PSMRI · drtechie · Dec 3, 2025 · Jul 1, 2025 · Jul 4, 2025 · Aug 7, 2025
diff --git a/pom.xml b/pom.xml
@@ -6,7 +6,7 @@
 
 	<groupId>com.iemr.common-API</groupId>
 	<artifactId>common-api</artifactId>
-	<version>3.6.1</version>
+	<version>3.6.0</version>
 	<packaging>war</packaging>
 
 	<name>Common-API</name>

diff --git a/src/main/environment/common_ci.properties b/src/main/environment/common_ci.properties
@@ -192,4 +192,15 @@ cors.allowed-origins=@env.CORS_ALLOWED_ORIGINS@
 video-call-url=@env.VIDEO_CALL_URL@
 jibri.output.path=@env.JIBRI_OUTPUT_PATH@
 video.recording.path=@env.VIDEO_RECORDING_PATH@
+
+platform.feedback.ratelimit.enabled=@env.PLATFORM_FEEDBACK_RATELIMIT_ENABLED@
+platform.feedback.ratelimit.pepper=@env.PLATFORM_FEEDBACK_RATELIMIT_PEPPER@
+platform.feedback.ratelimit.trust-forwarded-for=@env.PLATFORM_FEEDBACK_RATELIMIT_TRUST_FORWARDED_FOR@
+platform.feedback.ratelimit.forwarded-for-header=@env.PLATFORM_FEEDBACK_RATELIMIT_FORWARDED_FOR_HEADER@
+platform.feedback.ratelimit.minute-limit=@env.PLATFORM_FEEDBACK_RATELIMIT_MINUTE_LIMIT@
+platform.feedback.ratelimit.day-limit=@env.PLATFORM_FEEDBACK_RATELIMIT_DAY_LIMIT@
+platform.feedback.ratelimit.user-day-limit=@env.PLATFORM_FEEDBACK_RATELIMIT_USER_DAY_LIMIT@
+platform.feedback.ratelimit.fail-window-minutes=@env.PLATFORM_FEEDBACK_RATELIMIT_FAIL_WINDOW_MINUTES@
+platform.feedback.ratelimit.backoff-minutes=@env.PLATFORM_FEEDBACK_RATELIMIT_BACKOFF_MINUTES@
 generateBeneficiaryIDs-api-url=@env.GEN_BENEFICIARY_IDS_API_URL@
+
diff --git a/src/main/environment/common_docker.properties b/src/main/environment/common_docker.properties
@@ -195,4 +195,15 @@ firebase.credential-file=${FIREBASE_CREDENTIAL}
 video-call-url=${VIDEO_CALL_URL}
 jibri.output.path={JIBRI_OUTPUT_PATH}
 video.recording.path={VIDEO_RECORDING_PATH}
+
+# Platform Feedback module
+platform.feedback.ratelimit.enabled=${PLATFORM_FEEDBACK_RATELIMIT_ENABLED}
+platform.feedback.ratelimit.pepper=${PLATFORM_FEEDBACK_RATELIMIT_PEPPER}
+platform.feedback.ratelimit.trust-forwarded-for=${PLATFORM_FEEDBACK_RATELIMIT_TRUST_FORWARDED_FOR}
+platform.feedback.ratelimit.forwarded-for-header=${PLATFORM_FEEDBACK_RATELIMIT_FORWARDED_FOR_HEADER}
+platform.feedback.ratelimit.minute-limit=${PLATFORM_FEEDBACK_RATELIMIT_MINUTE_LIMIT}
+platform.feedback.ratelimit.day-limit=${PLATFORM_FEEDBACK_RATELIMIT_DAY_LIMIT}
+platform.feedback.ratelimit.user-day-limit=${PLATFORM_FEEDBACK_RATELIMIT_USER_DAY_LIMIT}
+platform.feedback.ratelimit.fail-window-minutes=${PLATFORM_FEEDBACK_RATELIMIT_FAIL_WINDOW_MINUTES}
+platform.feedback.ratelimit.backoff-minutes=${PLATFORM_FEEDBACK_RATELIMIT_BACKOFF_MINUTES}
 generateBeneficiaryIDs-api-url={GEN_BENEFICIARY_IDS_API_URL}
diff --git a/src/main/environment/common_example.properties b/src/main/environment/common_example.properties
@@ -208,5 +208,21 @@ captcha.enable-captcha=true
 
