@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
PrintWriter out = response.getWriter();
if (request.getParameter("action").equals("Add User Type")) {
String userType = request.getParameter("userType");
int actionStatusId = Integer.parseInt(request.getParameter("actionStatusId"));
model.pojo.ActionStatus actionStatus =
model.ActionStatus.getInstance().getActionStatusById(actionStatusId);
model.UserType acs = model.UserType.getInstance();
acs.saveUserType(userType, actionStatus);
response.sendRedirect("datafill.jsp");
}
if (request.getParameter("action").equals("Update User Type")) {
int userTypeId = Integer.parseInt(request.getParameter("userTypeId"));
String userType = request.getParameter("userType");
int actionStatusId = Integer.parseInt(request.getParameter("actionStatusId"));
model.pojo.ActionStatus actionStatus =
model.ActionStatus.getInstance().getActionStatusById(actionStatusId);
model.UserType acs = model.UserType.getInstance();
acs.updateUserType(userTypeId, userType, actionStatus);
response.sendRedirect("datafill.jsp");
}
if (request.getParameter("action").equals("getUserTypes")) {
out.write(model.html.UserType.getInstance().getUserTypes());
}
}
public User getUser(int bid) throws SQLException, UserCreationException, BadUserIDException {
User user;
String statement;
ResultSet rs;
try {
statement = "select count(*) from Borrower where bid = '" + bid + "'";
rs = sql(statement, SQLType.query);
rs.next();
if (rs.getInt(1) < 1) {
throw new BadUserIDException("This user does not exist.");
}
} catch (BadUserIDException e) {
throw e;
}
try {
statement = "Select * from Borrower where bid = '" + bid + "' and ROWNUM = 1";
rs = sql(statement, SQLType.query);
rs.next();
String address = rs.getString("address");
String password = rs.getString("password");
String name = rs.getString("name");
long phone = rs.getLong("phone");
String emailAddress = rs.getString("emailAddress");
long sinorstno = rs.getLong("sinorstno");
Date date = rs.getDate("expirydate");
UserType type = UserType.valueOf(rs.getString("type"));
user = new User(bid, address, password, name, phone, emailAddress, sinorstno, date, type);
} catch (UserCreationException e) {
throw e;
}
return user;
}
public boolean login(int bid, String Password, UserType sectionType)
throws SQLException, UserLoginException {
String query;
ResultSet rs;
boolean legit = false;
try {
Statement stmt = con.createStatement();
query = "select count(*) from borrower where bid = '" + bid + "'";
rs = sql(query, SQLType.query);
rs.next();
int count = rs.getInt(1);
// Check if user is in the system
if (count < 1) {
throw new UserLoginException(
"There is no record of this user in our library. Please be sure to type your Library Number correctly.");
} else if (count > 1) {
throw new UserLoginException(
"Duplicate users in the system. Please consult a staff member before loggin in.");
} else {
query = "select * from borrower where bid = '" + bid + "'";
rs = stmt.executeQuery(query);
rs = sql(query, SQLType.query);
rs.next();
// Check if the user has the correct login information
String currUserPass = rs.getString("password");
if (!currUserPass.equals(Password)) {
throw new UserLoginException("Incorrect password. Please try again.");
} else {
// Check If user has access to specific section
String currUserType = rs.getString("type");
if (UserType.librarian == UserType.valueOf(currUserType)) {
legit = true;
} else if (UserType.valueOf(currUserType) == UserType.clerk
&& sectionType != UserType.librarian) {
legit = true;
} else if ((UserType.valueOf(currUserType) == UserType.borrower
|| UserType.valueOf(currUserType) == UserType.student
|| UserType.valueOf(currUserType) == UserType.staff
