Group-5 · fredrjm · Mar 10, 2026 · Mar 10, 2026 · Mar 10, 2026 · Mar 10, 2026
diff --git a/src/main/java/edu/group5/app/model/donation/DonationService.java b/src/main/java/edu/group5/app/model/donation/DonationService.java
@@ -37,6 +37,24 @@ public DonationService(DonationRepository donationRepository,
     this.organizationRepository = organizationRepository;
   }
 
+  /**
+   * Getter for the DonationRepository used by this service.
+   * This method allows access to the donation repository for managing donation records and retrieving donation information.
+   * @return the DonationRepository instance used by this service
+   */
+  public DonationRepository getDonationRepository() {
+    return this.donationRepository;
+  }
+
+  /**
+   * Getter for the OrganizationRepository used by this service.
+   * This method allows access to the organization repository for validating organization information when processing donations.
+   * @return the OrganizationRepository instance used by this service
+   */
+  public OrganizationRepository getOrganizationRepository() {
+    return this.organizationRepository;
+  }
+
   /**
    * Processes a donation from a customer to a specified organization with a given amount.
    * Validates the customer, organization number, and donation amount before creating a donation record.
@@ -57,7 +75,7 @@ public boolean donate(Customer customer, int orgNumber, BigDecimal amount, Strin
     Donation donation = 
     new Donation(donationRepository.getNextDonationId(), 
     customer.getUserId(), org.orgNumber(), amount, Timestamp.from(Instant.now()), paymentMethod);
-    donationRepository.addContent(donation);
+    this.donationRepository.addContent(donation);
     return true;
   }
 }
diff --git a/src/main/java/edu/group5/app/model/user/User.java b/src/main/java/edu/group5/app/model/user/User.java
@@ -102,12 +102,16 @@ public String getPasswordHash() {
    * This method uses BCrypt to compare the plaintext password with the hashed password.
    * @param password the plaintext password to verify
    * @return true if the password is correct, false otherwise
+   * @throws IllegalArgumentException if the password is null, empty, or longer than 72 characters (BCrypt limit)
    */
-  public boolean verifyPassword(String password) {
-    if (password == null || password.isEmpty()) {
+  public boolean verifyPassword(char[] password) {
+    if (password == null || password.length == 0) {
         return false;
     }
+    if (password.length > 72) { // BCrypt has a maximum password length of 72 bytes
+      throw new IllegalArgumentException("Password cannot be longer than 72 characters");
+    }
     BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
-    return encoder.matches(password, this.passwordHash);
+    return encoder.matches(new String(password), this.passwordHash);
   }
 }
diff --git a/src/main/java/edu/group5/app/model/user/UserService.java b/src/main/java/edu/group5/app/model/user/UserService.java
@@ -20,6 +20,15 @@ public UserService(UserRepository userRepository) {
     this.userRepository = userRepository;
   }
 
+  /**
+   * Getter for the UserRepository used by this service. 
+   * This method allows access to the user repository for managing user data and performing operations such as registration and login.
+   * @return the UserRepository instance used by this service
+   */
+  public UserRepository getUserRepository() {
+    return this.userRepository;
+  }
+
   /**
    * Registers a new user with the given information. Validates the input data and creates a new User object
    * based on the specified role. Currently supports registration for customers only.
@@ -48,7 +57,7 @@ public boolean registerUser(String role, String firstName, String lastName,
     } else { /* TODO  when you switch to a real DB, replace getNextUserId with DB auto-increment/identity and ignore manual ID generation in service*/
       return false;
     }
-    userRepository.addContent(user);
+    this.userRepository.addContent(user);
     return true;
   }
 
@@ -60,11 +69,11 @@ public boolean registerUser(String role, String firstName, String lastName,
    * (i.e., the user exists and the password is correct), false otherwise
    * @throws IllegalArgumentException if email is null or empty, or if password is null or empty
    */
-  public boolean login(String email, String password) {
-    if (email == null || email.trim().isEmpty() || password == null || password.trim().isEmpty()) {
+  public boolean login(String email, char[] password) {
+    if (email == null || email.trim().isEmpty() || password == null || password.length == 0) {
         return false;
     }
-    User user = userRepository.findUserByEmail(email);
+    User user = this.userRepository.findUserByEmail(email);
     return user != null && user.verifyPassword(password);
   }
 }
diff --git a/src/test/java/edu/group5/app/model/donation/DonationServiceTest.java b/src/test/java/edu/group5/app/model/donation/DonationServiceTest.java
@@ -58,6 +58,16 @@ void testConstructorThrowsIfOrganizationRepositoryIsNull() {
     assertEquals("OrganizationRepository cannot be null", exception.getMessage());
   }
 