 cors.allowed-origins=http://localhost:*
 
+# ---Platform Feedback module ---
+# Rate limiter OFF locally (no Redis required)
+platform.feedback.ratelimit.enabled=true
+platform.feedback.ratelimit.pepper=dev-pepper-123   # dummy
+
+# trust forwarded-for locally is harmless (localhost only)
+platform.feedback.ratelimit.trust-forwarded-for=false
+platform.feedback.ratelimit.forwarded-for-header=X-Forwarded-For
+
+# Optional overrides (not needed if disabled)
+platform.feedback.ratelimit.minute-limit=10
+platform.feedback.ratelimit.day-limit=100
+platform.feedback.ratelimit.user-day-limit=50
+platform.feedback.ratelimit.fail-window-minutes=5
+platform.feedback.ratelimit.backoff-minutes=15
+
 ### generate Beneficiary IDs URL
 generateBeneficiaryIDs-api-url=/generateBeneficiaryController/generateBeneficiaryIDs
diff --git a/src/main/java/com/iemr/common/config/RedisConfig.java b/src/main/java/com/iemr/common/config/RedisConfig.java
@@ -33,6 +33,7 @@
 import com.fasterxml.jackson.databind.SerializationFeature;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import com.iemr.common.data.users.User;
+import org.springframework.data.redis.core.StringRedisTemplate;
 
 @Configuration
 public class RedisConfig {
@@ -57,4 +58,10 @@ public RedisTemplate<String, Object> redisTemplate(RedisConnectionFactory factor
 		return template;
 	}
 
