From e65f29fe142008b87599f8a004d08e856ee9e607 Mon Sep 17 00:00:00 2001
From: c22063583 <WHITEf6@cardiff.ac.uk>
Date: Sat, 22 Apr 2023 18:22:03 +0100
Subject: [PATCH] badge complete

---
 createdb.sql     | 176 ++++++++++++++++++++++++++++++++++++++---------
 databaseTest.sql |  52 ++++++++++++++
 2 files changed, 195 insertions(+), 33 deletions(-)
 create mode 100644 databaseTest.sql

diff --git a/createdb.sql b/createdb.sql
index 677a6e4..6b42c6b 100644
--- a/createdb.sql
+++ b/createdb.sql
@@ -9,10 +9,14 @@ fname varchar(35),
 lname varchar(35),
 email varchar(320) unique,
 -- maximum size of an email address should be able to store absolutely all possible email addresses
--- unable to view payment info from any select functions it is also encrypted for customer safety
+-- unable to view payment info from any select functions it is also encrypted for custowamer safety
 paymentinfo varchar(50),
 subscribed bool,
 phonenum int(10));
+   DROP TABLE if exists `sessionGroup`;
+    create table `sessionGroup`(
+		groupID varchar(40) primary key unique,
+        ageGroup int(3));
 DROP TABLE IF EXISTS `Students`;
 CREATE TABLE `Students`(
 studentID varchar(40) not null unique,
@@ -24,11 +28,12 @@ bday date,
 dayjoined date DEFAULT now(),
 parentsID varchar(40),
 groupID varchar(40),
-FOREIGN KEY (parentsID) REFERENCES Parents(parentID)
+FOREIGN KEY (parentsID) REFERENCES Parents(parentID));
+
 -- parent ID is stored in student rather than the parents table so that one parent can have many children
 -- and not one child can have many parents. A child may have multiple parents irl but they would share an
 -- account
-);
+
 ALTER TABLE Students auto_increment = 30001;
 DROP TABLE IF EXISTS `Volunteers`;
 CREATE TABLE `Volunteers`(
@@ -66,8 +71,9 @@ CREATE TABLE `Badge`(
     primary key(BadgeID),
     badgeName varchar(35),
     badgeDesc varchar(255),
-		ageGroup int(1)
+		ageGroup int(2)
 	);
+
 		DROP TABLE IF EXISTS `WaitList`;
 		CREATE TABLE `WaitList`(
 
@@ -75,14 +81,32 @@ CREATE TABLE `Badge`(
 			groupID varchar(40),
 			dateJoined date,
 			dateRemoved date,
-	 		ageGroup int(1),
+	 		ageGroup int(2),
 			FOREIGN KEY (studentID) REFERENCES Students(studentID));
 
 
+			DELIMITER ££
+			CREATE TRIGGER verifyAge BEFORE INSERT
+			-- MAKES SURE THE STUDENT IS BEING ADDED TO
+			-- THE CORRECT AGE GROUP
+				ON `WaitList`
+				FOR EACH ROW BEGIN
+					select datediff(CURDATE(),(select bday from students where studentID = NEW.StudentID limit 1)) into @age;
+					if @age < 10 and NEW.ageGroup > 2 THEN
+							signal sqlstate '45000';
+					ELSEIF @age >= 10 AND @age < 13 and  NEW.ageGroup != 8 THEN
+							signal sqlstate '45000';
+							ELSEIF @age >= 13 AND @age < 17 and  NEW.ageGroup != 12 THEN
+									signal sqlstate '45000';
+							end if;
+
+				END ££
+				DELIMITER ;
+
 
