package dao; import model.Person; import model.User; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; /** * User data access object that performs operations associated with users */ public class UserDAO { private final Connection conn; public UserDAO(Connection conn) { this.conn = conn; } /** * Creates a user * @param user */ public void createUser(User user) throws DataAccessException { String sql = "INSERT INTO Users (username, password, email, firstName, " + "lastName, gender, personID) VALUES(?,?,?,?,?,?,?)"; try (PreparedStatement stmt = conn.prepareStatement(sql)) { stmt.setString(1, user.getUsername()); stmt.setString(2, user.getPassword()); stmt.setString(3, user.getEmail()); stmt.setString(4, user.getFirstName()); stmt.setString(5, user.getLastName()); stmt.setString(6, user.getGender()); stmt.setString(7, user.getPersonID()); stmt.executeUpdate(); } catch(SQLException e) { e.printStackTrace(); throw new DataAccessException("Error encountered while inserting into the database"); } } /** * Attempts to validate a user given a username and password * @param username * @param password * @return true if user is validated, false otherwise */ public boolean validate(String username, String password) throws DataAccessException { ResultSet rs = null; String sql = "SELECT * FROM Users WHERE username = ? AND password = ?;"; try (PreparedStatement stmt = conn.prepareStatement(sql)) { stmt.setString(1, username); stmt.setString(2, password); rs = stmt.executeQuery(); if (rs.next()) { return true; } } catch (SQLException e) { e.printStackTrace(); throw new DataAccessException("Error encountered while validating user"); } finally { if (rs != null) { try { rs.close(); } catch (SQLException e) { e.printStackTrace(); } } } return false; } /** * Finds and returns a user associated with a specific userID * @param userID * @return User associated with the username */ public User getUserByID(String userID) throws DataAccessException { User user; ResultSet rs = null; String sql = "SELECT * FROM Users WHERE username = ?;"; try (PreparedStatement stmt = conn.prepareStatement(sql)) { stmt.setString(1, userID); rs = stmt.executeQuery(); if (rs.next()) { user = new User(rs.getString("username"), rs.getString("password"), rs.getString("email"), rs.getString("firstName"), rs.getString("lastName"), rs.getString("gender"), rs.getString("personID")); return user; } } catch (SQLException e) { e.printStackTrace(); throw new DataAccessException("Error encountered while finding user"); } finally { if (rs != null) { try { rs.close(); } catch (SQLException e) { e.printStackTrace(); } } } return null; } /** * Removes every user from the database */ public void removeAllUsers() throws DataAccessException { String sql = "DELETE FROM Users"; try(PreparedStatement stmt = conn.prepareStatement(sql)) { stmt.executeUpdate(); } catch(SQLException e) { e.printStackTrace(); throw new DataAccessException("Error encountered while deleting from the database"); } } }