator getDefaultEntitiesCreator() {
+		return getBean(DefaultEntitiesCreator.class);
+	}
 
-    public CoreEntityDeletionService getCoreEntityDeletionService() {
-        return getBean(CoreEntityDeletionService.class);
-    }
+	public CoreEntityDeletionService getCoreEntityDeletionService() {
+		return getBean(CoreEntityDeletionService.class);
+	}
 
-    public DeletionConfigurationService getDeletionConfigurationService() {
-        return getBean(DeletionConfigurationService.class);
-    }
+	public DeletionConfigurationService getDeletionConfigurationService() {
+		return getBean(DeletionConfigurationService.class);
+	}
 
-    public InfoFacade getInfoFacade() {
-        return getBean(InfoFacadeEjb.InfoFacadeEjbLocal.class);
-    }
+	public InfoFacade getInfoFacade() {
+		return getBean(InfoFacadeEjb.InfoFacadeEjbLocal.class);
+	}
 
-    public TaskService getTaskService() {
-        return getBean(TaskService.class);
-    }
+	public TaskService getTaskService() {
+		return getBean(TaskService.class);
+	}
 
-    public SampleReportFacade getSampleReportFacade() {
-        return getBean(SampleReportFacadeEjb.SampleReportFacadeEjbLocal.class);
-    }
+	public SampleReportFacade getSampleReportFacade() {
+		return getBean(SampleReportFacadeEjb.SampleReportFacadeEjbLocal.class);
+	}
 
-    public SampleReportService getSampleReportService() {
-        return getBean(SampleReportService.class);
-    }
+	public SampleReportService getSampleReportService() {
+		return getBean(SampleReportService.class);
+	}
 
-    public <T extends Throwable> void assertThrowsWithMessage(Class<T> expectedType, String expectedMessage, Executable executable) {
-        T throwable = assertThrows(expectedType, executable);
-        assertEquals(expectedMessage, throwable.getMessage());
-    }
-
-    public EnvironmentFacadeEjbLocal getEnvironmentFacade() {
-        return getBean(EnvironmentFacadeEjbLocal.class);
-    }
-
-    public EnvironmentService getEnvironmentService() {
-        return getBean(EnvironmentService.class);
-    }
-
-    public EnvironmentSampleFacade getEnvironmentSampleFacade() {
-        return getBean(EnvironmentSampleFacadeEjbLocal.class);
-    }
-
-    public EnvironmentSampleService getEnvironmentSampleService() {
-        return getBean(EnvironmentSampleService.class);
-    }
-
-    public AutomaticLabMessageProcessor getAutomaticLabMessageProcessingFlow() {
-        return getBean(AutomaticLabMessageProcessor.class);
-    }
-
-    public ExternalMessageProcessingFacade getExternalMessageProcessingFacade() {
-        return getBean(ExternalMessageProcessingFacadeEjbLocal.class);
-    }
-
-    public ExternalEmailFacade getExternalEmailFacade() {
-        return getBean(ExternalEmailFacadeEjbLocal.class);
-    }
-
-    public ManualMessageLogFacade getManualMessageLogFacade() {
-        return getBean(ManualMessageLogFacadeEjbLocal.class);
-    }
-
-    public ManualMessageLogService getManualMessageLogService() {
-        return getBean(ManualMessageLogService.class);
-    }
-
-    public SpecialCaseAccessFacade getSpecialCaseAccessFacade() {
-        return getBean(SpecialCaseAccessFacadeEjbLocal.class);
-    }
-
-    public SpecialCaseAccessService getSpecialCaseAccessService() {
-        return getBean(SpecialCaseAccessService.class);
-    }
-
-    public SelfReportFacadeEjbLocal getSelfReportFacade() {
-        return getBean(SelfReportFacadeEjbLocal.class);
-    }
-
-    public SelfReportService getSelfReportService() {
-        return getBean(SelfReportService.class);
-    }
+	public <T extends Throwable> void assertThrowsWithMessage(Class<T> expectedType, String expectedMessage, Executable executable) {
+		T throwable = assertThrows(expectedType, executable);
+		assertEquals(expectedMessage, throwable.getMessage());
+	}
+
+	public EnvironmentFacadeEjbLocal getEnvironmentFacade() {
+		return getBean(EnvironmentFacadeEjbLocal.class);
+	}
+
+	public EnvironmentService getEnvironmentService() {
+		return getBean(EnvironmentService.class);
+	}
+
+	public EnvironmentSampleFacade getEnvironmentSampleFacade() {
+		return getBean(EnvironmentSampleFacadeEjbLocal.class);
+	}
+
+	public EnvironmentSampleService getEnvironmentSampleService() {
+		return getBean(EnvironmentSampleService.class);
+	}
+
+	public AutomaticLabMessageProcessor getAutomaticLabMessageProcessingFlow() {
+		return getBean(AutomaticLabMessageProcessor.class);
+	}
+
+	public ExternalMessageProcessingFacade getExternalMessageProcessingFacade() {
+		return getBean(ExternalMessageProcessingFacadeEjbLocal.class);
+	}
+
+	public ExternalEmailFacade getExternalEmailFacade() {
+		return getBean(ExternalEmailFacadeEjbLocal.class);
+	}
+
+	public ManualMessageLogFacade getManualMessageLogFacade() {
+		return getBean(ManualMessageLogFacadeEjbLocal.class);
+	}
+
+	public ManualMessageLogService getManualMessageLogService() {
+		return getBean(ManualMessageLogService.class);
+	}
+
+	public SpecialCaseAccessFacade getSpecialCaseAccessFacade() {
+		return getBean(SpecialCaseAccessFacadeEjbLocal.class);
+	}
+
+	public SpecialCaseAccessService getSpecialCaseAccessService() {
+		return getBean(SpecialCaseAccessService.class);
+	}
+
+	public SelfReportFacadeEjbLocal getSelfReportFacade() {
+		return getBean(SelfReportFacadeEjbLocal.class);
+	}
+
+	public SelfReportService getSelfReportService() {
+		return getBean(SelfReportService.class);
+	}
 }
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
index 6e0b1576520..256f14318f3 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
@@ -34,110 +34,109 @@
 
 public class EnvironmentSampleServiceTest extends AbstractBeanTest {
 
-    @Test
-    public void testJurisdiction() {
-        TestDataCreator.RDCF rdcf1 = creator.createRDCF();
-        FacilityDto lab1 = creator.createFacility("Lab", rdcf1.region, rdcf1.district, rdcf1.community, FacilityType.LABORATORY);
-        UserDto ownerUser = creator.createUser(rdcf1, "Env", "Surv", creator.getUserRoleReference(DefaultUserRole.ENVIRONMENTAL_SURVEILLANCE_USER));
-        EnvironmentDto environment = creator.createEnvironment("Test env", EnvironmentMedia.WATER, ownerUser.toReference(), rdcf1);
-
-        UserDto environmentUser2 =
-                creator.createUser(rdcf1, "Env", "Surv2", creator.getUserRoleReference(DefaultUserRole.ENVIRONMENTAL_SURVEILLANCE_USER));
-
-        TestDataCreator.RDCF rdcf2 = creator.createRDCF();
-
-        UserDto natUser = creator.createUser(rdcf1, "Nat", "User", creator.getUserRoleReference(DefaultUserRole.NATIONAL_USER));
-        UserDto adminUser = creator.createUser(rdcf1, "Admin", "User", creator.getUserRoleReference(DefaultUserRole.ADMIN));
-
-        UserDto survSupUser = creator.createUser(rdcf1, "Surv", "Sup", creator.getUserRoleReference(DefaultUserRole.SURVEILLANCE_SUPERVISOR));
-        UserDto commOffUser = creator.createUser(rdcf1, "Comm", "Off", creator.getUserRoleReference(DefaultUserRole.COMMUNITY_OFFICER));
-        UserDto hospInfUser = creator.createUser(rdcf2, "Hosp", "Inf", creator.getUserRoleReference(DefaultUserRole.HOSPITAL_INFORMANT));
-        UserDto poeInfUser = creator.createUser(rdcf2, "Poe", "Inf", creator.getUserRoleReference(DefaultUserRole.POE_INFORMANT));
-
-        UserDto labUser = creator.createUser(rdcf1, creator.getUserRoleReference(DefaultUserRole.LAB_USER), u -> {
-            u.setFirstName("Lab");
-            u.setLastName("User");
-            u.setUserName("LabUser");
-
-            u.setLaboratory(lab1.toReference());
-        });
-        FacilityDto lab2 = creator.createFacility("Lab2", rdcf1.region, rdcf1.district, rdcf1.community, FacilityType.LABORATORY);
-        UserDto labUserOtherLab = creator.createUser(rdcf1, creator.getUserRoleReference(DefaultUserRole.LAB_USER), u -> {
-            u.setFirstName("Lab");
-            u.setLastName("User");
-            u.setUserName("LabUser2");
-
-            u.setLaboratory(lab2.toReference());
-        });
-
-        // owners should be able to see all samples
-        loginWith(ownerUser);
-
-        EnvironmentSampleDto sampleDtoRdcf1 =
-                creator.createEnvironmentSample(environment.toReference(), ownerUser.toReference(), rdcf1, lab1.toReference(), s -> {
-                    s.getLocation().setCommunity(rdcf1.community);
-                });
-        EnvironmentSample samploRdcf1 = getEnvironmentSampleService().getByUuid(sampleDtoRdcf1.getUuid());
-
-        EnvironmentSampleDto sampleDtoRdcf2 =
-                creator.createEnvironmentSample(environment.toReference(), ownerUser.toReference(), rdcf2, lab1.toReference(), s -> {
-                    s.getLocation().setCommunity(rdcf2.community);
-                });
-        EnvironmentSample samploRdcf2 = getEnvironmentSampleService().getByUuid(sampleDtoRdcf2.getUuid());
-
-        // owner should have access to all samples
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(true));
-
-        // user from RDCF1 should have access to sample in RDCF1 but not in RDCF2
-        loginWith(environmentUser2);
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
-
-
-        // national user should have access to all samples
-        loginWith(natUser);
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(true));
-
-        // admin user should have no access to all samples
-        loginWith(adminUser);
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(false));
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(false));
-
-        // surveillance supervisor from RDCF1 should have access to sample in RDCF1 but not in RDCF2
-        loginWith(survSupUser);
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
-
-        // community officer from RDCF1 should have access to sample in RDCF1 but not in RDCF2
-        loginWith(commOffUser);
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
-
-        // hospital informant is not yet supported
-        loginWith(hospInfUser);
-        Assertions.assertThrowsExactly(
-                NotImplementedException.class,
-                () -> getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1),
-                "Facility is not supported for environment samples");
-
-        // point of entry informant is not yet supported
-        loginWith(poeInfUser);
-        Assertions.assertThrowsExactly(
-                NotImplementedException.class,
-                () -> getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1),
-                "Point of entry is not supported for environment samples");
-
-        // lab user from same lab should have access to all samples
-        loginWith(labUser);
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(true));
-
-        // lab user from different lab should have no access to the samples
-        loginWith(labUserOtherLab);
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(false));
-        assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
-
-    }
+	@Test
+	public void testJurisdiction() {
+		TestDataCreator.RDCF rdcf1 = creator.createRDCF();
+		FacilityDto lab1 = creator.createFacility("Lab", rdcf1.region, rdcf1.district, rdcf1.community, FacilityType.LABORATORY);
+		UserDto ownerUser = creator.createUser(rdcf1, "Env", "Surv", creator.getUserRoleReference(DefaultUserRole.ENVIRONMENTAL_SURVEILLANCE_USER));
+		EnvironmentDto environment = creator.createEnvironment("Test env", EnvironmentMedia.WATER, ownerUser.toReference(), rdcf1);
+
+		UserDto environmentUser2 =
+			creator.createUser(rdcf1, "Env", "Surv2", creator.getUserRoleReference(DefaultUserRole.ENVIRONMENTAL_SURVEILLANCE_USER));
+
+		TestDataCreator.RDCF rdcf2 = creator.createRDCF();
+
+		UserDto natUser = creator.createUser(rdcf1, "Nat", "User", creator.getUserRoleReference(DefaultUserRole.NATIONAL_USER));
+		UserDto adminUser = creator.createUser(rdcf1, "Admin", "User", creator.getUserRoleReference(DefaultUserRole.ADMIN));
+
+		UserDto survSupUser = creator.createUser(rdcf1, "Surv", "Sup", creator.getUserRoleReference(DefaultUserRole.SURVEILLANCE_SUPERVISOR));
+		UserDto commOffUser = creator.createUser(rdcf1, "Comm", "Off", creator.getUserRoleReference(DefaultUserRole.COMMUNITY_OFFICER));
+		UserDto hospInfUser = creator.createUser(rdcf2, "Hosp", "Inf", creator.getUserRoleReference(DefaultUserRole.HOSPITAL_INFORMANT));
+		UserDto poeInfUser = creator.createUser(rdcf2, "Poe", "Inf", creator.getUserRoleReference(DefaultUserRole.POE_INFORMANT));
+
+		UserDto labUser = creator.createUser(rdcf1, creator.getUserRoleReference(DefaultUserRole.LAB_USER), u -> {
+			u.setFirstName("Lab");
+			u.setLastName("User");
+			u.setUserName("LabUser");
+
+			u.setLaboratory(lab1.toReference());
+		});
+		FacilityDto lab2 = creator.createFacility("Lab2", rdcf1.region, rdcf1.district, rdcf1.community, FacilityType.LABORATORY);
+		UserDto labUserOtherLab = creator.createUser(rdcf1, creator.getUserRoleReference(DefaultUserRole.LAB_USER), u -> {
+			u.setFirstName("Lab");
+			u.setLastName("User");
+			u.setUserName("LabUser2");
+
+			u.setLaboratory(lab2.toReference());
+		});
+
+		// owners should be able to see all samples
+		loginWith(ownerUser);
+
+		EnvironmentSampleDto sampleDtoRdcf1 =
+			creator.createEnvironmentSample(environment.toReference(), ownerUser.toReference(), rdcf1, lab1.toReference(), s -> {
+				s.getLocation().setCommunity(rdcf1.community);
+			});
+		EnvironmentSample samploRdcf1 = getEnvironmentSampleService().getByUuid(sampleDtoRdcf1.getUuid());
+
+		EnvironmentSampleDto sampleDtoRdcf2 =
+			creator.createEnvironmentSample(environment.toReference(), ownerUser.toReference(), rdcf2, lab1.toReference(), s -> {
+				s.getLocation().setCommunity(rdcf2.community);
+			});
+		EnvironmentSample samploRdcf2 = getEnvironmentSampleService().getByUuid(sampleDtoRdcf2.getUuid());
+
+		// owner should have access to all samples
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(true));
+
+		// user from RDCF1 should have access to sample in RDCF1 but not in RDCF2
+		loginWith(environmentUser2);
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
+
+		// national user should have access to all samples
+		loginWith(natUser);
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(true));
+
+		// admin user should have no access to all samples
+		loginWith(adminUser);
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(false));
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(false));
+
+		// surveillance supervisor from RDCF1 should have access to sample in RDCF1 but not in RDCF2
+		loginWith(survSupUser);
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
+
+		// community officer from RDCF1 should have access to sample in RDCF1 but not in RDCF2
+		loginWith(commOffUser);
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
+
+		// hospital informant is not yet supported
+		loginWith(hospInfUser);
+		Assertions.assertThrowsExactly(
+			NotImplementedException.class,
+			() -> getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1),
+			"Facility is not supported for environment samples");
+
+		// point of entry informant is not yet supported
+		loginWith(poeInfUser);
+		Assertions.assertThrowsExactly(
+			NotImplementedException.class,
+			() -> getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1),
+			"Point of entry is not supported for environment samples");
+
+		// lab user from same lab should have access to all samples
+		loginWith(labUser);
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(true));
+
+		// lab user from different lab should have no access to the samples
+		loginWith(labUserOtherLab);
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(false));
+		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
+
+	}
 }

From f176e594587b8b1a468410d51243f4a432e8a5b8 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 23 Oct 2024 16:54:58 +0000
Subject: [PATCH 74/95] trimming white spaces after review

---
 .../app/backend/user/UserDtoHelper.java       | 220 ++++----
 .../controls/ControlPasswordField.java        |  70 +--
 .../sormas/app/rest/UserFacadeRetro.java      |  20 +-
 .../sormas/app/settings/SettingsFragment.java | 534 +++++++++---------
 .../app/src/main/res/values/strings.xml       |   2 +-
 .../main/java/de/symeda/sormas/ui/Menu.java   | 338 +++++------
 6 files changed, 592 insertions(+), 592 deletions(-)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
index 32a3cee117c..93e5191a292 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
@@ -37,114 +37,114 @@
  */
 public class UserDtoHelper extends AdoDtoHelper<User, UserDto> {
 
-    private LocationDtoHelper locationHelper = new LocationDtoHelper();
-    private UserRoleDtoHelper userRoleDtoHelper = new UserRoleDtoHelper();
-
-    @Override
-    protected Class<User> getAdoClass() {
-        return User.class;
-    }
-
-    @Override
-    protected Class<UserDto> getDtoClass() {
-        throw new UnsupportedOperationException();
-    }
-
-    @Override
-    protected Call<List<UserDto>> pullAllSince(long since, Integer size, String lastSynchronizedUuid) throws NoConnectionException {
-        return RetroProvider.getUserFacade().pullAllSince(since);
-    }
-
-    @Override
-    protected Call<List<UserDto>> pullByUuids(List<String> uuids) throws NoConnectionException {
-        return RetroProvider.getUserFacade().pullByUuids(uuids);
-    }
-
-    @Override
-    protected Call<List<PostResponse>> pushAll(List<UserDto> userDtos) throws NoConnectionException {
-        throw new UnsupportedOperationException("Can't change users in app");
-    }
-
-    protected void preparePulledResult(List<UserDto> result) {
-        Collections.sort(result, new Comparator<UserDto>() {
-
-            @Override
-            public int compare(UserDto lhs, UserDto rhs) {
-                if (lhs.getAssociatedOfficer() == null && rhs.getAssociatedOfficer() != null) {
-                    return -1;
-                } else if (lhs.getAssociatedOfficer() != null && rhs.getAssociatedOfficer() == null) {
-                    return 1;
-                }
-                return 0;
-            }
-        });
-    }
-
-    @Override
-    protected long getApproximateJsonSizeInBytes() {
-        return 0;
-    }
-
-    @Override
-    protected void fillInnerFromDto(User target, UserDto source) {
-        target.setActive(source.isActive());
-        target.setUserName(source.getUserName());
-        target.setFirstName(source.getFirstName());
-        target.setLastName(source.getLastName());
-        target.setUserEmail(source.getUserEmail());
-
-        if (source.getUserRoles() != null && source.getUserRoles().size() > 0) {
-            Set<UserRole> userRoles = Optional.of(target).map(User::getUserRoles).orElseGet(HashSet::new);
-            target.setUserRoles(userRoles);
-            userRoles.clear();
-            source.getUserRoles()
-                    .stream()
-                    .map(userRoleReferenceDto -> DatabaseHelper.getUserRoleDao().getByReferenceDto(userRoleReferenceDto))
-                    .forEach(userRoles::add);
-        }
-
-        target.setRegion(DatabaseHelper.getRegionDao().getByReferenceDto(source.getRegion()));
-        target.setDistrict(DatabaseHelper.getDistrictDao().getByReferenceDto(source.getDistrict()));
-        target.setCommunity(DatabaseHelper.getCommunityDao().getByReferenceDto(source.getCommunity()));
-        target.setHealthFacility(DatabaseHelper.getFacilityDao().getByReferenceDto(source.getHealthFacility()));
-        target.setPointOfEntry(DatabaseHelper.getPointOfEntryDao().getByReferenceDto(source.getPointOfEntry()));
-
-        target.setAssociatedOfficer(DatabaseHelper.getUserDao().getByReferenceDto(source.getAssociatedOfficer()));
-        target.setLimitedDiseases(source.getLimitedDiseases());
-
-        target.setAddress(locationHelper.fillOrCreateFromDto(target.getAddress(), source.getAddress()));
-        target.setPhone(source.getPhone());
-        target.setLanguage(source.getLanguage());
-
-        target.setJurisdictionLevel(source.getJurisdictionLevel());
-    }
-
-    @Override
-    protected void fillInnerFromAdo(UserDto userDto, User user) {
-        // TODO
-        throw new UnsupportedOperationException("Can't change users in app");
-    }
-
-    public static UserReferenceDto toReferenceDto(User ado) {
-        if (ado == null) {
-            return null;
-        }
-        UserReferenceDto dto = new UserReferenceDto(ado.getUuid());
-        return dto;
-    }
-
-    public static Call<String> saveNewPassword(String uuid, String newPassword, String currentPassword) throws NoConnectionException {
-        return RetroProvider.getUserFacade().saveNewPassword(uuid, newPassword, currentPassword);
-    }
-
-    public static Call<String> generatePassword() throws NoConnectionException {
-        return RetroProvider.getUserFacade().generatePassword();
-    }
-
-    public static boolean isRestrictedToAssignEntities(User user) {
-        if (user != null && !user.getUserRoles().isEmpty()) {
-            return user.getUserRoles().stream().allMatch(UserRole::isRestrictAccessToAssignedEntities);
-        }
-        return false;
-    }
+	private LocationDtoHelper locationHelper = new LocationDtoHelper();
+	private UserRoleDtoHelper userRoleDtoHelper = new UserRoleDtoHelper();
+
+	@Override
+	protected Class<User> getAdoClass() {
+		return User.class;
+	}
+
+	@Override
+	protected Class<UserDto> getDtoClass() {
+		throw new UnsupportedOperationException();
+	}
+
+	@Override
+	protected Call<List<UserDto>> pullAllSince(long since, Integer size, String lastSynchronizedUuid) throws NoConnectionException {
+		return RetroProvider.getUserFacade().pullAllSince(since);
+	}
+
+	@Override
+	protected Call<List<UserDto>> pullByUuids(List<String> uuids) throws NoConnectionException {
+		return RetroProvider.getUserFacade().pullByUuids(uuids);
+	}
+
+	@Override
+	protected Call<List<PostResponse>> pushAll(List<UserDto> userDtos) throws NoConnectionException {
+		throw new UnsupportedOperationException("Can't change users in app");
+	}
+
+	protected void preparePulledResult(List<UserDto> result) {
+		Collections.sort(result, new Comparator<UserDto>() {
+
+			@Override
+			public int compare(UserDto lhs, UserDto rhs) {
+				if (lhs.getAssociatedOfficer() == null && rhs.getAssociatedOfficer() != null) {
+					return -1;
+				} else if (lhs.getAssociatedOfficer() != null && rhs.getAssociatedOfficer() == null) {
+					return 1;
+				}
+				return 0;
+			}
+		});
+	}
+
+	@Override
+	protected long getApproximateJsonSizeInBytes() {
+		return 0;
+	}
+
+	@Override
+	protected void fillInnerFromDto(User target, UserDto source) {
+		target.setActive(source.isActive());
+		target.setUserName(source.getUserName());
+		target.setFirstName(source.getFirstName());
+		target.setLastName(source.getLastName());
+		target.setUserEmail(source.getUserEmail());
+
+		if (source.getUserRoles() != null && source.getUserRoles().size() > 0) {
+			Set<UserRole> userRoles = Optional.of(target).map(User::getUserRoles).orElseGet(HashSet::new);
+			target.setUserRoles(userRoles);
+			userRoles.clear();
+			source.getUserRoles()
+				.stream()
+				.map(userRoleReferenceDto -> DatabaseHelper.getUserRoleDao().getByReferenceDto(userRoleReferenceDto))
+				.forEach(userRoles::add);
+		}
+
+		target.setRegion(DatabaseHelper.getRegionDao().getByReferenceDto(source.getRegion()));
+		target.setDistrict(DatabaseHelper.getDistrictDao().getByReferenceDto(source.getDistrict()));
+		target.setCommunity(DatabaseHelper.getCommunityDao().getByReferenceDto(source.getCommunity()));
+		target.setHealthFacility(DatabaseHelper.getFacilityDao().getByReferenceDto(source.getHealthFacility()));
+		target.setPointOfEntry(DatabaseHelper.getPointOfEntryDao().getByReferenceDto(source.getPointOfEntry()));
+
+		target.setAssociatedOfficer(DatabaseHelper.getUserDao().getByReferenceDto(source.getAssociatedOfficer()));
+		target.setLimitedDiseases(source.getLimitedDiseases());
+
+		target.setAddress(locationHelper.fillOrCreateFromDto(target.getAddress(), source.getAddress()));
+		target.setPhone(source.getPhone());
+		target.setLanguage(source.getLanguage());
+
+		target.setJurisdictionLevel(source.getJurisdictionLevel());
+	}
+
+	@Override
+	protected void fillInnerFromAdo(UserDto userDto, User user) {
+		// TODO
+		throw new UnsupportedOperationException("Can't change users in app");
+	}
+
+	public static UserReferenceDto toReferenceDto(User ado) {
+		if (ado == null) {
+			return null;
+		}
+		UserReferenceDto dto = new UserReferenceDto(ado.getUuid());
+		return dto;
+	}
+
+	public static Call<String> saveNewPassword(String uuid, String newPassword, String currentPassword) throws NoConnectionException {
+		return RetroProvider.getUserFacade().saveNewPassword(uuid, newPassword, currentPassword);
+	}
+
+	public static Call<String> generatePassword() throws NoConnectionException {
+		return RetroProvider.getUserFacade().generatePassword();
+	}
+
+	public static boolean isRestrictedToAssignEntities(User user) {
+		if (user != null && !user.getUserRoles().isEmpty()) {
+			return user.getUserRoles().stream().allMatch(UserRole::isRestrictAccessToAssignedEntities);
+		}
+		return false;
+	}
 }
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
index afb22412af6..7689911a37f 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/component/controls/ControlPasswordField.java
@@ -26,48 +26,48 @@
 
 public class ControlPasswordField extends ControlTextEditField {
 
-    // Constructors
+	// Constructors
 
-    public ControlPasswordField(Context context) {
-        super(context);
-    }
+	public ControlPasswordField(Context context) {
+		super(context);
+	}
 
-    public ControlPasswordField(Context context, AttributeSet attrs) {
-        super(context, attrs);
-    }
+	public ControlPasswordField(Context context, AttributeSet attrs) {
+		super(context, attrs);
+	}
 
-    public ControlPasswordField(Context context, AttributeSet attrs, int defStyle) {
-        super(context, attrs, defStyle);
-    }
+	public ControlPasswordField(Context context, AttributeSet attrs, int defStyle) {
+		super(context, attrs, defStyle);
+	}
 
-    // Overrides
+	// Overrides
 
-    @Override
-    protected void initialize(Context context, AttributeSet attrs, int defStyle) {
-        super.initialize(context, attrs, defStyle);
+	@Override
+	protected void initialize(Context context, AttributeSet attrs, int defStyle) {
+		super.initialize(context, attrs, defStyle);
 
-        setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD);
-    }
+		setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD);
+	}
 
-    @Override
-    protected void inflateView(Context context, AttributeSet attrs, int defStyle) {
-        LayoutInflater inflater = (LayoutInflater) context.getSystemService(Context.LAYOUT_INFLATER_SERVICE);
+	@Override
+	protected void inflateView(Context context, AttributeSet attrs, int defStyle) {
+		LayoutInflater inflater = (LayoutInflater) context.getSystemService(Context.LAYOUT_INFLATER_SERVICE);
 
-        if (inflater != null) {
-            if (isSlim()) {
-                inflater.inflate(R.layout.control_password_slim_layout, this);
-            } else {
-                inflater.inflate(R.layout.control_password_layout, this);
-            }
-        } else {
-            throw new RuntimeException("Unable to inflate layout in " + getClass().getName());
-        }
-    }
+		if (inflater != null) {
+			if (isSlim()) {
+				inflater.inflate(R.layout.control_password_slim_layout, this);
+			} else {
+				inflater.inflate(R.layout.control_password_layout, this);
+			}
+		} else {
+			throw new RuntimeException("Unable to inflate layout in " + getClass().getName());
+		}
+	}
 
-    @Override
-    protected void onFinishInflate() {
-        super.onFinishInflate();
-        TextInputLayout inputLayout = (TextInputLayout) this.findViewById(R.id.text_input_layout);
-        inputLayout.setPasswordVisibilityToggleEnabled(true);
-    }
+	@Override
+	protected void onFinishInflate() {
+		super.onFinishInflate();
+		TextInputLayout inputLayout = (TextInputLayout) this.findViewById(R.id.text_input_layout);
+		inputLayout.setPasswordVisibilityToggleEnabled(true);
+	}
 }
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java
index 70c790c3052..e9ed0663c57 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java
@@ -29,18 +29,18 @@
  */
 public interface UserFacadeRetro {
 
-    @GET("users/all/{since}")
-    Call<List<UserDto>> pullAllSince(@Path("since") long since);
+	@GET("users/all/{since}")
+	Call<List<UserDto>> pullAllSince(@Path("since") long since);
 
-    @POST("users/query")
-    Call<List<UserDto>> pullByUuids(@Body List<String> uuids);
+	@POST("users/query")
+	Call<List<UserDto>> pullByUuids(@Body List<String> uuids);
 
-    @GET("users/uuids")
-    Call<List<String>> pullUuids();
+	@GET("users/uuids")
+	Call<List<String>> pullUuids();
 
-    @POST("users/saveNewPassword/{uuid}/{newPassword}/{currentPassword}")
-    Call<String> saveNewPassword(@Path("uuid") String uuid, @Path("newPassword") String newPassword, @Path("currentPassword") String currentPassword);
+	@POST("users/saveNewPassword/{uuid}/{newPassword}/{currentPassword}")
+	Call<String> saveNewPassword(@Path("uuid") String uuid, @Path("newPassword") String newPassword, @Path("currentPassword") String currentPassword);
 
-    @GET("users/generatePassword")
-    Call<String> generatePassword();
+	@GET("users/generatePassword")
+	Call<String> generatePassword();
 }
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
index 65479ce9d19..8eddbcb3681 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
@@ -17,6 +17,10 @@
 
 import static de.symeda.sormas.app.core.notification.NotificationType.ERROR;
 
+import java.util.List;
+
+import org.hzi.sormas.lbds.messaging.LbdsRelated;
+
 import android.content.Intent;
 import android.content.pm.PackageManager;
 import android.os.Bundle;
@@ -28,10 +32,6 @@
 import androidx.appcompat.app.AppCompatActivity;
 import androidx.recyclerview.widget.RecyclerView;
 