 DROP TABLE IF EXISTS `BadgeAwarded`;
 CREATE TABLE `BadgeAwarded`(
-
+  awardedID varchar(40),
 	awardedto varchar(40),
 	evidence varchar(1000),
     awardedby varchar(40),
@@ -111,6 +135,27 @@ CREATE TABLE `StudentAttendance`(
 	FOREIGN KEY (studentID) REFERENCES Students(studentID),
 	FOREIGN KEY (sessionID) REFERENCES Sessions(SessionID)
 );
+
+
+			DELIMITER ££
+			CREATE TRIGGER verifyINgroup BEFORE INSERT
+			-- MAKES SURE THE STUDENT IS BEING ADDED TO
+			-- THE CORRECT AGE GROUP
+				ON `StudentAttendance`
+				FOR EACH ROW BEGIN
+					IF NOT(
+            (Select groupID FROM Students where studentID=NEW.studentID limit 1)
+            =
+            (select groupID from sessions where sessionID = NEW.SessionID)
+
+          )THEN
+          signal sqlstate '45000';
+          END IF;
+
+
+
+				END ££
+				DELIMITER ;
 DROP TABLE IF EXISTS `VolunteerAttendance`;
 CREATE TABLE `VolunteerAttendance`(
 	volunteerID varchar(40),
@@ -118,6 +163,24 @@ CREATE TABLE `VolunteerAttendance`(
 	FOREIGN KEY (VolunteerID) REFERENCES Volunteers(volunteerID),
 	FOREIGN KEY (sessionID) REFERENCES Sessions(SessionID)
 );
+DELIMITER ££
+CREATE TRIGGER verifyDBS BEFORE INSERT
+-- MAKES SURE THE STUDENT IS BEING ADDED TO
+-- THE CORRECT AGE GROUP
+  ON `VolunteerAttendance`
+  FOR EACH ROW BEGIN
+    if datediff(CURDATE(),
+        (SELECT DBSdue FROM Volunteers
+              WHERE volunteerID=NEW.volunteerID limit 1)
+
+      ) > 0
+     THEN
+        signal sqlstate '45000';
+
+        end if;
+
+  END ££
+  DELIMITER ;
 
 
 
@@ -229,15 +292,16 @@ drop procedure if exists `applyToGroup`;
 delimiter $$
 CREATE PROCEDURE applyToGroup(
 	IN studentID varchar(40),
-	IN groupID varchar(40))
+	IN groupID varchar(40),
+ageGroup int(2))
 BEGIN
     DECLARE EXIT HANDLER FOR 1062
     BEGIN
  	SELECT 'This student is already on a wait list' as ERROR ;
     END;
 
-        INSERT INTO WaitList(StudentID,groupID,dateJoined) values
-	(StudentID,groupID,CURDATE());
+        INSERT INTO WaitList(StudentID,groupID,dateJoined,ageGroup) values
+	(StudentID,groupID,CURDATE(),ageGroup);
 END$$
 DELIMITER ;
 
@@ -359,9 +423,14 @@ CREATE PROCEDURE addToGroup(
 	IN grapeID varchar(40))
 
 BEGIN
-            DECLARE toad INT DEFAULT 0;
-						DECLARE x INT Default 0;
-
+DECLARE toad INT DEFAULT 0;
+DECLARE x INT Default 0;
+DECLARE EXIT HANDLER FOR 1644 RESIGNAL;
+BEGIN
+SELECT "CANNOT APPLY FOR THAT GROUP" as ERROR ;
+END;
+select * from WaitList;
+DO sleep(5);
 select count(distinct volunteerID) *(SELECT ageGroup from Sessions where groupID=grapeID limit 1) into @maxstu from volunteerattendance as v0
 				where grapeID in (select groupID from Sessions as s0
 									where v0.sessionID = s0.sessionID And
@@ -383,7 +452,7 @@ select count(distinct volunteerID) *(SELECT ageGroup from Sessions where groupID
 				 	where (dateRemoved is null)
 		 				order by dateJoined asc limit 1 into @theChosenOnes;
  			UPDATE WaitList as wl0,students as stu2
-		SET stu2.groupID=grapeID,wl0.dateRemoved=CURDATE() where wl0.studentID = @theChosenOnes;
+		SET stu2.groupID=grapeID,wl0.dateRemoved=CURDATE() where wl0.studentID = @theChosenOnes and stu2.StudentID=@thechosenOnes;
 		-- test
 
          IF x=toad THEN
@@ -391,7 +460,7 @@ select count(distinct volunteerID) *(SELECT ageGroup from Sessions where groupID
          END IF;
    END LOOP adding_loop;
    end if;
-	 select * from WaitList
+	 select * from WaitList;
 	 -- you should see that a number of students application should be successful
 	 -- (if theres space) by dateremoved being null is they still are waiting or
 	 -- todays date if they got added
@@ -413,6 +482,7 @@ DELIMITER ;
 drop procedure if exists viewBadges;
 delimiter $$
 CREATE PROCEDURE viewBadges(
+	-- This function shows
 	IN StudentvID varchar(40))
 BEGIN
 
