@Secured({"ROLE_ADMIN", "ROLE_SURVEY_ADMIN"})
 @RequestMapping(value = "/{id}", produces = "text/html")
 public String show(
     @PathVariable("id") Long id,
     HttpServletRequest httpServletRequest,
     Principal principal,
     Model uiModel) {
   log.info("show(): id=" + id);
   try {
     String login = principal.getName();
     User user = userService.user_findByLogin(login);
     // SurveyDefinitionPage surveyDefinitionPage =
     // surveySettingsService.surveyDefinitionPage_findById(id);
     // Check if the user is authorized
     if (!securityService.userIsAuthorizedToManageSurvey(id, user)) {
       log.warn(
           "Unauthorized access to url path "
               + httpServletRequest.getPathInfo()
               + " attempted by user login:"******"from IP:"
               + httpServletRequest.getLocalAddr());
       return "accessDenied";
     }
     uiModel.addAttribute("question", surveySettingsService.question_findById(id));
     uiModel.addAttribute("itemId", id);
     return "settings/questions/show";
   } catch (Exception e) {
     log.error(e.getMessage(), e);
     throw (new RuntimeException(e));
   }
 }
  @Secured({"ROLE_ADMIN", "ROLE_SURVEY_ADMIN"})
  @RequestMapping(value = "/{id}", params = "create", produces = "text/html")
  public String createQuestion(
      @PathVariable("id") Long surveyDefinitionPageId,
      Principal principal,
      Model uiModel,
      HttpServletRequest httpServletRequest) {
    log.info("createForm(): handles param form");
    try {
      String login = principal.getName();
      User user = userService.user_findByLogin(login);
      SurveyDefinitionPage surveyDefinitionPage =
          surveySettingsService.surveyDefinitionPage_findById(surveyDefinitionPageId);
      // Check if the user is authorized
      if (!securityService.userIsAuthorizedToManageSurvey(
              surveyDefinitionPage.getSurveyDefinition().getId(), user)
          && !securityService.userBelongsToDepartment(
              surveyDefinitionPage.getSurveyDefinition().getDepartment().getId(), user)) {
        log.warn(
            "Unauthorized access to url path "
                + httpServletRequest.getPathInfo()
                + " attempted by user login:"******"from IP:"
                + httpServletRequest.getLocalAddr());
        return "accessDenied";
      }
      // User user = userService.user_findByLogin(principal.getName());
      // SurveyDefinitionPage surveyDefinitionPage =
      // surveySettingsService.surveyDefinitionPage_findById(surveyDefinitionPageId);
      Question question = new Question(surveyDefinitionPage);
      size = (short) question.getPage().getQuestions().size();
      populateEditForm(uiModel, question, user);

      return "settings/questions/create";
    } catch (Exception e) {
      log.error(e.getMessage(), e);
      throw (new RuntimeException(e));
    }
  }
  @Secured({"ROLE_ADMIN", "ROLE_SURVEY_ADMIN"})
  @RequestMapping(value = "/{id}", method = RequestMethod.DELETE, produces = "text/html")
  public String delete(
      @PathVariable("id") Long id,
      Principal principal,
      Model uiModel,
      HttpServletRequest httpServletRequest) {
    log.info("delete(): id=" + id);
    try {
      Question question = surveySettingsService.question_findById(id);
      String login = principal.getName();
      User user = userService.user_findByLogin(login);
      // SurveyDefinitionPage surveyDefinitionPage =
      // surveySettingsService.surveyDefinitionPage_findById(surveyDefinitionPageId);
      // Check if the user is authorized
      if (!securityService.userIsAuthorizedToManageSurvey(
              question.getPage().getSurveyDefinition().getId(), user)
          && !securityService.userBelongsToDepartment(
              question.getPage().getSurveyDefinition().getDepartment().getId(), user)) {
        log.warn(
            "Unauthorized access to url path "
                + httpServletRequest.getPathInfo()
                + " attempted by user login:"******"from IP:"
                + httpServletRequest.getLocalAddr());
        return "accessDenied";
      }

      surveySettingsService.question_remove(id);
      uiModel.asMap().clear();
      return "redirect:/settings/surveyDefinitions/"
          + encodeUrlPathSegment(
              question.getPage().getSurveyDefinition().getId().toString(), httpServletRequest);

    } catch (Exception e) {
      log.error(e.getMessage(), e);
      throw (new RuntimeException(e));
    }
  }
  @Secured({"ROLE_ADMIN", "ROLE_SURVEY_ADMIN"})
  @RequestMapping(method = RequestMethod.PUT, produces = "text/html")
  public String update(
      @RequestParam(value = "_proceed", required = false) String proceed,
      @Valid Question question,
      BindingResult bindingResult,
      Principal principal,
      Model uiModel,
      HttpServletRequest httpServletRequest) {
    log.info("update(): handles PUT");
    try {
      // User user = userService.user_findByLogin(principal.getName());
      String login = principal.getName();
      User user = userService.user_findByLogin(login);

