#8: Setup Model and DAO
Some checks failed
Quality Check / Linting Check (push) Failing after 12s
Quality Check / Javadoc Check (push) Successful in 21s

Signed-off-by: Dominik Säume <Dominik.Saeume@hmmh.de>
This commit is contained in:
Dominik Säume 2024-05-19 23:15:43 +02:00 committed by Dominik Säume
parent ed6a19b6af
commit 4716c84fdf
Signed by: SZUT-Dominik
GPG key ID: 67D15BB250B41E7C
6 changed files with 304 additions and 7 deletions

View file

@ -34,8 +34,8 @@ public class Main extends Application {
@Override @Override
public void start(Stage primaryStage) { public void start(Stage primaryStage) {
this.primaryStage = primaryStage; this.primaryStage = primaryStage;
executePassword(); //executePassword();
//executeMainApplication(); executeMainApplication();
} }
private void executePassword() { private void executePassword() {

View file

@ -0,0 +1,95 @@
package de.hitec.nhplus.login;
import de.hitec.nhplus.nurse.Nurse;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
public class User {
private int id;
private String username;
private byte[] passwordSalt;
private byte[] passwordHash;
private int permissions = 0;
private Nurse nurse;
public User(
int id,
String username,
byte[] passwordSalt,
byte[] passwordHash,
int permissions,
Nurse nurse
) {
this.id = id;
this.username = username;
this.passwordSalt = passwordSalt;
this.passwordHash = passwordHash;
this.permissions = permissions;
this.nurse = nurse;
}
public User(
String username,
byte[] passwordSalt,
byte[] passwordHash,
int permissions,
Nurse nurse,
boolean admin
) {
this.username = username;
this.passwordSalt = passwordSalt;
this.passwordHash = passwordHash;
this.permissions = permissions;
this.nurse = nurse;
}
public int getId() {
return id;
}
public byte[] getPasswordSalt() {
return passwordSalt;
}
public byte[] getPasswordHash() {
return passwordHash;
}
public void setPassword(String password) throws NoSuchAlgorithmException {
SecureRandom random = new SecureRandom();
byte[] salt = new byte[16];
random.nextBytes(salt);
this.passwordSalt = salt;
MessageDigest md = MessageDigest.getInstance("SHA-512");
md.update(salt);
this.passwordHash = md.digest(password.getBytes(StandardCharsets.UTF_8));
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public int getPermissions() {
return permissions;
}
public void setPermissions(int permissions) {
this.permissions = permissions;
}
public Nurse getNurse() {
return nurse;
}
public void setNurse(Nurse nurse) {
this.nurse = nurse;
}
}