+	// new bean for rate limiting & counters
+    @Bean
+    public StringRedisTemplate stringRedisTemplate(RedisConnectionFactory factory) {
+        return new StringRedisTemplate(factory);
+    }
+
 }
diff --git a/src/main/java/com/iemr/common/controller/platform_feedback/PlatformFeedbackController.java b/src/main/java/com/iemr/common/controller/platform_feedback/PlatformFeedbackController.java
@@ -0,0 +1,74 @@
+/*
+ * AMRIT – Accessible Medical Records via Integrated Technology
+ * Integrated EHR (Electronic Health Records) Solution
+ *
+ * Copyright (C) "Piramal Swasthya Management and Research Institute"
+ *
+ * This file is part of AMRIT.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+package com.iemr.common.controller;
+
+import com.iemr.common.dto.*;
+import com.iemr.common.service.PlatformFeedbackService;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import io.swagger.v3.oas.annotations.Parameter;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.media.Content;
+import org.springframework.http.ResponseEntity;
+import org.springframework.http.HttpStatus;
+import org.springframework.validation.annotation.Validated;
+import jakarta.validation.Valid;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
+
+@Tag(name = "Platform Feedback", description = "Feedback ingestion and category listing for platform-wide feedback")
+@RestController
+@RequestMapping("/platform-feedback")
+@Validated
+public class PlatformFeedbackController {
+
+    private final PlatformFeedbackService service;
+
+    public PlatformFeedbackController(PlatformFeedbackService service) {
+        this.service = service;
+    }
+
+    @Operation(summary = "Submit feedback (public endpoint)",
+               description = "Accepts feedback (anonymous or identified). Accepts categoryId or categorySlug; slug is preferred.")
+    @ApiResponse(responseCode = "201", description = "Feedback accepted")
+    @ApiResponse(responseCode = "400", description = "Validation or business error", content = @Content)
+    @PostMapping
+    public ResponseEntity<FeedbackResponse> submit(
+            @io.swagger.v3.oas.annotations.parameters.RequestBody(description = "Feedback payload")
+            @Valid @RequestBody FeedbackRequest req) {
+        FeedbackResponse resp = service.submitFeedback(req);
+        return ResponseEntity.status(HttpStatus.CREATED).body(resp);
+    }
+
+    @Operation(summary = "List active categories",
+               description = "Returns active categories. Optionally filter by serviceLine (frontend convenience).")
+    @ApiResponse(responseCode = "200", description = "List of categories")
+    @GetMapping("/categories")
+    public ResponseEntity<List<CategoryResponse>> list(
+            @Parameter(description = "Optional serviceLine to prefer scopes (1097|104|AAM|MMU|TM|ECD)")
+            @RequestParam(required = false) String serviceLine) {
+        if (serviceLine == null) serviceLine = "GLOBAL";
+        List<CategoryResponse> list = service.listCategories(serviceLine);
+        return ResponseEntity.ok(list);
+    }
+}
diff --git a/src/main/java/com/iemr/common/data/platform_feedback/Feedback.java b/src/main/java/com/iemr/common/data/platform_feedback/Feedback.java
@@ -0,0 +1,171 @@
+/*
+ * AMRIT – Accessible Medical Records via Integrated Technology
+ * Integrated EHR (Electronic Health Records) Solution
+ *
+ * Copyright (C) "Piramal Swasthya Management and Research Institute"
+ *
+ * This file is part of AMRIT.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+package com.iemr.common.model;
+
+import jakarta.persistence.*;
+import jakarta.validation.constraints.Max;
+import jakarta.validation.constraints.Min;
+import jakarta.validation.constraints.Size;
+import java.time.LocalDateTime;
+import java.util.UUID;
+
+@Entity
+@Table(name = "m_platform_feedback")
+public class Feedback {
+
+    @Id
+    @Column(name = "FeedbackID", length = 36, updatable = false, nullable = false)
+    private String feedbackId;
+
+    @Column(name = "CreatedAt", nullable = false, insertable = false, updatable = false)
+    private LocalDateTime createdAt;
+
+    @Column(name = "UpdatedAt", nullable = false, insertable = false, updatable = false)
+    private LocalDateTime updatedAt;
+
+    @Min(1)
+    @Max(5)
+    @Column(name = "Rating", nullable = false)
+    private int rating;
+
+    @Size(max = 2000)
+    @Column(name = "Comment", columnDefinition = "TEXT", nullable = true)
+    private String comment;
+
+    @Column(name = "ServiceLine", nullable = false, length = 10)
+    private String serviceLine;
+
+    @Column(name = "IsAnonymous", nullable = false)
+    private boolean isAnonymous = true;
+
+    @ManyToOne(fetch = FetchType.LAZY, optional = false)
+    @JoinColumn(name = "CategoryID", referencedColumnName = "CategoryID", nullable = false)
+    private FeedbackCategory category;
+
+    @Column(name = "UserID", nullable = true)
+    private Integer userId;
+
+    public Feedback() {
+        this.feedbackId = UUID.randomUUID().toString();
+    }
+
+    public Feedback(int rating, String comment, String serviceLine, boolean isAnonymous, FeedbackCategory category, Integer userId) {
+        this(); // ensures feedbackId
+        this.setRating(rating);
+        this.setComment(comment);
+        this.setServiceLine(serviceLine);
+        this.isAnonymous = isAnonymous;
+        this.category = category;
+        this.userId = userId;
+    }
+
+    public String getFeedbackId() {
+        return feedbackId;
+    }
+
+    // Don't usually set feedbackId externally, but keep setter for testing/migration if needed
+    public void setFeedbackId(String feedbackId) {
+        this.feedbackId = feedbackId;
+    }
+
+    public LocalDateTime getCreatedAt() {
+        return createdAt;
+    }
+
+    public void setCreatedAt(LocalDateTime createdAt) {
+        this.createdAt = createdAt;
+    }
+
+    public LocalDateTime getUpdatedAt() {
+        return updatedAt;
+    }
+
+    public void setUpdatedAt(LocalDateTime updatedAt) {
+        this.updatedAt = updatedAt;
+    }
+
+    public int getRating() {
+        return rating;
+    }
+
+    public void setRating(int rating) {
+        if (rating < 1 || rating > 5) {
+            throw new IllegalArgumentException("Rating must be between 1 and 5.");
+        }
+        this.rating = rating;
+    }
+
+    public String getComment() {
+        return comment;
+    }
+
+    public void setComment(String comment) {
+        if (comment != null && comment.length() > 2000) {
+            throw new IllegalArgumentException("Comment cannot exceed 2000 characters");
+        }
+        this.comment = (comment == null || comment.trim().isEmpty()) ? null : comment.trim();
+    }
+
+    public String getServiceLine() {
+        return serviceLine;
+    }
+
+    public void setServiceLine(String serviceLine) {
+        if (serviceLine == null || serviceLine.trim().isEmpty()) {
+            throw new IllegalArgumentException("ServiceLine must not be null or empty.");
+        }
+        this.serviceLine = serviceLine;
+    }
+
+    public boolean isAnonymous() {
+        return isAnonymous;
+    }
+
+    public void setAnonymous(boolean anonymous) {
+        isAnonymous = anonymous;
+        if (anonymous) {
+            this.userId = null;
+        }
+    }
+
+    public FeedbackCategory getCategory() {
+        return category;
+    }
+
+    public void setCategory(FeedbackCategory category) {
+        if (category == null) {
+            throw new IllegalArgumentException("Category must not be null.");
+        }
+        this.category = category;
+    }
+
+    public Integer getUserId() {
+        return userId;
+    }
+
+    public void setUserId(Integer userId) {
+        this.userId = userId;
+        if (userId != null) {
+            this.isAnonymous = false;
+        }
+    }
+}