      // SurveyDefinitionPage surveyDefinitionPage =
      // surveySettingsService.surveyDefinitionPage_findById(surveyDefinitionPageId);
      // surveySettingsService.question_findById(question.getId()).getPage().getSurveyDefinition().getId()
      // Check if the user is authorized
      if (!securityService.userIsAuthorizedToManageSurvey(
              question.getPage().getSurveyDefinition().getId(), user)
          && !securityService.userBelongsToDepartment(
              question.getPage().getSurveyDefinition().getDepartment().getId(), user)) {
        log.warn(
            "Unauthorized access to url path "
                + httpServletRequest.getPathInfo()
                + " attempted by user login:"******"from IP:"
                + httpServletRequest.getLocalAddr());
        return "accessDenied";
      }
      if (proceed != null) {
        if (bindingResult.hasErrors()) {
          populateEditForm(uiModel, question, user);
          log.info(
              "-------------------------------------------"
                  + bindingResult.getFieldErrors().toString());
          return "settings/questions/update";
        }
        if (!surveySettingsService.question_ValidateDateRange(question)) {
          populateEditForm(uiModel, question, user);
          bindingResult.rejectValue("dateMinimum", "date_format_validation_range");
          return "settings/questions/update";
        }
        if (!surveySettingsService.question_ValidateMinMaxDoubleValues(question)) {
          populateEditForm(uiModel, question, user);
          bindingResult.rejectValue("decimalMinimum", "field_min_invalid");
          return "settings/questions/update";
        }
        if (!surveySettingsService.question_ValidateMinMaxValues(question)) {
          populateEditForm(uiModel, question, user);
          bindingResult.rejectValue("integerMinimum", "field_min_invalid");
          return "settings/questions/update";
        }
        if (question.getSuportsOptions()) {
          // If user wants to modify and existent question without
          // options to Rating type, then use the default values
          int NumberOfQuestionOptions = 0;
          Set<QuestionOption> qOpts =
              surveySettingsService.questionOption_findByQuestionId(question.getId());
          for (QuestionOption q : qOpts) {
            NumberOfQuestionOptions++;
          }
          if ((question.getType().toString() == "SMILEY_FACES_RATING"
                  || question.getType().toString() == "STAR_RATING")
              && NumberOfQuestionOptions != 5) {
            log.info(
                "Removing Question Options since the amount of Questions Options for Rating Type cannot be longer than 5 Qoptions");
            surveySettingsService.questionOption_removeQuestionOptionsByQuestionId(
                question.getId());
            SortedSet<QuestionOption> options = new TreeSet<QuestionOption>();
            options.add(
                new QuestionOption(
                    question,
                    (short) 1,
                    "1",
                    messageSource.getMessage(
                        EXTREMELY_UNSATISFIED_LABEL, null, LocaleContextHolder.getLocale())));
            options.add(
                new QuestionOption(
                    question,
                    (short) 2,
                    "2",
                    messageSource.getMessage(
                        UNSATISFIED_LABEL, null, LocaleContextHolder.getLocale())));
            options.add(
                new QuestionOption(
                    question,
                    (short) 3,
                    "3",
                    messageSource.getMessage(
                        NEUTRAL_LABEL, null, LocaleContextHolder.getLocale())));
            options.add(
                new QuestionOption(
                    question,
                    (short) 4,
                    "4",
                    messageSource.getMessage(
                        SATISFIED_LABEL, null, LocaleContextHolder.getLocale())));
            options.add(
                new QuestionOption(
                    question,
                    (short) 5,
                    "5",
                    messageSource.getMessage(
                        EXTREMELY_SATISFIED_LABEL, null, LocaleContextHolder.getLocale())));
            // Adding default values to Rating Type Question
            log.info("Adding default values to Rating Type Question");
            question = surveySettingsService.question_merge(question, options);
            uiModel.asMap().clear();
            return "settings/questions/saved";
          } else {
            Policy questionTextPolicy =
                Policy.getInstance(this.getClass().getResource(POLICY_FILE_LOCATION));
            AntiSamy emailAs = new AntiSamy();
            CleanResults crQuestionText =
                emailAs.scan(question.getQuestionText(), questionTextPolicy);
            question.setQuestionText(crQuestionText.getCleanHTML());

            Policy questionTipPolicy =
                Policy.getInstance(this.getClass().getResource(POLICY_FILE_LOCATION));
            AntiSamy completedSurveyAs = new AntiSamy();
            CleanResults crQuestionTip =
                completedSurveyAs.scan(question.getTip(), questionTipPolicy);
            question.setTip(crQuestionTip.getCleanHTML());

            question = surveySettingsService.question_merge(question);
            uiModel.asMap().clear();
            return "settings/questions/saved";
          }
        }

        question = surveySettingsService.question_merge(question);
        uiModel.asMap().clear();
        return "settings/questions/saved";