-import org.hzi.sormas.lbds.messaging.LbdsRelated;
-
-import java.util.List;
-
 import de.symeda.sormas.api.Language;
 import de.symeda.sormas.api.i18n.I18nProperties;
 import de.symeda.sormas.api.utils.InfoProvider;
@@ -57,279 +57,279 @@
 import de.symeda.sormas.app.core.notification.NotificationHelper;
 import de.symeda.sormas.app.databinding.FragmentSettingsLayoutBinding;
 import de.symeda.sormas.app.lbds.LbdsIntentSender;
+import de.symeda.sormas.app.login.ChangePasswordActivity;
 import de.symeda.sormas.app.login.EnterPinActivity;
 import de.symeda.sormas.app.login.LoginActivity;
 import de.symeda.sormas.app.rest.SynchronizeDataAsync;
 import de.symeda.sormas.app.util.Callback;
 import de.symeda.sormas.app.util.DataUtils;
 import de.symeda.sormas.app.util.SoftKeyboardHelper;
-import de.symeda.sormas.app.login.ChangePasswordActivity;
 
 /**
  * TODO SettingsFragment should probably not be a BaseLandingFragment, but a BaseFragment
  */
 public class SettingsFragment extends BaseLandingFragment {
 
-    private final int SHOW_DEV_OPTIONS_CLICK_LIMIT = 5;
-
-    private FragmentSettingsLayoutBinding binding;
-    private int versionClickedCount;
-
-    protected boolean isShowDevOptions() {
-        return versionClickedCount >= SHOW_DEV_OPTIONS_CLICK_LIMIT;
-    }
-
-    protected boolean hasServerUrl() {
-        return ConfigProvider.getServerRestUrl() != null;
-    }
-
-    @Override
-    public View onCreateView(LayoutInflater inflater, @Nullable ViewGroup container, @Nullable Bundle savedInstanceState) {
-        super.onCreateView(inflater, container, savedInstanceState);
-        binding = (FragmentSettingsLayoutBinding) rootBinding;
-
-        binding.settingsServerUrl.setValue(ConfigProvider.getServerRestUrl());
-        binding.changePin.setOnClickListener(v -> changePIN());
-        binding.changePassword.setOnClickListener(v -> changePassword());
-        binding.resynchronizeData.setOnClickListener(v -> repullData());
-        binding.showSyncLog.setOnClickListener(v -> openSyncLog());
-        binding.logout.setOnClickListener(v -> logout());
-        binding.kexLbds.setOnClickListener(v -> kexLbds());
-        binding.syncPersonLbds.setOnClickListener(v -> LbdsIntentSender.sendNewCasePersonsLbds(getContext()));
-        binding.syncCaseLbds.setOnClickListener(v -> LbdsIntentSender.sendNewCasesLbds(getContext()));
-        binding.settingsLbdsDebugUrl.setValue(ConfigProvider.getServerLbdsDebugUrl());
-
-        binding.sormasVersion.setText("SORMAS " + InfoProvider.get().getVersion());
-        binding.sormasVersion.setOnClickListener(v -> {
-            versionClickedCount++;
-            if (isShowDevOptions()) {
-                binding.settingsServerUrl.setVisibility(View.VISIBLE);
-                if (isLbdsAppInstalled()) {
-                    binding.kexLbds.setVisibility(View.VISIBLE);
-                    binding.syncPersonLbds.setVisibility(View.VISIBLE);
-                    binding.syncCaseLbds.setVisibility(View.VISIBLE);
-                    binding.settingsLbdsDebugUrl.setVisibility(View.VISIBLE);
-                }
-                if (ConfigProvider.getUser() != null) {
-                    binding.logout.setVisibility(View.VISIBLE);
-                }
-                getBaseLandingActivity().getSaveMenu().setVisible(true);
-            }
-        });
-
-        binding.setData(ConfigProvider.getUser());
-        Language initialLanguage = binding.getData() != null ? I18nProperties.getUserLanguage() : LocaleManager.getLanguagePref(getContext());
-        ValueChangeListener languageValueChangeListener = e -> {
-            Language currentLanguage = LocaleManager.getLanguagePref(getContext());
-            if (e.getValue() == null) {
-                // This happens e.g. when the user is not logged in
-                e.setValue(LocaleManager.getLanguagePref(getContext()));
-            }
-            Language newLanguage = (Language) e.getValue();
-            if (!LocaleManager.getLanguagePref(getContext()).equals(e.getValue())) {
-                try {
-                    User user = ConfigProvider.getUser() != null ? DatabaseHelper.getUserDao().queryUuid(ConfigProvider.getUser().getUuid()) : null;
-                    if (user != null) {
-                        DatabaseHelper.getUserDao().saveAndSnapshot(user);
-                    }
-                    if (newLanguage != null) {
-                        ((SettingsActivity) getActivity()).setNewLocale((AppCompatActivity) getActivity(), newLanguage);
-                    }
-                } catch (DaoException ex) {
-                    NotificationHelper
-                            .showNotification((SettingsActivity) getActivity(), ERROR, getString(R.string.message_language_change_unsuccessful));
-                }
-            }
-        };
-        binding.userLanguage.initializeSpinner(DataUtils.getEnumItems(Language.class, false), initialLanguage, languageValueChangeListener);
-
-        return binding.getRoot();
-    }
-
-    @Override
-    public int getRootLandingLayout() {
-        return R.layout.fragment_settings_layout;
-    }
-
-    @Override
-    public void onResume() {
-        super.onResume();
-
-        boolean hasUser = ConfigProvider.getUser() != null;
-        binding.settingsServerUrlInfo.setVisibility(!hasServerUrl() ? View.VISIBLE : View.GONE);
-        binding.settingsServerUrl.setVisibility(!hasServerUrl() || isShowDevOptions() ? View.VISIBLE : View.GONE);
-        binding.changePin.setVisibility(hasUser ? View.VISIBLE : View.GONE);
-        binding.changePassword.setVisibility(hasUser ? View.VISIBLE : View.GONE);
-        binding.resynchronizeData.setVisibility(hasUser ? View.VISIBLE : View.GONE);
-        binding.showSyncLog.setVisibility(hasUser ? View.VISIBLE : View.GONE);
-        binding.logout.setVisibility(hasUser && isShowDevOptions() ? View.VISIBLE : View.GONE);
-        boolean showLbdsFeatures = isLbdsAppInstalled() && hasUser && isShowDevOptions();
-        binding.kexLbds.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
-        binding.syncPersonLbds.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
-        binding.syncCaseLbds.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
-        binding.settingsLbdsDebugUrl.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
-    }
-
-    @Override
-    public void onPause() {
-        super.onPause();
-
-        SoftKeyboardHelper.hideKeyboard(getActivity(), this);
-    }
-
-    public String getServerUrl() {
-        return binding.settingsServerUrl.getValue();
-    }
-
-    public void changePIN() {
-        Intent intent = new Intent(getActivity(), EnterPinActivity.class);
-        intent.putExtra(EnterPinActivity.CALLED_FROM_SETTINGS, true);
-        startActivity(intent);
-    }
-
-    public void changePassword() {
-        Intent intent = new Intent(getActivity(), ChangePasswordActivity.class);
-        startActivity(intent);
-    }
-
-    private void repullData() {
-        checkAndShowUnsynchronizedChangesDialog(() -> showRepullDataConfirmationDialog(), "SYNC");
-    }
-
-    private void checkAndShowUnsynchronizedChangesDialog(Callback confirmedCallback, String wordToType) {
-        if (SynchronizeDataAsync.hasAnyUnsynchronizedData()) {
-            final ConfirmationInputDialog unsynchronizedChangesDialog = new ConfirmationInputDialog(
-                    getActivity(),
-                    R.string.heading_unsynchronized_changes,
-                    R.string.message_unsynchronized_changes_confirmation,
-                    wordToType);
-
-            unsynchronizedChangesDialog.setPositiveCallback(confirmedCallback::call);
-
-            unsynchronizedChangesDialog.show();
-        } else {
-            confirmedCallback.call();
-        }
-    }
-
-    private void showRepullDataConfirmationDialog() {
-        final ConfirmationDialog confirmationDialog =
-                new ConfirmationDialog(getActivity(), R.string.heading_confirmation_dialog, R.string.info_resync_duration);
-
-        confirmationDialog.setPositiveCallback(() -> {
-            // Collect unsynchronized changes
-            final List<Case> modifiedCases = DatabaseHelper.getCaseDao().getModifiedEntities();
-            final List<Contact> modifiedContacts = DatabaseHelper.getContactDao().getModifiedEntities();
-            final List<Person> modifiedPersons = DatabaseHelper.getPersonDao().getModifiedEntities();
-            final List<Event> modifiedEvents = DatabaseHelper.getEventDao().getModifiedEntities();
-            final List<EventParticipant> modifiedEventParticipants = DatabaseHelper.getEventParticipantDao().getModifiedEntities();
-            final List<Sample> modifiedSamples = DatabaseHelper.getSampleDao().getModifiedEntities();
-            final List<Visit> modifiedVisits = DatabaseHelper.getVisitDao().getModifiedEntities();
-
-            getBaseActivity().synchronizeData(SynchronizeDataAsync.SyncMode.CompleteAndRepull, true, true, null, new Callback() {
-
-                @Override
-                public void call() {
-                    // Add deleted entities that had unsynchronized changes to sync log
-                    for (Case caze : modifiedCases) {
-                        if (DatabaseHelper.getCaseDao().queryUuidReference(caze.getUuid()) == null) {
-                            DatabaseHelper.getSyncLogDao()
-                                    .createWithParentStack(caze.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
-                        }
-                    }
-                    for (Contact contact : modifiedContacts) {
-                        if (DatabaseHelper.getContactDao().queryUuidReference(contact.getUuid()) == null) {
-                            DatabaseHelper.getSyncLogDao()
-                                    .createWithParentStack(contact.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
-                        }
-                    }
-                    for (Person person : modifiedPersons) {
-                        if (DatabaseHelper.getPersonDao().queryUuidReference(person.getUuid()) == null) {
-                            DatabaseHelper.getSyncLogDao()
-                                    .createWithParentStack(person.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
-                        }
-                    }
-                    for (Event event : modifiedEvents) {
-                        if (DatabaseHelper.getEventDao().queryUuidReference(event.getUuid()) == null) {
-                            DatabaseHelper.getSyncLogDao()
-                                    .createWithParentStack(event.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
-                        }
-                    }
-                    for (EventParticipant eventParticipant : modifiedEventParticipants) {
-                        if (DatabaseHelper.getEventParticipantDao().queryUuidReference(eventParticipant.getUuid()) == null) {
-                            DatabaseHelper.getSyncLogDao()
-                                    .createWithParentStack(eventParticipant.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
-                        }
-                    }
-                    for (Sample sample : modifiedSamples) {
-                        if (DatabaseHelper.getSampleDao().queryUuidReference(sample.getUuid()) == null) {
-                            DatabaseHelper.getSyncLogDao()
-                                    .createWithParentStack(sample.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
-                        }
-                    }
-                    for (Visit visit : modifiedVisits) {
-                        if (DatabaseHelper.getVisitDao().queryUuidReference(visit.getUuid()) == null) {
-                            DatabaseHelper.getSyncLogDao()
-                                    .createWithParentStack(visit.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
-                        }
-                    }
-                }
-            }, new Callback() {
-
-                @Override
-                public void call() {
-                    DatabaseHelper.clearTables(false);
-                }
-            });
-        });
-
-        confirmationDialog.show();
-    }
-
-    public void openSyncLog() {
-        SyncLogDialog syncLogDialog = new SyncLogDialog(this.getActivity());
-        syncLogDialog.show();
-    }
-
-    public void logout() {
-        checkAndShowUnsynchronizedChangesDialog(() -> {
-            ConfigProvider.clearUserLogin();
-            ConfigProvider.clearPin();
-            Intent intent = new Intent(getActivity(), LoginActivity.class);
-            startActivity(intent);
-        }, "LOGOUT");
-    }
-
-    public void kexLbds() {
-        LbdsIntentSender.sendKexLbdsIntent(getContext());
-    }
-
-    private boolean isLbdsAppInstalled() {
-        PackageManager packageManager = getContext().getPackageManager();
-        try {
-            packageManager.getPackageInfo(LbdsRelated.LBDS_SERVICE_APP_PCKG, 0);
-            return true;
-        } catch (PackageManager.NameNotFoundException e) {
-            return false;
-        }
-    }
-
-    public String getLbdsDebugUrl() {
-        return (isLbdsAppInstalled() && isShowDevOptions()) ? binding.settingsLbdsDebugUrl.getValue() : null;
-    }
-
-    @Override
-    public EnumMapDataBinderAdapter createLandingAdapter() {
-        return null;
-    }
-
-    @Override
-    public RecyclerView.LayoutManager createLayoutManager() {
-        return null;
-    }
-
-    @Override
-    public boolean isShowSaveAction() {
-        return !hasServerUrl() || isShowDevOptions();
-    }
+	private final int SHOW_DEV_OPTIONS_CLICK_LIMIT = 5;
+
+	private FragmentSettingsLayoutBinding binding;
+	private int versionClickedCount;
+
+	protected boolean isShowDevOptions() {
+		return versionClickedCount >= SHOW_DEV_OPTIONS_CLICK_LIMIT;
+	}
+
+	protected boolean hasServerUrl() {
+		return ConfigProvider.getServerRestUrl() != null;
+	}
+
+	@Override
+	public View onCreateView(LayoutInflater inflater, @Nullable ViewGroup container, @Nullable Bundle savedInstanceState) {
+		super.onCreateView(inflater, container, savedInstanceState);
+		binding = (FragmentSettingsLayoutBinding) rootBinding;
+
+		binding.settingsServerUrl.setValue(ConfigProvider.getServerRestUrl());
+		binding.changePin.setOnClickListener(v -> changePIN());
+		binding.changePassword.setOnClickListener(v -> changePassword());
+		binding.resynchronizeData.setOnClickListener(v -> repullData());
+		binding.showSyncLog.setOnClickListener(v -> openSyncLog());
+		binding.logout.setOnClickListener(v -> logout());
+		binding.kexLbds.setOnClickListener(v -> kexLbds());
+		binding.syncPersonLbds.setOnClickListener(v -> LbdsIntentSender.sendNewCasePersonsLbds(getContext()));
+		binding.syncCaseLbds.setOnClickListener(v -> LbdsIntentSender.sendNewCasesLbds(getContext()));
+		binding.settingsLbdsDebugUrl.setValue(ConfigProvider.getServerLbdsDebugUrl());
+
+		binding.sormasVersion.setText("SORMAS " + InfoProvider.get().getVersion());
+		binding.sormasVersion.setOnClickListener(v -> {
+			versionClickedCount++;
+			if (isShowDevOptions()) {
+				binding.settingsServerUrl.setVisibility(View.VISIBLE);
+				if (isLbdsAppInstalled()) {
+					binding.kexLbds.setVisibility(View.VISIBLE);
+					binding.syncPersonLbds.setVisibility(View.VISIBLE);
+					binding.syncCaseLbds.setVisibility(View.VISIBLE);
+					binding.settingsLbdsDebugUrl.setVisibility(View.VISIBLE);
+				}
+				if (ConfigProvider.getUser() != null) {
+					binding.logout.setVisibility(View.VISIBLE);
+				}
+				getBaseLandingActivity().getSaveMenu().setVisible(true);
+			}
+		});
+
+		binding.setData(ConfigProvider.getUser());
+		Language initialLanguage = binding.getData() != null ? I18nProperties.getUserLanguage() : LocaleManager.getLanguagePref(getContext());
+		ValueChangeListener languageValueChangeListener = e -> {
+			Language currentLanguage = LocaleManager.getLanguagePref(getContext());
+			if (e.getValue() == null) {
+				// This happens e.g. when the user is not logged in
+				e.setValue(LocaleManager.getLanguagePref(getContext()));
+			}
+			Language newLanguage = (Language) e.getValue();
+			if (!LocaleManager.getLanguagePref(getContext()).equals(e.getValue())) {
+				try {
+					User user = ConfigProvider.getUser() != null ? DatabaseHelper.getUserDao().queryUuid(ConfigProvider.getUser().getUuid()) : null;
+					if (user != null) {
+						DatabaseHelper.getUserDao().saveAndSnapshot(user);
+					}
+					if (newLanguage != null) {
+						((SettingsActivity) getActivity()).setNewLocale((AppCompatActivity) getActivity(), newLanguage);
+					}
+				} catch (DaoException ex) {
+					NotificationHelper
+						.showNotification((SettingsActivity) getActivity(), ERROR, getString(R.string.message_language_change_unsuccessful));
+				}
+			}
+		};
+		binding.userLanguage.initializeSpinner(DataUtils.getEnumItems(Language.class, false), initialLanguage, languageValueChangeListener);
+
+		return binding.getRoot();
+	}
+
+	@Override
+	public int getRootLandingLayout() {
+		return R.layout.fragment_settings_layout;
+	}
+
+	@Override
+	public void onResume() {
+		super.onResume();
+
+		boolean hasUser = ConfigProvider.getUser() != null;
+		binding.settingsServerUrlInfo.setVisibility(!hasServerUrl() ? View.VISIBLE : View.GONE);
+		binding.settingsServerUrl.setVisibility(!hasServerUrl() || isShowDevOptions() ? View.VISIBLE : View.GONE);
+		binding.changePin.setVisibility(hasUser ? View.VISIBLE : View.GONE);
+		binding.changePassword.setVisibility(hasUser ? View.VISIBLE : View.GONE);
+		binding.resynchronizeData.setVisibility(hasUser ? View.VISIBLE : View.GONE);
+		binding.showSyncLog.setVisibility(hasUser ? View.VISIBLE : View.GONE);
+		binding.logout.setVisibility(hasUser && isShowDevOptions() ? View.VISIBLE : View.GONE);
+		boolean showLbdsFeatures = isLbdsAppInstalled() && hasUser && isShowDevOptions();
+		binding.kexLbds.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
+		binding.syncPersonLbds.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
+		binding.syncCaseLbds.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
+		binding.settingsLbdsDebugUrl.setVisibility(showLbdsFeatures ? View.VISIBLE : View.GONE);
+	}
+
+	@Override
+	public void onPause() {
+		super.onPause();
+
+		SoftKeyboardHelper.hideKeyboard(getActivity(), this);
+	}
+
+	public String getServerUrl() {
+		return binding.settingsServerUrl.getValue();
+	}
+
+	public void changePIN() {
+		Intent intent = new Intent(getActivity(), EnterPinActivity.class);
+		intent.putExtra(EnterPinActivity.CALLED_FROM_SETTINGS, true);
+		startActivity(intent);
+	}
+
+	public void changePassword() {
+		Intent intent = new Intent(getActivity(), ChangePasswordActivity.class);
+		startActivity(intent);
+	}
+
+	private void repullData() {
+		checkAndShowUnsynchronizedChangesDialog(() -> showRepullDataConfirmationDialog(), "SYNC");
+	}
+
+	private void checkAndShowUnsynchronizedChangesDialog(Callback confirmedCallback, String wordToType) {
+		if (SynchronizeDataAsync.hasAnyUnsynchronizedData()) {
+			final ConfirmationInputDialog unsynchronizedChangesDialog = new ConfirmationInputDialog(
+				getActivity(),
+				R.string.heading_unsynchronized_changes,
+				R.string.message_unsynchronized_changes_confirmation,
+				wordToType);
+
+			unsynchronizedChangesDialog.setPositiveCallback(confirmedCallback::call);
+
+			unsynchronizedChangesDialog.show();
+		} else {
+			confirmedCallback.call();
+		}
+	}
+
+	private void showRepullDataConfirmationDialog() {
+		final ConfirmationDialog confirmationDialog =
+			new ConfirmationDialog(getActivity(), R.string.heading_confirmation_dialog, R.string.info_resync_duration);
+
+		confirmationDialog.setPositiveCallback(() -> {
+			// Collect unsynchronized changes
+			final List<Case> modifiedCases = DatabaseHelper.getCaseDao().getModifiedEntities();
+			final List<Contact> modifiedContacts = DatabaseHelper.getContactDao().getModifiedEntities();
+			final List<Person> modifiedPersons = DatabaseHelper.getPersonDao().getModifiedEntities();
+			final List<Event> modifiedEvents = DatabaseHelper.getEventDao().getModifiedEntities();
+			final List<EventParticipant> modifiedEventParticipants = DatabaseHelper.getEventParticipantDao().getModifiedEntities();
+			final List<Sample> modifiedSamples = DatabaseHelper.getSampleDao().getModifiedEntities();
+			final List<Visit> modifiedVisits = DatabaseHelper.getVisitDao().getModifiedEntities();
+
+			getBaseActivity().synchronizeData(SynchronizeDataAsync.SyncMode.CompleteAndRepull, true, true, null, new Callback() {
+
+				@Override
+				public void call() {
+					// Add deleted entities that had unsynchronized changes to sync log
+					for (Case caze : modifiedCases) {
+						if (DatabaseHelper.getCaseDao().queryUuidReference(caze.getUuid()) == null) {
+							DatabaseHelper.getSyncLogDao()
+								.createWithParentStack(caze.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
+						}
+					}
+					for (Contact contact : modifiedContacts) {
+						if (DatabaseHelper.getContactDao().queryUuidReference(contact.getUuid()) == null) {
+							DatabaseHelper.getSyncLogDao()
+								.createWithParentStack(contact.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
+						}
+					}
+					for (Person person : modifiedPersons) {
+						if (DatabaseHelper.getPersonDao().queryUuidReference(person.getUuid()) == null) {
+							DatabaseHelper.getSyncLogDao()
+								.createWithParentStack(person.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
+						}
+					}
+					for (Event event : modifiedEvents) {
+						if (DatabaseHelper.getEventDao().queryUuidReference(event.getUuid()) == null) {
+							DatabaseHelper.getSyncLogDao()
+								.createWithParentStack(event.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
+						}
+					}
+					for (EventParticipant eventParticipant : modifiedEventParticipants) {
+						if (DatabaseHelper.getEventParticipantDao().queryUuidReference(eventParticipant.getUuid()) == null) {
+							DatabaseHelper.getSyncLogDao()
+								.createWithParentStack(eventParticipant.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
+						}
+					}
+					for (Sample sample : modifiedSamples) {
+						if (DatabaseHelper.getSampleDao().queryUuidReference(sample.getUuid()) == null) {
+							DatabaseHelper.getSyncLogDao()
+								.createWithParentStack(sample.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
+						}
+					}
+					for (Visit visit : modifiedVisits) {
+						if (DatabaseHelper.getVisitDao().queryUuidReference(visit.getUuid()) == null) {
+							DatabaseHelper.getSyncLogDao()
+								.createWithParentStack(visit.buildCaption(), getResources().getString(R.string.caption_changed_data_lost));
+						}
+					}
+				}
+			}, new Callback() {
+
+				@Override
+				public void call() {
+					DatabaseHelper.clearTables(false);
+				}
+			});
+		});
+
+		confirmationDialog.show();
+	}
+
+	public void openSyncLog() {
+		SyncLogDialog syncLogDialog = new SyncLogDialog(this.getActivity());
+		syncLogDialog.show();
+	}
+
+	public void logout() {
+		checkAndShowUnsynchronizedChangesDialog(() -> {
+			ConfigProvider.clearUserLogin();
+			ConfigProvider.clearPin();
+			Intent intent = new Intent(getActivity(), LoginActivity.class);
+			startActivity(intent);
+		}, "LOGOUT");
+	}
+
+	public void kexLbds() {
+		LbdsIntentSender.sendKexLbdsIntent(getContext());
+	}
+
+	private boolean isLbdsAppInstalled() {
+		PackageManager packageManager = getContext().getPackageManager();
+		try {
+			packageManager.getPackageInfo(LbdsRelated.LBDS_SERVICE_APP_PCKG, 0);
+			return true;
+		} catch (PackageManager.NameNotFoundException e) {
+			return false;
+		}
+	}
+
+	public String getLbdsDebugUrl() {
+		return (isLbdsAppInstalled() && isShowDevOptions()) ? binding.settingsLbdsDebugUrl.getValue() : null;
+	}
+
+	@Override
+	public EnumMapDataBinderAdapter createLandingAdapter() {
+		return null;
+	}
+
+	@Override
+	public RecyclerView.LayoutManager createLayoutManager() {
+		return null;
+	}
+
+	@Override
+	public boolean isShowSaveAction() {
+		return !hasServerUrl() || isShowDevOptions();
+	}
 }
diff --git a/sormas-app/app/src/main/res/values/strings.xml b/sormas-app/app/src/main/res/values/strings.xml
index 426c42196c9..bfe4600bb20 100644
--- a/sormas-app/app/src/main/res/values/strings.xml
+++ b/sormas-app/app/src/main/res/values/strings.xml
@@ -285,7 +285,7 @@
     <string name="caption_sync_pushed">%1$s/%2$s pushed</string>
     <string name="caption_sync_deleted">%1$s deleted</string>
     <string name="caption_event_search_field">ID, title, description</string>
-    `
+
     <string name="confirmation_action">Are you sure you want to do this?</string>
     <string name="confirmation_delete">Are you sure you want to delete this record?</string>
     <string name="confirmation_pick_gps">Are you in this place right now?</string>
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
index f91433a3106..01ddd8450b9 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
@@ -60,173 +60,173 @@
 @SuppressWarnings("serial")
 public class Menu extends CssLayout {
 
