Overview
JalilEnterprises StockList is a stock managing application used for accounting for the equipment in the Computer Engineering labs in NUS. The app was developed by my team, JalilEnterprises. The user interacts with it using a CLI, and it has a GUI created with JavaFX. It is written in Java, and has about 11 kLoC. My role in the team was to improve the app’s security, and I accomplished this by creating a login feature with account management. This portfolio serves to document my role and contributions to the project.
Summary of contributions
-
Major enhancement: added a login/logout feature
-
What it does: allows the user to log in and log out with an account registered on the app.
-
Justification: This feature improves the product significantly with regards to security, because sensitive information will be stored with regards to the equipment in the labs and the authorised user should be able to control who has access to this app.
-
Highlights: This enhancement affects the usability of the app as a whole. Users are not allowed to modify the inventory until they have logged in. This required an in-depth analysis of how the app processes the commands and storage files. The implementation was also challenging as it required changes that touched a lot of aspects of the app.
-
Credits: AddressBook-Level4 by se-edu for the base app which we could morph and improve on.
-
-
Minor enhancement: added an account management feature, which allows for:
-
Adding accounts
-
Editing accounts
-
Deleting accounts
-
Listing registered accounts
-
Finding a registered account
-
Resetting the registered accounts to default
-
Checking current login status of the account
-
-
Code contributed: Project Code Dashboard
-
Other contributions:
-
Project management:
-
Managed releases
v1.1
-v1.4rc
(4 releases) on GitHub
-
-
Enhancements to existing features:
-
Contributed in morphing the AddressBook across the board to StockList
-
Contributed in morphing test cases from that of AddressBook to StockList
-
-
Documentation:
-
Morphed the Developer Guide from AddressBook into one tailored for our StockList: #13
-
-
Community:
-
Tools:
-
Integrated a new Github plugin (TravisCI) to the team repo
-
-
Contributions to the User Guide
Given below are sections I contributed to the User Guide. They showcase my ability to write documentation targeting end-users. |
List registered accounts: listAccounts
Lists all the accounts currently registered in StockList.
Format: listAccounts
Find a registered account: findAccount
Finds a registered account whose names contain any of the given keywords.
Format: findAccount KEYWORD [MORE_KEYWORDS]
Examples:
-
findAccount admin
Returnsadmin
andAdmin Jalil
-
findAccount admin tom
Returns any items having namesadmin
ortom
Logging in: login
Logs into Stock List.
Format: login u/USERNAME p/PASSWORD
Examples:
-
login u/admin p/admin
Checking login status: loginStatus
Checks login status of Stock List.
Format: loginStatus
Adding an account: addAccount
Adds an account to the database.
Format: addAccount u/USERNAME p/PASSWORD
Examples:
-
addAccount u/john p/doe
-
addAccount u/jalil p/boss123
Deleting an account: deleteAccount
Deletes an account from the database.
Format: delete INDEX
Index can be found using listAccounts
Examples:
-
deleteAccount 2
Deletes the second account in the database, according to the index vialistAccounts
.
It is strongly NOT recommended to delete the first account i.e. the admin account. |
Editing an account currently in the database: editAccount
Edits a registered account in the database.
Format: edit INDEX u/USERNAME [p/PASSWORD]
Examples:
-
editAccount 2 p/password123!
Changes the password of the second account topassword123!
Exercise caution when editing the admin account. |
Resetting the account database: resetAccounts
Resets the account database.
All accounts will be deleted and a default admin account will be created.
Credentials of the default account: u/admin p/admin
Format: resetAccounts
Logging out: logout
Logs out of Stock List.
Format: logout
Contributions to the Developer Guide
Given below are sections I contributed to the Developer Guide. They showcase my ability to write technical documentation and the technical depth of my contributions to the project. |
Login feature
Current Implementation
The login mechanism is facilitated by LoginCommand
. It extends Command
and implements the following operations:
-
LoginCommand#modifyLoginStatus()
— checks if the password matches the account in the database, if it exists. If true, updates the logged in account status inModel
accordingly. -
LoginCommand#execute()
— callsLoginCommand#modifyLoginStatus()
. Then, checks login status inModel
and displays a login success message if true and displays a failure message otherwise.
These operations are exposed in the Model
interface as Model#setLoggedInUser()
and Model#getLoginStatus()
respectively.
Given below is an example usage scenario and how the LoginCommand mechanism behaves at each step.
Step 1. The user executes login u/admin p/admin
command to log into StockList with admin and admin being the username and password credentials respectively.
Step 2. The execute
command calls Model#getLoginStatus()
and checks if the user is already logged in. If true, execute
throws a CommandException
notifying the user that he is already logged in.
Step 3. The execute
command then calls LoginCommand#modifyLoginStatus()
, which checks if the username admin exists in the account list, and if it does, checks if the given password admin matches the password associated with the username admin.
Step 4. If the admin password matches, LoginCommand#modifyLoginStatus()
calls Model#setLoggedInUser()
which updates the logged in account status in model
with the logged in account set to admin and logged in status set to true.
Step 5. The execute
command then checks the log in status via Model#getLoginStatus()
. A success message is printed if true; otherwise a failure message is printed.
The following sequence diagram shows how the login operation works:
Design Considerations
Aspect: How login executes
-
Alternative 1 (current choice) Check against various accounts stored in a file and allow access if match.
-
Pros: Allows for multiple accounts with access to StockList.
-
Cons: More memory usage.
-
-
Alternative 2 Checks against a single account that can be modified.
-
Pros: Simple to implement, minimal memory usage, allows for only one access account.
-
Cons: Does not allow access for multiple accounts, locked out of app if credentials lost.
-
Use case: Login
MSS
-
User requests to list accounts
-
StockList shows the list of accounts
-
User requests to login using his account credentials
-
StockList shows that the user has successfully logged in
Use case ends.
Extensions
-
2a. The list does not contain user’s account.
Use case ends.
-
3a. The given account credentials are invalid.
-
3a1. StockList shows an error message.
Use case resumes at step 2.
-
Use case: Delete account
MSS
-
User requests to list accounts
-
StockList shows a list of accounts
-
User requests to delete a specific account in the list
-
StockList deletes the account
Use case ends.
Extensions
-
3a. The given index is invalid.
-
3a1. StockList shows an error message.
Use case resumes at step 2.
-
Use case: Add account
MSS
-
User requests to add an account
-
StockList adds the account to the database.
Use case ends.
Extensions
-
1a. The given account is already in the database.
-
1a1. StockList shows an error message.
Use case resumes at step 1.
-
Use case: Edit account
MSS
-
User requests to list accounts
-
StockList shows a list of accounts
-
User requests to edit a specific account in the list
-
StockList edits the account
Use case ends.
Extensions
-
3a. The given index is invalid.
-
3a1. StockList shows an error message.
Use case resumes at step 2.
-