/** * Project : KANT (LMT) * Source Name: User.java * Copyright : Copyright (c) LTI, Carnegie Mellon University * Description: Class for user * @version 1.0 (created by jko - 10/01/01) **/ package lmt; import java.sql.*; import java.util.*; public class User { String username; String passwd; String description; String usergroup; public SQLConnection con; Session session; /** constructor **/ public User(SQLConnection con, String username, String passwd) { this.username = username; this.passwd = passwd; this.con = con; description = ""; usergroup = ""; session = new Session("", con); } public User(SQLConnection con) { this (con, "", ""); } // setters & getters public String getUserName() { return username; } public void setUserName(String username) { if ( username == null ) username = ""; this.username = username; } public String getPasswd() { return passwd; } public void setPasswd(String passwd) { if ( passwd == null ) passwd = ""; this.passwd = passwd; } public String getGroup() { return usergroup; } public void setGroup(String g) { if ( g == null ) g = ""; this.usergroup = g; } public String getDescription() { return description; } public void setDescription(String d) { if ( d == null ) d = ""; this.description = d; } /** login to the database * @return integer representing the result of operation **/ public boolean login() { boolean success = false; int ret = 0; String session_id = ""; if ( con == null || !con.connect()) { Debug.debug("-- login: connnection is null or not connected - " + con); return false; } // start transaction con.setAutoCommit(false); con.setTransactionIsolation(Connection.TRANSACTION_SERIALIZABLE); // check username and password String sql = "SELECT * FROM LMT_USER_LISTS"; sql += " WHERE username = '" + username + "'"; sql += " AND passwd = '" + passwd + "'"; SQLConnection.Result r = con.query(sql); if (r!=null && r.hasData()) success = true; if (r!=null) r.close(); // get a new session id if ( success ) { sql = "SELECT SESSION_ID.NEXTVAL FROM DUAL"; try { r = con.query(sql); if (r!= null && r.hasData()) session_id = r.rs.getString(1); else success = false; if ( r!=null) r.close(); } catch (SQLException E) { Debug.debug("login SQLException: " + E.getMessage()); success = false; } } // create a session if ( success ) { sql = "INSERT INTO LMT_SESSIONS VALUES ('" + session_id + "','"; sql += username + "', SYSDATE )"; //Debug.debug("-- login:" + sql); ret = con.update(sql); if (ret != 1) success = false; } // close transaction if ( success ) { con.commit(); session.setSessionID(session_id); } else { con.rollback(); } con.setAutoCommit(true); return success; } /** login to the database * @return integer representing the result of operation **/ public boolean adminLogin() { if ( con == null || !con.connect()) { Debug.debug("-- login: connnection is null or not connected - " + con); return false; } // check username and password String sql = "SELECT * FROM LMT_USER_LISTS"; sql += " WHERE username = '" + username + "'"; sql += " AND passwd = '" + passwd + "'"; sql += " AND usergroup = 'admin'"; boolean success = false; SQLConnection.Result r = con.query(sql); if (r!=null) { if (r.hasData()) success = true; r.close(); } return success; } public void logout() { // delete a session if ( session != null ) { String sql = "DELETE FROM LMT_SESSIONS WHERE session_id = '" + session.getSessionID() + "'"; //Debug.debug("-- logout:" + sql); int ret = con.update(sql); //Debug.debug("++++ ret: " + ret); } } public Session getSession(){ return session; } public static Vector fetchUsers(SQLConnection con) { String sql = "SELECT username, passwd, usergroup, description FROM LMT_USER_LISTS order by username"; Debug.debug("-- " + sql); Vector userlist = new Vector(); try { SQLConnection.Result r = con.query(sql); while (r!=null && r.hasData()) { User user = new User(con); user.setUserName(r.rs.getString(1)); user.setPasswd(r.rs.getString(2)); user.setGroup(r.rs.getString(3)); user.setDescription(r.rs.getString(4)); userlist.addElement(user); } if (r!=null) r.close(); } catch (SQLException E) { Debug.debug("login SQLException: " + E.getMessage()); } return userlist; } /** insert the data into the table. * @return integer representing the result of operation **/ public int insert() { // check where this exists if (isExistent()) return Constants.DUPLICATION; String sql = "INSERT INTO LMT_USER_LISTS "; sql += "(username, passwd, usergroup, description) VALUES ("; sql += "'" + username + "',"; sql += "'" + passwd + "',"; sql += "'" + usergroup + "',"; sql += "'" + description + "')"; Debug.debug("-- User insertion : " + sql); return con.insert(sql); } /** delete the data from the table. * @return integer representing the result of operation **/ public int delete() { // check where this exists if (!isExistent()) return Constants.DONOTEXIST; String sql = "DELETE FROM LMT_USER_LISTS "; sql += " WHERE username = '" + username + "'"; Debug.debug("-- User delete : " + sql); return con.delete(sql); } /** update the data in the table. * @return integer representing the result of operation **/ public int update() { // check where this exists if (!isExistent()) return Constants.DONOTEXIST; String sql = "UPDATE LMT_USER_LISTS SET "; sql += "passwd = '" + passwd +"', "; sql += "usergroup = '" + usergroup +"', "; sql += "description = '" + description +"' "; sql += "WHERE username = '" + username + "'"; Debug.debug("-- User update : " + sql); return con.update(sql); } /** check whether the information exists or not in the database using username * @return boolean representing the result of operation **/ public boolean isExistent() { String sql = "SELECT * FROM LMT_USER_LISTS WHERE "; sql += " username = '" + username + "'"; Debug.debug("-- isExistent : " + sql); return con.isExistent(sql); } }