-    private static final String VALO_MENUITEMS = "valo-menuitems";
-    private static final String VALO_MENU_TOGGLE = "valo-menu-toggle";
-    private static final String VALO_MENU_VISIBLE = "valo-menu-visible";
-    private Navigator navigator;
-    private Map<String, Button> viewButtons = new HashMap<String, Button>();
-
-    private CssLayout menuItemsLayout;
-    private CssLayout menuPart;
-
-    public Menu(Navigator navigator) {
-
-        this.navigator = navigator;
-        setPrimaryStyleName(ValoTheme.MENU_ROOT);
-        menuPart = new CssLayout();
-        menuPart.addStyleName(ValoTheme.MENU_PART);
-
-        // header of the menu
-        final HorizontalLayout top = new HorizontalLayout();
-        top.setDefaultComponentAlignment(Alignment.MIDDLE_CENTER);
-        top.addStyleName(ValoTheme.MENU_TITLE);
-        top.setSpacing(true);
-        Label title = new Label(FacadeProvider.getConfigFacade().getSormasInstanceName());
-        title.setSizeUndefined();
-
-        Image image;
-        if (FacadeProvider.getConfigFacade().isCustomBranding()
-                && StringUtils.isNotBlank(FacadeProvider.getConfigFacade().getCustomBrandingLogoPath())) {
-            Path logoPath = Paths.get(FacadeProvider.getConfigFacade().getCustomBrandingLogoPath());
-            image = new Image(null, new FileResource(logoPath.toFile()));
-        } else {
-            image = new Image(null, new ThemeResource("img/sormas-logo.png"));
-        }
-        CssStyles.style(image, ValoTheme.MENU_LOGO, ValoTheme.BUTTON_LINK);
-        top.addComponent(image);
-        top.addComponent(title);
-        top.addLayoutClickListener(listener -> SormasUI.get().getNavigator().navigateTo(SurveillanceDashboardView.VIEW_NAME));
-        menuPart.addComponent(top);
-
-        // button for toggling the visibility of the menu when on a small screen
-        final Button showMenu = ButtonHelper.createIconButton(Captions.menu, VaadinIcons.MENU, event -> {
-            if (menuPart.getStyleName().contains(VALO_MENU_VISIBLE)) {
-                menuPart.removeStyleName(VALO_MENU_VISIBLE);
-            } else {
-                menuPart.addStyleName(VALO_MENU_VISIBLE);
-            }
-        }, ValoTheme.BUTTON_PRIMARY, VALO_MENU_TOGGLE);
-
-        menuPart.addComponent(showMenu);
-
-        // container for the navigation buttons, which are added by addView()
-        menuItemsLayout = new CssLayout();
-        menuItemsLayout.setPrimaryStyleName(VALO_MENUITEMS);
-        menuPart.addComponent(menuItemsLayout);
-
-        // settings menu item
-        MenuBar settingsMenu = new MenuBar();
-        settingsMenu.setId(Captions.actionSettings);
-        settingsMenu.addItem(I18nProperties.getCaption(Captions.actionSettings), VaadinIcons.COG, (Command) selectedItem -> showSettingsPopup());
-
-        settingsMenu.addStyleNames("user-menu", "settings-menu");
-        menuPart.addComponent(settingsMenu);
-
-        // logout menu item
-        MenuBar logoutMenu = new MenuBar();
-        logoutMenu.setId(Captions.actionLogout);
-        logoutMenu.addItem(
-                I18nProperties.getCaption(Captions.actionLogout) + " (" + UiUtil.getUserName() + ")",
-                VaadinIcons.SIGN_OUT,
-                (Command) selectedItem -> LoginHelper.logout());
-
-        logoutMenu.addStyleNames("user-menu", "logout-menu");
-        menuPart.addComponent(logoutMenu);
-
-        addComponent(menuPart);
-    }
-
-    private void showSettingsPopup() {
-
-        Window window = VaadinUiUtil.createPopupWindow();
-        window.setCaption(I18nProperties.getString(Strings.headingUserSettings));
-        window.setModal(true);
-
-        CommitDiscardWrapperComponent<UserSettingsForm> component =
-                ControllerProvider.getUserController().getUserSettingsComponent(() -> window.close());
-
-        Button resetPasswordButton = ControllerProvider.getUserController().createUpdatePasswordButton();
-        component.getButtonsPanel().addComponent(resetPasswordButton, 0);
-
-        window.setContent(component);
-        UI.getCurrent().addWindow(window);
-    }
-
-    /**
-     * Register a pre-created view instance in the navigation menu and in the
-     * {@link Navigator}.
-     *
-     * @see Navigator#addView(String, View)
-     *
-     * @param view
-     *            view instance to register
-     * @param name
-     *            view name
-     * @param caption
-     *            view caption in the menu
-     * @param icon
-     *            view icon in the menu
-     */
-    public void addView(View view, final String name, String caption, Resource icon) {
-
-        navigator.addView(name, view);
-        createViewButton(name, caption, icon);
-    }
-
-    /**
-     * Register a view in the navigation menu and in the {@link Navigator} based
-     * on a view class.
-     *
-     * @see Navigator#addView(String, Class)
-     *
-     * @param viewClass
-     *            class of the views to create
-     * @param name
-     *            view name
-     * @param caption
-     *            view caption in the menu
-     * @param icon
-     *            view icon in the menu
-     */
-    public void addView(Class<? extends View> viewClass, final String name, String caption, Resource icon) {
-
-        navigator.addView(name, viewClass);
-        createViewButton(name, caption, icon);
-    }
-
-    private void createViewButton(final String name, String caption, Resource icon) {
-
-        Button button = ButtonHelper.createIconButtonWithCaption(name, caption, icon, event -> navigator.navigateTo(name));
-        button.setPrimaryStyleName(ValoTheme.MENU_ITEM);
-
-        menuItemsLayout.addComponent(button);
-        viewButtons.put(name, button);
-    }
-
-    /**
-     * Highlights a view navigation button as the currently active view in the
-     * menu. This method does not perform the actual navigation.
-     *
-     * @param viewName
-     *            the name of the view to show as active
-     */
-    public void setActiveView(String viewName) {
-
-        for (Button button : viewButtons.values()) {
-            button.removeStyleName("selected");
-        }
-
-        Button selected = viewButtons.get(viewName);
-        if (selected == null && viewName.contains("/")) {
-            // might be a sub-view
-            viewName = viewName.substring(0, viewName.indexOf('/'));
-            selected = viewButtons.get(viewName);
-        }
-
-        if (selected != null) {
-            selected.addStyleName("selected");
-        }
-
-        menuPart.removeStyleName(VALO_MENU_VISIBLE);
-    }
+	private static final String VALO_MENUITEMS = "valo-menuitems";
+	private static final String VALO_MENU_TOGGLE = "valo-menu-toggle";
+	private static final String VALO_MENU_VISIBLE = "valo-menu-visible";
+	private Navigator navigator;
+	private Map<String, Button> viewButtons = new HashMap<String, Button>();
+
+	private CssLayout menuItemsLayout;
+	private CssLayout menuPart;
+
+	public Menu(Navigator navigator) {
+
+		this.navigator = navigator;
+		setPrimaryStyleName(ValoTheme.MENU_ROOT);
+		menuPart = new CssLayout();
+		menuPart.addStyleName(ValoTheme.MENU_PART);
+
+		// header of the menu
+		final HorizontalLayout top = new HorizontalLayout();
+		top.setDefaultComponentAlignment(Alignment.MIDDLE_CENTER);
+		top.addStyleName(ValoTheme.MENU_TITLE);
+		top.setSpacing(true);
+		Label title = new Label(FacadeProvider.getConfigFacade().getSormasInstanceName());
+		title.setSizeUndefined();
+
+		Image image;
+		if (FacadeProvider.getConfigFacade().isCustomBranding()
+			&& StringUtils.isNotBlank(FacadeProvider.getConfigFacade().getCustomBrandingLogoPath())) {
+			Path logoPath = Paths.get(FacadeProvider.getConfigFacade().getCustomBrandingLogoPath());
+			image = new Image(null, new FileResource(logoPath.toFile()));
+		} else {
+			image = new Image(null, new ThemeResource("img/sormas-logo.png"));
+		}
+		CssStyles.style(image, ValoTheme.MENU_LOGO, ValoTheme.BUTTON_LINK);
+		top.addComponent(image);
+		top.addComponent(title);
+		top.addLayoutClickListener(listener -> SormasUI.get().getNavigator().navigateTo(SurveillanceDashboardView.VIEW_NAME));
+		menuPart.addComponent(top);
+
+		// button for toggling the visibility of the menu when on a small screen
+		final Button showMenu = ButtonHelper.createIconButton(Captions.menu, VaadinIcons.MENU, event -> {
+			if (menuPart.getStyleName().contains(VALO_MENU_VISIBLE)) {
+				menuPart.removeStyleName(VALO_MENU_VISIBLE);
+			} else {
+				menuPart.addStyleName(VALO_MENU_VISIBLE);
+			}
+		}, ValoTheme.BUTTON_PRIMARY, VALO_MENU_TOGGLE);
+
+		menuPart.addComponent(showMenu);
+
+		// container for the navigation buttons, which are added by addView()
+		menuItemsLayout = new CssLayout();
+		menuItemsLayout.setPrimaryStyleName(VALO_MENUITEMS);
+		menuPart.addComponent(menuItemsLayout);
+
+		// settings menu item
+		MenuBar settingsMenu = new MenuBar();
+		settingsMenu.setId(Captions.actionSettings);
+		settingsMenu.addItem(I18nProperties.getCaption(Captions.actionSettings), VaadinIcons.COG, (Command) selectedItem -> showSettingsPopup());
+
+		settingsMenu.addStyleNames("user-menu", "settings-menu");
+		menuPart.addComponent(settingsMenu);
+
+		// logout menu item
+		MenuBar logoutMenu = new MenuBar();
+		logoutMenu.setId(Captions.actionLogout);
+		logoutMenu.addItem(
+			I18nProperties.getCaption(Captions.actionLogout) + " (" + UiUtil.getUserName() + ")",
+			VaadinIcons.SIGN_OUT,
+			(Command) selectedItem -> LoginHelper.logout());
+
+		logoutMenu.addStyleNames("user-menu", "logout-menu");
+		menuPart.addComponent(logoutMenu);
+
+		addComponent(menuPart);
+	}
+
+	private void showSettingsPopup() {
+
+		Window window = VaadinUiUtil.createPopupWindow();
+		window.setCaption(I18nProperties.getString(Strings.headingUserSettings));
+		window.setModal(true);
+
+		CommitDiscardWrapperComponent<UserSettingsForm> component =
+			ControllerProvider.getUserController().getUserSettingsComponent(() -> window.close());
+
+		Button resetPasswordButton = ControllerProvider.getUserController().createUpdatePasswordButton();
+		component.getButtonsPanel().addComponent(resetPasswordButton, 0);
+
+		window.setContent(component);
+		UI.getCurrent().addWindow(window);
+	}
+
+	/**
+	 * Register a pre-created view instance in the navigation menu and in the
+	 * {@link Navigator}.
+	 *
+	 * @see Navigator#addView(String, View)
+	 *
+	 * @param view
+	 *            view instance to register
+	 * @param name
+	 *            view name
+	 * @param caption
+	 *            view caption in the menu
+	 * @param icon
+	 *            view icon in the menu
+	 */
+	public void addView(View view, final String name, String caption, Resource icon) {
+
+		navigator.addView(name, view);
+		createViewButton(name, caption, icon);
+	}
+
+	/**
+	 * Register a view in the navigation menu and in the {@link Navigator} based
+	 * on a view class.
+	 *
+	 * @see Navigator#addView(String, Class)
+	 *
+	 * @param viewClass
+	 *            class of the views to create
+	 * @param name
+	 *            view name
+	 * @param caption
+	 *            view caption in the menu
+	 * @param icon
+	 *            view icon in the menu
+	 */
+	public void addView(Class<? extends View> viewClass, final String name, String caption, Resource icon) {
+
+		navigator.addView(name, viewClass);
+		createViewButton(name, caption, icon);
+	}
+
+	private void createViewButton(final String name, String caption, Resource icon) {
+
+		Button button = ButtonHelper.createIconButtonWithCaption(name, caption, icon, event -> navigator.navigateTo(name));
+		button.setPrimaryStyleName(ValoTheme.MENU_ITEM);
+
+		menuItemsLayout.addComponent(button);
+		viewButtons.put(name, button);
+	}
+
+	/**
+	 * Highlights a view navigation button as the currently active view in the
+	 * menu. This method does not perform the actual navigation.
+	 *
+	 * @param viewName
+	 *            the name of the view to show as active
+	 */
+	public void setActiveView(String viewName) {
+
+		for (Button button : viewButtons.values()) {
+			button.removeStyleName("selected");
+		}
+
+		Button selected = viewButtons.get(viewName);
+		if (selected == null && viewName.contains("/")) {
+			// might be a sub-view
+			viewName = viewName.substring(0, viewName.indexOf('/'));
+			selected = viewButtons.get(viewName);
+		}
+
+		if (selected != null) {
+			selected.addStyleName("selected");
+		}
+
+		menuPart.removeStyleName(VALO_MENU_VISIBLE);
+	}
 }

From c47d03298e0a169fcc81faa1c3246389e29cf640 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 23 Oct 2024 17:05:42 +0000
Subject: [PATCH 75/95] trimmed spaces after review

---
 .../user/event/PasswordResetEvent.java        |   3 +
 .../EnvironmentSampleServiceTest.java         |   1 +
 .../backend/user/UserFacadeEjbTest.java       | 628 +++++++++---------
 3 files changed, 318 insertions(+), 314 deletions(-)

diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java
index 5c7f19a1a79..1ee38c7f853 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordResetEvent.java
@@ -1,14 +1,17 @@
 /*
  * SORMAS® - Surveillance Outbreak Response Management & Analysis System
  * Copyright © 2016-2020 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+ *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.
+ *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  * GNU General Public License for more details.
+ *
  * You should have received a copy of the GNU General Public License
  * along with this program. If not, see <https://www.gnu.org/licenses/>.
  */
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
index 256f14318f3..fea33d3dc7f 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/environment/environmentsample/EnvironmentSampleServiceTest.java
@@ -94,6 +94,7 @@ public void testJurisdiction() {
 		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
 		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf2), is(false));
 
+
 		// national user should have access to all samples
 		loginWith(natUser);
 		assertThat(getEnvironmentSampleService().inJurisdictionOrOwned(samploRdcf1), is(true));
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
index 5b42307a30c..da4daa93812 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
@@ -67,420 +67,420 @@
 
 public class UserFacadeEjbTest extends AbstractBeanTest {
 
-    @BeforeEach
-    public void setUp() {
-        MockitoAnnotations.initMocks(this);
-    }
+	@BeforeEach
+	public void setUp() {
+		MockitoAnnotations.initMocks(this);
+	}
 
-    @Test
-    public void testGetUsersByRegionAndRights() {
-        RDCF rdcf = creator.createRDCF();
-        RegionReferenceDto region = rdcf.region;
+	@Test
+	public void testGetUsersByRegionAndRights() {
+		RDCF rdcf = creator.createRDCF();
+		RegionReferenceDto region = rdcf.region;
 
-        // given region and right
-        List<UserReferenceDto> result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW);
+		// given region and right
+		List<UserReferenceDto> result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-        assertTrue(result.isEmpty());
+		assertTrue(result.isEmpty());
 
-        UserDto natUser = creator.createUser(rdcf, creator.getUserRoleReference(NATIONAL_USER)); // Has LAB_MASSAGES and TRAVEL_ENTRY_MANAGEMENT_ACCESS rights
-        UserDto poeUser = creator.createUser(rdcf, "Some", "User", creator.getUserRoleReference(POE_INFORMANT)); // Does not have LAB_MASSAGES right, but has TRAVEL_ENTRY_MANAGEMENT_ACCESS.
-        creator.createUser(rdcf, creator.getUserRoleReference(REST_EXTERNAL_VISITS_USER)); // Has neither LAB_MASSAGES nor TRAVEL_ENTRY_MANAGEMENT_ACCESS right
-        result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW);
+		UserDto natUser = creator.createUser(rdcf, creator.getUserRoleReference(NATIONAL_USER)); // Has LAB_MASSAGES and TRAVEL_ENTRY_MANAGEMENT_ACCESS rights
+		UserDto poeUser = creator.createUser(rdcf, "Some", "User", creator.getUserRoleReference(POE_INFORMANT)); // Does not have LAB_MASSAGES right, but has TRAVEL_ENTRY_MANAGEMENT_ACCESS.
+		creator.createUser(rdcf, creator.getUserRoleReference(REST_EXTERNAL_VISITS_USER)); // Has neither LAB_MASSAGES nor TRAVEL_ENTRY_MANAGEMENT_ACCESS right
+		result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-        assertThat(result, hasSize(1));
-        assertThat(result, contains(equalTo(natUser.toReference())));
+		assertThat(result, hasSize(1));
+		assertThat(result, contains(equalTo(natUser.toReference())));
 
-        UserDto natUser2 = creator.createUser(rdcf, "Nat", "User2", creator.getUserRoleReference(NATIONAL_USER)); // Has LAB_MASSAGES right
-        result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW);
+		UserDto natUser2 = creator.createUser(rdcf, "Nat", "User2", creator.getUserRoleReference(NATIONAL_USER)); // Has LAB_MASSAGES right
+		result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-        assertThat(result, hasSize(2));
-        assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference())));
+		assertThat(result, hasSize(2));
+		assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference())));
 
-        // given different region and right
-        Region region2 = creator.createRegion("region2");
-        result = getUserFacade().getUsersByRegionAndRights(RegionFacadeEjb.toReferenceDto(region2), null, UserRight.EXTERNAL_MESSAGE_VIEW);
+		// given different region and right
+		Region region2 = creator.createRegion("region2");
+		result = getUserFacade().getUsersByRegionAndRights(RegionFacadeEjb.toReferenceDto(region2), null, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-        assertTrue(result.isEmpty());
+		assertTrue(result.isEmpty());
 
-        // given no region and right
-        result = getUserFacade().getUsersByRegionAndRights(null, null, UserRight.EXTERNAL_MESSAGE_VIEW);
+		// given no region and right
+		result = getUserFacade().getUsersByRegionAndRights(null, null, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-        assertThat(result, hasSize(3)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
-        assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference())));
+		assertThat(result, hasSize(3)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
+		assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference())));
 
-        // given region and multiple rights
-        result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+		// given region and multiple rights
+		result = getUserFacade().getUsersByRegionAndRights(region, null, UserRight.EXTERNAL_MESSAGE_VIEW, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-        assertThat(result, hasSize(3));
-        assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference()), equalTo(poeUser.toReference())));
+		assertThat(result, hasSize(3));
+		assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference()), equalTo(poeUser.toReference())));
 
-        // given different region and multiple rights
-        result = getUserFacade().getUsersByRegionAndRights(
-                RegionFacadeEjb.toReferenceDto(region2),
-                null,
-                UserRight.EXTERNAL_MESSAGE_VIEW,
-                UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+		// given different region and multiple rights
+		result = getUserFacade().getUsersByRegionAndRights(
+			RegionFacadeEjb.toReferenceDto(region2),
+			null,
+			UserRight.EXTERNAL_MESSAGE_VIEW,
+			UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-        assertTrue(result.isEmpty());
+		assertTrue(result.isEmpty());
 
-        // given no region and multiple rights
-        result = getUserFacade().getUsersByRegionAndRights(null, null, UserRight.EXTERNAL_MESSAGE_VIEW, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+		// given no region and multiple rights
+		result = getUserFacade().getUsersByRegionAndRights(null, null, UserRight.EXTERNAL_MESSAGE_VIEW, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-        assertThat(result, hasSize(4)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
-        assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference()), equalTo(poeUser.toReference())));
+		assertThat(result, hasSize(4)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
+		assertThat(result, hasItems(equalTo(natUser.toReference()), equalTo(natUser2.toReference()), equalTo(poeUser.toReference())));
 
-    }
+	}
 
-    /**
-     * Testing with some users that might not be selected DISTINCT because of 1:n relations.
-     */
-    @Test
-    public void testGetIndexList() {
-
-        // 1 region, 2 districts
-        RDCF rdcf = creator.createRDCF();
-        Region region = getBean(RegionService.class).getByUuid(rdcf.region.getUuid());
-        creator.createDistrict("district 2", region);
-
-        // user with a 2 districts region, 2 user roles
-        creator.createUser(rdcf, "my", "User", creator.getUserRoleReference(CASE_OFFICER), creator.getUserRoleReference(CONTACT_OFFICER));
-
-        // some other users to be filtered out
-        creator.createUser(
-                rdcf,
-                "Some",
-                "User",
-                creator.getUserRoleReference(SURVEILLANCE_SUPERVISOR),
-                creator.getUserRoleReference(CONTACT_SUPERVISOR));
-        creator
-                .createUser(rdcf, "Other", "User", creator.getUserRoleReference(SURVEILLANCE_OFFICER), creator.getUserRoleReference(DISTRICT_OBSERVER));
-
-        List<UserDto> result;
-
-        // 1. Check that query works without filter: All 3 distinct users are found (+ admin by default)
-        result = getUserFacade().getIndexList(new UserCriteria(), 0, 100, null);
-        assertThat(result, hasSize(4));
-        assertThat(result.stream().map(EntityDto::getUuid).collect(Collectors.toSet()), hasSize(4));
-
-        // 2. Check that only the expected user is found
-        result = getUserFacade().getIndexList(new UserCriteria().freeText("myUser"), 0, 100, null);
-        assertThat(result, hasSize(1));
-        assertThat(result.get(0).getUserName(), equalTo("myUser"));
-    }
+	/**
+	 * Testing with some users that might not be selected DISTINCT because of 1:n relations.
+	 */
+	@Test
+	public void testGetIndexList() {
 
-    /**
-     * Test that the filtering on text fields and sorting be Location.address do not cause a database exception.
-     */
-    @Test
-    public void testGetIndexListFilteredAndOrderedByAddress() {
-        final UserCriteria userCriteria = new UserCriteria().freeText("min");
-        List<UserDto> result = getUserFacade().getIndexList(userCriteria, 0, 100, Collections.singletonList(new SortProperty(UserDto.ADDRESS)));
+		// 1 region, 2 districts
+		RDCF rdcf = creator.createRDCF();
+		Region region = getBean(RegionService.class).getByUuid(rdcf.region.getUuid());
+		creator.createDistrict("district 2", region);
 
-        final long count = getUserFacade().count(userCriteria);
+		// user with a 2 districts region, 2 user roles
+		creator.createUser(rdcf, "my", "User", creator.getUserRoleReference(CASE_OFFICER), creator.getUserRoleReference(CONTACT_OFFICER));
 
-        assertThat(result, hasSize(1));
-        assertThat(count, is(1L));
-        assertThat(result.get(0).getUserName(), equalTo("admin"));
-    }
+		// some other users to be filtered out
+		creator.createUser(
+			rdcf,
+			"Some",
+			"User",
+			creator.getUserRoleReference(SURVEILLANCE_SUPERVISOR),
+			creator.getUserRoleReference(CONTACT_SUPERVISOR));
+		creator
+			.createUser(rdcf, "Other", "User", creator.getUserRoleReference(SURVEILLANCE_OFFICER), creator.getUserRoleReference(DISTRICT_OBSERVER));
 
-    @Test
-    public void testGetValidLoginRoles() {
-        AuthProvider authProvider = mock(AuthProvider.class);
+		List<UserDto> result;
+
+		// 1. Check that query works without filter: All 3 distinct users are found (+ admin by default)
+		result = getUserFacade().getIndexList(new UserCriteria(), 0, 100, null);
+		assertThat(result, hasSize(4));
+		assertThat(result.stream().map(EntityDto::getUuid).collect(Collectors.toSet()), hasSize(4));
 
-        MockedStatic<AuthProvider> mockAuthProvider = mockStatic(AuthProvider.class);
+		// 2. Check that only the expected user is found
+		result = getUserFacade().getIndexList(new UserCriteria().freeText("myUser"), 0, 100, null);
+		assertThat(result, hasSize(1));
+		assertThat(result.get(0).getUserName(), equalTo("myUser"));
+	}
+
+	/**
+	 * Test that the filtering on text fields and sorting be Location.address do not cause a database exception.
+	 */
+	@Test
+	public void testGetIndexListFilteredAndOrderedByAddress() {
+		final UserCriteria userCriteria = new UserCriteria().freeText("min");
+		List<UserDto> result = getUserFacade().getIndexList(userCriteria, 0, 100, Collections.singletonList(new SortProperty(UserDto.ADDRESS)));
+
+		final long count = getUserFacade().count(userCriteria);
+
+		assertThat(result, hasSize(1));
+		assertThat(count, is(1L));
+		assertThat(result.get(0).getUserName(), equalTo("admin"));
+	}
+
+	@Test
+	public void testGetValidLoginRoles() {
+		AuthProvider authProvider = mock(AuthProvider.class);
+
+		MockedStatic<AuthProvider> mockAuthProvider = mockStatic(AuthProvider.class);
 		Mockito.when(AuthProvider.getProvider(any())).thenReturn(authProvider);
 
-        RDCF rdcf = creator.createRDCF();
-        UserDto user = creator.createUser(rdcf, creator.getUserRoleReference(SURVEILLANCE_SUPERVISOR));
-        String password = getUserFacade().resetPassword(user.getUuid());
+		RDCF rdcf = creator.createRDCF();
+		UserDto user = creator.createUser(rdcf, creator.getUserRoleReference(SURVEILLANCE_SUPERVISOR));
+		String password = getUserFacade().resetPassword(user.getUuid());
 
-        Set<UserRight> validLoginRights = getUserFacade().getValidLoginRights(user.getUserName(), password);
-        assertThat(
-                validLoginRights,
-                containsInAnyOrder(
+		Set<UserRight> validLoginRights = getUserFacade().getValidLoginRights(user.getUserName(), password);
+		assertThat(
+			validLoginRights,
+			containsInAnyOrder(
 				UserRole.getUserRights(Collections.singletonList(creator.getUserRole(SURVEILLANCE_SUPERVISOR))).toArray(new UserRight[] {})));
 
-        user.setActive(false);
-        getUserFacade().saveUser(user, false);
+		user.setActive(false);
+		getUserFacade().saveUser(user, false);
 
-        validLoginRights = getUserFacade().getValidLoginRights(user.getUserName(), password);
-        assertThat(validLoginRights, nullValue());
+		validLoginRights = getUserFacade().getValidLoginRights(user.getUserName(), password);
+		assertThat(validLoginRights, nullValue());
 
-        //Important: release static mock.
-        mockAuthProvider.closeOnDemand();
-    }
+		//Important: release static mock.
+		mockAuthProvider.closeOnDemand();
+	}
 
-    @Test
-    public void testGetExistentDefaultUsers() {
-        Set<User> defaultUsers = UserTestHelper.generateDefaultUsers(true, creator);
-        Set<User> randomUsers = UserTestHelper.generateRandomUsers(3, creator);
+	@Test
+	public void testGetExistentDefaultUsers() {
+		Set<User> defaultUsers = UserTestHelper.generateDefaultUsers(true, creator);
+		Set<User> randomUsers = UserTestHelper.generateRandomUsers(3, creator);
 
-        List<User> testUsers = new ArrayList<>();
-        testUsers.addAll(defaultUsers);
-        testUsers.addAll(randomUsers);
+		List<User> testUsers = new ArrayList<>();
+		testUsers.addAll(defaultUsers);
+		testUsers.addAll(randomUsers);
 
-        for (User user : testUsers) {
-            getUserService().persist(user);
-        }
+		for (User user : testUsers) {
+			getUserService().persist(user);
+		}
 
-        for (User user : testUsers) {
+		for (User user : testUsers) {
 			loginWith(UserFacadeEjb.toDto(user));
-            List<UserDto> persistedDefaultUsers = getUserFacade().getUsersWithDefaultPassword();
+			List<UserDto> persistedDefaultUsers = getUserFacade().getUsersWithDefaultPassword();
 
-            if (user.hasUserRight(UserRight.USER_EDIT)) {
-                assertEquals(defaultUsers.size(), persistedDefaultUsers.size());
-                for (User defUser : defaultUsers) {
+			if (user.hasUserRight(UserRight.USER_EDIT)) {
+				assertEquals(defaultUsers.size(), persistedDefaultUsers.size());
+				for (User defUser : defaultUsers) {
 					assertThat(persistedDefaultUsers, hasItem(UserFacadeEjb.toDto(defUser)));
-                }
-                for (User randomUser : randomUsers) {
+				}
+				for (User randomUser : randomUsers) {
 					assertThat(persistedDefaultUsers, not(hasItem(UserFacadeEjb.toDto(randomUser))));
-                }
-            } else if (defaultUsers.contains(user)) {
-                assertEquals(1, persistedDefaultUsers.size());
+				}
+			} else if (defaultUsers.contains(user)) {
+				assertEquals(1, persistedDefaultUsers.size());
 				assertEquals(UserFacadeEjb.toDto(user), persistedDefaultUsers.get(0));
-            } else {
-                assertEquals(0, persistedDefaultUsers.size());
-            }
-        }
-    }
-
-    @Test
-    public void testGetExistentDefaultUsersUpperCase() {
-        Set<User> defaultUsers = UserTestHelper.generateDefaultUsers(true, creator);
-        for (User user : defaultUsers) {
-            user.setUserName(user.getUserName().toUpperCase());
-            getUserService().persist(user);
-        }
-        assertEquals(0, getUserFacade().getUsersWithDefaultPassword().size());
-    }
+			} else {
+				assertEquals(0, persistedDefaultUsers.size());
+			}
+		}
+	}
+
+	@Test
+	public void testGetExistentDefaultUsersUpperCase() {
+		Set<User> defaultUsers = UserTestHelper.generateDefaultUsers(true, creator);
+		for (User user : defaultUsers) {
+			user.setUserName(user.getUserName().toUpperCase());
+			getUserService().persist(user);
+		}
+		assertEquals(0, getUserFacade().getUsersWithDefaultPassword().size());
+	}
+
+	@Test
+	public void testGetByUserName() {
+		final UserFacade userFacade = getUserFacade();
+		assertNull(userFacade.getByUserName("HansPeter"));
+
+		RDCF rdcf = creator.createRDCF();
+		UserDto user = creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER));
+
+		assertEquals(user, userFacade.getByUserName("HANSPETER"));
+		assertEquals(user, userFacade.getByUserName("hanspeter"));
+		assertEquals(user, userFacade.getByUserName("HansPeter"));
+		assertEquals(user, userFacade.getByUserName("hansPETER"));
+	}
 
-    @Test
-    public void testGetByUserName() {
-        final UserFacade userFacade = getUserFacade();
-        assertNull(userFacade.getByUserName("HansPeter"));
+	@Test
+	public void testLoginUnique() {
+		final UserFacade userFacade = getUserFacade();
+		assertNull(userFacade.getByUserName("HansPeter"));
 
-        RDCF rdcf = creator.createRDCF();
-        UserDto user = creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER));
+		RDCF rdcf = creator.createRDCF();
+		creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER));
 
-        assertEquals(user, userFacade.getByUserName("HANSPETER"));
-        assertEquals(user, userFacade.getByUserName("hanspeter"));
-        assertEquals(user, userFacade.getByUserName("HansPeter"));
-        assertEquals(user, userFacade.getByUserName("hansPETER"));
-    }
+		assertTrue(userFacade.isLoginUnique(String.valueOf(UUID.randomUUID()), "MarieLisa"));
+		assertFalse(userFacade.isLoginUnique(String.valueOf(UUID.randomUUID()), "HansPeter"));
+		assertFalse(userFacade.isLoginUnique(String.valueOf(UUID.randomUUID()), "hanspeter"));
+	}
 
-    @Test
-    public void testLoginUnique() {
-        final UserFacade userFacade = getUserFacade();
-        assertNull(userFacade.getByUserName("HansPeter"));
+	@Test
+	public void testFailOnSavingDuplicateUser() {
+		final UserFacade userFacade = getUserFacade();
+		assertNull(userFacade.getByUserName("HansPeter"));
 
-        RDCF rdcf = creator.createRDCF();
-        creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER));
+		RDCF rdcf = creator.createRDCF();
+		creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER));
+		assertThrows(ValidationException.class, () -> creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER)));
+		assertThrows(ValidationException.class, () -> creator.createUser(rdcf, "hans", "peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER)));
+		assertThrows(ValidationException.class, () -> creator.createUser(rdcf, "HANS", "PETER", creator.getUserRoleReference(SURVEILLANCE_OFFICER)));
+	}
 
-        assertTrue(userFacade.isLoginUnique(String.valueOf(UUID.randomUUID()), "MarieLisa"));
-        assertFalse(userFacade.isLoginUnique(String.valueOf(UUID.randomUUID()), "HansPeter"));
-        assertFalse(userFacade.isLoginUnique(String.valueOf(UUID.randomUUID()), "hanspeter"));
-    }
+	@Test
+	public void testGetUserRefsByDistrictsWithLimitedDiseaseUsers() {
 
-    @Test
-    public void testFailOnSavingDuplicateUser() {
-        final UserFacade userFacade = getUserFacade();
-        assertNull(userFacade.getByUserName("HansPeter"));
-
-        RDCF rdcf = creator.createRDCF();
-        creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER));
-        assertThrows(ValidationException.class, () -> creator.createUser(rdcf, "Hans", "Peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER)));
-        assertThrows(ValidationException.class, () -> creator.createUser(rdcf, "hans", "peter", creator.getUserRoleReference(SURVEILLANCE_OFFICER)));
-        assertThrows(ValidationException.class, () -> creator.createUser(rdcf, "HANS", "PETER", creator.getUserRoleReference(SURVEILLANCE_OFFICER)));
-    }
+		RDCF rdcf = creator.createRDCF();
 
-    @Test
-    public void testGetUserRefsByDistrictsWithLimitedDiseaseUsers() {
+		UserDto generalSurveillanceOfficer = creator.createSurveillanceOfficer(rdcf);
+		UserDto limitedSurveillanceOfficer =
+			creator.createUser(rdcf, "Limited Dengue", "SURVEILLANCE_OFFICER", Disease.DENGUE, creator.getUserRoleReference(SURVEILLANCE_OFFICER));
 
-        RDCF rdcf = creator.createRDCF();
+		List<UserReferenceDto> userReferenceDtos = getUserFacade().getUserRefsByDistricts(Arrays.asList(rdcf.district), Disease.CORONAVIRUS);
 
-        UserDto generalSurveillanceOfficer = creator.createSurveillanceOfficer(rdcf);
-        UserDto limitedSurveillanceOfficer =
-                creator.createUser(rdcf, "Limited Dengue", "SURVEILLANCE_OFFICER", Disease.DENGUE, creator.getUserRoleReference(SURVEILLANCE_OFFICER));
+		assertNotNull(userReferenceDtos);
+		assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
+		assertFalse(userReferenceDtos.contains(limitedSurveillanceOfficer));
 
-        List<UserReferenceDto> userReferenceDtos = getUserFacade().getUserRefsByDistricts(Arrays.asList(rdcf.district), Disease.CORONAVIRUS);
+	}
 
-        assertNotNull(userReferenceDtos);
-        assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
-        assertFalse(userReferenceDtos.contains(limitedSurveillanceOfficer));
+	@Test
+	public void testGetUserRefsByDistrictsForResponsibleSurveillanceOfficer() {
+		RDCF rdcf = creator.createRDCF();
+		RDCF rdcfOther = creator.createRDCF("otherRegion", "oderDistrict", "otherCommunity", "otherFacility");
 
-    }
+		UserDto surveilanceOfficerDefault = creator.createSurveillanceOfficer(rdcf);
+		UserDto surveilanceSupervisorDefault = creator.createSurveillanceSupervisor(rdcf);
+		UserDto adminSupervisorDefault = creator.createUser(rdcf, "Admin", "Supervisor", creator.getUserRoleReference(ADMIN_SUPERVISOR));
+		UserDto adminSupervisorOther = creator.createUser(rdcfOther, "Admin", "Supervisor Other", creator.getUserRoleReference(ADMIN_SUPERVISOR));
 
