Commit 1

[johanbriger]

Summary by CodeRabbit

• New Features

  • Added login and authentication mechanisms for secure access.
  • Introduced interactive menu-driven interface for database operations and data management.

• Refactor

  • Restructured core application flow to support database-driven interactive features.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

The Main.java class was significantly refactored to introduce interactive database functionality. Two new private instance fields—a Scanner and a Connection—were added alongside numerous new private methods for login, menu handling, and database operations, restructuring the internal control flow from static configuration validation to an interactive, database-driven application while maintaining the public interface.

Changes

Cohort / File(s)	Summary
Main class refactor src/main/java/com/example/Main.java	Added private final Scanner scanner and private Connection connection fields; introduced extensive new private methods for user login, menu-driven interactions, and database operations; restructured internal flow from configuration validation to interactive DB-driven features.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Areas requiring extra attention:

• Initialization and lifecycle management of the Scanner and Connection fields (resource leaks, proper cleanup)
• New private methods for login logic—authentication and input validation
• Database operation implementations—SQL correctness, error handling, transaction management
• Menu-driven state management and user interaction flow
• Exception handling and error recovery across new functionality

Poem

🐰 Database doors now open wide,
With Scanner's help and Connection's guide,
Login flows and menus dance,
From config checks to interactive chance!
A rabbit cheers this refactored flight,
Where interactivity shines so bright! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 60.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.
Title check	❓ Inconclusive	The title 'Commit 1' is generic and does not convey meaningful information about the changeset. It fails to describe the actual changes (introduction of Scanner and Connection fields, new private methods for login/menu/database operations).	Use a descriptive title that reflects the main changes, such as 'Add database connectivity and interactive menu system' or 'Implement database operations with Scanner-based user input'.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch LAB3

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 5

🧹 Nitpick comments (1)

src/main/java/com/example/Main.java (1)

10-11: Scanner resource leak.

The Scanner wrapping System.in is never closed. While closing a Scanner on System.in in a standalone app is typically benign, the resource is technically leaked. Consider closing it in the finally block or using try-with-resources if the lifecycle permits.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 49602b4 and 8ba1148.

📒 Files selected for processing (1)

• src/main/java/com/example/Main.java (2 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

src/main/java/com/example/Main.java (1)

src/main/java/com/example/DevDatabaseInitializer.java (1)

• DevDatabaseInitializer (6-24)

🔇 Additional comments (6)

src/main/java/com/example/Main.java (6)

68-77: LGTM.

The invalid login handling is straightforward and correctly waits for user acknowledgment before exiting.

---

81-122: LGTM.

The menu handling correctly catches InputMismatchException and clears the scanner buffer, preventing an infinite loop on invalid input. The switch structure is clear and maintainable.

---

149-168: LGTM.

Proper use of PreparedStatement to prevent SQL injection, and handles the case when no mission is found.

---

261-270: LGTM.

Properly checks for null before closing and handles potential exceptions during close.

---

137-146: LGTM.

Simple query with no user input—using Statement is acceptable here.

---

171-186: LGTM.

Correctly uses PreparedStatement for the parameterized year query.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Dead code: generatedUsername is never used.

The generatedUsername variable is computed but never referenced. This appears to be leftover code or an incomplete implementation. Remove it to avoid confusion.

-        String generatedUsername = username.substring(0, Math.min(username.length(), 3))
-                + (username.length() > 3 ? username.substring(3, Math.min(username.length(), 6)) : "");
-

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	String generatedUsername = username.substring(0, Math.min(username.length(), 3))
	+ (username.length() > 3 ? username.substring(3, Math.min(username.length(), 6)) : "");

🤖 Prompt for AI Agents

In src/main/java/com/example/Main.java around lines 55-56, the local variable
generatedUsername is computed but never used; remove the entire statement
computing generatedUsername (and any related unused imports or variables if
present) so there is no unused/dead code left, then compile to ensure no
references remain and run tests to confirm behavior unchanged.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Security: Passwords stored and compared in plaintext.

The login query compares passwords directly without hashing. Passwords should be hashed using a secure algorithm (e.g., bcrypt, Argon2) before storage and comparison. Plaintext password storage is a significant security vulnerability.

🤖 Prompt for AI Agents

In src/main/java/com/example/Main.java around lines 58 to 65, the code compares
plaintext passwords directly in the SQL query; change the flow to query the
stored password hash by username only, then verify the supplied password against
that hash using a secure password-hashing library (e.g., bcrypt or Argon2)
rather than including password in the WHERE clause; ensure you use the library's
verify function (which handles salt and constant-time comparison), handle the
case of missing user gracefully, and update storage and registration code to
store hashed passwords (or plan a migration) so no plaintext passwords are
stored or compared.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Compliance: SSN stored in plaintext.

The Social Security Number (SSN) is highly sensitive PII and is stored without encryption. Consider encrypting SSN at rest or storing only a hashed/masked version to comply with data protection regulations (GDPR, CCPA, etc.).

Additionally, the password is stored in plaintext here as well (same issue as login).

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Potential issue: No validation on username generation.

If firstName or lastName is empty or very short, the generated username could be empty or just a few characters. Additionally, there's no uniqueness check—if two users have similar names (e.g., "John Smith" and "Johnathan Smithson"), they'd get the same username, potentially causing a duplicate key constraint violation.

Consider adding input validation and handling potential SQLException for duplicate usernames:

if (firstName.isEmpty() || lastName.isEmpty()) {
    System.out.println("First name and last name cannot be empty.");
    return;
}

🤖 Prompt for AI Agents

In src/main/java/com/example/Main.java around lines 199 to 208, the username
construction does not validate firstName/lastName and can produce empty or
non-unique usernames; update the code to first validate that firstName and
lastName are non-empty and meet a minimum length, then generate a base username
safely (fallback to a default or include parts of other fields if too short),
check the database for existing usernames and, if a conflict exists, append a
numeric suffix (incrementing until unique) or use a transactional DB-side
uniqueness mechanism, and wrap the insert in error handling that catches
SQLExceptions for duplicate-key errors to either retry with a new username or
return a clear error to the caller.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Security: Missing authorization checks.

Any authenticated user can update or delete any account by specifying an arbitrary user_id. This is an authorization flaw. Consider restricting these operations to the currently logged-in user's account, or implementing role-based access control for administrative operations.