@@ -428,6 +498,20 @@ BEGIN
 END$$
 DELIMITER ;
 
+drop procedure if exists volunteerviewBadges;
+delimiter $$
+CREATE PROCEDURE volunteerviewBadges()
+	-- This function shows all badge applications for a volunteer
+BEGIN
+
+ 	SELECT awardedID,(select fname from students where studentID=b0.awardedto) as `applicant`,
+    (select badgeName from badge where BadgeID=b0.BadgeAwarded) as `name`,
+    (select badgeDesc from badge where BadgeID=b0.BadgeAwarded) as `requirements`,
+    b0.evidence from BadgeAwarded as b0 where isAwarded = 2;
+
+
+END$$
+DELIMITER ;
 -- under article 17 of the UK gdpr individuals
 -- have the right to have personal data erased
 -- next 3 functions handle deleting said data
@@ -437,14 +521,15 @@ delimiter $$
 CREATE PROCEDURE EraseParent(
 	IN email varchar(320),
 	IN passw varchar(70))
---	removes children as well
+-- removes children as well
 -- we need emergency contact details in case of emergency
 -- we are not a financial institution so we don't have a legal requirement
 
 BEGIN
         Delete from parents  where ParentsID=md5(concat(email,passw));
-				Delete from badgeawarded where awardedto in()
-				Delete from Students where parentsID=md5(concat(email,passw));
+	-- 			Delete from badgeawarded where awardedto in (select studentID from students where parentsID=md5(concat(email,passw)));
+		-- -		Delete from StudentAttendance as sa where sa.studentID in (select studentID from students where parentID=md5(concat(email,passw)));
+			-- 	Delete from Students where parentsID=md5(concat(email,passw));
 END$$
 DELIMITER ;
 
@@ -490,45 +575,70 @@ CREATE PROCEDURE StudentBadgeApply(
 
 BEGIN
 
-        INSERT INTO BadgeAwarded(awardedto,BadgeAwarded,evidence,isAwarded) values( studentID,BadgeID,badgeEvidence,0);
+        INSERT INTO BadgeAwarded (awardedID,awardedto,BadgeAwarded,evidence,isAwarded) values((md5(concat(studentID,BadgeID))), studentID,BadgeID,badgeEvidence,2);
 
 END$$
 DELIMITER ;
 
+drop procedure if exists badgeApprove;
+delimiter $$
+CREATE PROCEDURE badgeApprove(
+    IN awardedID varchar(40),
+		IN volunteerID varchar(40),
+		IN result int(2))
 
+BEGIN
+
+        update BadgeAwarded set awardedby=volunteerID,dateAwarded=curdate(),isAwarded=result;
+
+END$$
+DELIMITER ;
 
 
 call addParent("jeff","Jones","email@realemail.com","veryStrongPassw0rd",02358254);
-call addStudent("bobby","jones",'2012-2-11','8e301d6e513165a9c0b6b9a2b10c8305',"EXTRASTRONGPASSWORD");
+call addParent("tim","buckley","loss@realemail.com","veryStrongPassw0rd",118254);
 call addBadge("real badge","this is a totally real badge");
-call addStudent("timothy","jones",'2002-2-11','8e301d6e513165a9c0b6b9a2b10c8305',"EXTREMELYSTRONGPASSWORD");
-call addStudent("samantha","jones",'2012-2-11','8e301d6e513165a9c0b6b9a2b10c8305','superSTRONGPASSWORD');
-call addStudent("tom","jones",'2012-2-11','8e301d6e513165a9c0b6b9a2b10c8305','superSTRONGPASSWORD');
 