-    @Test
-    public void testGetUserRefsByDistrictsForResponsibleSurveillanceOfficer() {
-        RDCF rdcf = creator.createRDCF();
-        RDCF rdcfOther = creator.createRDCF("otherRegion", "oderDistrict", "otherCommunity", "otherFacility");
-
-        UserDto surveilanceOfficerDefault = creator.createSurveillanceOfficer(rdcf);
-        UserDto surveilanceSupervisorDefault = creator.createSurveillanceSupervisor(rdcf);
-        UserDto adminSupervisorDefault = creator.createUser(rdcf, "Admin", "Supervisor", creator.getUserRoleReference(ADMIN_SUPERVISOR));
-        UserDto adminSupervisorOther = creator.createUser(rdcfOther, "Admin", "Supervisor Other", creator.getUserRoleReference(ADMIN_SUPERVISOR));
-
-        List<UserReferenceDto> userReferenceDtos = getUserFacade().getUserRefsByDistricts(Arrays.asList(rdcf.district), Disease.CORONAVIRUS);
-        assertNotNull(userReferenceDtos);
-        assertEquals(3, userReferenceDtos.size());
-        List<String> userReferenceUUIDs = userReferenceDtos.stream().map(u -> u.getUuid()).collect(Collectors.toList());
-        assertTrue(userReferenceUUIDs.contains(surveilanceOfficerDefault.getUuid()));
-        assertTrue(userReferenceUUIDs.contains(surveilanceSupervisorDefault.getUuid()));
-        assertTrue(userReferenceUUIDs.contains(adminSupervisorDefault.getUuid()));
-        assertFalse(userReferenceUUIDs.contains(adminSupervisorOther.getUuid()));
-    }
+		List<UserReferenceDto> userReferenceDtos = getUserFacade().getUserRefsByDistricts(Arrays.asList(rdcf.district), Disease.CORONAVIRUS);
+		assertNotNull(userReferenceDtos);
+		assertEquals(3, userReferenceDtos.size());
+		List<String> userReferenceUUIDs = userReferenceDtos.stream().map(u -> u.getUuid()).collect(Collectors.toList());
+		assertTrue(userReferenceUUIDs.contains(surveilanceOfficerDefault.getUuid()));
+		assertTrue(userReferenceUUIDs.contains(surveilanceSupervisorDefault.getUuid()));
+		assertTrue(userReferenceUUIDs.contains(adminSupervisorDefault.getUuid()));
+		assertFalse(userReferenceUUIDs.contains(adminSupervisorOther.getUuid()));
+	}
 
-    @Test
-    public void testGetUserRefsByDistrictsWithLimitedDiseaseUsersSingleDistrict() {
+	@Test
+	public void testGetUserRefsByDistrictsWithLimitedDiseaseUsersSingleDistrict() {
 
-        RDCF rdcf = creator.createRDCF();
+		RDCF rdcf = creator.createRDCF();
 
-        UserDto generalSurveillanceOfficer = creator.createSurveillanceOfficer(rdcf); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS, but not the EXTERNAL_MESSAGES right
-        UserDto limitedSurveillanceOfficer =
-                creator.createUser(rdcf, "Limited Dengue", "SURVEILLANCE_OFFICER", Disease.DENGUE, creator.getUserRoleReference(SURVEILLANCE_OFFICER)); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS, but not the EXTERNAL_MESSAGES right
+		UserDto generalSurveillanceOfficer = creator.createSurveillanceOfficer(rdcf); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS, but not the EXTERNAL_MESSAGES right
+		UserDto limitedSurveillanceOfficer =
+			creator.createUser(rdcf, "Limited Dengue", "SURVEILLANCE_OFFICER", Disease.DENGUE, creator.getUserRoleReference(SURVEILLANCE_OFFICER)); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS, but not the EXTERNAL_MESSAGES right
 
-        // given district and disease
-        List<UserReferenceDto> userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, Disease.CORONAVIRUS);
+		// given district and disease
+		List<UserReferenceDto> userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, Disease.CORONAVIRUS);
 
-        assertThat(userReferenceDtos, hasSize(1));
-        assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
+		assertThat(userReferenceDtos, hasSize(1));
+		assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
 
-        // given disease
-        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, Disease.CORONAVIRUS);
+		// given disease
+		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, Disease.CORONAVIRUS);
 
-        assertThat(userReferenceDtos, hasSize(2)); // there is an admin user created at the init of the AbstractBeanTest
-        assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
+		assertThat(userReferenceDtos, hasSize(2)); // there is an admin user created at the init of the AbstractBeanTest
+		assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
 
-        // given only null parameters
-        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, null);
+		// given only null parameters
+		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, null);
 
-        assertThat(userReferenceDtos, hasSize(3)); // there is an admin user created at the init of the AbstractBeanTest
-        assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
+		assertThat(userReferenceDtos, hasSize(3)); // there is an admin user created at the init of the AbstractBeanTest
+		assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
 
-        // given district, disease and right
-        userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, Disease.CORONAVIRUS, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+		// given district, disease and right
+		userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, Disease.CORONAVIRUS, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-        assertThat(userReferenceDtos, hasSize(1));
-        assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
+		assertThat(userReferenceDtos, hasSize(1));
+		assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
 
-        userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, Disease.CORONAVIRUS, UserRight.EXTERNAL_MESSAGE_VIEW);
+		userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, Disease.CORONAVIRUS, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-        assertTrue(userReferenceDtos.isEmpty());
+		assertTrue(userReferenceDtos.isEmpty());
 
-        // given disease and right
-        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, Disease.CORONAVIRUS, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+		// given disease and right
+		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, Disease.CORONAVIRUS, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-        assertThat(userReferenceDtos, hasSize(2)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
-        assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
+		assertThat(userReferenceDtos, hasSize(2)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
+		assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
 
-        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, Disease.CORONAVIRUS, UserRight.EXTERNAL_MESSAGE_VIEW);
+		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, Disease.CORONAVIRUS, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-        assertThat(userReferenceDtos, hasSize(1)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
+		assertThat(userReferenceDtos, hasSize(1)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
 
-        // given only null parameters except for right
-        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, null, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+		// given only null parameters except for right
+		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, null, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-        assertThat(userReferenceDtos, hasSize(3)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
-        assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
+		assertThat(userReferenceDtos, hasSize(3)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
+		assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
 
-        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, null, UserRight.EXTERNAL_MESSAGE_VIEW);
+		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, null, UserRight.EXTERNAL_MESSAGE_VIEW);
 
-        assertThat(userReferenceDtos, hasSize(1)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
+		assertThat(userReferenceDtos, hasSize(1)); // there is an admin user with NATIONAL_USER role created at the init of the AbstractBeanTest
 
-    }
+	}
 
-    @Test
-    public void testGetUserRefsByDistrictsWithExcludeLimitedDiseaseUsersAndSingleDistrict() {
+	@Test
+	public void testGetUserRefsByDistrictsWithExcludeLimitedDiseaseUsersAndSingleDistrict() {
 
-        RDCF rdcf = creator.createRDCF();
+		RDCF rdcf = creator.createRDCF();
 
-        UserDto generalSurveillanceOfficer = creator.createSurveillanceOfficer(rdcf); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS
-        UserDto limitedSurveillanceOfficer =
-                creator.createUser(rdcf, "Limited Dengue", "SURVEILLANCE_OFFICER", Disease.DENGUE, creator.getUserRoleReference(SURVEILLANCE_OFFICER)); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS
-        UserDto generalRestUser = creator.createUser(rdcf, "REST", "USER", creator.getUserRoleReference(REST_EXTERNAL_VISITS_USER)); // does not have TRAVEL_ENTRY_MANAGEMENT_ACCESS
+		UserDto generalSurveillanceOfficer = creator.createSurveillanceOfficer(rdcf); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS
+		UserDto limitedSurveillanceOfficer =
+			creator.createUser(rdcf, "Limited Dengue", "SURVEILLANCE_OFFICER", Disease.DENGUE, creator.getUserRoleReference(SURVEILLANCE_OFFICER)); // has TRAVEL_ENTRY_MANAGEMENT_ACCESS
+		UserDto generalRestUser = creator.createUser(rdcf, "REST", "USER", creator.getUserRoleReference(REST_EXTERNAL_VISITS_USER)); // does not have TRAVEL_ENTRY_MANAGEMENT_ACCESS
 
-        // given district and one right
-        List<UserReferenceDto> userReferenceDtos =
-                getUserFacade().getUserRefsByDistrict(rdcf.district, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+		// given district and one right
+		List<UserReferenceDto> userReferenceDtos =
+			getUserFacade().getUserRefsByDistrict(rdcf.district, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-        assertThat(userReferenceDtos, hasSize(1));
-        assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
+		assertThat(userReferenceDtos, hasSize(1));
+		assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
 
-        userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+		userReferenceDtos = getUserFacade().getUserRefsByDistrict(rdcf.district, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-        assertThat(userReferenceDtos, hasSize(2));
-        assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
+		assertThat(userReferenceDtos, hasSize(2));
+		assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
 
-        // given no district and one right
-        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+		// given no district and one right
+		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-        assertThat(userReferenceDtos, hasSize(2)); // there is an admin user created at the init of the AbstractBeanTest
-        assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
+		assertThat(userReferenceDtos, hasSize(2)); // there is an admin user created at the init of the AbstractBeanTest
+		assertTrue(userReferenceDtos.contains(generalSurveillanceOfficer));
 
-        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
+		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS);
 
-        assertThat(userReferenceDtos, hasSize(3)); // there is an admin user created at the init of the AbstractBeanTest
-        assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
+		assertThat(userReferenceDtos, hasSize(3)); // there is an admin user created at the init of the AbstractBeanTest
+		assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(limitedSurveillanceOfficer.toReference())));
 
-        // given district and multiple rights
-        userReferenceDtos =
-                getUserFacade().getUserRefsByDistrict(rdcf.district, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
+		// given district and multiple rights
+		userReferenceDtos =
+			getUserFacade().getUserRefsByDistrict(rdcf.district, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
 
-        assertThat(userReferenceDtos, hasSize(2));
-        assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(generalRestUser.toReference())));
+		assertThat(userReferenceDtos, hasSize(2));
+		assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(generalRestUser.toReference())));
 
-        userReferenceDtos =
-                getUserFacade().getUserRefsByDistrict(rdcf.district, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
+		userReferenceDtos =
+			getUserFacade().getUserRefsByDistrict(rdcf.district, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
 
-        assertThat(userReferenceDtos, hasSize(3));
-        assertThat(
-                userReferenceDtos,
-                hasItems(
-                        equalTo(generalSurveillanceOfficer.toReference()),
-                        equalTo(limitedSurveillanceOfficer.toReference()),
-                        equalTo(generalRestUser.toReference())));
+		assertThat(userReferenceDtos, hasSize(3));
+		assertThat(
+			userReferenceDtos,
+			hasItems(
+				equalTo(generalSurveillanceOfficer.toReference()),
+				equalTo(limitedSurveillanceOfficer.toReference()),
+				equalTo(generalRestUser.toReference())));
 
-        // given no district and multiple rights
-        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
+		// given no district and multiple rights
+		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, true, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
 
-        assertThat(userReferenceDtos, hasSize(3)); // there is an admin user created at the init of the AbstractBeanTest
-        assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(generalRestUser.toReference())));
+		assertThat(userReferenceDtos, hasSize(3)); // there is an admin user created at the init of the AbstractBeanTest
+		assertThat(userReferenceDtos, hasItems(equalTo(generalSurveillanceOfficer.toReference()), equalTo(generalRestUser.toReference())));
 
-        userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
+		userReferenceDtos = getUserFacade().getUserRefsByDistrict(null, false, UserRight.TRAVEL_ENTRY_MANAGEMENT_ACCESS, UserRight.SORMAS_REST);
 
-        assertThat(userReferenceDtos, hasSize(4)); // there is an admin user created at the init of the AbstractBeanTest
-        assertThat(
-                userReferenceDtos,
-                hasItems(
-                        equalTo(generalSurveillanceOfficer.toReference()),
-                        equalTo(limitedSurveillanceOfficer.toReference()),
-                        equalTo(generalRestUser.toReference())));
+		assertThat(userReferenceDtos, hasSize(4)); // there is an admin user created at the init of the AbstractBeanTest
+		assertThat(
+			userReferenceDtos,
+			hasItems(
+				equalTo(generalSurveillanceOfficer.toReference()),
+				equalTo(limitedSurveillanceOfficer.toReference()),
+				equalTo(generalRestUser.toReference())));
 
-    }
+	}
 
-    @Test
-    void getUserRights() {
+	@Test
+	void getUserRights() {
 
-        RDCF rdcf = creator.createRDCF();
-        UserDto userWithoutAccess = creator.createSurveillanceOfficer(rdcf);
-        UserRight[] surveillanceOfficerRights =
+		RDCF rdcf = creator.createRDCF();
+		UserDto userWithoutAccess = creator.createSurveillanceOfficer(rdcf);
+		UserRight[] surveillanceOfficerRights =
 			UserRole.getUserRights(Collections.singletonList(creator.getUserRole(SURVEILLANCE_OFFICER))).toArray(new UserRight[] {});
 
-        // Successfully retrieve user rights of other user
-        loginWith(nationalAdmin);
-        List<UserRight> userRights = getUserFacade().getUserRights(userWithoutAccess.getUuid());
-        assertThat(userRights, containsInAnyOrder(surveillanceOfficerRights));
-        // Successfully retrieve own user rights with user without access to the USER_VIEW and USERROLE_VIEW rights
-        loginWith(userWithoutAccess);
-        userRights = getUserFacade().getUserRights(null);
-        assertThat(userRights, containsInAnyOrder(surveillanceOfficerRights));
-        // Prevent users without access from retrieving user rights of other users
-        assertThrows(AccessDeniedException.class, () -> getUserFacade().getUserRights(nationalAdmin.getUuid()));
-
-        // Uuid which does not exist in the system
-        loginWith(nationalAdmin);
-        assertThrows(EntityNotFoundException.class, () -> getUserFacade().getUserRights("12345"));
-    }
+		// Successfully retrieve user rights of other user
+		loginWith(nationalAdmin);
+		List<UserRight> userRights = getUserFacade().getUserRights(userWithoutAccess.getUuid());
+		assertThat(userRights, containsInAnyOrder(surveillanceOfficerRights));
+		// Successfully retrieve own user rights with user without access to the USER_VIEW and USERROLE_VIEW rights
+		loginWith(userWithoutAccess);
+		userRights = getUserFacade().getUserRights(null);
+		assertThat(userRights, containsInAnyOrder(surveillanceOfficerRights));
+		// Prevent users without access from retrieving user rights of other users
+		assertThrows(AccessDeniedException.class, () -> getUserFacade().getUserRights(nationalAdmin.getUuid()));
+
+		// Uuid which does not exist in the system
+		loginWith(nationalAdmin);
+		assertThrows(EntityNotFoundException.class, () -> getUserFacade().getUserRights("12345"));
+	}
 
     @Test
     public void testUpdateUserPassword() {

From 58c2a0f4b09a4e15fb9061dd3baa1110cf026919 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 23 Oct 2024 17:15:07 +0000
Subject: [PATCH 76/95] trimmed white spaces

---
 .../test/java/de/symeda/sormas/backend/AbstractBeanTest.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
index 88959f4315d..a8dcfb20fbf 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/AbstractBeanTest.java
@@ -465,7 +465,7 @@ public ConfigFacade getConfigFacade() {
 
 	/**
 	 * Using local bean here to avoid multiple transactions in test.
-	 *
+	 * 
 	 * @return
 	 */
 	public CaseFacadeEjb getCaseFacade() {

From 3768d09b7e18ec76dfbde423251ac27f4ed067da Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Thu, 24 Oct 2024 10:05:00 +0000
Subject: [PATCH 77/95] making feature configurable on both android and web

---
 .../java/de/symeda/sormas/api/feature/FeatureType.java   | 3 ++-
 .../de/symeda/sormas/app/settings/SettingsFragment.java  | 4 +++-
 sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java    | 9 +++++++--
 3 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureType.java b/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureType.java
index bd3180491d4..9f38277524b 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureType.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureType.java
@@ -330,7 +330,8 @@ public enum FeatureType {
 			CASE_SURVEILANCE,
 			CONTACT_TRACING },
 		null,
-		ImmutableMap.of(FeatureTypeProperty.S2S_SHARING, Boolean.FALSE));
+		ImmutableMap.of(FeatureTypeProperty.S2S_SHARING, Boolean.FALSE)),
+	PASSWORD_RESET(true, false, null, null, null);
 
 	public static final FeatureType[] SURVEILLANCE_FEATURE_TYPES = {
 		FeatureType.CASE_SURVEILANCE,
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
index 8eddbcb3681..9edf05058bb 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
@@ -33,6 +33,7 @@
 import androidx.recyclerview.widget.RecyclerView;
 
 import de.symeda.sormas.api.Language;
+import de.symeda.sormas.api.feature.FeatureType;
 import de.symeda.sormas.api.i18n.I18nProperties;
 import de.symeda.sormas.api.utils.InfoProvider;
 import de.symeda.sormas.app.BaseLandingFragment;
@@ -159,7 +160,8 @@ public void onResume() {
 		binding.settingsServerUrlInfo.setVisibility(!hasServerUrl() ? View.VISIBLE : View.GONE);
 		binding.settingsServerUrl.setVisibility(!hasServerUrl() || isShowDevOptions() ? View.VISIBLE : View.GONE);
 		binding.changePin.setVisibility(hasUser ? View.VISIBLE : View.GONE);
-		binding.changePassword.setVisibility(hasUser ? View.VISIBLE : View.GONE);
+		binding.changePassword.setVisibility(
+			hasUser && !DatabaseHelper.getFeatureConfigurationDao().isFeatureDisabled(FeatureType.PASSWORD_RESET) ? View.VISIBLE : View.GONE);
 		binding.resynchronizeData.setVisibility(hasUser ? View.VISIBLE : View.GONE);
 		binding.showSyncLog.setVisibility(hasUser ? View.VISIBLE : View.GONE);
 		binding.logout.setVisibility(hasUser && isShowDevOptions() ? View.VISIBLE : View.GONE);
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
index 01ddd8450b9..8c2de380b95 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
@@ -17,6 +17,8 @@
  *******************************************************************************/
 package de.symeda.sormas.ui;
 
+import static de.symeda.sormas.ui.UiUtil.permitted;
+
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.util.HashMap;
@@ -43,6 +45,7 @@
 import com.vaadin.ui.themes.ValoTheme;
 
 import de.symeda.sormas.api.FacadeProvider;
+import de.symeda.sormas.api.feature.FeatureType;
 import de.symeda.sormas.api.i18n.Captions;
 import de.symeda.sormas.api.i18n.I18nProperties;
 import de.symeda.sormas.api.i18n.Strings;
@@ -145,8 +148,10 @@ private void showSettingsPopup() {
 		CommitDiscardWrapperComponent<UserSettingsForm> component =
 			ControllerProvider.getUserController().getUserSettingsComponent(() -> window.close());
 
-		Button resetPasswordButton = ControllerProvider.getUserController().createUpdatePasswordButton();
-		component.getButtonsPanel().addComponent(resetPasswordButton, 0);
+		if (permitted(FeatureType.PASSWORD_RESET)) {
+			Button resetPasswordButton = ControllerProvider.getUserController().createUpdatePasswordButton();
+			component.getButtonsPanel().addComponent(resetPasswordButton, 0);
+		}
 
 		window.setContent(component);
 		UI.getCurrent().addWindow(window);

From 7fa7d6bb591e47c10a9e7071ebebc31f5691d0ca Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Thu, 24 Oct 2024 10:08:43 +0000
Subject: [PATCH 78/95] reordering imports

---
 sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
index 8c2de380b95..b1bb5fa2832 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
@@ -17,8 +17,6 @@
  *******************************************************************************/
 package de.symeda.sormas.ui;
 
-import static de.symeda.sormas.ui.UiUtil.permitted;
-
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.util.HashMap;
@@ -45,7 +43,6 @@
 import com.vaadin.ui.themes.ValoTheme;
 
 import de.symeda.sormas.api.FacadeProvider;
-import de.symeda.sormas.api.feature.FeatureType;
 import de.symeda.sormas.api.i18n.Captions;
 import de.symeda.sormas.api.i18n.I18nProperties;
 import de.symeda.sormas.api.i18n.Strings;
@@ -56,6 +53,8 @@
 import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent;
 import de.symeda.sormas.ui.utils.CssStyles;
 import de.symeda.sormas.ui.utils.VaadinUiUtil;
+import static de.symeda.sormas.ui.UiUtil.permitted;
+import de.symeda.sormas.api.feature.FeatureType;
 
 /**
  * Responsive navigation menu presenting a list of available views to the user.

From d63163b059294ddc7d63a150493d4aad752a420d Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Thu, 24 Oct 2024 10:11:57 +0000
Subject: [PATCH 79/95] reordering imports

---
 .../symeda/sormas/app/settings/SettingsFragment.java | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
index 9edf05058bb..e1dee390f8b 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
@@ -17,10 +17,6 @@
 
 import static de.symeda.sormas.app.core.notification.NotificationType.ERROR;
 
-import java.util.List;
-
-import org.hzi.sormas.lbds.messaging.LbdsRelated;
-
 import android.content.Intent;
 import android.content.pm.PackageManager;
 import android.os.Bundle;
@@ -32,8 +28,11 @@
 import androidx.appcompat.app.AppCompatActivity;
 import androidx.recyclerview.widget.RecyclerView;
 
+import org.hzi.sormas.lbds.messaging.LbdsRelated;
+
+import java.util.List;
+
 import de.symeda.sormas.api.Language;
-import de.symeda.sormas.api.feature.FeatureType;
 import de.symeda.sormas.api.i18n.I18nProperties;
 import de.symeda.sormas.api.utils.InfoProvider;
 import de.symeda.sormas.app.BaseLandingFragment;
@@ -58,13 +57,14 @@
 import de.symeda.sormas.app.core.notification.NotificationHelper;
 import de.symeda.sormas.app.databinding.FragmentSettingsLayoutBinding;
 import de.symeda.sormas.app.lbds.LbdsIntentSender;
-import de.symeda.sormas.app.login.ChangePasswordActivity;
 import de.symeda.sormas.app.login.EnterPinActivity;
 import de.symeda.sormas.app.login.LoginActivity;
 import de.symeda.sormas.app.rest.SynchronizeDataAsync;
 import de.symeda.sormas.app.util.Callback;
 import de.symeda.sormas.app.util.DataUtils;
 import de.symeda.sormas.app.util.SoftKeyboardHelper;
+import de.symeda.sormas.app.login.ChangePasswordActivity;
+import de.symeda.sormas.api.feature.FeatureType;
 
 /**
  * TODO SettingsFragment should probably not be a BaseLandingFragment, but a BaseFragment

From db570ed244052e6bb390e1ba38ea1eb2f98416a3 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Fri, 25 Oct 2024 18:48:45 +0000
Subject: [PATCH 80/95] handled keycloak use case with password reset on web

---
 .../de/symeda/sormas/api/ConfigFacade.java    |  2 ++
 .../sormas/api/KeycloakClientConfig.java      | 27 +++++++++++++++
 .../de/symeda/sormas/api/user/UserFacade.java |  2 +-
 .../backend/common/ConfigFacadeEjb.java       | 23 +++++++++++++
 .../sormas/backend/user/UserFacadeEjb.java    |  6 ++--
 .../symeda/sormas/ui/user/UserController.java | 34 ++++++++++++++++---
 6 files changed, 86 insertions(+), 8 deletions(-)
 create mode 100644 sormas-api/src/main/java/de/symeda/sormas/api/KeycloakClientConfig.java

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/ConfigFacade.java b/sormas-api/src/main/java/de/symeda/sormas/api/ConfigFacade.java
index 496c696ef02..329f4647975 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/ConfigFacade.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/ConfigFacade.java
@@ -126,6 +126,8 @@ public interface ConfigFacade {
 
 	String getAuthenticationProvider();
 
+	KeycloakClientConfig getKeycloakCredentials();
+
 	boolean isAuthenticationProviderUserSyncAtStartupEnabled();
 
 	String getAuthenticationProviderSyncedNewUserRole();
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/KeycloakClientConfig.java b/sormas-api/src/main/java/de/symeda/sormas/api/KeycloakClientConfig.java
new file mode 100644
index 00000000000..fb4b035d86a
--- /dev/null
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/KeycloakClientConfig.java
@@ -0,0 +1,27 @@
+package de.symeda.sormas.api;
+
+import java.io.Serializable;
+
+public class KeycloakClientConfig implements Serializable {
+    private final String keycloakUrl;
+    private final String realm;
+    private final String clientId;
+
+    public KeycloakClientConfig(String keycloakUrl, String realm, String clientId) {
+        this.keycloakUrl = keycloakUrl;
+        this.realm = realm;
+        this.clientId = clientId;
+    }
+
+    public String getKeycloakUrl() {
+        return keycloakUrl;
+    }
+
+    public String getRealm() {
+        return realm;
+    }
+
+    public String getClientId() {
+        return clientId;
+    }
+}
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
index 74737c9ccbe..193b75457ad 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
@@ -58,7 +58,7 @@ public interface UserFacade {
 
 	String checkPasswordStrength(String password);
 
-	boolean isPasswordStrong(String password);
+	boolean isPasswordWeak(String password);
 
 	String generatePassword();
 
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/common/ConfigFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/common/ConfigFacadeEjb.java
index 082182554ce..0bd53127629 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/common/ConfigFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/common/ConfigFacadeEjb.java
@@ -53,6 +53,10 @@
 import de.symeda.sormas.api.utils.DataHelper;
 import de.symeda.sormas.api.utils.InfoProvider;
 import de.symeda.sormas.api.utils.VersionHelper;
+import com.jayway.jsonpath.JsonPath;
+import de.symeda.sormas.api.KeycloakClientConfig;
+import org.eclipse.microprofile.config.ConfigProvider;
+import java.util.Optional;
 
 /**
  * Provides the application configuration settings
@@ -692,6 +696,25 @@ public String getAuthenticationProvider() {
 		return getProperty(AUTHENTICATION_PROVIDER, "SORMAS");
 	}
 
+	public KeycloakClientConfig getKeycloakCredentials() {
+		Optional<String> oidcJson = ConfigProvider.getConfig().getOptionalValue("sormas.backend.security.oidc.json", String.class);
+		if (oidcJson.isEmpty()) {
+			logger.warn(
+					"Undefined KEYCLOAK configuration for sormas.backend.security.oidc.json. Configure the property or disable the KEYCLOAK authentication provider.");
+			return null;
+		}
+
+		String OIDC_REALM = "realm";
+		String OIDC_SERVER_URL = "auth-server-url";
+
+		String keycloakJsonConfig = oidcJson.get();
+		String keycloakUrl = JsonPath.read(keycloakJsonConfig, OIDC_SERVER_URL);
+		String realm = JsonPath.read(keycloakJsonConfig, OIDC_REALM);
+		String clientId = "sormas-ui";
+
+		return new KeycloakClientConfig(keycloakUrl,realm,clientId);
+	}
+
 	@Override
 	public boolean isAuthenticationProviderUserSyncAtStartupEnabled() {
 		return getBoolean(AUTHENTICATION_PROVIDER_USER_SYNC_AT_STARTUP, false);
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 8c9202bdda2..3718aa26000 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -149,9 +149,9 @@
 import de.symeda.sormas.backend.user.event.UserUpdateEvent;
 import de.symeda.sormas.backend.util.DtoHelper;
 import de.symeda.sormas.backend.util.ModelConstants;
-import de.symeda.sormas.backend.util.PasswordValidator;
 import de.symeda.sormas.backend.util.QueryHelper;
 import de.symeda.sormas.backend.util.RightsAllowed;
+import de.symeda.sormas.backend.util.PasswordValidator;
 
 @Stateless(name = "UserFacade")
 public class UserFacadeEjb implements UserFacade {
@@ -1210,8 +1210,8 @@ public String checkPasswordStrength(String password) {
 
 	@PermitAll
 	@Override
-	public boolean isPasswordStrong(String password) {
-		return PasswordValidator.isStrongPassword(password);
+	public boolean isPasswordWeak(String password) {
+		return !PasswordValidator.isStrongPassword(password);
 	}
 
 	@PermitAll
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index aa194552119..6b2f7f21ead 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -69,6 +69,8 @@
 import de.symeda.sormas.ui.UserProvider;
 import java.util.Objects;
 import de.symeda.sormas.ui.ControllerProvider;
+import org.slf4j.LoggerFactory;
+import de.symeda.sormas.api.KeycloakClientConfig;
 
 public class UserController {
 
@@ -506,12 +508,36 @@ public Button createUpdatePasswordButton() {
 
 			@Override
 			public void buttonClick(ClickEvent event) {
-				popUpWindow = VaadinUiUtil.showPopupWindow(getUpdatePasswordComponent());
-				popUpWindow.setCaption(I18nProperties.getString(Strings.headingChangePassword));
+
+				String authenticationProvider = FacadeProvider.getConfigFacade().getAuthenticationProvider();
+				if (authenticationProvider.equalsIgnoreCase(AuthProvider.SORMAS)) {
+					popUpWindow = VaadinUiUtil.showPopupWindow(getUpdatePasswordComponent());
+					popUpWindow.setCaption(I18nProperties.getString(Strings.headingChangePassword));
+				}
+				else if (authenticationProvider.equalsIgnoreCase(AuthProvider.KEYCLOAK)) {
+					String resetUrl = buildKeycloakForgotPasswordUrl();
+					Page.getCurrent().open(resetUrl, "_blank");
+		        }
 			}
 		}, ValoTheme.BUTTON_LINK);
 	}
 
+	private String buildKeycloakForgotPasswordUrl() {
+		try {
+			KeycloakClientConfig keycloakClientConfig = FacadeProvider.getConfigFacade().getKeycloakCredentials();
+
+            return keycloakClientConfig.getKeycloakUrl() +
+					"/realms/" +
+					keycloakClientConfig.getRealm() +
+					"/login-actions/reset-credentials" +
+					"?client_id=" +
+					keycloakClientConfig.getClientId();
+		} catch (Exception e) {
+			LoggerFactory.getLogger(getClass()).error("Could not build Keycloak reset password URL", e);
+			throw new RuntimeException("Could not build Keycloak reset password URL", e);
+		}
+	}
+
 	public Button generatePasswordButton() {
 
 		return ButtonHelper.createIconButton(Captions.userGeneratePassword, VaadinIcons.UNLOCK, new ClickListener() {
@@ -545,7 +571,7 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
 		form.newPassword.addBlurListener(event -> {
 			String newPassword = form.newPassword.getValue();
 			if (Objects.nonNull(newPassword)) {
-				if (!FacadeProvider.getUserFacade().isPasswordStrong(newPassword)) {
+				if (FacadeProvider.getUserFacade().isPasswordWeak(newPassword)) {
 					passwordStrengthDesc.setStyleName(LABEL_CRITICAL);
 				} else {
 					passwordStrengthDesc.setStyleName(LABEL_POSITIVE);
@@ -572,7 +598,7 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
 					Notification.show(I18nProperties.getString(Strings.messageNewPasswordDoesNotMatchFailed), Notification.Type.ERROR_MESSAGE);
 				} else if (!FacadeProvider.getUserFacade().validatePassword(user.getUuid(), changedUser.getCurrentPassword())) {
 					Notification.show(I18nProperties.getString(Strings.messageWrongCurrentPassword), Notification.Type.ERROR_MESSAGE);
-				} else if (!FacadeProvider.getUserFacade().isPasswordStrong(changedUser.getNewPassword())) {
+				} else if (FacadeProvider.getUserFacade().isPasswordWeak(changedUser.getNewPassword())) {
 					Notification.show(I18nProperties.getString(Strings.messageNewPasswordFailed), Notification.Type.ERROR_MESSAGE);
 				} else {
 					showUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getNewPassword(), changedUser.getCurrentPassword());

