PROJECT: AddressBook - Level 4


Overview

DRINK I/O is a desktop inventory application for small enterprises. The product aims to increase the productivity and efficiency of companies by digitizing the paperwork.

Most of the user interactions are via CLI, while there exists a GUI created with JavaFX. It is written in Java and has about 10kLoC.

Summary of contributions

  • Major enhancement 1: Partition command into 3 roles (manager, accountant and stock taker)

    • What it does: Allow 3 roles to do explicit command that only related to their roles(more details are in the user guide)

    • Justification: This prevents one user from misuse or abuse other user commands. Hence, it increases the security of the application.

    • Highlights: The implementation too was challenging as it required changes to existing initiation,model, storage. SOLID principle are followed.

  • Major enhancement 2: User login

    • What it does: Allows different user to login to the system.

    • Justification: This features increase the security of the product significantly because it restrict the application user to account holder.

    • Highlights: The implementation too was challenging as it required changes to existing initiation and UI. It also create a standalone "addressbook" that stores user information using JSON file. I have use javax.crypto and other java function to hashed and verify password. Credits: learning material

  • Minor enhancement: Create command and command parser for the product

  • Minor enhancement: Create individual help window for respective roles.

  • Code contributed: [Reposense]

  • Other contributions:

    • Project management:

      • Managed releases jar file v1.3 - v1.5rc (3 releases) on GitHub

    • Community:

      • PRs reviewed (with non-trivial review comments): #6, #32

      • Contributed to forum discussions (examples: #72, #43)

    • Tools:

      • Integrated sceneBuilder and JFoenix to the project (#11)

Contributions to the User Guide

Given below are sections I contributed to the User Guide. They showcase my ability to write documentation targeting end-users.

Logging in

Upon entering starting up the application, you will be met by the login page below:

login page main

To login, you can use either the CLI or GUI to input your USERNAME and PASSWORD.

GUI Login

  1. Enter your USERNAME and PASSWORD into the respective username and password fields

  2. Click on the LOGIN button

CLI Login

  1. Enter your USERNAME and PASSWORD into the terminal in this format

    1. Format: USERNAME PASSWORD

  2. Press the ENTER key

  • User name and password are seperated with a single space when using CLI input

  • Both username and password are single words. No spaces are allowed in username or password.

Examples for CLI input:

Table 1. Table List of user accounts at first launch or upon reset
User Name Password Authentication Level

tester

123

ADMIN

manager

123

MANAGER

stocktaker

123

STOCKTAKER

accountant

123

ACCOUNTANT

The example provided is a default login account for admins. This account is created only for testing purposes.

After successfully logging in, a confirmation message would be shown indicating your authentication level:

login confirmation

Logging out

Logging out of the application will bring you back to the login screen.

  1. To log out, enter the following command into the command bar

    1. Command format: logout

  2. Press the ENTER key

Managing Your Drink I/O Account

Drink I/O has a login feature. This ensure that every user has to have an account before using the application. Hence, it would increase the security of the application.

Confirmation of Command

When you enter command that will change the data storage, you will be prompted with a message as shown below:

Command confirmation

If you have confirmed the command, key in y or Y to confirm.

Changing your password

When you receive an account from manager, you want to change the password to increase security. Format: changePassword o/[OLD_PASSWORD] n/[NEW_PASSWORD]

Examples for changePassword:

  • changePassword o/123 n/1234

If password changes is successful, a message will be shown:

password change successful

Create additional account

As a manager or administrator, you want to create new account for new employee.

Format: createAccount u/USER_NAME p/PASSWORD a/AUTHENTICATION_LEVEL

AUTHENTICATION_LEVEL must be one of:

  • ADMIN

  • MANAGER

  • STOCKTAKER

  • ACCOUNTANT

Examples for create new account:

  • createAccount u/tester2 p/myPassword a/ADMIN

If create account is successful, a message will be shown:

create new account successful

Delete account

As a manager or administrator, you might want to delete a account when it is no longer used. Format: deleteAccount u/USER_NAME

Examples for delete old account:

  • deleteAccount u/tester

If delete account is successful, a message will be shown:

deleteAccount successful

Contributions to the Developer Guide

Given below are sections I contributed to the Developer Guide. They showcase my ability to write technical documentation and the technical depth of my contributions to the project.

Command partition

Current Implementation

The command partition is an implementation of the role system.

The model contain all the API that is common for every user. StockTakerModel contains API for for stockTaker. Similar idea applied to AccountantModel and ManagerModel. However, AdminModel extends all three models. As such, adminModel will contains all APIs.

Logic UML design Login
Figure 1. Class diagram for Login related model

After login, logicManager will assign a particular role to user according to their authenticationLevel. As such, it will prevent one role from accessing other role’s command. === Login/logout feature

Current Implementation

The login feature is a standalone feature that enable security check on user. It has a fxml page that name LoginPage.fxml at main\resources\view The controller of the fxml page named LoginController at seedu.address\controller The model of is at loginInfo which storage the format in JSON with the help of JsonUtils. Also, there is a loginInfoManager which include all the API for loginInfo. As such, this is a design that fulfil the Model-View-Controller pattern.

Given below is a class diagram for login function. LoginUtils has attributes of LoginInfoModel userName and Password. It also use passwordUtils to hashed verify the password with LoginInfoModel

Login Class Diagram
Figure 2. Class diagram for Login related Utils

Given below is an example usage scenario and how login mechanism behave at each step.

Login sequence diagram

The LoginController will check for username and password will the LoginUtils.

LoginUtils Sequence Diagram

Save information about user account

Given below is a structure of Model components that is related to login feature. The model stores loginInfo of the user.

Logic LoginInfo Model

The sequence diagram below shows the interactions within the logic components for the execuion of createAccount command.

createAccountSequenceDiagram

Given below is an sequence diagram of access login information for loginInfoList.json during initiation of the application. The program also save the the login information to loginInfoList.json when logout or exit.

Logic UML design ReadLoginInfoList

Design Considerations

Aspect: How to store the data
  • Alternative 1 (current choice): Saves the login detail in a json file called loginInfoList.json.

    • Pros: Have a systematic and elegant way to store data.

    • Cons: Hard to implement

  • Alternative 2: Store the data in enum.

    • Pros: Easy to implement

    • Cons: Fixed database. Cannot add /modify/delete accounts. (suitable for very small project)

Aspect: Data format for store data
  • Alternative 1 (current choice): Store in Json file.

    • Pros: Json is popular and have many support online.

    • Pros :JSON is relatively easier to implement compared to XML

    • Cons: Have to write serialized method for JSON file.

  • Alternative 2: Store in XML file

    • Pros: Classic and matured product

    • Pros: Have serialized code in original ab4.

    • Cons: It has many rules to set before implementation.