View file

@ -0,0 +1,202 @@
package de.hitec.nhplus.login.database;
import de.hitec.nhplus.datastorage.Dao;
import de.hitec.nhplus.datastorage.DaoFactory;
import de.hitec.nhplus.login.User;
import de.hitec.nhplus.nurse.Nurse;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
public class UserDao implements Dao<User> {
protected final Connection connection;
public UserDao(Connection connection) {
this.connection = connection;
}
public int readUserId(String username) throws SQLException {
final String SQL = "SELECT id FROM user WHERE username = ?";
PreparedStatement statement = this.connection.prepareStatement(SQL);
statement.setString(1, username);
return statement.executeQuery().getInt(1);
}
public byte[] readPasswordSalt(int id) throws SQLException {
final String SQL = "SELECT passwordSalt FROM user WHERE id = ?";
PreparedStatement statement = this.connection.prepareStatement(SQL);
statement.setInt(1, id);
return statement.executeQuery().getBytes(1);
}
public byte[] readPasswordHash(int id) throws SQLException {
final String SQL = "SELECT passwordHash FROM user WHERE id = ?";
PreparedStatement statement = this.connection.prepareStatement(SQL);
statement.setInt(1, id);
return statement.executeQuery().getBytes(1);
}
@Override
public User read(int id) throws SQLException {
final String SQL = """
SELECT user.username, user.passwordSalt, user.passwordHash, user__permissions.permissions, user__nurse.nurseId
FROM user
LEFT JOIN user__permissions ON user.id = user__permissions.userId
LEFT JOIN user__nurse ON user.id = user__nurse.userId
WHERE user.id = ?;
""";
PreparedStatement statement = this.connection.prepareStatement(SQL);
statement.setInt(1, id);
ResultSet result = statement.executeQuery();
int nurseId = result.getInt(5);
Nurse nurse = null;
if (!result.wasNull()) {
nurse = DaoFactory.getInstance().createNurseDAO().read(nurseId);
}
return new User(
id,
result.getString(1),
result.getBytes(2),
result.getBytes(3),
result.getInt(4),
nurse
);
}
@Override
public void create(User user) throws SQLException {
connection.setAutoCommit(false); //Switch to Manual Commit, to do an SQL Transaction
final String userSQL = """
INSERT INTO user
(username, passwordSalt, passwordHash)
VALUES (?, ?, ?);
""";
PreparedStatement statement = this.connection.prepareStatement(userSQL);
statement.setString(1, user.getUsername());
statement.setBytes(2, user.getPasswordSalt());
statement.setBytes(3, user.getPasswordHash());
statement.execute();
ResultSet generatedKeys = connection.createStatement().executeQuery("SELECT id FROM user");
connection.commit(); //Finish SQL Transaction
connection.setAutoCommit(true); //Switch back Mode
if (!generatedKeys.next()) {
return;
}
int newId = generatedKeys.getInt(1);
final String permissionSQL = """
INSERT INTO user__permissions
(userId, permissions)
VALUES (?, ?);
""";
PreparedStatement permissionStatement = this.connection.prepareStatement(permissionSQL);
permissionStatement.setInt(1, newId);
permissionStatement.setInt(2, user.getPermissions());
permissionStatement.execute();
if (user.getNurse() == null) {
return;
}
final String nurseSQL = """
INSERT INTO user__nurse
(userId, nurseId)
VALUES (?, ?);
""";
PreparedStatement nurseStatement = this.connection.prepareStatement(nurseSQL);
permissionStatement.setInt(1, newId);
permissionStatement.setInt(2, user.getNurse().getId());
permissionStatement.execute();
}
@Override
public void update(User user) throws SQLException {
final String userSQL = """
UPDATE user SET
username = ?,
passwordSalt = ?,
passwordHash = ?
WHERE id = ?
""";
PreparedStatement statement = this.connection.prepareStatement(userSQL);
statement.setString(1, user.getUsername());
statement.setBytes(2, user.getPasswordSalt());
statement.setBytes(3, user.getPasswordHash());
statement.setInt(3, user.getId());
statement.executeUpdate();
final String permissionSQL = """
UPDATE user__permissions SET
permissions = ?
WHERE userId = ?
""";
PreparedStatement permissionStatement = this.connection.prepareStatement(permissionSQL);
permissionStatement.setInt(1, user.getPermissions());
permissionStatement.setInt(2, user.getId());
permissionStatement.executeUpdate();
if (user.getNurse() == null) {
final String nurseSQL = """
DELETE FROM user__nurse WHERE userId = ?
""";
this.connection.prepareStatement(nurseSQL).executeUpdate();
return;
}
final String nurseSQL = """
UPDATE user__nurse set
nurseId = ?
WHERE userId = ?
""";
PreparedStatement nurseStatement = this.connection.prepareStatement(nurseSQL);
nurseStatement.setInt(1, user.getNurse().getId());
nurseStatement.setInt(2, user.getId());
permissionStatement.executeUpdate();
}
@Override
public void delete(int id) throws SQLException {
final String SQL = """
DELETE FROM user WHERE user.id = ?;
""";
PreparedStatement preparedStatement = this.connection.prepareStatement(SQL);
preparedStatement.setInt(1, id);
preparedStatement.executeUpdate();
}
@Override
public List<User> readAll() throws SQLException {
final String SQL = """
SELECT user.id, user.username, user.passwordSalt, user.passwordHash, user__permissions.permissions, user__nurse.nurseId
FROM user
LEFT JOIN user__permissions ON user.id = user__permissions.userId
LEFT JOIN user__nurse ON user.id = user__nurse.userId
""";
ResultSet result = connection.prepareStatement(SQL).executeQuery();
List<User> users = new ArrayList<>();
while (result.next()) {
int nurseId = result.getInt(6);
Nurse nurse = null;
if (!result.wasNull()) {
nurse = DaoFactory.getInstance().createNurseDAO().read(nurseId);
}
users.add(new User(
result.getInt(1),
result.getString(2),
result.getBytes(3),
result.getBytes(4),
result.getInt(5),
nurse
));
}
return users;
}
}

View file

@ -1,7 +1,7 @@
CREATE TABLE user CREATE TABLE user
( (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT NOT NULL, username TEXT NOT NULL UNIQUE,
passwordSalt BLOB NOT NULL, passwordSalt BLOB NOT NULL,
passwordHash BLOB NOT NULL passwordHash BLOB NOT NULL
) )

View file

@ -1,6 +1,6 @@
CREATE TABLE user__permissions CREATE TABLE user__permissions
( (
userId INTEGER NOT NULL, userId INTEGER NOT NULL UNIQUE,
permissions INTEGER, -- Binary Bitmask for Permissions permissions INTEGER NOT NULL, -- Binary Bitmask for Permissions
FOREIGN KEY (userId) REFERENCES user (id) ON DELETE CASCADE FOREIGN KEY (userId) REFERENCES user (id) ON DELETE CASCADE
) )

View file

@ -1,7 +1,7 @@
CREATE TABLE user__nurse CREATE TABLE user__nurse
( (
userId INTEGER NOT NULL, userId INTEGER NOT NULL UNIQUE,
nurseId INTEGER NOT NULL, nurseId INTEGER NOT NULL UNIQUE,
FOREIGN KEY (userId) REFERENCES user (id) ON DELETE CASCADE, FOREIGN KEY (userId) REFERENCES user (id) ON DELETE CASCADE,
FOREIGN KEY (nurseId) REFERENCES nurse (id) ON DELETE CASCADE FOREIGN KEY (nurseId) REFERENCES nurse (id) ON DELETE CASCADE
) )