From 9e0d17cfdc74969e56cb00ac9f9c00bc827c6f37 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Sat, 26 Oct 2024 02:55:15 +0000
Subject: [PATCH 81/95] redirect to reset password update to occur on the same
 page

---
 .../main/java/de/symeda/sormas/ui/user/UserController.java  | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 6b2f7f21ead..7a4a30d9d8e 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -302,7 +302,7 @@ public void buttonClick(ClickEvent event) {
 			}
 		}, ValoTheme.BUTTON_LINK);
 	}
-
+	
 	public ConfirmationComponent getResetPasswordConfirmationComponent(
 		String userUuid,
 		String userEmail,
@@ -516,8 +516,8 @@ public void buttonClick(ClickEvent event) {
 				}
 				else if (authenticationProvider.equalsIgnoreCase(AuthProvider.KEYCLOAK)) {
 					String resetUrl = buildKeycloakForgotPasswordUrl();
-					Page.getCurrent().open(resetUrl, "_blank");
-		        }
+					Page.getCurrent().setLocation(resetUrl);
+				}
 			}
 		}, ValoTheme.BUTTON_LINK);
 	}

From efef942f4d0ee748776a1588e0d243c0eea8508a Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Mon, 28 Oct 2024 09:21:34 +0000
Subject: [PATCH 82/95] cleanup whitespace

---
 .../java/de/symeda/sormas/app/login/ChangePasswordActivity.java  | 1 -
 1 file changed, 1 deletion(-)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index f57460d900e..01e5a4de4c6 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -142,7 +142,6 @@ public void generatePassword(View view) {
                         binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.brightYellow)));
                     }
                     RetroProvider.disconnect();
-
                 }
             });
         } catch (Exception e) {

From d35082538599fe71b7e5a45eaf7d64e9a3729e71 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 30 Oct 2024 09:54:54 +0000
Subject: [PATCH 83/95] cleaned white space

---
 .../sormas/rest/resources/UserResource.java   | 100 +++++++++---------
 1 file changed, 50 insertions(+), 50 deletions(-)

diff --git a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
index 9e555fe6270..13d43a99383 100644
--- a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
+++ b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
@@ -47,56 +47,56 @@
 @Consumes(MediaType.APPLICATION_JSON + "; charset=UTF-8")
 public class UserResource {
 
-    @GET
-    @Path("/all/{since}")
-    public List<UserDto> getAll(@PathParam("since") long since) {
-        return FacadeProvider.getUserFacade().getAllAfter(new Date(since));
-    }
-
-    @POST
-    @Path("/query")
-    public List<UserDto> getByUuids(List<String> uuids) {
-        return FacadeProvider.getUserFacade().getByUuids(uuids);
-    }
-
-    @GET
-    @Path("/uuids")
-    public List<String> getAllUuids() {
-        return FacadeProvider.getUserFacade().getAllUuids();
-    }
-
-    @POST
-    @Path("/indexList")
-    public Page<UserDto> getIndexList(
-            @RequestBody CriteriaWithSorting<UserCriteria> criteriaWithSorting,
-            @QueryParam("offset") int offset,
-            @QueryParam("size") int size) {
-        return FacadeProvider.getUserFacade().getIndexPage(criteriaWithSorting.getCriteria(), offset, size, criteriaWithSorting.getSortProperties());
-    }
-
-    @GET
-    @Path("/{uuid}")
-    public UserDto getByUuid(@PathParam("uuid") String uuid) {
-        return FacadeProvider.getUserFacade().getByUuid(uuid);
-    }
-
-    @POST
-    @Path("/userReferenceWithNoOfTask")
-    public List<UserReferenceWithTaskNumbersDto> getUsersWithTaskNumbers(@RequestBody TaskContextIndexCriteria taskContextIndexCriteria) {
-        return FacadeProvider.getUserFacade().getAssignableUsersWithTaskNumbers(taskContextIndexCriteria);
-    }
-
-    @GET
-    @Path("/rights")
-    public List<UserRight> getUserRightsForCurrentUser() {
-        return FacadeProvider.getUserFacade().getUserRights(null);
-    }
-
-    @GET
-    @Path("/rights/{uuid}")
-    public List<UserRight> getUserRights(@PathParam("uuid") String uuid) {
-        return FacadeProvider.getUserFacade().getUserRights(uuid);
-    }
+	@GET
+	@Path("/all/{since}")
+	public List<UserDto> getAll(@PathParam("since") long since) {
+		return FacadeProvider.getUserFacade().getAllAfter(new Date(since));
+	}
+
+	@POST
+	@Path("/query")
+	public List<UserDto> getByUuids(List<String> uuids) {
+		return FacadeProvider.getUserFacade().getByUuids(uuids);
+	}
+
+	@GET
+	@Path("/uuids")
+	public List<String> getAllUuids() {
+		return FacadeProvider.getUserFacade().getAllUuids();
+	}
+
+	@POST
+	@Path("/indexList")
+	public Page<UserDto> getIndexList(
+		@RequestBody CriteriaWithSorting<UserCriteria> criteriaWithSorting,
+		@QueryParam("offset") int offset,
+		@QueryParam("size") int size) {
+		return FacadeProvider.getUserFacade().getIndexPage(criteriaWithSorting.getCriteria(), offset, size, criteriaWithSorting.getSortProperties());
+	}
+
+	@GET
+	@Path("/{uuid}")
+	public UserDto getByUuid(@PathParam("uuid") String uuid) {
+		return FacadeProvider.getUserFacade().getByUuid(uuid);
+	}
+
+	@POST
+	@Path("/userReferenceWithNoOfTask")
+	public List<UserReferenceWithTaskNumbersDto> getUsersWithTaskNumbers(@RequestBody TaskContextIndexCriteria taskContextIndexCriteria) {
+		return FacadeProvider.getUserFacade().getAssignableUsersWithTaskNumbers(taskContextIndexCriteria);
+	}
+
+	@GET
+	@Path("/rights")
+	public List<UserRight> getUserRightsForCurrentUser() {
+		return FacadeProvider.getUserFacade().getUserRights(null);
+	}
+
+	@GET
+	@Path("/rights/{uuid}")
+	public List<UserRight> getUserRights(@PathParam("uuid") String uuid) {
+		return FacadeProvider.getUserFacade().getUserRights(uuid);
+	}
 
     @POST
     @Path("/saveNewPassword/{uuid}/{newPassword}/{currentPassword}")

From a2e5b056c8371fa29adb62b865e364d3ea07fb0c Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 30 Oct 2024 13:37:57 +0000
Subject: [PATCH 84/95] feature property
 FeatureTypeProperty.AUTHENTICATION_PROVIDER added to
 FeatureType.SELF_PASSWORD_RESET

---
 .../sormas/api/feature/FeatureType.java       |  2 +-
 .../api/feature/FeatureTypeProperty.java      |  3 +-
 .../feature/FeatureConfigurationDao.java      | 37 +++++++++++++++++++
 .../sormas/app/settings/SettingsFragment.java |  3 +-
 .../main/java/de/symeda/sormas/ui/Menu.java   |  2 +-
 .../symeda/sormas/ui/user/UserController.java |  9 +++--
 6 files changed, 49 insertions(+), 7 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureType.java b/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureType.java
index 0d11633cbe1..bf489f2c309 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureType.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureType.java
@@ -332,7 +332,7 @@ public enum FeatureType {
 			CONTACT_TRACING },
 		null,
 		ImmutableMap.of(FeatureTypeProperty.S2S_SHARING, Boolean.FALSE)),
-	PASSWORD_RESET(true, false, null, null, null);
+	SELF_PASSWORD_RESET(true, false, null, null, ImmutableMap.of(FeatureTypeProperty.AUTHENTICATION_PROVIDER, "SORMAS"));
 
 	public static final FeatureType[] SURVEILLANCE_FEATURE_TYPES = {
 		FeatureType.CASE_SURVEILANCE,
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureTypeProperty.java b/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureTypeProperty.java
index f4c0878e202..546f5caa994 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureTypeProperty.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureTypeProperty.java
@@ -30,7 +30,8 @@ public enum FeatureTypeProperty {
 	SHARE_IMMUNIZATIONS(Boolean.class),
 	SHARE_REPORTS(Boolean.class),
 	FETCH_MODE(Boolean.class),
-	FORCE_AUTOMATIC_PROCESSING(Boolean.class);
+	FORCE_AUTOMATIC_PROCESSING(Boolean.class),
+	AUTHENTICATION_PROVIDER(String.class);
 
 	private final Class<?> returnType;
 
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/feature/FeatureConfigurationDao.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/feature/FeatureConfigurationDao.java
index 3672ba1b792..56b3e1290dd 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/feature/FeatureConfigurationDao.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/feature/FeatureConfigurationDao.java
@@ -171,6 +171,43 @@ public boolean isPropertyValueTrue(FeatureType featureType, FeatureTypeProperty
 		return result;
 	}
 
+	public String getStringPropertyValue(FeatureType featureType, FeatureTypeProperty property) {
+		if (!featureType.getSupportedProperties().contains(property)) {
+			throw new IllegalArgumentException("Feature type " + featureType + " does not support property " + property + ".");
+		}
+
+		if (!String.class.isAssignableFrom(property.getReturnType())) {
+			throw new IllegalArgumentException(
+					"Feature type property " + property + " does not have specified return type " + String.class.getSimpleName() + ".");
+		}
+
+		Map<FeatureTypeProperty, Object> propertyObjectMap;
+		try {
+			QueryBuilder builder = queryBuilder();
+			Where where = builder.where();
+			where.eq(FeatureConfiguration.FEATURE_TYPE, featureType);
+			builder.selectColumns(FeatureConfiguration.PROPERTIES);
+
+			FeatureConfiguration featureConfiguration = (FeatureConfiguration) builder.queryForFirst();
+
+			if (featureConfiguration != null && featureConfiguration.getPropertiesJson() != null) {
+				propertyObjectMap = featureConfiguration.getPropertiesMap();
+			} else {
+				return (String) featureType.getSupportedPropertyDefaults().get(property);
+			}
+
+		} catch (SQLException e) {
+			Log.e(getTableName(), "Could not perform getStringPropertyValue");
+			throw new RuntimeException(e);
+		}
+
+		if (propertyObjectMap != null && propertyObjectMap.containsKey(property)) {
+			return (String) propertyObjectMap.get(property);
+		} else {
+			return null;
+		}
+	}
+
 	public boolean isAnySurveillanceEnabled() {
 		return !isFeatureDisabled(FeatureType.CASE_SURVEILANCE)
 			|| !isFeatureDisabled(FeatureType.EVENT_SURVEILLANCE)
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
index e1dee390f8b..f2cae4cee20 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
@@ -33,6 +33,7 @@
 import java.util.List;
 
 import de.symeda.sormas.api.Language;
+import de.symeda.sormas.api.feature.FeatureTypeProperty;
 import de.symeda.sormas.api.i18n.I18nProperties;
 import de.symeda.sormas.api.utils.InfoProvider;
 import de.symeda.sormas.app.BaseLandingFragment;
@@ -161,7 +162,7 @@ public void onResume() {
 		binding.settingsServerUrl.setVisibility(!hasServerUrl() || isShowDevOptions() ? View.VISIBLE : View.GONE);
 		binding.changePin.setVisibility(hasUser ? View.VISIBLE : View.GONE);
 		binding.changePassword.setVisibility(
-			hasUser && !DatabaseHelper.getFeatureConfigurationDao().isFeatureDisabled(FeatureType.PASSWORD_RESET) ? View.VISIBLE : View.GONE);
+			hasUser && DatabaseHelper.getFeatureConfigurationDao().getStringPropertyValue(FeatureType.SELF_PASSWORD_RESET, FeatureTypeProperty.AUTHENTICATION_PROVIDER).equalsIgnoreCase("SORMAS") && !DatabaseHelper.getFeatureConfigurationDao().isFeatureDisabled(FeatureType.SELF_PASSWORD_RESET) ? View.VISIBLE : View.GONE);
 		binding.resynchronizeData.setVisibility(hasUser ? View.VISIBLE : View.GONE);
 		binding.showSyncLog.setVisibility(hasUser ? View.VISIBLE : View.GONE);
 		binding.logout.setVisibility(hasUser && isShowDevOptions() ? View.VISIBLE : View.GONE);
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
index b1bb5fa2832..dd5284feca1 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/Menu.java
@@ -147,7 +147,7 @@ private void showSettingsPopup() {
 		CommitDiscardWrapperComponent<UserSettingsForm> component =
 			ControllerProvider.getUserController().getUserSettingsComponent(() -> window.close());
 
-		if (permitted(FeatureType.PASSWORD_RESET)) {
+		if (permitted(FeatureType.SELF_PASSWORD_RESET)) {
 			Button resetPasswordButton = ControllerProvider.getUserController().createUpdatePasswordButton();
 			component.getButtonsPanel().addComponent(resetPasswordButton, 0);
 		}
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 7a4a30d9d8e..cf5738e618b 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -17,6 +17,7 @@
  *******************************************************************************/
 package de.symeda.sormas.ui.user;
 
+import de.symeda.sormas.api.feature.FeatureTypeProperty;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
@@ -509,12 +510,14 @@ public Button createUpdatePasswordButton() {
 			@Override
 			public void buttonClick(ClickEvent event) {
 
-				String authenticationProvider = FacadeProvider.getConfigFacade().getAuthenticationProvider();
-				if (authenticationProvider.equalsIgnoreCase(AuthProvider.SORMAS)) {
+				String authenticationProviderFromFeatureConfiguration= FacadeProvider.getFeatureConfigurationFacade()
+						.getProperty(FeatureType.SELF_PASSWORD_RESET, null,
+								FeatureTypeProperty.AUTHENTICATION_PROVIDER, String.class);
+				if (authenticationProviderFromFeatureConfiguration.equalsIgnoreCase(AuthProvider.SORMAS)) {
 					popUpWindow = VaadinUiUtil.showPopupWindow(getUpdatePasswordComponent());
 					popUpWindow.setCaption(I18nProperties.getString(Strings.headingChangePassword));
 				}
-				else if (authenticationProvider.equalsIgnoreCase(AuthProvider.KEYCLOAK)) {
+				else if (authenticationProviderFromFeatureConfiguration.equalsIgnoreCase(AuthProvider.KEYCLOAK)) {
 					String resetUrl = buildKeycloakForgotPasswordUrl();
 					Page.getCurrent().setLocation(resetUrl);
 				}

From f46d5ac3d280496e5937e8884ca694797d4b3a61 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Fri, 1 Nov 2024 12:52:19 +0000
Subject: [PATCH 85/95] updated with moble reset password using keycloak

---
 .../de/symeda/sormas/api/ConfigFacade.java    |  2 -
 .../sormas/api/feature/FeatureType.java       |  2 +-
 .../api/feature/FeatureTypeProperty.java      |  3 +-
 .../de/symeda/sormas/api/user/UserFacade.java |  4 +-
 .../api/user/UserPasswordChangeDto.java       | 33 +++++++
 .../app/backend/config/ConfigProvider.java    |  1 -
 .../app/backend/user/UserDtoHelper.java       |  6 +-
 .../app/login/ChangePasswordActivity.java     |  2 +-
 .../sormas/app/rest/UserFacadeRetro.java      |  5 +-
 .../sormas/app/settings/SettingsFragment.java |  2 +-
 .../backend/common/ConfigFacadeEjb.java       | 23 -----
 .../sormas/backend/user/KeycloakService.java  | 87 +++++++++++++++++++
 .../sormas/backend/user/UserFacadeEjb.java    | 20 +++--
 .../sormas/backend/user/UserService.java      |  2 +
 .../user/event/PasswordChangeEvent.java       | 40 +++++++++
 .../backend/user/UserFacadeEjbTest.java       |  8 +-
 .../sormas/rest/resources/UserResource.java   | 12 ++-
 .../symeda/sormas/ui/user/UserController.java | 45 ++--------
 18 files changed, 207 insertions(+), 90 deletions(-)
 create mode 100644 sormas-api/src/main/java/de/symeda/sormas/api/user/UserPasswordChangeDto.java
 create mode 100644 sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordChangeEvent.java

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/ConfigFacade.java b/sormas-api/src/main/java/de/symeda/sormas/api/ConfigFacade.java
index 329f4647975..496c696ef02 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/ConfigFacade.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/ConfigFacade.java
@@ -126,8 +126,6 @@ public interface ConfigFacade {
 
 	String getAuthenticationProvider();
 
-	KeycloakClientConfig getKeycloakCredentials();
-
 	boolean isAuthenticationProviderUserSyncAtStartupEnabled();
 
 	String getAuthenticationProviderSyncedNewUserRole();
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureType.java b/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureType.java
index bf489f2c309..c66348bce71 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureType.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureType.java
@@ -332,7 +332,7 @@ public enum FeatureType {
 			CONTACT_TRACING },
 		null,
 		ImmutableMap.of(FeatureTypeProperty.S2S_SHARING, Boolean.FALSE)),
-	SELF_PASSWORD_RESET(true, false, null, null, ImmutableMap.of(FeatureTypeProperty.AUTHENTICATION_PROVIDER, "SORMAS"));
+	SELF_PASSWORD_RESET(true, false, null, null,null);
 
 	public static final FeatureType[] SURVEILLANCE_FEATURE_TYPES = {
 		FeatureType.CASE_SURVEILANCE,
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureTypeProperty.java b/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureTypeProperty.java
index 546f5caa994..f4c0878e202 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureTypeProperty.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureTypeProperty.java
@@ -30,8 +30,7 @@ public enum FeatureTypeProperty {
 	SHARE_IMMUNIZATIONS(Boolean.class),
 	SHARE_REPORTS(Boolean.class),
 	FETCH_MODE(Boolean.class),
-	FORCE_AUTOMATIC_PROCESSING(Boolean.class),
-	AUTHENTICATION_PROVIDER(String.class);
+	FORCE_AUTOMATIC_PROCESSING(Boolean.class);
 
 	private final Class<?> returnType;
 
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
index 193b75457ad..85dc1c60d70 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java
@@ -52,9 +52,9 @@ public interface UserFacade {
 
 	String resetPassword(String uuid);
 
-	String updateUserPassword(String uuid, String newPassword, String currentPassword);
+	String updateUserPassword(String uuid, String newPassword);
 
-	boolean validatePassword(String uuid, String password);
+	boolean validateCurrentPassword(String password);
 
 	String checkPasswordStrength(String password);
 
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserPasswordChangeDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserPasswordChangeDto.java
new file mode 100644
index 00000000000..29d0984e05a
--- /dev/null
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserPasswordChangeDto.java
@@ -0,0 +1,33 @@
+package de.symeda.sormas.api.user;
+
+import java.io.Serializable;
+
+public class UserPasswordChangeDto implements Serializable {
+    private static final long serialVersionUID = 6269655187128160377L;
+
+    private String uuid;
+    private String newPassword;
+
+    public String getUuid() {
+        return uuid;
+    }
+
+    public void setUuid(String uuid) {
+        this.uuid = uuid;
+    }
+
+    public String getNewPassword() {
+        return newPassword;
+    }
+
+    public void setNewPassword(String newPassword) {
+        this.newPassword = newPassword;
+    }
+
+    public UserPasswordChangeDto(String uuid, String newPassword) {
+        this.uuid = uuid;
+        this.newPassword = newPassword;
+    }
+
+    public UserPasswordChangeDto(){}
+}
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
index afd3ae0fd54..935467aeeb4 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java
@@ -320,7 +320,6 @@ public static void setNewPassword(String password) {
 
 		instance.password = password;
 		DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PASSWORD, password));
-
 	}
 
 	public static void setPin(String pin) {
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
index 93e5191a292..48072ab7984 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
@@ -24,6 +24,7 @@
 
 import de.symeda.sormas.api.PostResponse;
 import de.symeda.sormas.api.user.UserDto;
+import de.symeda.sormas.api.user.UserPasswordChangeDto;
 import de.symeda.sormas.api.user.UserReferenceDto;
 import de.symeda.sormas.app.backend.common.AdoDtoHelper;
 import de.symeda.sormas.app.backend.common.DatabaseHelper;
@@ -133,8 +134,9 @@ public static UserReferenceDto toReferenceDto(User ado) {
 		return dto;
 	}
 
-	public static Call<String> saveNewPassword(String uuid, String newPassword, String currentPassword) throws NoConnectionException {
-		return RetroProvider.getUserFacade().saveNewPassword(uuid, newPassword, currentPassword);
+	public static Call<String> saveNewPassword(String uuid, String newPassword) throws NoConnectionException {
+		System.out.println(uuid+" pw: "+newPassword);
+		return RetroProvider.getUserFacade().saveNewPassword(new UserPasswordChangeDto(uuid,newPassword));
 	}
 
 	public static Call<String> generatePassword() throws NoConnectionException {
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index 01e5a4de4c6..db601c92b4f 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -309,7 +309,7 @@ public void savePassword(View view) {
             RetroProvider.connectAsyncHandled(this, true, true, result -> {
                 if (Boolean.TRUE.equals(result)) {
                     try {
-                        executeSaveNewPasswordCall(UserDtoHelper.saveNewPassword(ConfigProvider.getUser().getUuid(), newPassword, currentPassword), this);
+                        executeSaveNewPasswordCall(UserDtoHelper.saveNewPassword(ConfigProvider.getUser().getUuid(), newPassword), this);
                         setNewPassword(newPassword);
                     } catch (Exception e) {
                         binding.actionPasswordStrength.setVisibility(View.VISIBLE);
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java
index e9ed0663c57..95a4b59d658 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/rest/UserFacadeRetro.java
@@ -23,6 +23,7 @@
 import retrofit2.http.GET;
 import retrofit2.http.POST;
 import retrofit2.http.Path;
+import de.symeda.sormas.api.user.UserPasswordChangeDto;
 
 /**
  * Created by Martin Wahnschaffe on 07.06.2016.
@@ -38,8 +39,8 @@ public interface UserFacadeRetro {
 	@GET("users/uuids")
 	Call<List<String>> pullUuids();
 
-	@POST("users/saveNewPassword/{uuid}/{newPassword}/{currentPassword}")
-	Call<String> saveNewPassword(@Path("uuid") String uuid, @Path("newPassword") String newPassword, @Path("currentPassword") String currentPassword);
+	@POST("users/saveNewPassword")
+	Call<String> saveNewPassword(@Body UserPasswordChangeDto userPasswordChangeDto);
 
 	@GET("users/generatePassword")
 	Call<String> generatePassword();
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
index f2cae4cee20..f2dd70648c5 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
@@ -162,7 +162,7 @@ public void onResume() {
 		binding.settingsServerUrl.setVisibility(!hasServerUrl() || isShowDevOptions() ? View.VISIBLE : View.GONE);
 		binding.changePin.setVisibility(hasUser ? View.VISIBLE : View.GONE);
 		binding.changePassword.setVisibility(
-			hasUser && DatabaseHelper.getFeatureConfigurationDao().getStringPropertyValue(FeatureType.SELF_PASSWORD_RESET, FeatureTypeProperty.AUTHENTICATION_PROVIDER).equalsIgnoreCase("SORMAS") && !DatabaseHelper.getFeatureConfigurationDao().isFeatureDisabled(FeatureType.SELF_PASSWORD_RESET) ? View.VISIBLE : View.GONE);
+			hasUser && !DatabaseHelper.getFeatureConfigurationDao().isFeatureDisabled(FeatureType.SELF_PASSWORD_RESET) ? View.VISIBLE : View.GONE);
 		binding.resynchronizeData.setVisibility(hasUser ? View.VISIBLE : View.GONE);
 		binding.showSyncLog.setVisibility(hasUser ? View.VISIBLE : View.GONE);
 		binding.logout.setVisibility(hasUser && isShowDevOptions() ? View.VISIBLE : View.GONE);
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/common/ConfigFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/common/ConfigFacadeEjb.java
index 0bd53127629..082182554ce 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/common/ConfigFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/common/ConfigFacadeEjb.java
@@ -53,10 +53,6 @@
 import de.symeda.sormas.api.utils.DataHelper;
 import de.symeda.sormas.api.utils.InfoProvider;
 import de.symeda.sormas.api.utils.VersionHelper;
-import com.jayway.jsonpath.JsonPath;
-import de.symeda.sormas.api.KeycloakClientConfig;
-import org.eclipse.microprofile.config.ConfigProvider;
-import java.util.Optional;
 
 /**
  * Provides the application configuration settings
@@ -696,25 +692,6 @@ public String getAuthenticationProvider() {
 		return getProperty(AUTHENTICATION_PROVIDER, "SORMAS");
 	}
 
-	public KeycloakClientConfig getKeycloakCredentials() {
-		Optional<String> oidcJson = ConfigProvider.getConfig().getOptionalValue("sormas.backend.security.oidc.json", String.class);
-		if (oidcJson.isEmpty()) {
-			logger.warn(
-					"Undefined KEYCLOAK configuration for sormas.backend.security.oidc.json. Configure the property or disable the KEYCLOAK authentication provider.");
-			return null;
-		}
-
-		String OIDC_REALM = "realm";
-		String OIDC_SERVER_URL = "auth-server-url";
-
-		String keycloakJsonConfig = oidcJson.get();
-		String keycloakUrl = JsonPath.read(keycloakJsonConfig, OIDC_SERVER_URL);
-		String realm = JsonPath.read(keycloakJsonConfig, OIDC_REALM);
-		String clientId = "sormas-ui";
-
-		return new KeycloakClientConfig(keycloakUrl,realm,clientId);
-	}
-
 	@Override
 	public boolean isAuthenticationProviderUserSyncAtStartupEnabled() {
 		return getBoolean(AUTHENTICATION_PROVIDER_USER_SYNC_AT_STARTUP, false);
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java
index 80cc8aa939d..107a9dc4f88 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java
@@ -65,6 +65,7 @@
 import de.symeda.sormas.backend.user.event.SyncUsersFromProviderEvent;
 import de.symeda.sormas.backend.user.event.UserCreateEvent;
 import de.symeda.sormas.backend.user.event.UserUpdateEvent;
+import de.symeda.sormas.backend.user.event.PasswordChangeEvent;
 
 /**
  * @author Alex Vidrean
@@ -233,6 +234,74 @@ public void handlePasswordResetEvent(@Observes PasswordResetEvent passwordResetE
 		}
 	}
 
+	public boolean validateCurrentPassword(String username, String password){
+		Optional<String> oidcJson = ConfigProvider.getConfig().getOptionalValue("sormas.backend.security.oidc.json", String.class);
+
+		if (oidcJson.isEmpty()) {
+			logger.warn(
+					"Undefined KEYCLOAK configuration for sormas.backend.security.oidc.json. Configure the property or disable the KEYCLOAK authentication provider.");
+			return false;
+		}
+
+		String keycloakJsonConfig = oidcJson.get();
+		String secret=JsonPath.read(keycloakJsonConfig, OIDC_SECRET);
+		String realm=JsonPath.read(keycloakJsonConfig, OIDC_REALM);
+		String clientId="sormas-backend";
+		String serverUrl=JsonPath.read(keycloakJsonConfig, OIDC_SERVER_URL);
+
+		try {
+
+			Keycloak keycloak = KeycloakBuilder.builder()
+					.serverUrl(serverUrl)
+					.realm(realm)
+					.clientId(clientId)
+					.clientSecret(secret)
+					.username(username)
+					.password(password)
+					.grantType("password")
+					.build();
+
+			try {
+				 keycloak.tokenManager().getAccessToken();
+				 logger.info("Token retrieved Successfully");
+				 keycloak.tokenManager().logout();
+				return true;
+			} catch (Exception e) {
+				logger.error("Token retrieval failed...Kindly Check if you have turned on Direct access grant" +
+						" on 'sormas-backend' client  on the Keycloak console", e);
+				throw e;
+			}
+		} catch (Exception e) {
+			logger.error("Authentication attempt failed", e);
+		}
+		return false;
+	}
+	public void handlePasswordChangeEvent(User user) {
+		Optional<String> oidcJson = ConfigProvider.getConfig().getOptionalValue("sormas.backend.security.oidc.json", String.class);
+
+		if (oidcJson.isEmpty()) {
+			logger.warn(
+					"Undefined KEYCLOAK configuration for sormas.backend.security.oidc.json. Configure the property or disable the KEYCLOAK authentication provider.");
+			return;
+		}
+
+		String password = user.getPassword();
+		String username=user.getUserName();
+
+		Optional<Keycloak> keycloak =Optional.of(keycloakInstance);
+		Optional<UserRepresentation> userRepresentation = getUserByUsername(keycloak.get(), username);
+		if (userRepresentation.isEmpty()) {
+			logger.warn("Cannot find user or email for user with username {} to reset the password", user.getUserName());
+			return;
+		}
+
+		Optional<Keycloak> adminClient = getKeycloakInstance();
+        adminClient.ifPresent(value -> userRepresentation.ifPresent(existing -> {
+			setCredentialsForChangePassword(existing, password, user.getSeed());
+            value.realm(REALM_NAME).users().get(existing.getId()).update(existing);
+        }));
+	}
+
 	public void handleSyncUsersFromProviderEvent(@Observes SyncUsersFromProviderEvent syncUsersFromProviderEvent) {
 		Optional<Keycloak> keycloak = getKeycloakInstance();
 		if (keycloak.isEmpty()) {
@@ -465,6 +534,24 @@ private void setCredentials(UserRepresentation userRepresentation, String passwo
 		userRepresentation.setCredentials(singletonList(credential));
 	}
 
+	private void setCredentialsForChangePassword(UserRepresentation userRepresentation, String password, String salt) {
+		JsonObjectBuilder secretData = Json.createObjectBuilder();
+		secretData.add("value", password);
+		secretData.add("salt", Base64.getEncoder().encodeToString(salt.getBytes()));
+
+		JsonObjectBuilder credentialData = Json.createObjectBuilder();
+		credentialData.add("hashIterations", 1);
+		credentialData.add("algorithm", "sormas-sha256");
+
+		CredentialRepresentation credential = new CredentialRepresentation();
+		credential.setType(CredentialRepresentation.PASSWORD);
+		// let user use the password he set
+		credential.setTemporary(false);
+		credential.setSecretData(secretData.build().toString());
+		credential.setCredentialData(credentialData.build().toString());
+		userRepresentation.setCredentials(singletonList(credential));
+	}
+
 	private Optional<Keycloak> getKeycloakInstance() {
 		return Optional.ofNullable(keycloakInstance);
 	}
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 3718aa26000..8323ad93e50 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -152,6 +152,7 @@
 import de.symeda.sormas.backend.util.QueryHelper;
 import de.symeda.sormas.backend.util.RightsAllowed;
 import de.symeda.sormas.backend.util.PasswordValidator;
+import de.symeda.sormas.backend.user.event.PasswordChangeEvent;
 
