Skip to content

Lab #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Rickank wants to merge 10 commits into
base: main
Choose a base branch
from
Open

Lab #6

Show file tree
Hide file tree
Changes from 8 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
ada5d58
add deadline
github-classroom[bot] Dec 8, 2025
d291114
Lagt till inloggningsflöde som gör att test 1 och 2 passerar
Rickank Dec 8, 2025
2a4b3a1
implementerat menyloop med listfunktion
Rickank Dec 8, 2025
f062fed
implementerat login-validering och mission by ID
Rickank Dec 9, 2025
fe91eb3
count missions by year med databas-aggregering
Rickank Dec 9, 2025
e496ab0
implementerat create account med INSERT INTO
Rickank Dec 9, 2025
61d4e95
implementerat update och delete account - 9/9 test
Rickank Dec 9, 2025
0b38e92
JavaDoc
Rickank Dec 9, 2025
aed701e
mer JavaDoc och tagit bort onödig kod som coderabbit varna om.
Rickank Dec 9, 2025
5d5f51f
lagt till username-generering i createAccount
Rickank Dec 9, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
[![Review Assignment Due Date](https://classroom.github.com/assets/deadline-readme-button-22041afd0340ce965d47ae6ef1cefeee28c7c493a6346c4f15d667ab976d596c.svg)](https://classroom.github.com/a/339Lr3BJ)
### How the tests work (and Docker requirement)

This project ships with an end‑to‑end CLI integration test suite that uses Testcontainers to spin up a temporary MySQL database.
Expand Down
288 changes: 270 additions & 18 deletions src/main/java/com/example/Main.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,8 @@
package com.example;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.*;
import java.util.Arrays;
import java.util.Scanner;

public class Main {

Expand All @@ -14,8 +13,11 @@ static void main(String[] args) {
new Main().run();
}

/**
* Runs the main application with login and menu.
*/
public void run() {
// Resolve DB settings with precedence: System properties -> Environment variables
// Resolve database configuration
String jdbcUrl = resolveConfig("APP_JDBC_URL", "APP_JDBC_URL");
String dbUser = resolveConfig("APP_DB_USER", "APP_DB_USER");
String dbPass = resolveConfig("APP_DB_PASS", "APP_DB_PASS");
Expand All @@ -26,37 +28,287 @@ public void run() {
"as system properties (-Dkey=value) or environment variables.");
}

// Test connection
try (Connection connection = DriverManager.getConnection(jdbcUrl, dbUser, dbPass)) {
} catch (SQLException e) {
throw new RuntimeException(e);
}
//Todo: Starting point for your code

Scanner scanner = new Scanner(System.in);

// Login flow
System.out.print("Username: ");
String username = scanner.nextLine().trim();

System.out.print("Password: ");
String password = scanner.nextLine().trim();

if (!validateLogin(jdbcUrl, dbUser, dbPass, username, password)) {
System.out.println("Invalid username or password.");
System.out.println("0) Exit");
scanner.nextLine();
scanner.close();
return;
}

System.out.println("Login successful!");

// Menu loop
boolean running = true;
while (running) {
System.out.println("\n1) List moon missions");
System.out.println("2) Get a moon mission by mission_id");
System.out.println("3) Count missions for a given year");
System.out.println("4) Create an account");
System.out.println("5) Update an account password");
System.out.println("6) Delete an account");
System.out.println("0) Exit");
System.out.print("Choose an option: ");

String choice = scanner.nextLine().trim();

switch (choice) {
case "1":
listMoonMissions(jdbcUrl, dbUser, dbPass);
break;
case "2":
getMissionById(scanner, jdbcUrl, dbUser, dbPass);
break;
case "3":
countMissionsByYear(scanner, jdbcUrl, dbUser, dbPass);
break;
case "4":
createAccount(scanner, jdbcUrl, dbUser, dbPass);
break;
case "5":
updateAccountPassword(scanner, jdbcUrl, dbUser, dbPass);
break;
case "6":
deleteAccount(scanner, jdbcUrl, dbUser, dbPass);
break;
case "0":
running = false;
break;
default:
System.out.println("Invalid option");
}
}

scanner.close();
}

/**
* Lists all spacecraft from moon_mission table.
*/
private void listMoonMissions(String jdbcUrl, String dbUser, String dbPass) {
String sql = "SELECT spacecraft FROM moon_mission ORDER BY mission_id";

try (Connection conn = DriverManager.getConnection(jdbcUrl, dbUser, dbPass);
PreparedStatement stmt = conn.prepareStatement(sql);
ResultSet rs = stmt.executeQuery()) {

while (rs.next()) {
System.out.println(rs.getString("spacecraft"));
}

} catch (SQLException e) {
System.err.println("Error listing missions: " + e.getMessage());
}
}