+insert into students (studentID,fname,lname,bday,dayjoined,parentsID,groupID)values ((md5(concat('bobby','jones','EXTRaSTRONGPASSWORD'))),"bobby","jones",'2012-2-11',curdate(),'8e301d6e513165a9c0b6b9a2b10c8305','41');
+
+insert into students (studentID,fname,lname,bday,dayjoined,parentsID,groupID) values(md5(concat('timothy','jones','EXTREMELYSTRONGPASSWORD')),"timothy","jones",'2002-2-11',curdate(),'8e301d6e513165a9c0b6b9a2b10c8305','41');
+call addStudent("samantha","jones",'2019-2-11','8e301d6e513165a9c0b6b9a2b10c8305','superSTRONGPASSWORD');
+call addStudent("tom","jones",'2012-2-11','8e301d6e513165a9c0b6b9a2b10c8305','superSTRONGPASSWORD');
+CALL addstudent('ethan','buckley','2013-03-02','4a85f9d4254038c83c3fc4f9b02b9619','weakpassword');
+insert into sessiongroup values('41',4);
 
 call viewstudent('');
+
+
 select * from students;
+call applytogroup('4208a177bd0e3e81b682640e2c8078dd','41',4);
 call addVolunteer("timothy","jones",'bob@bbc.co.uk','8e301d6e513165a9c0b6b9a2b10c8305',"0777008913");
-call applytogroup('b6e14bcdd6a79c8f8cd9fcef3be5f00b', '41');
+call applytogroup('b6e14bcdd6a79c8f8cd9fcef3be5f00b', '41',4);
 
-call applytogroup('031f0ba110c9683bf4cf5d2836b32a95',41);
+call applytogroup('031f0ba110c9683bf4cf5d2836b32a95',41,4);
 call updateSG('419fd9859978a9bf79df4ff16c99c5f9',"2020-04-09");
 call updateDBS('419fd9859978a9bf79df4ff16c99c5f9',"2021-09-09");
-call addSession("computer lab",3,'419fd9859978a9bf79df4ff16c99c5f9','2023-02-03',2,'41');
+call addSession("computer lab",4,'419fd9859978a9bf79df4ff16c99c5f9','2023-02-03',4,'41');
 call ReviewSession(md5('2023-02-03'),"it was ok","idk");
 
-call addSession("computer lab",3,'419fd9859978a9bf79df4ff16c99c5f9','2023-01-03',2,'41');
+
+call addSession("computer lab",3,'419fd9859978a9bf79df4ff16c99c5f9','2023-01-03',4,'41');
 call ReviewSession(md5('2023-01-03'),"it was ok","idk");
-call addSession("computer lab",3,'419fd9859978a9bf79df4ff16c99c5f9','2022-11-03',2,'41');
-call addSession("computer lab",3,'419fd9859978a9bf79df4ff16c99c5f9','2023-04-16',2,'41');
-CALL STUDENTATTENDS('562fe5b6c65003a11148594678c42b90','94b21f931d888fefd4da7a07c01dff4a');
+call addSession("computer lab",3,'419fd9859978a9bf79df4ff16c99c5f9','2022-11-03',4,'41');
+call addSession("computer lab",3,'419fd9859978a9bf79df4ff16c99c5f9','2023-04-16',4,'41');
+CALL STUDENTATTENDS('0ad073b3372ad0c243e6d465a2318568','94b21f931d888fefd4da7a07c01dff4a');
 call studentattends('313b6d9a06c3a0618f72ec75c082b6a4','94b21f931d888fefd4da7a07c01dff4a');
 call viewVolunteer('');
-select * from sessions;
+select * from students;
 