 @Stateless(name = "UserFacade")
 public class UserFacadeEjb implements UserFacade {
@@ -166,6 +167,8 @@ public class UserFacadeEjb implements UserFacade {
 	@EJB
 	private UserService userService;
 	@EJB
+	private KeycloakService keycloakService;
+	@EJB
 	private LocationFacadeEjbLocal locationFacade;
 	@EJB
 	private RegionService regionService;
@@ -202,6 +205,8 @@ public class UserFacadeEjb implements UserFacade {
 	@Inject
 	private Event<PasswordResetEvent> passwordResetEvent;
 	@Inject
+	private Event<PasswordChangeEvent> passwordChangeEvent;
+	@Inject
 	private Event<SyncUsersFromProviderEvent> syncUsersFromProviderEventEvent;
 
 	public static UserDto toDto(User source) {
@@ -1193,13 +1198,15 @@ public List<UserRight> getUserRights(String userUuid) {
 
 	@Override
 	@PermitAll
-	public boolean validatePassword(String uuid, String password) {
+	public boolean validateCurrentPassword(String password) {
 		User user = userService.getCurrentUser();
-
 		if (user != null) {
+			AuthProvider authProvider = AuthProvider.getProvider(configFacade);
+			if(KEYCLOAK.equalsIgnoreCase(authProvider.getName())) {
+				return keycloakService.validateCurrentPassword(user.getUserName(),password);
+			}
 			return DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()));
 		}
-
 		return false;
 	}
 
@@ -1216,9 +1223,12 @@ public boolean isPasswordWeak(String password) {
 
 	@PermitAll
 	@Override
-	public String updateUserPassword(String uuid, String password, String currentPassword) {
+	public String updateUserPassword(String uuid, String password) {
 		String updatePassword = userService.updatePassword(uuid, password);
-		passwordResetEvent.fire(new PasswordResetEvent(userService.getByUuid(uuid)));
+		AuthProvider authProvider = AuthProvider.getProvider(configFacade);
+		if(KEYCLOAK.equalsIgnoreCase(authProvider.getName())) {
+			passwordChangeEvent.fire(new PasswordChangeEvent(userService.getByUuid(uuid)));
+		}
 		return updatePassword;
 	}
 
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
index 8b352835109..2b103168727 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
@@ -667,6 +667,8 @@ public String updatePassword(String userUuid, String password) {
 		if (user == null) {
 			throw new IllegalArgumentException("User not found for UUID: " + userUuid);
 		}
+		logger.info(user.getUserName());
+
 		user.setPassword(PasswordHelper.encodePassword(password, user.getSeed()));
 		ensurePersisted(user);
 
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordChangeEvent.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordChangeEvent.java
new file mode 100644
index 00000000000..af4af75c0fa
--- /dev/null
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/event/PasswordChangeEvent.java
@@ -0,0 +1,40 @@
+/*
+ * SORMAS® - Surveillance Outbreak Response Management & Analysis System
+ * Copyright © 2016-2020 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+package de.symeda.sormas.backend.user.event;
+
+import de.symeda.sormas.backend.user.User;
+
+/**
+ * Event fired whenever a user's password is changed.
+ *
+ * @author David Oteng
+ * @since 31-October-2024
+ */
+public class PasswordChangeEvent {
+
+	private final User user;
+	public PasswordChangeEvent(User user) {
+		this.user = user;
+	}
+
+	public User getUser() {
+		return user;
+	}
+
+}
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
index da4daa93812..f65544d04df 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
@@ -490,7 +490,7 @@ public void testUpdateUserPassword() {
         String newPassword = "newPassword";
         String currentPassword = testUser.getPassword();
         String uuid = testUser.getUuid();
-        String result = getUserFacade().updateUserPassword(uuid, newPassword, currentPassword);
+        String result = getUserFacade().updateUserPassword(uuid, newPassword);
 
         // Assert
         assertEquals(newPassword, result);
@@ -502,7 +502,7 @@ public void testUpdateUserPassword() {
         UserDto updatedUserDto = getUserFacade().getByUuid(uuid);
 
         loginWith(updatedUserDto); // Login again with changed password
-        assertTrue(getUserFacade().validatePassword(uuid, newPassword)); // Validate the new password
+        assertTrue(getUserFacade().validateCurrentPassword(newPassword)); // Validate the new password
 
     }
 
@@ -524,7 +524,7 @@ void testValidatePasswordValid() {
         // Act
         UserDto loggedInUser = getUserFacade().getByUuid(user.getUuid());
         loginWith(loggedInUser);
-        boolean result = getUserFacade().validatePassword(loggedInUser.getUuid(), "password"); // Use plain password for validation
+        boolean result = getUserFacade().validateCurrentPassword("password"); // Use plain password for validation
 
         // Assert
         assertTrue(result);
@@ -533,7 +533,7 @@ void testValidatePasswordValid() {
     @Test
     void testValidatePasswordInvalid() {
         // Act
-        boolean result = getUserFacade().validatePassword("uuid", "password");
+        boolean result = getUserFacade().validateCurrentPassword("password");
 
         // Assert
         assertFalse(result);
diff --git a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
index 13d43a99383..d3a317c15a7 100644
--- a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
+++ b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
@@ -18,6 +18,7 @@
 import java.util.Date;
 import java.util.List;
 
+import javax.validation.Valid;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
 import javax.ws.rs.POST;
@@ -36,6 +37,7 @@
 import de.symeda.sormas.api.user.UserReferenceWithTaskNumbersDto;
 import de.symeda.sormas.api.user.UserRight;
 import io.swagger.v3.oas.annotations.parameters.RequestBody;
+import de.symeda.sormas.api.user.UserPasswordChangeDto;
 
 /**
  * @see <a href="https://jersey.java.net/documentation/latest/">Jersey documentation</a>
@@ -99,12 +101,9 @@ public List<UserRight> getUserRights(@PathParam("uuid") String uuid) {
 	}
 
     @POST
-    @Path("/saveNewPassword/{uuid}/{newPassword}/{currentPassword}")
-    public String saveNewPassword(
-            @PathParam("uuid") String uuid,
-            @PathParam("newPassword") String newPassword,
-            @PathParam("currentPassword") String currentPassword) {
-        return FacadeProvider.getUserFacade().updateUserPassword(uuid, newPassword, currentPassword);
+    @Path("/saveNewPassword")
+    public String saveNewPassword(UserPasswordChangeDto userPasswordChangeDto) {
+        return FacadeProvider.getUserFacade().updateUserPassword(userPasswordChangeDto.getUuid(), userPasswordChangeDto.getNewPassword());
     }
 
     @GET
@@ -112,5 +111,4 @@ public String saveNewPassword(
     public String generatePassword() {
         return FacadeProvider.getUserFacade().generatePassword();
     }
-
 }
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index cf5738e618b..97777a68c52 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -17,7 +17,6 @@
  *******************************************************************************/
 package de.symeda.sormas.ui.user;
 
-import de.symeda.sormas.api.feature.FeatureTypeProperty;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
@@ -70,8 +69,6 @@
 import de.symeda.sormas.ui.UserProvider;
 import java.util.Objects;
 import de.symeda.sormas.ui.ControllerProvider;
-import org.slf4j.LoggerFactory;
-import de.symeda.sormas.api.KeycloakClientConfig;
 
 public class UserController {
 
@@ -303,7 +300,7 @@ public void buttonClick(ClickEvent event) {
 			}
 		}, ValoTheme.BUTTON_LINK);
 	}
-	
+
 	public ConfirmationComponent getResetPasswordConfirmationComponent(
 		String userUuid,
 		String userEmail,
@@ -466,8 +463,8 @@ public void disableAllSelectedItems(Collection<UserDto> selectedRows, UserGrid u
 		}
 	}
 
-	public void showUpdatePassword(String userUuid, String userEmail, String password, String currentPassword) {
-		FacadeProvider.getUserFacade().updateUserPassword(userUuid, password, currentPassword);
+	public void showUpdatePassword(String userUuid, String userEmail, String password) {
+		FacadeProvider.getUserFacade().updateUserPassword(userUuid, password);
 		if (isGeneratePassword) {
 			if (StringUtils.isBlank(userEmail) || AuthProvider.getProvider(FacadeProvider.getConfigFacade()).isDefaultProvider()) {
 				showPasswordResetInternalSuccessPopup(password);
@@ -503,44 +500,18 @@ private void showPopupWindow(String header, String message, Integer width, Boole
 	}
 
 	public Button createUpdatePasswordButton() {
-		return ButtonHelper.createIconButton(Captions.userResetPassword, VaadinIcons.UNLOCK, new ClickListener() {
 
+		return ButtonHelper.createIconButton(Captions.userResetPassword, VaadinIcons.UNLOCK, new ClickListener() {
 			private static final long serialVersionUID = 1L;
 
 			@Override
 			public void buttonClick(ClickEvent event) {
-
-				String authenticationProviderFromFeatureConfiguration= FacadeProvider.getFeatureConfigurationFacade()
-						.getProperty(FeatureType.SELF_PASSWORD_RESET, null,
-								FeatureTypeProperty.AUTHENTICATION_PROVIDER, String.class);
-				if (authenticationProviderFromFeatureConfiguration.equalsIgnoreCase(AuthProvider.SORMAS)) {
-					popUpWindow = VaadinUiUtil.showPopupWindow(getUpdatePasswordComponent());
-					popUpWindow.setCaption(I18nProperties.getString(Strings.headingChangePassword));
-				}
-				else if (authenticationProviderFromFeatureConfiguration.equalsIgnoreCase(AuthProvider.KEYCLOAK)) {
-					String resetUrl = buildKeycloakForgotPasswordUrl();
-					Page.getCurrent().setLocation(resetUrl);
-				}
+				popUpWindow = VaadinUiUtil.showPopupWindow(getUpdatePasswordComponent());
+				popUpWindow.setCaption(I18nProperties.getString(Strings.headingChangePassword));
 			}
 		}, ValoTheme.BUTTON_LINK);
 	}
 
-	private String buildKeycloakForgotPasswordUrl() {
-		try {
-			KeycloakClientConfig keycloakClientConfig = FacadeProvider.getConfigFacade().getKeycloakCredentials();
-
-            return keycloakClientConfig.getKeycloakUrl() +
-					"/realms/" +
-					keycloakClientConfig.getRealm() +
-					"/login-actions/reset-credentials" +
-					"?client_id=" +
-					keycloakClientConfig.getClientId();
-		} catch (Exception e) {
-			LoggerFactory.getLogger(getClass()).error("Could not build Keycloak reset password URL", e);
-			throw new RuntimeException("Could not build Keycloak reset password URL", e);
-		}
-	}
-
 	public Button generatePasswordButton() {
 
 		return ButtonHelper.createIconButton(Captions.userGeneratePassword, VaadinIcons.UNLOCK, new ClickListener() {
@@ -599,12 +570,12 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
 				UserDto changedUser = form.getValue();
 				if (!Objects.equals(changedUser.getConfirmPassword(), changedUser.getNewPassword())) {
 					Notification.show(I18nProperties.getString(Strings.messageNewPasswordDoesNotMatchFailed), Notification.Type.ERROR_MESSAGE);
-				} else if (!FacadeProvider.getUserFacade().validatePassword(user.getUuid(), changedUser.getCurrentPassword())) {
+				} else if (!FacadeProvider.getUserFacade().validateCurrentPassword(changedUser.getCurrentPassword())) {
 					Notification.show(I18nProperties.getString(Strings.messageWrongCurrentPassword), Notification.Type.ERROR_MESSAGE);
 				} else if (FacadeProvider.getUserFacade().isPasswordWeak(changedUser.getNewPassword())) {
 					Notification.show(I18nProperties.getString(Strings.messageNewPasswordFailed), Notification.Type.ERROR_MESSAGE);
 				} else {
-					showUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getNewPassword(), changedUser.getCurrentPassword());
+					showUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getNewPassword());
 				}
 			}
 		});

From e393aad2189ab6138fbb3bb9362f5c10d9a72f09 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Fri, 1 Nov 2024 14:09:12 +0000
Subject: [PATCH 86/95] taken off KeycloakClientConfig class

---
 .../sormas/api/KeycloakClientConfig.java      | 27 -------------------
 1 file changed, 27 deletions(-)
 delete mode 100644 sormas-api/src/main/java/de/symeda/sormas/api/KeycloakClientConfig.java

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/KeycloakClientConfig.java b/sormas-api/src/main/java/de/symeda/sormas/api/KeycloakClientConfig.java
deleted file mode 100644
index fb4b035d86a..00000000000
--- a/sormas-api/src/main/java/de/symeda/sormas/api/KeycloakClientConfig.java
+++ /dev/null
@@ -1,27 +0,0 @@
-package de.symeda.sormas.api;
-
-import java.io.Serializable;
-
-public class KeycloakClientConfig implements Serializable {
-    private final String keycloakUrl;
-    private final String realm;
-    private final String clientId;
-
-    public KeycloakClientConfig(String keycloakUrl, String realm, String clientId) {
-        this.keycloakUrl = keycloakUrl;
-        this.realm = realm;
-        this.clientId = clientId;
-    }
-
-    public String getKeycloakUrl() {
-        return keycloakUrl;
-    }
-
-    public String getRealm() {
-        return realm;
-    }
-
-    public String getClientId() {
-        return clientId;
-    }
-}

From a58443b5e5543884ed334b870abfd4be0f875e12 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Fri, 1 Nov 2024 14:19:18 +0000
Subject: [PATCH 87/95] final clean up after update

---
 .../feature/FeatureConfigurationDao.java      | 37 -------------------
 .../app/backend/user/UserDtoHelper.java       |  1 -
 .../sormas/app/settings/SettingsFragment.java |  1 -
 .../sormas/backend/user/KeycloakService.java  |  1 -
 .../sormas/rest/resources/UserResource.java   |  1 -
 .../symeda/sormas/ui/user/UserController.java |  1 -
 6 files changed, 42 deletions(-)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/feature/FeatureConfigurationDao.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/feature/FeatureConfigurationDao.java
index 56b3e1290dd..3672ba1b792 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/feature/FeatureConfigurationDao.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/feature/FeatureConfigurationDao.java
@@ -171,43 +171,6 @@ public boolean isPropertyValueTrue(FeatureType featureType, FeatureTypeProperty
 		return result;
 	}
 
-	public String getStringPropertyValue(FeatureType featureType, FeatureTypeProperty property) {
-		if (!featureType.getSupportedProperties().contains(property)) {
-			throw new IllegalArgumentException("Feature type " + featureType + " does not support property " + property + ".");
-		}
-
-		if (!String.class.isAssignableFrom(property.getReturnType())) {
-			throw new IllegalArgumentException(
-					"Feature type property " + property + " does not have specified return type " + String.class.getSimpleName() + ".");
-		}
-
-		Map<FeatureTypeProperty, Object> propertyObjectMap;
-		try {
-			QueryBuilder builder = queryBuilder();
-			Where where = builder.where();
-			where.eq(FeatureConfiguration.FEATURE_TYPE, featureType);
-			builder.selectColumns(FeatureConfiguration.PROPERTIES);
-
-			FeatureConfiguration featureConfiguration = (FeatureConfiguration) builder.queryForFirst();
-
-			if (featureConfiguration != null && featureConfiguration.getPropertiesJson() != null) {
-				propertyObjectMap = featureConfiguration.getPropertiesMap();
-			} else {
-				return (String) featureType.getSupportedPropertyDefaults().get(property);
-			}
-
-		} catch (SQLException e) {
-			Log.e(getTableName(), "Could not perform getStringPropertyValue");
-			throw new RuntimeException(e);
-		}
-
-		if (propertyObjectMap != null && propertyObjectMap.containsKey(property)) {
-			return (String) propertyObjectMap.get(property);
-		} else {
-			return null;
-		}
-	}
-
 	public boolean isAnySurveillanceEnabled() {
 		return !isFeatureDisabled(FeatureType.CASE_SURVEILANCE)
 			|| !isFeatureDisabled(FeatureType.EVENT_SURVEILLANCE)
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
index 48072ab7984..cee6d35fa8a 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
@@ -135,7 +135,6 @@ public static UserReferenceDto toReferenceDto(User ado) {
 	}
 
 	public static Call<String> saveNewPassword(String uuid, String newPassword) throws NoConnectionException {
-		System.out.println(uuid+" pw: "+newPassword);
 		return RetroProvider.getUserFacade().saveNewPassword(new UserPasswordChangeDto(uuid,newPassword));
 	}
 
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
index f2dd70648c5..260130eaffe 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
@@ -33,7 +33,6 @@
 import java.util.List;
 
 import de.symeda.sormas.api.Language;
-import de.symeda.sormas.api.feature.FeatureTypeProperty;
 import de.symeda.sormas.api.i18n.I18nProperties;
 import de.symeda.sormas.api.utils.InfoProvider;
 import de.symeda.sormas.app.BaseLandingFragment;
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java
index 107a9dc4f88..e8e8d985217 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java
@@ -65,7 +65,6 @@
 import de.symeda.sormas.backend.user.event.SyncUsersFromProviderEvent;
 import de.symeda.sormas.backend.user.event.UserCreateEvent;
 import de.symeda.sormas.backend.user.event.UserUpdateEvent;
-import de.symeda.sormas.backend.user.event.PasswordChangeEvent;
 
 /**
  * @author Alex Vidrean
diff --git a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
index d3a317c15a7..cc6e4ee9e85 100644
--- a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
+++ b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
@@ -18,7 +18,6 @@
 import java.util.Date;
 import java.util.List;
 
-import javax.validation.Valid;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
 import javax.ws.rs.POST;
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 97777a68c52..27b5503baa0 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -595,5 +595,4 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
 
 		return component;
 	}
-
 }

From 45dfae497c6ae13b81925ce6acd25d10d92b8b0d Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Fri, 1 Nov 2024 16:08:53 +0000
Subject: [PATCH 88/95] final clean up

---
 .../java/de/symeda/sormas/backend/user/KeycloakService.java  | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java
index e8e8d985217..feee4df9396 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java
@@ -65,6 +65,7 @@
 import de.symeda.sormas.backend.user.event.SyncUsersFromProviderEvent;
 import de.symeda.sormas.backend.user.event.UserCreateEvent;
 import de.symeda.sormas.backend.user.event.UserUpdateEvent;
+import de.symeda.sormas.backend.user.event.PasswordChangeEvent;
 
 /**
  * @author Alex Vidrean
@@ -275,7 +276,7 @@ public boolean validateCurrentPassword(String username, String password){
 		}
 		return false;
 	}
-	public void handlePasswordChangeEvent(User user) {
+	public void handlePasswordChangeEvent(@Observes PasswordChangeEvent passwordChangeEvent) {
 		Optional<String> oidcJson = ConfigProvider.getConfig().getOptionalValue("sormas.backend.security.oidc.json", String.class);
 
 		if (oidcJson.isEmpty()) {
@@ -283,7 +284,7 @@ public void handlePasswordChangeEvent(User user) {
 					"Undefined KEYCLOAK configuration for sormas.backend.security.oidc.json. Configure the property or disable the KEYCLOAK authentication provider.");
 			return;
 		}
-
+		User user = passwordChangeEvent.getUser();
 		String password = user.getPassword();
 		String username=user.getUserName();
 

From e3c456e0cb093b7a0d8e51bbb7765e3514decd09 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Fri, 1 Nov 2024 17:30:23 +0000
Subject: [PATCH 89/95] organizing imports

---
 .../java/de/symeda/sormas/app/backend/user/UserDtoHelper.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
index cee6d35fa8a..a0940a8037d 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
@@ -24,7 +24,6 @@
 
 import de.symeda.sormas.api.PostResponse;
 import de.symeda.sormas.api.user.UserDto;
-import de.symeda.sormas.api.user.UserPasswordChangeDto;
 import de.symeda.sormas.api.user.UserReferenceDto;
 import de.symeda.sormas.app.backend.common.AdoDtoHelper;
 import de.symeda.sormas.app.backend.common.DatabaseHelper;
@@ -32,6 +31,7 @@
 import de.symeda.sormas.app.rest.NoConnectionException;
 import de.symeda.sormas.app.rest.RetroProvider;
 import retrofit2.Call;
+import de.symeda.sormas.api.user.UserPasswordChangeDto;
 
 /**
  * Created by Martin Wahnschaffe on 27.07.2016.

From ed2ce9852d6fa80c466eb1eb957e05fc20c5b69e Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Sat, 2 Nov 2024 12:08:01 +0000
Subject: [PATCH 90/95] caption updated on mobile

---
 .../app/login/ChangePasswordActivity.java     | 590 +++++++++---------
 .../app/src/main/res/values/strings.xml       |   3 +
 2 files changed, 298 insertions(+), 295 deletions(-)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index db601c92b4f..c8168298a08 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -1,6 +1,5 @@
 package de.symeda.sormas.app.login;
 
-
 import static de.symeda.sormas.app.backend.config.ConfigProvider.setNewPassword;
 
 import android.annotation.SuppressLint;
@@ -43,300 +42,301 @@
 import retrofit2.Callback;
 import retrofit2.Response;
 
-
 @SuppressLint("ResourceType")
 public class ChangePasswordActivity extends BaseLocalizedActivity implements ActivityCompat.OnRequestPermissionsResultCallback, NotificationContext {
 