      } else {
        return "redirect:/settings/surveyDefinitions/"
            + encodeUrlPathSegment(
                question.getPage().getSurveyDefinition().getId().toString(), httpServletRequest);
      }
    } catch (Exception e) {
      log.error(e.getMessage(), e);
      throw (new RuntimeException(e));
    }
  }
  @Secured({"ROLE_ADMIN", "ROLE_SURVEY_ADMIN"})
  @RequestMapping(method = RequestMethod.POST, produces = "text/html")
  public String create(
      @RequestParam(value = "_proceed", required = false) String proceed,
      @Valid Question question,
      BindingResult bindingResult,
      Principal principal,
      Model uiModel,
      HttpServletRequest httpServletRequest) {
    log.info("create(): handles " + RequestMethod.POST.toString());

    try {
      String login = principal.getName();
      User user = userService.user_findByLogin(login);
      // SurveyDefinitionPage surveyDefinitionPage =
      // surveySettingsService.surveyDefinitionPage_findById(surveyDefinitionPageId);
      // Check if the user is authorized

      if (!securityService.userIsAuthorizedToManageSurvey(
              question.getPage().getSurveyDefinition().getId(), user)
          && !securityService.userBelongsToDepartment(
              question.getPage().getSurveyDefinition().getDepartment().getId(), user)) {
        log.warn(
            "Unauthorized access to url path "
                + httpServletRequest.getPathInfo()
                + " attempted by user login:"******"from IP:"
                + httpServletRequest.getLocalAddr());
        return "accessDenied";
      }
      // User user = userService.user_findByLogin(principal.getName());
      if (proceed != null) {
        if (bindingResult.hasErrors()) {
          populateEditForm(uiModel, question, user);
          return "settings/questions/create";
        }

        if (!surveySettingsService.question_ValidateDateRange(question)) {
          populateEditForm(uiModel, question, user);
          bindingResult.rejectValue("dateMinimum", "date_format_validation_range");
          return "settings/questions/create";
        }
        // validate Double min max
        if (!surveySettingsService.question_ValidateMinMaxDoubleValues(question)) {
          populateEditForm(uiModel, question, user);
          bindingResult.rejectValue("decimalMinimum", "field_min_invalid");
          return "settings/questions/create";
        }
        // validate Integer min max
        if (!surveySettingsService.question_ValidateMinMaxValues(question)) {
          populateEditForm(uiModel, question, user);
          bindingResult.rejectValue("integerMinimum", "field_min_invalid");
          return "settings/questions/create";
        }
        if (question.getType().getIsRating()) {
          SortedSet<QuestionOption> options = new TreeSet<QuestionOption>();
          options.add(
              new QuestionOption(
                  question,
                  (short) 1,
                  "1",
                  messageSource.getMessage(
                      EXTREMELY_UNSATISFIED_LABEL, null, LocaleContextHolder.getLocale())));
          options.add(
              new QuestionOption(
                  question,
                  (short) 2,
                  "2",
                  messageSource.getMessage(
                      UNSATISFIED_LABEL, null, LocaleContextHolder.getLocale())));
          options.add(
              new QuestionOption(
                  question,
                  (short) 3,
                  "3",
                  messageSource.getMessage(NEUTRAL_LABEL, null, LocaleContextHolder.getLocale())));
          options.add(
              new QuestionOption(
                  question,
                  (short) 4,
                  "4",
                  messageSource.getMessage(
                      SATISFIED_LABEL, null, LocaleContextHolder.getLocale())));
          options.add(
              new QuestionOption(
                  question,
                  (short) 5,
                  "5",
                  messageSource.getMessage(
                      EXTREMELY_SATISFIED_LABEL, null, LocaleContextHolder.getLocale())));
          question = surveySettingsService.question_merge(question, options);
        }

        // if (question.getPublishToSocrata().equals(true)){
        // bindingResult.rejectValue("socrataColumnName",
        // "field_min_invalid");
        // return "settings/questions/create";
        // }

        else {

          Policy questionTextPolicy =
              Policy.getInstance(this.getClass().getResource(POLICY_FILE_LOCATION));
          AntiSamy emailAs = new AntiSamy();
          CleanResults crQuestionText =
              emailAs.scan(question.getQuestionText(), questionTextPolicy);
          question.setQuestionText(crQuestionText.getCleanHTML());

          Policy questionTipPolicy =
              Policy.getInstance(this.getClass().getResource(POLICY_FILE_LOCATION));
          AntiSamy completedSurveyAs = new AntiSamy();
          CleanResults crQuestionTip = completedSurveyAs.scan(question.getTip(), questionTipPolicy);
          question.setTip(crQuestionTip.getCleanHTML());

          question = surveySettingsService.question_merge(question);
        }
        uiModel.asMap().clear();
        return "settings/questions/saved";
      } else {
        return "redirect:/settings/surveyDefinitions/"
            + encodeUrlPathSegment(
                question.getPage().getSurveyDefinition().getId().toString(), httpServletRequest);
      }
    } catch (Exception e) {
      log.error(e.getMessage(), e);
      throw (new RuntimeException(e));
    }
  }