 call viewCheckExpiries();
 call addToGroup('41');
-select * from waitlist;
+-- select * from waitlist;
 select * from students;
-INSERT INTO BadgeAwarded(awardedto,BadgeAwarded,evidence,isAwarded) values( '562fe5b6c65003a11148594678c42b90','fb635b87d668b2bbcc6a0b0a2f6adc32','I did it',2);
-call viewBadges('562fe5b6c65003a11148594678c42b90')
+call StudentBadgeApply( '0ad073b3372ad0c243e6d465a2318568','fb635b87d668b2bbcc6a0b0a2f6adc32','I did it');
+call volunteerviewBadges();
+-- '0ad073b3372ad0c243e6d465a2318568')
+call volunteerviewbadges();
+select * from volunteers;
+call badgeapprove('1ab31562f157f8489ae45bb767cbad43','419fd9859978a9bf79df4ff16c99c5f9',1);
+call viewbadges('0ad073b3372ad0c243e6d465a2318568');
diff --git a/databaseTest.sql b/databaseTest.sql
new file mode 100644
index 0000000..1f0fd74
--- /dev/null
+++ b/databaseTest.sql
@@ -0,0 +1,52 @@
+-- please run the createdb file before This
+
+call addParent("jeff","Jones","email@realemail.com","veryStrongPassw0rd",02358254);
+call addParent("tim","buckley","loss@realemail.com","veryStrongPassw0rd",118254);
+call addBadge("real badge","this is a totally real badge");
+
+insert into students (studentID,fname,lname,bday,dayjoined,parentsID,groupID)values ((md5(concat('bobby','jones','EXTRaSTRONGPASSWORD'))),"bobby","jones",'2012-2-11',curdate(),'8e301d6e513165a9c0b6b9a2b10c8305','41');
+
+insert into students (studentID,fname,lname,bday,dayjoined,parentsID,groupID) values(md5(concat('timothy','jones','EXTREMELYSTRONGPASSWORD')),"timothy","jones",'2002-2-11',curdate(),'8e301d6e513165a9c0b6b9a2b10c8305','41');
+call addStudent("samantha","jones",'2019-2-11','8e301d6e513165a9c0b6b9a2b10c8305','superSTRONGPASSWORD');
+call addStudent("tom","jones",'2012-2-11','8e301d6e513165a9c0b6b9a2b10c8305','superSTRONGPASSWORD');
+CALL addstudent('ethan','buckley','2013-03-02','4a85f9d4254038c83c3fc4f9b02b9619','weakpassword');
+insert into sessiongroup values('41',4);
+
+call viewstudent('');
+-- this adds some dummy data in for the db to use
+-- some students have been inserted straight into the db without a SP
+-- so it seems they have been part of this organisation for a while
+-- this will be relevent when I add the students to a group and need students already
+-- part of a group
+
+select * from students;
+call applytogroup('4208a177bd0e3e81b682640e2c8078dd','41',4);
+call addVolunteer("timothy","jones",'bob@bbc.co.uk','8e301d6e513165a9c0b6b9a2b10c8305',"0777008913");
+call applytogroup('b6e14bcdd6a79c8f8cd9fcef3be5f00b', '41',4);
+
+call applytogroup('031f0ba110c9683bf4cf5d2836b32a95',41,4);
+call updateSG('419fd9859978a9bf79df4ff16c99c5f9',"2020-04-09");
+call updateDBS('419fd9859978a9bf79df4ff16c99c5f9',"2021-09-09");
+call addSession("computer lab",4,'419fd9859978a9bf79df4ff16c99c5f9','2023-02-03',4,'41');
+call ReviewSession(md5('2023-02-03'),"it was ok","idk");
+
+
+call addSession("computer lab",3,'419fd9859978a9bf79df4ff16c99c5f9','2023-01-03',4,'41');
+call ReviewSession(md5('2023-01-03'),"it was ok","idk");
+call addSession("computer lab",3,'419fd9859978a9bf79df4ff16c99c5f9','2022-11-03',4,'41');
+call addSession("computer lab",3,'419fd9859978a9bf79df4ff16c99c5f9','2023-04-16',4,'41');
+CALL STUDENTATTENDS('0ad073b3372ad0c243e6d465a2318568','94b21f931d888fefd4da7a07c01dff4a');
+call studentattends('313b6d9a06c3a0618f72ec75c082b6a4','94b21f931d888fefd4da7a07c01dff4a');
+call viewVolunteer('');
+select * from students;
+
+call viewCheckExpiries();
+call addToGroup('41');
+-- select * from waitlist;
+select * from students;
+call StudentBadgeApply( '0ad073b3372ad0c243e6d465a2318568','fb635b87d668b2bbcc6a0b0a2f6adc32','I did it');
+call volunteerviewBadges();
+call volunteerviewbadges();
+select * from volunteers;
+call badgeapprove('1ab31562f157f8489ae45bb767cbad43','419fd9859978a9bf79df4ff16c99c5f9',1);
+call viewbadges('0ad073b3372ad0c243e6d465a2318568');
-- 
GitLab