-    public static final String TAG = ChangePasswordActivity.class.getSimpleName();
-
-    private boolean isAtLeast8 = false;
-    private boolean hasUppercase = false;
-    private boolean hasNumber = false;
-    private boolean hasLowerCaseCharacter = false;
-    private boolean isGood = false;
-    private ActivityChangePasswordLayoutBinding binding;
-    private ProgressBar preloader;
-    private View fragmentFrame;
-    private boolean isPasswordGenerated = false;
-
-    @RequiresApi(api = Build.VERSION_CODES.R)
-    @Override
-    protected void onCreate(Bundle savedInstanceState) {
-        super.onCreate(savedInstanceState);
-        setContentView(R.layout.activity_change_password_layout);
-
-        ChangePasswordViewModel changePasswordViewModel = new ChangePasswordViewModel();
-
-        binding = DataBindingUtil.setContentView(this, R.layout.activity_change_password_layout);
-        binding.setData(changePasswordViewModel);
-
-        binding.changePasswordConfirmPassword.setLiveValidationDisabled(true);
-        binding.changePasswordCurrentPassword.setLiveValidationDisabled(true);
-        binding.changePasswordNewPassword.setLiveValidationDisabled(true);
-
-        preloader = findViewById(R.id.preloader);
-        fragmentFrame = findViewById(R.id.fragment_frame);
-
-        showPreloader();
-
-    }
-
-    @Override
-    public void onPause() {
-        super.onPause();
-        SoftKeyboardHelper.hideKeyboard(this, binding.changePasswordCurrentPassword.getWindowToken());
-    }
-
-    @Override
-    protected void onDestroy() {
-        hidePreloader();
-        super.onDestroy();
-    }
-
-    @Override
-    protected void onResume() {
-        super.onResume();
-
-    }
-
-    public void backToSettings(View view) {
-        Intent intent = new Intent(this, SettingsActivity.class);
-        startActivity(intent);
-    }
-
-    @SuppressLint("ResourceType")
-    public void passwordValidationCheck(View view) {
-        String newPassword = binding.changePasswordNewPassword.getValue();
-
-        isAtLeast8 = newPassword.length() >= 8;
-        hasUppercase = newPassword.matches("(.*[A-Z].*)");
-        hasNumber = newPassword.matches("(.*[0-9].*)");
-        hasLowerCaseCharacter = newPassword.matches(".*[a-z].*");
-        if (isAtLeast8 && hasNumber && hasUppercase && hasLowerCaseCharacter) {
-            isGood = true;
-            binding.actionPasswordStrength.setVisibility(view.getVisibility());
-            binding.actionPasswordStrength.setText(R.string.message_password_strong);
-            binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.successBackground)));
-        } else {
-            binding.actionPasswordStrength.setVisibility(view.getVisibility());
-            binding.actionPasswordStrength.setText(R.string.message_password_weak);
-            NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.additional_message_passord_weak);
-            binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.errorBackground)));
-        }
-    }
-
-    @SuppressLint("ResourceType")
-    public void generatePassword(View view) {
-        if (DataHelper.isNullOrEmpty(ConfigProvider.getServerRestUrl())) {
-            NavigationHelper.goToSettings(this);
-            return;
-        }
-        try {
-            RetroProvider.connectAsyncHandled(this, true, true, result -> {
-                if (Boolean.TRUE.equals(result)) {
-                    try {
-                        executeGeneratePasswordCall(UserDtoHelper.generatePassword());
-                    } catch (Exception e) {
-                        binding.actionPasswordStrength.setVisibility(view.getVisibility());
-                        binding.actionPasswordStrength.setText(e.toString());
-                        binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.brightYellow)));
-                    }
-                    RetroProvider.disconnect();
-                }
-            });
-        } catch (Exception e) {
-            binding.actionPasswordStrength.setVisibility(view.getVisibility());
-            binding.actionPasswordStrength.setText(e.toString());
-            binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.brightYellow)));
-        }
-    }
-
-    @Override
-    public View getRootView() {
-        if (binding != null)
-            return binding.getRoot();
-
-        return null;
-    }
-
-    private void executeGeneratePasswordCall(Call<String> call) {
-        try {
-            call.enqueue(new Callback<>() {
-                @Override
-                public void onResponse(@NonNull Call<String> call, @NonNull Response<String> response) {
-                    if (response.code() != 200) {
-                        NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_generate_password);
-                    }
-                    var generatedPassword = response.body();
-                    binding.changePasswordNewPassword.setValue(generatedPassword);
-                    binding.changePasswordConfirmPassword.setValue(generatedPassword);
-                    isPasswordGenerated = true;
-                    Toast.makeText(getApplicationContext(), "Password Generated", Toast.LENGTH_SHORT).show();
-                }
-
-                @Override
-                public void onFailure(@NonNull Call<String> call, @NonNull Throwable t) {
-                    NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_generate_password);
-                }
-            });
-        } catch (Exception e) {
-            NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_generate_password);
-        }
-    }
-
-    private void executeSaveNewPasswordCall(Call<String> call, Activity activity) {
-        try {
-            showPreloader();
-
-            call.enqueue(new Callback<String>() {
-                @Override
-                public void onResponse(Call<String> call, Response<String> response) {
-                    hidePreloader();
-
-                    if (response.code() != 200) {
-                        NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_save_password);
-                    } else {
-                        String message;
-                        String title;
-                        title = "Change Passworrd";
-
-                        if (isPasswordGenerated) {
-                            String generatedPassword = binding.changePasswordNewPassword.getValue();
-                            message = generatedPassword;
-                            alertDialog(activity, message, title);
-                        } else {
-                            message = "Password changed successfully";
-                            alertDialog(activity, message, title);
-                        }
-                        NotificationHelper.showNotification(binding, NotificationType.SUCCESS, R.string.message_password_changed);
-                    }
-
-                }
-
-                @Override
-                public void onFailure(Call<String> call, Throwable t) {
-                    String message = "Could not connect to server";
-                    String title = "Change Passworrd";
-
-                    alertDialog(activity, message, title);
-                }
-            });
-        } catch (Exception e) {
-            Log.d("Call", call.toString());
-        }
-
-    }
-
-    public void alertDialog(Activity activity, String message, String title) {
-        AlertDialog.Builder builder = new AlertDialog.Builder(activity);
-        LayoutInflater inflater = activity.getLayoutInflater();
-        View dialogView = inflater.inflate(R.layout.dialog_change_password, null);
-
-        TextView passwordTextView = dialogView.findViewById(R.id.passwordTextView);
-
-        if (isPasswordGenerated) {
-            passwordTextView.setText(message);
-        }
-
-        builder.setTitle(title);
-
-        passwordTextView.setOnClickListener(v -> {
-            // Copy password to clipboard
-            ClipboardManager clipboard = (ClipboardManager) activity.getSystemService(Context.CLIPBOARD_SERVICE);
-            ClipData clip = ClipData.newPlainText("Password", message);
-            clipboard.setPrimaryClip(clip);
-            Toast.makeText(activity, "Password copied to clipboard", Toast.LENGTH_SHORT).show();
-        });
-
-        builder.setView(dialogView);
-        builder.setCancelable(true);
-        builder.setPositiveButton(activity.getString(R.string.action_ok), new DialogInterface.OnClickListener() {
-            @Override
-            public void onClick(DialogInterface dialog, int which) {
-                dialog.dismiss();
-                finish();
-            }
-        });
-
-        AlertDialog dialog = builder.create();
-        dialog.show();
-    }
-
-    /**
-     * When clicked on submit
-     **/
-    public void savePassword(View view) {
-        binding.changePasswordNewPassword.disableErrorState();
-        binding.changePasswordCurrentPassword.disableErrorState();
-        binding.changePasswordConfirmPassword.disableErrorState();
-
-        if (DataHelper.isNullOrEmpty(ConfigProvider.getServerRestUrl())) {
-            NavigationHelper.goToSettings(this);
-            return;
-        }
-
-        String currentPassword = binding.changePasswordCurrentPassword.getValue();
-        String newPassword = binding.changePasswordNewPassword.getValue();
-        String confirmPassword = binding.changePasswordConfirmPassword.getValue();
-        String configPassword = ConfigProvider.getPassword();
-
-        boolean isValid = true;
-
-        if (currentPassword == null || currentPassword.trim().isEmpty()) {
-            binding.changePasswordCurrentPassword.enableErrorState(R.string.error_current_password_empty);
-            isValid = false;
-        } else if (newPassword == null || newPassword.trim().isEmpty()) {
-            binding.changePasswordNewPassword.enableErrorState(R.string.error_new_password_empty);
-            isValid = false;
-        } else if (confirmPassword == null || confirmPassword.trim().isEmpty()) {
-            binding.changePasswordConfirmPassword.enableErrorState(R.string.error_confirm_password_empty);
-            isValid = false;
-        } else if (!configPassword.equals(currentPassword)) {
-            binding.changePasswordCurrentPassword.enableErrorState(R.string.error_current_password_incorrect);
-            NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.error_current_password_incorrect);
-            isValid = false;
-        } else if (!newPassword.equals(confirmPassword)) {
-            binding.changePasswordConfirmPassword.enableErrorState(R.string.error_passwords_do_not_match);
-            NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.error_passwords_do_not_match);
-            isValid = false;
-        }
-
-        if (isValid) {
-            passwordValidationCheck(view);
-        }
-
-        if (isValid && isGood) {
-            RetroProvider.connectAsyncHandled(this, true, true, result -> {
-                if (Boolean.TRUE.equals(result)) {
-                    try {
-                        executeSaveNewPasswordCall(UserDtoHelper.saveNewPassword(ConfigProvider.getUser().getUuid(), newPassword), this);
-                        setNewPassword(newPassword);
-                    } catch (Exception e) {
-                        binding.actionPasswordStrength.setVisibility(View.VISIBLE);
-                        binding.actionPasswordStrength.setText(e.toString());
-                        binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.brightYellow)));
-                    }
-                    RetroProvider.disconnect();
-                }
-            });
-        }
-    }
-
-    public void showPreloader() {
-        if (fragmentFrame != null) {
-            fragmentFrame.setVisibility(View.GONE);
-        }
-        if (preloader != null) {
-            preloader.setVisibility(View.VISIBLE);
-        }
-    }
-
-    public void hidePreloader() {
-        if (preloader != null) {
-            preloader.setVisibility(View.GONE);
-        }
-        if (fragmentFrame != null) {
-            fragmentFrame.setVisibility(View.VISIBLE);
-        }
-    }
-}
\ No newline at end of file
+	public static final String TAG = ChangePasswordActivity.class.getSimpleName();
+
+	private boolean isAtLeast8 = false;
+	private boolean hasUppercase = false;
+	private boolean hasNumber = false;
+	private boolean hasLowerCaseCharacter = false;
+	private boolean isGood = false;
+	private ActivityChangePasswordLayoutBinding binding;
+	private ProgressBar preloader;
+	private View fragmentFrame;
+	private boolean isPasswordGenerated = false;
+
+	@RequiresApi(api = Build.VERSION_CODES.R)
+	@Override
+	protected void onCreate(Bundle savedInstanceState) {
+		super.onCreate(savedInstanceState);
+		setContentView(R.layout.activity_change_password_layout);
+
+		ChangePasswordViewModel changePasswordViewModel = new ChangePasswordViewModel();
+
+		binding = DataBindingUtil.setContentView(this, R.layout.activity_change_password_layout);
+		binding.setData(changePasswordViewModel);
+
+		binding.changePasswordConfirmPassword.setLiveValidationDisabled(true);
+		binding.changePasswordCurrentPassword.setLiveValidationDisabled(true);
+		binding.changePasswordNewPassword.setLiveValidationDisabled(true);
+
+		preloader = findViewById(R.id.preloader);
+		fragmentFrame = findViewById(R.id.fragment_frame);
+
+		showPreloader();
+
+	}
+
+	@Override
+	public void onPause() {
+		super.onPause();
+		SoftKeyboardHelper.hideKeyboard(this, binding.changePasswordCurrentPassword.getWindowToken());
+	}
+
+	@Override
+	protected void onDestroy() {
+		hidePreloader();
+		super.onDestroy();
+	}
+
+	@Override
+	protected void onResume() {
+		super.onResume();
+
+	}
+
+	public void backToSettings(View view) {
+		Intent intent = new Intent(this, SettingsActivity.class);
+		startActivity(intent);
+	}
+
+	@SuppressLint("ResourceType")
+	public void passwordValidationCheck(View view) {
+		String newPassword = binding.changePasswordNewPassword.getValue();
+
+		isAtLeast8 = newPassword.length() >= 8;
+		hasUppercase = newPassword.matches("(.*[A-Z].*)");
+		hasNumber = newPassword.matches("(.*[0-9].*)");
+		hasLowerCaseCharacter = newPassword.matches(".*[a-z].*");
+		if (isAtLeast8 && hasNumber && hasUppercase && hasLowerCaseCharacter) {
+			isGood = true;
+			binding.actionPasswordStrength.setVisibility(view.getVisibility());
+			binding.actionPasswordStrength.setText(R.string.message_password_strong);
+			binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.successBackground)));
+		} else {
+			binding.actionPasswordStrength.setVisibility(view.getVisibility());
+			binding.actionPasswordStrength.setText(R.string.message_password_weak);
+			NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.additional_message_passord_weak);
+			binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.errorBackground)));
+		}
+	}
+
+	@SuppressLint("ResourceType")
+	public void generatePassword(View view) {
+		if (DataHelper.isNullOrEmpty(ConfigProvider.getServerRestUrl())) {
+			NavigationHelper.goToSettings(this);
+			return;
+		}
+		try {
+			RetroProvider.connectAsyncHandled(this, true, true, result -> {
+				if (Boolean.TRUE.equals(result)) {
+					try {
+						executeGeneratePasswordCall(UserDtoHelper.generatePassword());
+					} catch (Exception e) {
+						binding.actionPasswordStrength.setVisibility(view.getVisibility());
+						binding.actionPasswordStrength.setText(e.toString());
+						binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.brightYellow)));
+					}
+					RetroProvider.disconnect();
+				}
+			});
+		} catch (Exception e) {
+			binding.actionPasswordStrength.setVisibility(view.getVisibility());
+			binding.actionPasswordStrength.setText(e.toString());
+			binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.brightYellow)));
+		}
+	}
+
+	@Override
+	public View getRootView() {
+		if (binding != null)
+			return binding.getRoot();
+
+		return null;
+	}
+
+	private void executeGeneratePasswordCall(Call<String> call) {
+		try {
+			call.enqueue(new Callback<>() {
+
+				@Override
+				public void onResponse(@NonNull Call<String> call, @NonNull Response<String> response) {
+					if (response.code() != 200) {
+						NotificationHelper.showNotification(binding, NotificationType.ERROR, getString(R.string.message_could_not_generate_password));
+					}
+					var generatedPassword = response.body();
+					binding.changePasswordNewPassword.setValue(generatedPassword);
+					binding.changePasswordConfirmPassword.setValue(generatedPassword);
+					isPasswordGenerated = true;
+					Toast.makeText(getApplicationContext(), getString(R.string.message_password_generated), Toast.LENGTH_SHORT).show();
+				}
+
+				@Override
+				public void onFailure(@NonNull Call<String> call, @NonNull Throwable t) {
+					NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_generate_password);
+				}
+			});
+		} catch (Exception e) {
+			NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_generate_password);
+		}
+	}
+
+	private void executeSaveNewPasswordCall(Call<String> call, Activity activity) {
+		try {
+			showPreloader();
+
+			call.enqueue(new Callback<String>() {
+
+				@Override
+				public void onResponse(Call<String> call, Response<String> response) {
+					hidePreloader();
+
+					if (response.code() != 200) {
+						NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.message_could_not_save_password);
+					} else {
+						String message;
+						String title;
+						title = getString(R.string.heading_change_password);
+
+						if (isPasswordGenerated) {
+							String generatedPassword = binding.changePasswordNewPassword.getValue();
+							message = generatedPassword;
+							alertDialog(activity, message, title);
+						} else {
+							message = getString(R.string.message_password_changed);
+							alertDialog(activity, message, title);
+						}
+						NotificationHelper.showNotification(binding, NotificationType.SUCCESS, R.string.message_password_changed);
+					}
+
+				}
+
+				@Override
+				public void onFailure(Call<String> call, Throwable t) {
+					String message = getString(R.string.error_server_connection);
+					String title = getString(R.string.heading_change_password);
+					alertDialog(activity, message, title);
+				}
+			});
+		} catch (Exception e) {
+			Log.d("Call", call.toString());
+		}
+
+	}
+
+	public void alertDialog(Activity activity, String message, String title) {
+		AlertDialog.Builder builder = new AlertDialog.Builder(activity);
+		LayoutInflater inflater = activity.getLayoutInflater();
+		View dialogView = inflater.inflate(R.layout.dialog_change_password, null);
+
+		TextView passwordTextView = dialogView.findViewById(R.id.passwordTextView);
+
+		if (isPasswordGenerated) {
+			passwordTextView.setText(message);
+		}
+
+		builder.setTitle(title);
+
+		passwordTextView.setOnClickListener(v -> {
+			// Copy password to clipboard
+			ClipboardManager clipboard = (ClipboardManager) activity.getSystemService(Context.CLIPBOARD_SERVICE);
+			ClipData clip = ClipData.newPlainText(getString(R.string.heading_password), message);
+			clipboard.setPrimaryClip(clip);
+			Toast.makeText(activity, R.string.message_password_copied_to_clipbord, Toast.LENGTH_SHORT).show();
+		});
+
+		builder.setView(dialogView);
+		builder.setCancelable(true);
+		builder.setPositiveButton(activity.getString(R.string.action_ok), new DialogInterface.OnClickListener() {
+
+			@Override
+			public void onClick(DialogInterface dialog, int which) {
+				dialog.dismiss();
+				finish();
+			}
+		});
+
+		AlertDialog dialog = builder.create();
+		dialog.show();
+	}
+
+	/**
+	 * When clicked on submit
+	 **/
+	public void savePassword(View view) {
+		binding.changePasswordNewPassword.disableErrorState();
+		binding.changePasswordCurrentPassword.disableErrorState();
+		binding.changePasswordConfirmPassword.disableErrorState();
+
+		if (DataHelper.isNullOrEmpty(ConfigProvider.getServerRestUrl())) {
+			NavigationHelper.goToSettings(this);
+			return;
+		}
+
+		String currentPassword = binding.changePasswordCurrentPassword.getValue();
+		String newPassword = binding.changePasswordNewPassword.getValue();
+		String confirmPassword = binding.changePasswordConfirmPassword.getValue();
+		String configPassword = ConfigProvider.getPassword();
+
+		boolean isValid = true;
+
+		if (currentPassword == null || currentPassword.trim().isEmpty()) {
+			binding.changePasswordCurrentPassword.enableErrorState(R.string.error_current_password_empty);
+			isValid = false;
+		} else if (newPassword == null || newPassword.trim().isEmpty()) {
+			binding.changePasswordNewPassword.enableErrorState(R.string.error_new_password_empty);
+			isValid = false;
+		} else if (confirmPassword == null || confirmPassword.trim().isEmpty()) {
+			binding.changePasswordConfirmPassword.enableErrorState(R.string.error_confirm_password_empty);
+			isValid = false;
+		} else if (!configPassword.equals(currentPassword)) {
+			binding.changePasswordCurrentPassword.enableErrorState(R.string.error_current_password_incorrect);
+			NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.error_current_password_incorrect);
+			isValid = false;
+		} else if (!newPassword.equals(confirmPassword)) {
+			binding.changePasswordConfirmPassword.enableErrorState(R.string.error_passwords_do_not_match);
+			NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.error_passwords_do_not_match);
+			isValid = false;
+		}
+
+		if (isValid) {
+			passwordValidationCheck(view);
+		}
+
+		if (isValid && isGood) {
+			RetroProvider.connectAsyncHandled(this, true, true, result -> {
+				if (Boolean.TRUE.equals(result)) {
+					try {
+						executeSaveNewPasswordCall(UserDtoHelper.saveNewPassword(ConfigProvider.getUser().getUuid(), newPassword), this);
+						setNewPassword(newPassword);
+					} catch (Exception e) {
+						binding.actionPasswordStrength.setVisibility(View.VISIBLE);
+						binding.actionPasswordStrength.setText(e.toString());
+						binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.brightYellow)));
+					}
+					RetroProvider.disconnect();
+				}
+			});
+		}
+	}
+
+	public void showPreloader() {
+		if (fragmentFrame != null) {
+			fragmentFrame.setVisibility(View.GONE);
+		}
+		if (preloader != null) {
+			preloader.setVisibility(View.VISIBLE);
+		}
+	}
+
+	public void hidePreloader() {
+		if (preloader != null) {
+			preloader.setVisibility(View.GONE);
+		}
+		if (fragmentFrame != null) {
+			fragmentFrame.setVisibility(View.VISIBLE);
+		}
+	}
+}
diff --git a/sormas-app/app/src/main/res/values/strings.xml b/sormas-app/app/src/main/res/values/strings.xml
index bfe4600bb20..9c9fea7e9b4 100644
--- a/sormas-app/app/src/main/res/values/strings.xml
+++ b/sormas-app/app/src/main/res/values/strings.xml
@@ -759,5 +759,8 @@
     <string name="message_could_not_generate_password">Could not generate password</string>
     <string name="message_could_not_save_password">Could not save password</string>
     <string name="additional_message_passord_weak">Password should contain some text, some numbers and should be more than 8 characters</string>
+    <string name="message_password_copied_to_clipbord">"Password copied to clipboard"</string>
+    <string name="message_password_generated">"Password Generated"</string>
+    <string name="heading_password">"Password"</string>
 
 </resources>

From fb03f99376624b7b699fc90011b961853e3b2b7f Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Wed, 6 Nov 2024 17:17:18 +0000
Subject: [PATCH 91/95] applying method guidlines

---
 .../api/user/UserPasswordChangeDto.java       |  57 ++++---
 .../app/backend/user/UserDtoHelper.java       |   6 +-
 .../app/login/ChangePasswordActivity.java     |  14 +-
 .../app/login/ChangePasswordViewModel.java    |  62 ++++----
 .../sormas/app/settings/SettingsFragment.java |  13 +-
 .../sormas/backend/user/KeycloakService.java  |  57 +++----
 .../sormas/backend/user/UserFacadeEjb.java    |  12 +-
 .../sormas/backend/user/UserService.java      |   1 +
 .../backend/util/PasswordValidator.java       |  84 ++++++-----
 .../sormas/backend/TestDataCreator.java       |   3 +-
 .../backend/user/UserFacadeEjbTest.java       | 142 +++++++++---------
 .../sormas/rest/resources/UserResource.java   |  26 ++--
 .../sormas/ui/user/UpdatePasswordForm.java    |  81 +++++-----
 .../symeda/sormas/ui/user/UserController.java |  16 +-
 14 files changed, 321 insertions(+), 253 deletions(-)

diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserPasswordChangeDto.java b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserPasswordChangeDto.java
index 29d0984e05a..c907669d19b 100644
--- a/sormas-api/src/main/java/de/symeda/sormas/api/user/UserPasswordChangeDto.java
+++ b/sormas-api/src/main/java/de/symeda/sormas/api/user/UserPasswordChangeDto.java
@@ -1,33 +1,50 @@
+/*
+ * SORMAS® - Surveillance Outbreak Response Management & Analysis System
+ * Copyright © 2016-2023 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
 package de.symeda.sormas.api.user;
 
 import java.io.Serializable;
 
 public class UserPasswordChangeDto implements Serializable {
-    private static final long serialVersionUID = 6269655187128160377L;
 
-    private String uuid;
-    private String newPassword;
+	private static final long serialVersionUID = 6269655187128160377L;
+
+	private String uuid;
+	private String newPassword;
 
-    public String getUuid() {
-        return uuid;
-    }
+	public String getUuid() {
+		return uuid;
+	}
 
-    public void setUuid(String uuid) {
-        this.uuid = uuid;
-    }
+	public void setUuid(String uuid) {
+		this.uuid = uuid;
+	}
 
-    public String getNewPassword() {
-        return newPassword;
-    }
+	public String getNewPassword() {
+		return newPassword;
+	}
 
-    public void setNewPassword(String newPassword) {
-        this.newPassword = newPassword;
-    }
+	public void setNewPassword(String newPassword) {
+		this.newPassword = newPassword;
+	}
 
-    public UserPasswordChangeDto(String uuid, String newPassword) {
-        this.uuid = uuid;
-        this.newPassword = newPassword;
-    }
+	public UserPasswordChangeDto(String uuid, String newPassword) {
+		this.uuid = uuid;
+		this.newPassword = newPassword;
+	}
 
-    public UserPasswordChangeDto(){}
+	public UserPasswordChangeDto() {
+	}
 }
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
index a0940a8037d..89ff4b91ed5 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
@@ -24,6 +24,7 @@
 
 import de.symeda.sormas.api.PostResponse;
 import de.symeda.sormas.api.user.UserDto;
+import de.symeda.sormas.api.user.UserPasswordChangeDto;
 import de.symeda.sormas.api.user.UserReferenceDto;
 import de.symeda.sormas.app.backend.common.AdoDtoHelper;
 import de.symeda.sormas.app.backend.common.DatabaseHelper;
@@ -31,7 +32,6 @@
 import de.symeda.sormas.app.rest.NoConnectionException;
 import de.symeda.sormas.app.rest.RetroProvider;
 import retrofit2.Call;
-import de.symeda.sormas.api.user.UserPasswordChangeDto;
 
 /**
  * Created by Martin Wahnschaffe on 27.07.2016.
@@ -135,10 +135,12 @@ public static UserReferenceDto toReferenceDto(User ado) {
 	}
 
 	public static Call<String> saveNewPassword(String uuid, String newPassword) throws NoConnectionException {
-		return RetroProvider.getUserFacade().saveNewPassword(new UserPasswordChangeDto(uuid,newPassword));
+
+		return RetroProvider.getUserFacade().saveNewPassword(new UserPasswordChangeDto(uuid, newPassword));
 	}
 
 	public static Call<String> generatePassword() throws NoConnectionException {
+
 		return RetroProvider.getUserFacade().generatePassword();
 	}
 
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index c8168298a08..dd2ce39539a 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -81,29 +81,33 @@ protected void onCreate(Bundle savedInstanceState) {
 
 	@Override
 	public void onPause() {
+
 		super.onPause();
 		SoftKeyboardHelper.hideKeyboard(this, binding.changePasswordCurrentPassword.getWindowToken());
 	}
 
 	@Override
 	protected void onDestroy() {
+
 		hidePreloader();
 		super.onDestroy();
 	}
 
 	@Override
 	protected void onResume() {
-		super.onResume();
 
+		super.onResume();
 	}
 
 	public void backToSettings(View view) {
+
 		Intent intent = new Intent(this, SettingsActivity.class);
 		startActivity(intent);
 	}
 
 	@SuppressLint("ResourceType")
 	public void passwordValidationCheck(View view) {
+
 		String newPassword = binding.changePasswordNewPassword.getValue();
 
 		isAtLeast8 = newPassword.length() >= 8;
@@ -125,6 +129,7 @@ public void passwordValidationCheck(View view) {
 
 	@SuppressLint("ResourceType")
 	public void generatePassword(View view) {
+
 		if (DataHelper.isNullOrEmpty(ConfigProvider.getServerRestUrl())) {
 			NavigationHelper.goToSettings(this);
 			return;
@@ -151,6 +156,7 @@ public void generatePassword(View view) {
 
 	@Override
 	public View getRootView() {
+
 		if (binding != null)
 			return binding.getRoot();
 
@@ -158,6 +164,7 @@ public View getRootView() {
 	}
 
 	private void executeGeneratePasswordCall(Call<String> call) {
+
 		try {
 			call.enqueue(new Callback<>() {
 
@@ -184,6 +191,7 @@ public void onFailure(@NonNull Call<String> call, @NonNull Throwable t) {
 	}
 
 	private void executeSaveNewPasswordCall(Call<String> call, Activity activity) {
+
 		try {
 			showPreloader();
 
@@ -227,6 +235,7 @@ public void onFailure(Call<String> call, Throwable t) {
 	}
 
 	public void alertDialog(Activity activity, String message, String title) {
+
 		AlertDialog.Builder builder = new AlertDialog.Builder(activity);
 		LayoutInflater inflater = activity.getLayoutInflater();
 		View dialogView = inflater.inflate(R.layout.dialog_change_password, null);
@@ -266,6 +275,7 @@ public void onClick(DialogInterface dialog, int which) {
 	 * When clicked on submit
 	 **/
 	public void savePassword(View view) {
+
 		binding.changePasswordNewPassword.disableErrorState();
 		binding.changePasswordCurrentPassword.disableErrorState();
 		binding.changePasswordConfirmPassword.disableErrorState();
@@ -323,6 +333,7 @@ public void savePassword(View view) {
 	}
 
 	public void showPreloader() {
+
 		if (fragmentFrame != null) {
 			fragmentFrame.setVisibility(View.GONE);
 		}
@@ -332,6 +343,7 @@ public void showPreloader() {
 	}
 
 	public void hidePreloader() {
+
 		if (preloader != null) {
 			preloader.setVisibility(View.GONE);
 		}
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordViewModel.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordViewModel.java
index fc09783a63a..a0c3307e79d 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordViewModel.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordViewModel.java
@@ -19,31 +19,37 @@
 
 public class ChangePasswordViewModel extends BaseObservable {
 
-    private String currentPassword;
-    private String newPassword;
-    private String confirmPassword;
-
-    public String getCurrentPassword() {
-        return currentPassword;
-    }
-
-    public void setCurrentPassword(String currentPassword) {
-        this.currentPassword = currentPassword;
-    }
-
-    public String getNewPassword() {
-        return newPassword;
-    }
-
-    public void setNewPassword(String newPassword) {
-        this.newPassword = newPassword;
-    }
-
-    public String getConfirmPassword() {
-        return confirmPassword;
-    }
-
-    public void setConfirmPassword(String confirmPassword) {
-        this.confirmPassword = confirmPassword;
-    }
-}
\ No newline at end of file
+	private String currentPassword;
+	private String newPassword;
+	private String confirmPassword;
+
+	public String getCurrentPassword() {
+
+		return currentPassword;
+	}
+
+	public void setCurrentPassword(String currentPassword) {
+
+		this.currentPassword = currentPassword;
+	}
+
+	public String getNewPassword() {
+
+		return newPassword;
+	}
+
+	public void setNewPassword(String newPassword) {
+
+		this.newPassword = newPassword;
+	}
+
+	public String getConfirmPassword() {
+
+		return confirmPassword;
+	}
+
+	public void setConfirmPassword(String confirmPassword) {
+
+		this.confirmPassword = confirmPassword;
+	}
+}
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
index 260130eaffe..76d996f0a85 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
@@ -17,6 +17,10 @@
 
 import static de.symeda.sormas.app.core.notification.NotificationType.ERROR;
 
+import java.util.List;
+
+import org.hzi.sormas.lbds.messaging.LbdsRelated;
+
 import android.content.Intent;
 import android.content.pm.PackageManager;
 import android.os.Bundle;
@@ -28,11 +32,8 @@
 import androidx.appcompat.app.AppCompatActivity;
 import androidx.recyclerview.widget.RecyclerView;
 
-import org.hzi.sormas.lbds.messaging.LbdsRelated;
-
-import java.util.List;
-
 import de.symeda.sormas.api.Language;
+import de.symeda.sormas.api.feature.FeatureType;
 import de.symeda.sormas.api.i18n.I18nProperties;
 import de.symeda.sormas.api.utils.InfoProvider;
 import de.symeda.sormas.app.BaseLandingFragment;
@@ -57,14 +58,13 @@
 import de.symeda.sormas.app.core.notification.NotificationHelper;
 import de.symeda.sormas.app.databinding.FragmentSettingsLayoutBinding;
 import de.symeda.sormas.app.lbds.LbdsIntentSender;
+import de.symeda.sormas.app.login.ChangePasswordActivity;
 import de.symeda.sormas.app.login.EnterPinActivity;
 import de.symeda.sormas.app.login.LoginActivity;
 import de.symeda.sormas.app.rest.SynchronizeDataAsync;
 import de.symeda.sormas.app.util.Callback;
 import de.symeda.sormas.app.util.DataUtils;
 import de.symeda.sormas.app.util.SoftKeyboardHelper;
-import de.symeda.sormas.app.login.ChangePasswordActivity;
-import de.symeda.sormas.api.feature.FeatureType;
 
 /**
  * TODO SettingsFragment should probably not be a BaseLandingFragment, but a BaseFragment
@@ -190,6 +190,7 @@ public void changePIN() {
 	}
 
 	public void changePassword() {
+
 		Intent intent = new Intent(getActivity(), ChangePasswordActivity.class);
 		startActivity(intent);
 	}
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java
index feee4df9396..9968e8ca927 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/KeycloakService.java
@@ -61,11 +61,11 @@
 import de.symeda.sormas.api.user.UserRight;
 import de.symeda.sormas.api.utils.DataHelper.Pair;
 import de.symeda.sormas.backend.common.ConfigFacadeEjb.ConfigFacadeEjbLocal;
+import de.symeda.sormas.backend.user.event.PasswordChangeEvent;
 import de.symeda.sormas.backend.user.event.PasswordResetEvent;
 import de.symeda.sormas.backend.user.event.SyncUsersFromProviderEvent;
 import de.symeda.sormas.backend.user.event.UserCreateEvent;
 import de.symeda.sormas.backend.user.event.UserUpdateEvent;
-import de.symeda.sormas.backend.user.event.PasswordChangeEvent;
 
 /**
  * @author Alex Vidrean
@@ -234,41 +234,44 @@ public void handlePasswordResetEvent(@Observes PasswordResetEvent passwordResetE
 		}
 	}
 
-	public boolean validateCurrentPassword(String username, String password){
+	public boolean validateCurrentPassword(String username, String password) {
+
 		Optional<String> oidcJson = ConfigProvider.getConfig().getOptionalValue("sormas.backend.security.oidc.json", String.class);
 
 		if (oidcJson.isEmpty()) {
 			logger.warn(
-					"Undefined KEYCLOAK configuration for sormas.backend.security.oidc.json. Configure the property or disable the KEYCLOAK authentication provider.");
+				"Undefined KEYCLOAK configuration for sormas.backend.security.oidc.json. Configure the property or disable the KEYCLOAK authentication provider.");
 			return false;
 		}
 
 		String keycloakJsonConfig = oidcJson.get();
-		String secret=JsonPath.read(keycloakJsonConfig, OIDC_SECRET);
-		String realm=JsonPath.read(keycloakJsonConfig, OIDC_REALM);
-		String clientId="sormas-backend";
-		String serverUrl=JsonPath.read(keycloakJsonConfig, OIDC_SERVER_URL);
+		String secret = JsonPath.read(keycloakJsonConfig, OIDC_SECRET);
+		String realm = JsonPath.read(keycloakJsonConfig, OIDC_REALM);
+		String clientId = "sormas-backend";
+		String serverUrl = JsonPath.read(keycloakJsonConfig, OIDC_SERVER_URL);
 
 		try {
 
 			Keycloak keycloak = KeycloakBuilder.builder()
-					.serverUrl(serverUrl)
-					.realm(realm)
-					.clientId(clientId)
-					.clientSecret(secret)
-					.username(username)
-					.password(password)
-					.grantType("password")
-					.build();
+				.serverUrl(serverUrl)
+				.realm(realm)
+				.clientId(clientId)
+				.clientSecret(secret)
+				.username(username)
+				.password(password)
+				.grantType("password")
+				.build();
 
 			try {
-				 keycloak.tokenManager().getAccessToken();
-				 logger.info("Token retrieved Successfully");
-				 keycloak.tokenManager().logout();
+				keycloak.tokenManager().getAccessToken();
+				logger.info("Token retrieved Successfully");
+				keycloak.tokenManager().logout();
 				return true;
 			} catch (Exception e) {
-				logger.error("Token retrieval failed...Kindly Check if you have turned on Direct access grant" +
-						" on 'sormas-backend' client  on the Keycloak console", e);
+				logger.error(
+					"Token retrieval failed...Kindly Check if you have turned on Direct access grant"
+						+ " on 'sormas-backend' client  on the Keycloak console",
+					e);
 				throw e;
 			}
 		} catch (Exception e) {
@@ -276,19 +279,20 @@ public boolean validateCurrentPassword(String username, String password){
 		}
 		return false;
 	}
+
 	public void handlePasswordChangeEvent(@Observes PasswordChangeEvent passwordChangeEvent) {
 		Optional<String> oidcJson = ConfigProvider.getConfig().getOptionalValue("sormas.backend.security.oidc.json", String.class);
 
 		if (oidcJson.isEmpty()) {
 			logger.warn(
-					"Undefined KEYCLOAK configuration for sormas.backend.security.oidc.json. Configure the property or disable the KEYCLOAK authentication provider.");
+				"Undefined KEYCLOAK configuration for sormas.backend.security.oidc.json. Configure the property or disable the KEYCLOAK authentication provider.");
 			return;
 		}
 		User user = passwordChangeEvent.getUser();
 		String password = user.getPassword();
-		String username=user.getUserName();
+		String username = user.getUserName();
 
-		Optional<Keycloak> keycloak =Optional.of(keycloakInstance);
+		Optional<Keycloak> keycloak = Optional.of(keycloakInstance);
 		Optional<UserRepresentation> userRepresentation = getUserByUsername(keycloak.get(), username);
 		if (userRepresentation.isEmpty()) {
 			logger.warn("Cannot find user or email for user with username {} to reset the password", user.getUserName());
@@ -296,10 +300,10 @@ public void handlePasswordChangeEvent(@Observes PasswordChangeEvent passwordChan
 		}
 
 		Optional<Keycloak> adminClient = getKeycloakInstance();
-        adminClient.ifPresent(value -> userRepresentation.ifPresent(existing -> {
+		adminClient.ifPresent(value -> userRepresentation.ifPresent(existing -> {
 			setCredentialsForChangePassword(existing, password, user.getSeed());
-            value.realm(REALM_NAME).users().get(existing.getId()).update(existing);
-        }));
+			value.realm(REALM_NAME).users().get(existing.getId()).update(existing);
+		}));
 	}
 
 	public void handleSyncUsersFromProviderEvent(@Observes SyncUsersFromProviderEvent syncUsersFromProviderEvent) {
@@ -535,6 +539,7 @@ private void setCredentials(UserRepresentation userRepresentation, String passwo
 	}
 
 	private void setCredentialsForChangePassword(UserRepresentation userRepresentation, String password, String salt) {
+
 		JsonObjectBuilder secretData = Json.createObjectBuilder();
 		secretData.add("value", password);
 		secretData.add("salt", Base64.getEncoder().encodeToString(salt.getBytes()));
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 8323ad93e50..7547f4b6d77 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -143,16 +143,16 @@
 import de.symeda.sormas.backend.travelentry.TravelEntryJurisdictionPredicateValidator;
 import de.symeda.sormas.backend.travelentry.TravelEntryQueryContext;
 import de.symeda.sormas.backend.user.UserRoleFacadeEjb.UserRoleFacadeEjbLocal;
+import de.symeda.sormas.backend.user.event.PasswordChangeEvent;
 import de.symeda.sormas.backend.user.event.PasswordResetEvent;
 import de.symeda.sormas.backend.user.event.SyncUsersFromProviderEvent;
 import de.symeda.sormas.backend.user.event.UserCreateEvent;
 import de.symeda.sormas.backend.user.event.UserUpdateEvent;
 import de.symeda.sormas.backend.util.DtoHelper;
 import de.symeda.sormas.backend.util.ModelConstants;
+import de.symeda.sormas.backend.util.PasswordValidator;
 import de.symeda.sormas.backend.util.QueryHelper;
 import de.symeda.sormas.backend.util.RightsAllowed;
-import de.symeda.sormas.backend.util.PasswordValidator;
-import de.symeda.sormas.backend.user.event.PasswordChangeEvent;
 