|| UserType.valueOf(currUserType) == UserType.faculty)
&& sectionType == UserType.borrower) {
legit = true;
} else {
throw new UserLoginException(
"You are trying to access a section you do not have permissions for. Please select another section.");
}
}
}
} catch (UserLoginException e) {
throw e;
}
return legit;
}
public String getAllUsers() {
List<model.pojo.Gup> dbGupList = model.Gup.getInstance().getGup();
List<model.pojo.UserType> dbUserTypeList = model.UserType.getInstance().getUserType();
List<model.pojo.ActionStatus> dbActionStatusList =
model.ActionStatus.getInstance().getActionStatus();
String htmlScript = "";
htmlScript += " <div class=\"col-md-12\">\n";
htmlScript += " <div class=\"panel panel-default\">\n";
htmlScript += " <div class=\"panel-heading\">\n";
htmlScript += " User Account Management\n";
htmlScript += " </div>\n";
htmlScript += " <div class=\"panel-body\">\n";
htmlScript +=
" <table class=\"table table-responsive table-striped\">\n";
htmlScript += " <thead>\n";
htmlScript += " <tr>\n";
htmlScript += " <th>User ID</th>\n";
htmlScript += " <th>User Name</th>\n";
htmlScript += " <th>Email</th>\n";
htmlScript += " <th>User Type</th>\n";
htmlScript +=
" <th>Registered Date / Time</th>\n";
htmlScript += " <th>Account Status</th>\n";
htmlScript += " </tr>\n";
htmlScript += " </thead>\n";
htmlScript += " <tbody>\n";
for (model.pojo.Gup gupObj : dbGupList) {
htmlScript += "\n";
htmlScript += " <tr>\n";
htmlScript += " <td>";
htmlScript += gupObj.getIdgup();
htmlScript += "</td>\n";
htmlScript += " <td>";
htmlScript += gupObj.getFirstName() + " " + gupObj.getLastName();
htmlScript += "</td>\n";
htmlScript += " <td>";
htmlScript += gupObj.getEmail();
htmlScript += "</td>\n";
htmlScript += " <td>\n";
htmlScript += " <select id=\"";
htmlScript += gupObj.getIdgup();
htmlScript += "usrtype\" class=\"form-control\" onchange=\"updateUserType(";
htmlScript += gupObj.getIdgup();
htmlScript += ")\">\n";
for (model.pojo.UserType userTypeObj : dbUserTypeList) {
htmlScript += "\n";
htmlScript += " <option value=\"";
htmlScript += userTypeObj.getIduserType();
htmlScript += '"';
htmlScript += '>';
htmlScript += userTypeObj.getUserType();
htmlScript += "</option>\n";
htmlScript += " ";
}
htmlScript += "\n";
htmlScript += " </select>\n";
htmlScript += " </td>\n";
htmlScript += " <td>";
htmlScript += gupObj.getRegisteredTime();
htmlScript += "</td>\n";
htmlScript += " <td>\n";
htmlScript += " <select id=\"";
htmlScript += gupObj.getIdgup();
htmlScript += "accstatus\" class=\"form-control\" onchange=\"updateUserStatus(";
htmlScript += gupObj.getIdgup();
htmlScript += ")\">\n";
htmlScript += " ";
for (model.pojo.ActionStatus actionStatusObj : dbActionStatusList) {
htmlScript += "\n";
htmlScript += " <option value=\"";
htmlScript += actionStatusObj.getIdactionStatus();
htmlScript += '"';
htmlScript += '>';
htmlScript += actionStatusObj.getActionStatus();
htmlScript += "</option>\n";
htmlScript += " ";
}
htmlScript += "\n";
htmlScript += " </select>\n";
htmlScript += " </td>\n";
htmlScript += " </tr>\n";
htmlScript += " <script>\n";
htmlScript += " $('#";
htmlScript += gupObj.getIdgup();
htmlScript += "usrtype').val(";
htmlScript += gupObj.getUserType().getIduserType();
htmlScript += ");\n";
htmlScript += " $('#";
htmlScript += gupObj.getIdgup();
htmlScript += "accstatus').val(";
htmlScript += gupObj.getActionStatus().getIdactionStatus();
htmlScript += ");\n";
htmlScript += " </script>\n";
htmlScript += " ";
}
htmlScript += "\n";
htmlScript += " </tbody>\n";
htmlScript += " </table>\n";
htmlScript += " </div>\n";
htmlScript += " </div>\n";
htmlScript += " </div>\n";
htmlScript += "\n";
return htmlScript;
}