/**
* Determines if the application is running in development mode based on system properties,
* environment variables, or command-line arguments.
*
* @param args an array of command-line arguments
* @return {@code true} if the application is in development mode; {@code false} otherwise
* Gets a specific mission by ID and prints details.
*/
private void getMissionById(Scanner scanner, String jdbcUrl, String dbUser, String dbPass) {
System.out.print("Enter mission_id: ");
String input = scanner.nextLine().trim();

try {
long missionId = Long.parseLong(input);
String sql = "SELECT mission_id, spacecraft, launch_date FROM moon_mission WHERE mission_id = ?";

try (Connection conn = DriverManager.getConnection(jdbcUrl, dbUser, dbPass);
PreparedStatement stmt = conn.prepareStatement(sql)) {

stmt.setLong(1, missionId);

try (ResultSet rs = stmt.executeQuery()) {
if (rs.next()) {
System.out.println("Mission ID: " + rs.getLong("mission_id"));
System.out.println("Spacecraft: " + rs.getString("spacecraft"));
System.out.println("Launch Date: " + rs.getDate("launch_date"));
}
}
Comment thread
coderabbitai[bot] marked this conversation as resolved.
}
} catch (NumberFormatException e) {
System.out.println("Invalid mission ID format");
} catch (SQLException e) {
System.err.println("Error: " + e.getMessage());
}
}

/**
* Counts how many missions were launched in a specific year.
*/
private void countMissionsByYear(Scanner scanner, String jdbcUrl, String dbUser, String dbPass) {
System.out.print("Enter year: ");
String input = scanner.nextLine().trim();

try {
int year = Integer.parseInt(input);
String sql = "SELECT COUNT(*) as count FROM moon_mission WHERE YEAR(launch_date) = ?";

try (Connection conn = DriverManager.getConnection(jdbcUrl, dbUser, dbPass);
PreparedStatement stmt = conn.prepareStatement(sql)) {

stmt.setInt(1, year);

try (ResultSet rs = stmt.executeQuery()) {
if (rs.next()) {
int count = rs.getInt("count");
System.out.println("Number of missions in " + year + ": " + count);
}
}
}
} catch (NumberFormatException e) {
System.out.println("Invalid year format");
} catch (SQLException e) {
System.err.println("Error: " + e.getMessage());
}
}

/**
* Creates a new account in the database.
*/
private void createAccount(Scanner scanner, String jdbcUrl, String dbUser, String dbPass) {
System.out.print("First name: ");
String firstName = scanner.nextLine().trim();

System.out.print("Last name: ");
String lastName = scanner.nextLine().trim();

System.out.print("SSN: ");
String ssn = scanner.nextLine().trim();

System.out.print("Password: ");
String password = scanner.nextLine().trim();

String sql = "INSERT INTO account (first_name, last_name, ssn, password) VALUES (?, ?, ?, ?)";

try (Connection conn = DriverManager.getConnection(jdbcUrl, dbUser, dbPass);
PreparedStatement stmt = conn.prepareStatement(sql)) {

stmt.setString(1, firstName);
stmt.setString(2, lastName);
stmt.setString(3, ssn);
stmt.setString(4, password);
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Dec 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Security: Plaintext password and SSN storage.

Passwords should be hashed (e.g., bcrypt, Argon2) before storage. SSN is sensitive PII that should be encrypted at rest. While acceptable for a lab exercise, these practices would be critical security and compliance violations in production.