 @Stateless(name = "UserFacade")
 public class UserFacadeEjb implements UserFacade {
@@ -1199,11 +1199,12 @@ public List<UserRight> getUserRights(String userUuid) {
 	@Override
 	@PermitAll
 	public boolean validateCurrentPassword(String password) {
+
 		User user = userService.getCurrentUser();
 		if (user != null) {
 			AuthProvider authProvider = AuthProvider.getProvider(configFacade);
-			if(KEYCLOAK.equalsIgnoreCase(authProvider.getName())) {
-				return keycloakService.validateCurrentPassword(user.getUserName(),password);
+			if (KEYCLOAK.equalsIgnoreCase(authProvider.getName())) {
+				return keycloakService.validateCurrentPassword(user.getUserName(), password);
 			}
 			return DataHelper.equal(user.getPassword(), PasswordHelper.encodePassword(password, user.getSeed()));
 		}
@@ -1226,7 +1227,7 @@ public boolean isPasswordWeak(String password) {
 	public String updateUserPassword(String uuid, String password) {
 		String updatePassword = userService.updatePassword(uuid, password);
 		AuthProvider authProvider = AuthProvider.getProvider(configFacade);
-		if(KEYCLOAK.equalsIgnoreCase(authProvider.getName())) {
+		if (KEYCLOAK.equalsIgnoreCase(authProvider.getName())) {
 			passwordChangeEvent.fire(new PasswordChangeEvent(userService.getByUuid(uuid)));
 		}
 		return updatePassword;
@@ -1235,6 +1236,7 @@ public String updateUserPassword(String uuid, String password) {
 	@PermitAll
 	@Override
 	public String generatePassword() {
+
 		return userService.generatePassword();
 	}
 
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
index 2b103168727..6bafd296a82 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserService.java
@@ -655,6 +655,7 @@ public static String setNewPassword(User user) {
 	}
 
 	public String generatePassword() {
+
 		return PasswordHelper.createPass(12);
 	}
 
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
index 35303633cbe..e7770ffe364 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
@@ -2,42 +2,48 @@
 
 public class PasswordValidator {
 
-    private PasswordValidator() {
-        throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
-    }
-
-    public static String checkPasswordStrength(String password) {
-        boolean strongPassword = isStrongPassword(password);
-
-        if (strongPassword) {
-            return "Password is Strong";
-        } else {
-            return "Password is Weak";
-        }
-    }
-
-    public static boolean isStrongPassword(String password) {
-        if (password == null) {
-            throw new IllegalArgumentException("Password cannot be null");
-        }
-
-        boolean isLengthValid = password.length() >= 8;
-        boolean hasDigit = hasDigits(password);
-        boolean hasCapitalLetter = hasCapitalLetter(password);
-        boolean hasLowercaseLetter = hasLowercaseLetter(password);
-
-        return isLengthValid && hasDigit && hasCapitalLetter && hasLowercaseLetter;
-    }
-
-    private static boolean hasDigits(String password) {
-        return password.chars().anyMatch(Character::isDigit);
-    }
-
-    private static boolean hasCapitalLetter(String password) {
-        return password.chars().anyMatch(Character::isUpperCase);
-    }
-
-    private static boolean hasLowercaseLetter(String password) {
-        return password.chars().anyMatch(Character::isLowerCase);
-    }
-}
\ No newline at end of file
+	private PasswordValidator() {
+
+		throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
+	}
+
+	public static String checkPasswordStrength(String password) {
+
+		boolean strongPassword = isStrongPassword(password);
+
+		if (strongPassword) {
+			return "Password is Strong";
+		} else {
+			return "Password is Weak";
+		}
+	}
+
+	public static boolean isStrongPassword(String password) {
+
+		if (password == null) {
+			throw new IllegalArgumentException("Password cannot be null");
+		}
+
+		boolean isLengthValid = password.length() >= 8;
+		boolean hasDigit = hasDigits(password);
+		boolean hasCapitalLetter = hasCapitalLetter(password);
+		boolean hasLowercaseLetter = hasLowercaseLetter(password);
+
+		return isLengthValid && hasDigit && hasCapitalLetter && hasLowercaseLetter;
+	}
+
+	private static boolean hasDigits(String password) {
+
+		return password.chars().anyMatch(Character::isDigit);
+	}
+
+	private static boolean hasCapitalLetter(String password) {
+
+		return password.chars().anyMatch(Character::isUpperCase);
+	}
+
+	private static boolean hasLowercaseLetter(String password) {
+
+		return password.chars().anyMatch(Character::isLowerCase);
+	}
+}
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
index 73002f0f7b9..53d624ee4fe 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/TestDataCreator.java
@@ -145,6 +145,7 @@
 import de.symeda.sormas.api.user.UserRoleDto;
 import de.symeda.sormas.api.user.UserRoleReferenceDto;
 import de.symeda.sormas.api.utils.DataHelper;
+import de.symeda.sormas.api.utils.PasswordHelper;
 import de.symeda.sormas.api.vaccination.VaccinationDto;
 import de.symeda.sormas.api.visit.VisitDto;
 import de.symeda.sormas.api.visit.VisitStatus;
@@ -162,7 +163,6 @@
 import de.symeda.sormas.backend.sormastosormas.share.outgoing.SormasToSormasShareInfo;
 import de.symeda.sormas.backend.user.User;
 import de.symeda.sormas.backend.user.UserRole;
-import de.symeda.sormas.api.utils.PasswordHelper;
 
 public class TestDataCreator {
 
@@ -2537,6 +2537,7 @@ public RDP(RegionReferenceDto region, DistrictReferenceDto district, PointOfEntr
 	}
 
 	public User createTestUser() {
+
 		User user = new User();
 		user.setUserName("testuser");
 		user.setFirstName("Test");
diff --git a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
index f65544d04df..ff21681a39b 100644
--- a/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
+++ b/sormas-backend/src/test/java/de/symeda/sormas/backend/user/UserFacadeEjbTest.java
@@ -22,6 +22,7 @@
 import static org.hamcrest.Matchers.nullValue;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertNotEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.junit.jupiter.api.Assertions.assertNull;
 import static org.junit.jupiter.api.Assertions.assertThrows;
@@ -63,7 +64,6 @@
 import de.symeda.sormas.backend.infrastructure.region.Region;
 import de.symeda.sormas.backend.infrastructure.region.RegionFacadeEjb;
 import de.symeda.sormas.backend.infrastructure.region.RegionService;
-import static org.junit.jupiter.api.Assertions.assertNotEquals;
 
 public class UserFacadeEjbTest extends AbstractBeanTest {
 
@@ -482,73 +482,77 @@ void getUserRights() {
 		assertThrows(EntityNotFoundException.class, () -> getUserFacade().getUserRights("12345"));
 	}
 
-    @Test
-    public void testUpdateUserPassword() {
-        // Arrange
-        User testUser = creator.createTestUser();
-
-        String newPassword = "newPassword";
-        String currentPassword = testUser.getPassword();
-        String uuid = testUser.getUuid();
-        String result = getUserFacade().updateUserPassword(uuid, newPassword);
-
-        // Assert
-        assertEquals(newPassword, result);
-
-        // Verify the password was updated in the database
-        User updatedUser = getUserService().getByUuid(uuid);
-
-        assertNotEquals(currentPassword, updatedUser.getPassword()); // Password should be different
-        UserDto updatedUserDto = getUserFacade().getByUuid(uuid);
-
-        loginWith(updatedUserDto); // Login again with changed password
-        assertTrue(getUserFacade().validateCurrentPassword(newPassword)); // Validate the new password
-
-    }
-
-    @Test
-    public void testGeneratePassword() {
-        // Act
-        String result = getUserFacade().generatePassword();
-
-        // Assert
-        assertNotNull(result);
-        assertFalse(result.isEmpty());
-    }
-
-    @Test
-    void testValidatePasswordValid() {
-        // Arrange
-
-        User user = creator.createTestUser();
-        // Act
-        UserDto loggedInUser = getUserFacade().getByUuid(user.getUuid());
-        loginWith(loggedInUser);
-        boolean result = getUserFacade().validateCurrentPassword("password"); // Use plain password for validation
-
-        // Assert
-        assertTrue(result);
-    }
-
-    @Test
-    void testValidatePasswordInvalid() {
-        // Act
-        boolean result = getUserFacade().validateCurrentPassword("password");
-
-        // Assert
-        assertFalse(result);
-    }
-
-    @Test
-    void testCheckPasswordStrengthStrong() {
-        String result = getUserFacade().checkPasswordStrength("Verystrongassword134$");
-        assertEquals("Password is Strong", result);
-    }
-
-    @Test
-    void testCheckPasswordStrengthWeak() {
-        String result = getUserFacade().checkPasswordStrength("weak");
-        assertEquals("Password is Weak", result);
-    }
+	@Test
+	public void testUpdateUserPassword() {
+
+		// Arrange
+		User testUser = creator.createTestUser();
+
+		String newPassword = "newPassword";
+		String currentPassword = testUser.getPassword();
+		String uuid = testUser.getUuid();
+		String result = getUserFacade().updateUserPassword(uuid, newPassword);
+
+		// Assert
+		assertEquals(newPassword, result);
+
+		// Verify the password was updated in the database
+		User updatedUser = getUserService().getByUuid(uuid);
+
+		assertNotEquals(currentPassword, updatedUser.getPassword()); // Password should be different
+		UserDto updatedUserDto = getUserFacade().getByUuid(uuid);
+
+		loginWith(updatedUserDto); // Login again with changed password
+		assertTrue(getUserFacade().validateCurrentPassword(newPassword)); // Validate the new password
+
+	}
+
+	@Test
+	public void testGeneratePassword() {
+
+		// Act
+		String result = getUserFacade().generatePassword();
+
+		// Assert
+		assertNotNull(result);
+		assertFalse(result.isEmpty());
+	}
+
+	@Test
+	void testValidatePasswordValid() {
+
+		User user = creator.createTestUser();
+		// Act
+		UserDto loggedInUser = getUserFacade().getByUuid(user.getUuid());
+		loginWith(loggedInUser);
+		boolean result = getUserFacade().validateCurrentPassword("password"); // Use plain password for validation
+
+		// Assert
+		assertTrue(result);
+	}
+
+	@Test
+	void testValidatePasswordInvalid() {
+
+		// Act
+		boolean result = getUserFacade().validateCurrentPassword("password");
+
+		// Assert
+		assertFalse(result);
+	}
+
+	@Test
+	void testCheckPasswordStrengthStrong() {
+
+		String result = getUserFacade().checkPasswordStrength("Verystrongassword134$");
+		assertEquals("Password is Strong", result);
+	}
+
+	@Test
+	void testCheckPasswordStrengthWeak() {
+
+		String result = getUserFacade().checkPasswordStrength("weak");
+		assertEquals("Password is Weak", result);
+	}
 
 }
diff --git a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
index cc6e4ee9e85..2f7e2c416de 100644
--- a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
+++ b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
@@ -33,10 +33,10 @@
 import de.symeda.sormas.api.task.TaskContextIndexCriteria;
 import de.symeda.sormas.api.user.UserCriteria;
 import de.symeda.sormas.api.user.UserDto;
+import de.symeda.sormas.api.user.UserPasswordChangeDto;
 import de.symeda.sormas.api.user.UserReferenceWithTaskNumbersDto;
 import de.symeda.sormas.api.user.UserRight;
 import io.swagger.v3.oas.annotations.parameters.RequestBody;
-import de.symeda.sormas.api.user.UserPasswordChangeDto;
 
 /**
  * @see <a href="https://jersey.java.net/documentation/latest/">Jersey documentation</a>
@@ -99,15 +99,17 @@ public List<UserRight> getUserRights(@PathParam("uuid") String uuid) {
 		return FacadeProvider.getUserFacade().getUserRights(uuid);
 	}
 
-    @POST
-    @Path("/saveNewPassword")
-    public String saveNewPassword(UserPasswordChangeDto userPasswordChangeDto) {
-        return FacadeProvider.getUserFacade().updateUserPassword(userPasswordChangeDto.getUuid(), userPasswordChangeDto.getNewPassword());
-    }
-
-    @GET
-    @Path("/generatePassword")
-    public String generatePassword() {
-        return FacadeProvider.getUserFacade().generatePassword();
-    }
+	@POST
+	@Path("/saveNewPassword")
+	public String saveNewPassword(UserPasswordChangeDto userPasswordChangeDto) {
+
+		return FacadeProvider.getUserFacade().updateUserPassword(userPasswordChangeDto.getUuid(), userPasswordChangeDto.getNewPassword());
+	}
+
+	@GET
+	@Path("/generatePassword")
+	public String generatePassword() {
+
+		return FacadeProvider.getUserFacade().generatePassword();
+	}
 }
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java
index e74aaaab9cc..fd3c6edfff0 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java
@@ -1,48 +1,51 @@
 package de.symeda.sormas.ui.user;
 
+import static de.symeda.sormas.ui.utils.LayoutUtil.fluidRowLocs;
+import static de.symeda.sormas.ui.utils.LayoutUtil.loc;
+
 import com.vaadin.v7.ui.PasswordField;
+
 import de.symeda.sormas.api.user.UserDto;
 import de.symeda.sormas.ui.utils.AbstractEditForm;
 
-import static de.symeda.sormas.ui.utils.LayoutUtil.fluidRowLocs;
-import static de.symeda.sormas.ui.utils.LayoutUtil.loc;
-
 public class UpdatePasswordForm extends AbstractEditForm<UserDto> {
 
-    private static final long serialVersionUID = 1L;
-    private static final String OLD_PASSWORD = "oldPassword";
-    private static final String NEW_PASSWORD = "newPassword";
-    private static final String CONFIRM_PASSWORD = "updateConfirmPassword";
-
-    //@formater:off
-    private static final String HTML_LAYOUT = loc(OLD_PASSWORD)
-            + fluidRowLocs(UserDto.PASSWORD)
-            + loc(NEW_PASSWORD)
-            + fluidRowLocs(UserDto.NEW_PASSWORD)
-            + loc(CONFIRM_PASSWORD)
-            + fluidRowLocs(UserDto.CONFIRM_PASSWORD);
-
-    //@formatter:on
-    PasswordField currentPassword;
-    PasswordField newPassword;
-    PasswordField confirmPassword;
-
-    public UpdatePasswordForm() {
-        super(UserDto.class, UserDto.I18N_PREFIX);
-
-        setWidth(480, Unit.PIXELS);
-    }
-
-    @Override
-    protected void addFields() {
-        currentPassword = addField(UserDto.PASSWORD, PasswordField.class);
-        newPassword = addField(UserDto.NEW_PASSWORD, PasswordField.class);
-        confirmPassword = addField(UserDto.CONFIRM_PASSWORD, PasswordField.class);
-        setRequired(true, UserDto.PASSWORD, UserDto.NEW_PASSWORD, UserDto.CONFIRM_PASSWORD);
-    }
-
-    @Override
-    protected String createHtmlLayout() {
-        return HTML_LAYOUT;
-    }
+	private static final long serialVersionUID = 1L;
+	private static final String OLD_PASSWORD = "oldPassword";
+	private static final String NEW_PASSWORD = "newPassword";
+	private static final String CONFIRM_PASSWORD = "updateConfirmPassword";
+
+	//@formater:off
+	private static final String HTML_LAYOUT = loc(OLD_PASSWORD)
+		+ fluidRowLocs(UserDto.PASSWORD)
+		+ loc(NEW_PASSWORD)
+		+ fluidRowLocs(UserDto.NEW_PASSWORD)
+		+ loc(CONFIRM_PASSWORD)
+		+ fluidRowLocs(UserDto.CONFIRM_PASSWORD);
+
+	//@formatter:on
+	PasswordField currentPassword;
+	PasswordField newPassword;
+	PasswordField confirmPassword;
+
+	public UpdatePasswordForm() {
+		super(UserDto.class, UserDto.I18N_PREFIX);
+
+		setWidth(480, Unit.PIXELS);
+	}
+
+	@Override
+	protected void addFields() {
+
+		currentPassword = addField(UserDto.PASSWORD, PasswordField.class);
+		newPassword = addField(UserDto.NEW_PASSWORD, PasswordField.class);
+		confirmPassword = addField(UserDto.CONFIRM_PASSWORD, PasswordField.class);
+		setRequired(true, UserDto.PASSWORD, UserDto.NEW_PASSWORD, UserDto.CONFIRM_PASSWORD);
+	}
+
+	@Override
+	protected String createHtmlLayout() {
+
+		return HTML_LAYOUT;
+	}
 }
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index 27b5503baa0..f6cbf03ddcb 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -17,9 +17,13 @@
  *******************************************************************************/
 package de.symeda.sormas.ui.user;
 
+import static de.symeda.sormas.ui.utils.CssStyles.LABEL_CRITICAL;
+import static de.symeda.sormas.ui.utils.CssStyles.LABEL_POSITIVE;
+
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
+import java.util.Objects;
 import java.util.Set;
 import java.util.function.Consumer;
 import java.util.stream.Collectors;
@@ -55,8 +59,10 @@
 import de.symeda.sormas.api.user.UserRight;
 import de.symeda.sormas.api.user.UserRoleDto;
 import de.symeda.sormas.api.utils.DataHelper;
+import de.symeda.sormas.ui.ControllerProvider;
 import de.symeda.sormas.ui.SormasUI;
 import de.symeda.sormas.ui.UiUtil;
+import de.symeda.sormas.ui.UserProvider;
 import de.symeda.sormas.ui.utils.BulkOperationHandler;
 import de.symeda.sormas.ui.utils.ButtonHelper;
 import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent;
@@ -64,11 +70,6 @@
 import de.symeda.sormas.ui.utils.ConfirmationComponent;
 import de.symeda.sormas.ui.utils.CssStyles;
 import de.symeda.sormas.ui.utils.VaadinUiUtil;
-import static de.symeda.sormas.ui.utils.CssStyles.LABEL_CRITICAL;
-import static de.symeda.sormas.ui.utils.CssStyles.LABEL_POSITIVE;
-import de.symeda.sormas.ui.UserProvider;
-import java.util.Objects;
-import de.symeda.sormas.ui.ControllerProvider;
 
 public class UserController {
 
@@ -464,6 +465,7 @@ public void disableAllSelectedItems(Collection<UserDto> selectedRows, UserGrid u
 	}
 
 	public void showUpdatePassword(String userUuid, String userEmail, String password) {
+
 		FacadeProvider.getUserFacade().updateUserPassword(userUuid, password);
 		if (isGeneratePassword) {
 			if (StringUtils.isBlank(userEmail) || AuthProvider.getProvider(FacadeProvider.getConfigFacade()).isDefaultProvider()) {
@@ -478,10 +480,12 @@ public void showUpdatePassword(String userUuid, String userEmail, String passwor
 	}
 
 	private void showPasswordChangeInternalSuccessPopup(String passwordSuccessMessage) {
+
 		showPopupWindow(I18nProperties.getString(Strings.headingChangePassword), passwordSuccessMessage, null, true);
 	}
 
 	private void showPopupWindow(String header, String message, Integer width, Boolean closeable) {
+
 		VerticalLayout layout = new VerticalLayout();
 		Label messageLabel = new Label(message);
 		messageLabel.addStyleName(CssStyles.H2);
@@ -502,6 +506,7 @@ private void showPopupWindow(String header, String message, Integer width, Boole
 	public Button createUpdatePasswordButton() {
 
 		return ButtonHelper.createIconButton(Captions.userResetPassword, VaadinIcons.UNLOCK, new ClickListener() {
+
 			private static final long serialVersionUID = 1L;
 
 			@Override
@@ -531,6 +536,7 @@ public void buttonClick(ClickEvent event) {
 	}
 
 	public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordComponent() {
+
 		Label passwordStrengthDesc = new Label();
 		UpdatePasswordForm form = new UpdatePasswordForm();
 		UserDto user = FacadeProvider.getUserFacade().getByUuid(Objects.requireNonNull(UserProvider.getCurrent()).getUuid());

From 6e629b53a40b8087876cd4e0a7d25645d5b47973 Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Mon, 11 Nov 2024 09:32:50 +0000
Subject: [PATCH 92/95] added license headers to new classes

---
 .../app/login/ChangePasswordActivity.java       | 14 ++++++++++++++
 .../main/res/layout/dialog_change_password.xml  | 17 +++++++++++++++++
 .../sormas/backend/util/PasswordValidator.java  | 17 +++++++++++++++++
 .../sormas/ui/user/UpdatePasswordForm.java      | 17 +++++++++++++++++
 4 files changed, 65 insertions(+)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
index dd2ce39539a..8685c33a182 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -1,3 +1,17 @@
+/*
+ * SORMAS® - Surveillance Outbreak Response Management & Analysis System
+ * Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
 package de.symeda.sormas.app.login;
 
 import static de.symeda.sormas.app.backend.config.ConfigProvider.setNewPassword;
diff --git a/sormas-app/app/src/main/res/layout/dialog_change_password.xml b/sormas-app/app/src/main/res/layout/dialog_change_password.xml
index 8080c5147ae..cebbece9176 100644
--- a/sormas-app/app/src/main/res/layout/dialog_change_password.xml
+++ b/sormas-app/app/src/main/res/layout/dialog_change_password.xml
@@ -1,4 +1,21 @@
 <?xml version="1.0" encoding="utf-8"?>
+<!--
+  ~ SORMAS® - Surveillance Outbreak Response Management & Analysis System
+  ~ Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+  ~
+  ~ This program is free software: you can redistribute it and/or modify
+  ~ it under the terms of the GNU General Public License as published by
+  ~ the Free Software Foundation, either version 3 of the License, or
+  ~ (at your option) any later version.
+  ~
+  ~ This program is distributed in the hope that it will be useful,
+  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
+  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  ~ GNU General Public License for more details.
+  ~
+  ~ You should have received a copy of the GNU General Public License
+  ~ along with this program.  If not, see <https://www.gnu.org/licenses/>.
+  -->
 <LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
     android:orientation="vertical"
     android:layout_width="match_parent"
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
index e7770ffe364..72699b863ed 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
@@ -1,3 +1,20 @@
+/*******************************************************************************
+ * SORMAS® - Surveillance Outbreak Response Management & Analysis System
+ * Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *******************************************************************************/
 package de.symeda.sormas.backend.util;
 
 public class PasswordValidator {
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java
index fd3c6edfff0..c1eaaa438a2 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UpdatePasswordForm.java
@@ -1,3 +1,20 @@
+/*******************************************************************************
+ * SORMAS® - Surveillance Outbreak Response Management & Analysis System
+ * Copyright © 2016-2018 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *******************************************************************************/
 package de.symeda.sormas.ui.user;
 
 import static de.symeda.sormas.ui.utils.LayoutUtil.fluidRowLocs;

From 9f832cedda69ee797bac61e4cdfe3e87acae45bb Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Mon, 11 Nov 2024 10:34:03 +0000
Subject: [PATCH 93/95] organizing imports

---
 .../symeda/sormas/app/backend/user/UserDtoHelper.java |  2 +-
 .../symeda/sormas/app/settings/SettingsFragment.java  | 11 +++++------
 .../de/symeda/sormas/backend/user/UserFacadeEjb.java  |  4 ++--
 .../de/symeda/sormas/rest/resources/UserResource.java |  2 +-
 .../java/de/symeda/sormas/ui/user/UserController.java |  9 ++++-----
 5 files changed, 13 insertions(+), 15 deletions(-)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
index 89ff4b91ed5..5afef389521 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/user/UserDtoHelper.java
@@ -24,7 +24,6 @@
 
 import de.symeda.sormas.api.PostResponse;
 import de.symeda.sormas.api.user.UserDto;
-import de.symeda.sormas.api.user.UserPasswordChangeDto;
 import de.symeda.sormas.api.user.UserReferenceDto;
 import de.symeda.sormas.app.backend.common.AdoDtoHelper;
 import de.symeda.sormas.app.backend.common.DatabaseHelper;
@@ -32,6 +31,7 @@
 import de.symeda.sormas.app.rest.NoConnectionException;
 import de.symeda.sormas.app.rest.RetroProvider;
 import retrofit2.Call;
+import de.symeda.sormas.api.user.UserPasswordChangeDto;
 
 /**
  * Created by Martin Wahnschaffe on 27.07.2016.
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
index 76d996f0a85..7a1c666a1ba 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
@@ -17,10 +17,6 @@
 
 import static de.symeda.sormas.app.core.notification.NotificationType.ERROR;
 
-import java.util.List;
-
-import org.hzi.sormas.lbds.messaging.LbdsRelated;
-
 import android.content.Intent;
 import android.content.pm.PackageManager;
 import android.os.Bundle;
@@ -32,8 +28,11 @@
 import androidx.appcompat.app.AppCompatActivity;
 import androidx.recyclerview.widget.RecyclerView;
 
+import org.hzi.sormas.lbds.messaging.LbdsRelated;
+
+import java.util.List;
+
 import de.symeda.sormas.api.Language;
-import de.symeda.sormas.api.feature.FeatureType;
 import de.symeda.sormas.api.i18n.I18nProperties;
 import de.symeda.sormas.api.utils.InfoProvider;
 import de.symeda.sormas.app.BaseLandingFragment;
@@ -58,13 +57,13 @@
 import de.symeda.sormas.app.core.notification.NotificationHelper;
 import de.symeda.sormas.app.databinding.FragmentSettingsLayoutBinding;
 import de.symeda.sormas.app.lbds.LbdsIntentSender;
-import de.symeda.sormas.app.login.ChangePasswordActivity;
 import de.symeda.sormas.app.login.EnterPinActivity;
 import de.symeda.sormas.app.login.LoginActivity;
 import de.symeda.sormas.app.rest.SynchronizeDataAsync;
 import de.symeda.sormas.app.util.Callback;
 import de.symeda.sormas.app.util.DataUtils;
 import de.symeda.sormas.app.util.SoftKeyboardHelper;
+import de.symeda.sormas.app.login.ChangePasswordActivity;
 
 /**
  * TODO SettingsFragment should probably not be a BaseLandingFragment, but a BaseFragment
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
index 7547f4b6d77..778c54ab09a 100644
--- a/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
+++ b/sormas-backend/src/main/java/de/symeda/sormas/backend/user/UserFacadeEjb.java
@@ -143,16 +143,16 @@
 import de.symeda.sormas.backend.travelentry.TravelEntryJurisdictionPredicateValidator;
 import de.symeda.sormas.backend.travelentry.TravelEntryQueryContext;
 import de.symeda.sormas.backend.user.UserRoleFacadeEjb.UserRoleFacadeEjbLocal;
-import de.symeda.sormas.backend.user.event.PasswordChangeEvent;
 import de.symeda.sormas.backend.user.event.PasswordResetEvent;
 import de.symeda.sormas.backend.user.event.SyncUsersFromProviderEvent;
 import de.symeda.sormas.backend.user.event.UserCreateEvent;
 import de.symeda.sormas.backend.user.event.UserUpdateEvent;
 import de.symeda.sormas.backend.util.DtoHelper;
 import de.symeda.sormas.backend.util.ModelConstants;
-import de.symeda.sormas.backend.util.PasswordValidator;
 import de.symeda.sormas.backend.util.QueryHelper;
 import de.symeda.sormas.backend.util.RightsAllowed;
+import de.symeda.sormas.backend.util.PasswordValidator;
+import de.symeda.sormas.backend.user.event.PasswordChangeEvent;
 
 @Stateless(name = "UserFacade")
 public class UserFacadeEjb implements UserFacade {
diff --git a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
index 2f7e2c416de..ad63dabe1df 100644
--- a/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
+++ b/sormas-rest/src/main/java/de/symeda/sormas/rest/resources/UserResource.java
@@ -33,10 +33,10 @@
 import de.symeda.sormas.api.task.TaskContextIndexCriteria;
 import de.symeda.sormas.api.user.UserCriteria;
 import de.symeda.sormas.api.user.UserDto;
-import de.symeda.sormas.api.user.UserPasswordChangeDto;
 import de.symeda.sormas.api.user.UserReferenceWithTaskNumbersDto;
 import de.symeda.sormas.api.user.UserRight;
 import io.swagger.v3.oas.annotations.parameters.RequestBody;
+import de.symeda.sormas.api.user.UserPasswordChangeDto;
 
 /**
  * @see <a href="https://jersey.java.net/documentation/latest/">Jersey documentation</a>
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
index f6cbf03ddcb..ead50b7ae61 100644
--- a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
+++ b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -17,9 +17,6 @@
  *******************************************************************************/
 package de.symeda.sormas.ui.user;
 
-import static de.symeda.sormas.ui.utils.CssStyles.LABEL_CRITICAL;
-import static de.symeda.sormas.ui.utils.CssStyles.LABEL_POSITIVE;
-
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
@@ -59,10 +56,8 @@
 import de.symeda.sormas.api.user.UserRight;
 import de.symeda.sormas.api.user.UserRoleDto;
 import de.symeda.sormas.api.utils.DataHelper;
-import de.symeda.sormas.ui.ControllerProvider;
 import de.symeda.sormas.ui.SormasUI;
 import de.symeda.sormas.ui.UiUtil;
-import de.symeda.sormas.ui.UserProvider;
 import de.symeda.sormas.ui.utils.BulkOperationHandler;
 import de.symeda.sormas.ui.utils.ButtonHelper;
 import de.symeda.sormas.ui.utils.CommitDiscardWrapperComponent;
@@ -70,6 +65,10 @@
 import de.symeda.sormas.ui.utils.ConfirmationComponent;
 import de.symeda.sormas.ui.utils.CssStyles;
 import de.symeda.sormas.ui.utils.VaadinUiUtil;
+import static de.symeda.sormas.ui.utils.CssStyles.LABEL_CRITICAL;
+import static de.symeda.sormas.ui.utils.CssStyles.LABEL_POSITIVE;
+import de.symeda.sormas.ui.ControllerProvider;
+import de.symeda.sormas.ui.UserProvider;
 
 public class UserController {
 

From 01d80729dc5fa1ee704d8031257bd15423f600ca Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Mon, 11 Nov 2024 10:56:00 +0000
Subject: [PATCH 94/95] update of FeatureType import

---
 .../java/de/symeda/sormas/app/settings/SettingsFragment.java     | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
index 7a1c666a1ba..ec1fae1de90 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/settings/SettingsFragment.java
@@ -64,6 +64,7 @@
 import de.symeda.sormas.app.util.DataUtils;
 import de.symeda.sormas.app.util.SoftKeyboardHelper;
 import de.symeda.sormas.app.login.ChangePasswordActivity;
+import de.symeda.sormas.api.feature.FeatureType;
 
 /**
  * TODO SettingsFragment should probably not be a BaseLandingFragment, but a BaseFragment

From 21f11257b6110204495fbfeb081244c4e60d06cd Mon Sep 17 00:00:00 2001
From: daveotengo <30934250+daveotengo@users.noreply.github.com>
Date: Mon, 11 Nov 2024 10:57:56 +0000
Subject: [PATCH 95/95] spacing out lincence header

---
 sormas-app/app/src/main/res/layout/dialog_change_password.xml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sormas-app/app/src/main/res/layout/dialog_change_password.xml b/sormas-app/app/src/main/res/layout/dialog_change_password.xml
index cebbece9176..a0b8e123f76 100644
--- a/sormas-app/app/src/main/res/layout/dialog_change_password.xml
+++ b/sormas-app/app/src/main/res/layout/dialog_change_password.xml
@@ -16,6 +16,7 @@
   ~ You should have received a copy of the GNU General Public License
   ~ along with this program.  If not, see <https://www.gnu.org/licenses/>.
   -->
+
 <LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
     android:orientation="vertical"
     android:layout_width="match_parent"