/**
* Add a new user to MedSavant.
*
* @param sessID the session we're logged in as
* @param user the user to add
* @param pass the password
* @param level the user's level
* @throws SQLException
*/
@Override
public synchronized void addUser(String sessID, String user, char[] pass, UserLevel level)
throws SQLException, SessionExpiredException {
PooledConnection conn = ConnectionController.connectPooled(sessID);
try {
if (user.startsWith(DATABASE_USER_KEY_PREFIX)) {
throw new SQLException("Can't create user " + user + " -- illegal username");
}
// TODO: Transactions aren't supported for MyISAM, so this has no effect.
conn.setAutoCommit(false);
conn.executePreparedUpdate("CREATE USER ?@'%' IDENTIFIED BY ?", user, new String(pass));
grantPrivileges(sessID, user, level);
conn.commit();
} catch (SQLException sqlx) {
conn.rollback();
throw sqlx;
} finally {
for (int i = 0; i < pass.length; i++) {
pass[i] = 0;
}
conn.setAutoCommit(true);
conn.close();
}
}