Consider at minimum for production code:

// Password hashing example (requires bcrypt library)
String hashedPassword = BCrypt.hashpw(password, BCrypt.gensalt());
stmt.setString(4, hashedPassword);
🤖 Prompt for AI Agents 
In src/main/java/com/example/Main.java around lines 191 to 205, the code stores
plaintext passwords and raw SSNs which is insecure; change the flow so the
password is hashed (e.g., bcrypt or Argon2 via a vetted library) before calling
stmt.setString(4, ...), and encrypt the SSN at rest (using a field-level
encryption library or an AEAD scheme with secure key management) before calling
stmt.setString(3, ...); ensure you never log plaintext values, use proper
salt/iterations provided by the hashing library, manage encryption keys via a
secrets manager, and update the DB schema/migrations to store hashed password
and encrypted ssn (and handle verification by hashing the login password and
decrypting/validating SSN only when necessary).


int rowsAffected = stmt.executeUpdate();
if (rowsAffected > 0) {
System.out.println("Account created successfully");
}

} catch (SQLException e) {
System.err.println("Error: " + e.getMessage());
}
}

/**
* Updates password for an existing account.
*/
private void updateAccountPassword(Scanner scanner, String jdbcUrl, String dbUser, String dbPass) {
System.out.print("Enter user_id: ");
String input = scanner.nextLine().trim();

System.out.print("Enter new password: ");
String newPassword = scanner.nextLine().trim();

try {
long userId = Long.parseLong(input);
String sql = "UPDATE account SET password = ? WHERE user_id = ?";

try (Connection conn = DriverManager.getConnection(jdbcUrl, dbUser, dbPass);
PreparedStatement stmt = conn.prepareStatement(sql)) {

stmt.setString(1, newPassword);
stmt.setLong(2, userId);

int rowsAffected = stmt.executeUpdate();
if (rowsAffected > 0) {
System.out.println("Password updated successfully");
}
Comment thread
coderabbitai[bot] marked this conversation as resolved.
}
} catch (NumberFormatException e) {
System.out.println("Invalid user ID format");
} catch (SQLException e) {
System.err.println("Error: " + e.getMessage());
}
}

/**
* Deletes an account from the database.
*/
private void deleteAccount(Scanner scanner, String jdbcUrl, String dbUser, String dbPass) {
System.out.print("Enter user_id to delete: ");
String input = scanner.nextLine().trim();

try {
long userId = Long.parseLong(input);
String sql = "DELETE FROM account WHERE user_id = ?";

try (Connection conn = DriverManager.getConnection(jdbcUrl, dbUser, dbPass);
PreparedStatement stmt = conn.prepareStatement(sql)) {

stmt.setLong(1, userId);

int rowsAffected = stmt.executeUpdate();
if (rowsAffected > 0) {
System.out.println("Account deleted successfully");
}
Comment thread
coderabbitai[bot] marked this conversation as resolved.
}
} catch (NumberFormatException e) {
System.out.println("Invalid user ID format");
} catch (SQLException e) {
System.err.println("Error: " + e.getMessage());
}
}

/**
* Checks if username and password are correct.
*/
private boolean validateLogin(String jdbcUrl, String dbUser, String dbPass,
String username, String password) {
String sql = "SELECT user_id FROM account WHERE name = ? AND password = ?";

try (Connection conn = DriverManager.getConnection(jdbcUrl, dbUser, dbPass);
PreparedStatement stmt = conn.prepareStatement(sql)) {

stmt.setString(1, username);
stmt.setString(2, password);

try (ResultSet rs = stmt.executeQuery()) {
return rs.next();
}

} catch (SQLException e) {
System.err.println("Database error: " + e.getMessage());
return false;
}
}

private static boolean isDevMode(String[] args) {
if (Boolean.getBoolean("devMode")) //Add VM option -DdevMode=true
if (Boolean.getBoolean("devMode"))
return true;
if ("true".equalsIgnoreCase(System.getenv("DEV_MODE"))) //Environment variable DEV_MODE=true
if ("true".equalsIgnoreCase(System.getenv("DEV_MODE")))
return true;
return Arrays.asList(args).contains("--dev"); //Argument --dev
return Arrays.asList(args).contains("--dev");
}

/**
* Reads configuration with precedence: Java system property first, then environment variable.
* Returns trimmed value or null if neither source provides a non-empty value.
*/
private static String resolveConfig(String propertyKey, String envKey) {
String v = System.getProperty(propertyKey);
if (v == null || v.trim().isEmpty()) {
v = System.getenv(envKey);
}
return (v == null || v.trim().isEmpty()) ? null : v.trim();
}
}
}
Loading