+  @Test
+  void testGetDonationRepository() {
+    assertEquals(donationRepository, donationService.getDonationRepository());
+  }
+
+  @Test
+  void testGetOrganizationRepository() {
+    assertEquals(organizationRepository, donationService.getOrganizationRepository());
+  }
+
   @Test
   void donateReturnsFalseIfCustomerNull() {
     boolean result = donationService.donate(null,

diff --git a/src/test/java/edu/group5/app/model/user/CustomerTest.java b/src/test/java/edu/group5/app/model/user/CustomerTest.java
@@ -116,15 +116,15 @@ void verifyPasswordReturnsTrueForCorrectPassword() {
     User user = new Customer(testUserId, testFirstName,
         testLastName, testEmail, testPasswordHash);
 
-    assertTrue(user.verifyPassword(testPassword));
+    assertTrue(user.verifyPassword(testPassword.toCharArray()));
   }
 
   @Test
   void verifyPasswordReturnsFalseForIncorrectPassword() {
     User user = new Customer(testUserId, testFirstName,
         testLastName, testEmail, testPasswordHash);
 
-    assertFalse(user.verifyPassword("wrongPassword"));
+    assertFalse(user.verifyPassword("wrongPassword".toCharArray()));
   }
 
   @Test
@@ -140,7 +140,19 @@ void verifyPasswordReturnsFalseForEmptyPassword() {
     User user = new Customer(testUserId, testFirstName,
         testLastName, testEmail, testPasswordHash);
 
-    assertFalse(user.verifyPassword(""));
+    assertFalse(user.verifyPassword("".toCharArray()));
+  }
+
+  @Test
+  void verifyPasswordThrowsExceptionForTooLongPassword() {
+    User user = new Customer(testUserId, testFirstName,
+        testLastName, testEmail, testPasswordHash);
+    char[] longPassword = new char[73]; // 73 characters, exceeding BCrypt limit
+    IllegalArgumentException exception = assertThrows(
+        IllegalArgumentException.class,
+        () -> user.verifyPassword(longPassword)
+    );
+    assertEquals("Password cannot be longer than 72 characters", exception.getMessage());
   }
 
   @Test

diff --git a/src/test/java/edu/group5/app/model/user/UserServiceTest.java b/src/test/java/edu/group5/app/model/user/UserServiceTest.java
@@ -32,6 +32,11 @@ void constructorthrowsIfNull() {
     assertEquals("UserRepository cannot be null", ex.getMessage());
   }
 
+  @Test
+  void testGetUserRepository() {
+    assertEquals(repo, service.getUserRepository());
+  }
+
   @Test
   void registerUserValid() {
     boolean result = service.registerUser("Customer", "Alice", "Smith",
@@ -90,7 +95,7 @@ void loginValidPassword() {
     User testUser = new Customer(10, "Test", "User", "test@example.com", hashedPassword);
     repo.addContent(testUser);
 
-    boolean result = service.login("test@example.com", plainPassword);
+    boolean result = service.login("test@example.com", plainPassword.toCharArray());
     assertTrue(result);
   }
 
@@ -102,19 +107,21 @@ void loginInvalidPassword() {
     User testUser = new Customer(10, "Test", "User", "test@example.com", hashedPassword);
     repo.addContent(testUser);
 
-    boolean result = service.login("test@example.com", "wrongpass");
+    boolean result = service.login("test@example.com", "wrongpass".toCharArray());
     boolean result2 = service.login("test@example.com", null);
-    boolean result3 = service.login("test@example.com", " ");
+    boolean result3 = service.login("test@example.com", " ".toCharArray());
+    boolean result4 = service.login("test@example.com", new char[0]);
     assertFalse(result);
     assertFalse(result2);
     assertFalse(result3);
+    assertFalse(result4);
   }
 
   @Test
   void loginInvalidEmail() {
-    boolean result = service.login("nonexist@example.com", "password");
-    boolean result2 = service.login(null, "password");
-    boolean result3 = service.login("   ", "password");
+    boolean result = service.login("nonexist@example.com", "password".toCharArray());
+    boolean result2 = service.login(null, "password".toCharArray());
+    boolean result3 = service.login("   ", "password".toCharArray());
     assertFalse(result);
     assertFalse(result2);
     assertFalse(result3);