Overview : MakerManager

This project portfolio is written to document my contribution to MakerManager and role assumed during the project.

MakerManager is a free, open-source, desktop application for managing time-shared equipment in makerspaces. MakerManager aims to bridge a gap to let makers and managers coordinate effectively and efficiently - so you can worry less about availability and spend more time hacking! The app is meant for makers, and thus is optimized for people comfortable with a Command Line Interface (CLI).

The app is based on AddressBook-Level 4, an application used for teaching Software Engineering principles in NUS. The user interacts with MakerManager using a CLI, but can also choose to use the Graphical User Interface (GUI) built in JavaFX. The software is mainly written in Java, and has about 20 thousand lines of code. The project was developed by a team of 4, and you can find out more about the developers in the About Us section.

In short, MakerManager can be used to:

  • effectively time-share 3D printers

  • see status and time-left for printers

  • add prints to a particular printer (or let the software automatically optimize it for you)

  • login to the system to gain administrative rights, if you are signed up by an existing administrator

  • add, remove and maintain printer queues and machines - if you have administrative rights

Summary of contributions

This section includes some of my contributions towards developing MakerManager within a small span of a few weeks.

  • Major enhancement: Added authentication system for administrators.

    • What it does: This feature allows lab managers to login to the system and gain extra privileges, which can be used to manage the makerspace effectively.

    • Justification: This feature is a must-have as we need to ensure only authorized personnel can edit critical information.

    • Highlights: This enhancement requires existing and future commands to integrate the level of authorization. It required an in-depth analysis of third party libraries. The implementation was challenging as we had to make sure the application had no security loopholes.

    • Credits: jBcrypt

  • Major enhancement: Added commands for managing prints.

    • What it does: This feature allows users to manage prints in general, including starting, restarting, cancelling and deleting prints.

    • Justification: This feature is the core of the software, as the crux of the software is to have a dynamic queue that users can leverage on to plan their own prints.

  • Minor enhancement: Memory-to-File transfer of data. The existing implementation had to be reworked to allow segregation of different types of data.

  • Minor enhancement: Bug Fixes

  • Code contributed: You can see my code contributions in this Code Dashboard by Reposense

  • Other contributions:

    • Project management:

    • Enhancements to features:

      • Wrote tests for features added in makerManager (Pull Request #43)

    • Documentation:

      • Maintained User Guide and Developer Guide for features I worked on.

      • Standardized the User Guide and Developer Guide formats (Pull Request #153)

    • Community:

      • Contributed to forum discussions (Example: #87)

      • Reported bugs and suggestions for another team in the class (examples)

    • Tools:

      • Integrated a third party library (jBcrypt) to the project (#12)

Contributions to the User Guide

Given below are some sections I contributed to the User Guide. They showcase my ability to write documentation targeting end-users.

  • Administrator mode
    The administrator mode is present to prevent malicious users from harming other users' workflow easily. Only the administrator is allowed to make drastic changes to the application and its data.
    The commands listed below will only work in admin mode. The list is non-exhaustive, and you will find more admin-specific commands later on.

    1. Login
      Enables admin mode in MakerManager.
      Outcome: You get admin-privileges and the Command Box will turn blue.

      A default account is created when no other admins exist. Username and Password of default are both 'admin'.
      We strongly recommend adding a secure admin account and removing the default during your first run.
      		 
      Format: login ADMIN_ID PASSWORD
      Example: login admin admin

    2. Logout (Admin Only)
      Disables admin mode in MakerManager. This ensures that MakerManager is usable by both types of user in the same terminal, with the same UI.
      Outcome: The Command Box will return back to original color afterwards, and you will lose admin-privileges.

      Format: <logout>

    3. Add Admin (Admin Only)
      Adds another admin to MakerManager. This enables makerspaces with multiple managers in-charge to collaborate easily.

      PASSWORD has to match a specific validation criteria - namely at least: 1 upper-case letter, 1 lower-case letter, 1 number, 1 symbol from [@#$%^&=] and 8 characters in total 
      Format: <addAdmin> USERNAME PASSWORD VERIFY_PASSWORD
      Example: addAdmin saif 123Abcd$ 123Abcd$

    4. Remove Admin (Admin Only)
      Removes a specified admin from the MakerManager. This will let you remove an admin if (s)he is no longer granted these privileges in the makerspace, for whatever reason.
      Outcome: The ex-admin will no longer be able to login. If you remove your own account, you will be logged out automatically.

      Format: <removeAdmin> USERNAME
      Example: removeAdmin saif

    5. Update Admin Password (Admin Only)
      Updates the logged in admin’s password in MakerManager. You may want to change to a different password frequently, for good security practices.

      NEW_PW has to match the same validation criteria as the one specified in addAdmin command.
      		 
      Format: <updatePassword> USERNAME OLD_PW NEW_PW NEW_PW_VERIFY
      Example: updatePassword saif 123Abcd$ 456Wasd= 456Wasd=

  • Manage Print

    1. Start a Print
      Starts an existing print job, if it is at the top of the queue.
      Outcome: The print tag will be set to ONGOING and the machine will start a timer. The print will be automatically flagged as FINISHED after the time specified in the duration has passed.
      If you want to get an urgent print done, but it is not at the top of the queue, please request lab manager’s assistance.

      If admin mode is enabled, users are able to start jobs that are not at the top of the queue 
      Format: manageJob/<manageJob> PRINT_NAME start
      Example: manageJob gears start

    2. Cancel a Print
      Cancels an existing print in the queue. You might want to use this if the print fails, which is very common for 3D printers, or if you no longer want to print for whatever reason.
      Outcome: The print tag will be changed to CANCELLED.

      Format: manageJob PRINT_NAME cancel
      Example: manageJob gears cancel

    3. Restarting a Print: Restarts an existing print in the queue. Same as start. This is be used after a failed(cancelled) print.

      Format: manageJob PRINT_NAME restart
      Example: manageJob gears restart

    4. Delete a Print (Admin only)
      Deletes an existing print in the queue.
      Outcome: You will no longer see the specified print in the UI.

      Format: <manageJob> PRINT_NAME delete
      Example: manageJob gears delete

FAQ

Q: How do I transfer my data to another Computer?
A: Install the app in the other computer and overwrite the empty data files it creates with the files that contains the data of your previous MakerManager. Normally, it will be located in the data/ folder in the root directory.

Q: How can I be notified with the latest releases?
A: You can watch or follow our repository on github if you want to hear of our latest releases.

Q: I found a bug/have a suggestion! What do I do?
A: Feel free to report bugs/suggest enhancements using the Issue Tracker, or simply dropping an email to one of the developers.

Q: How do I contact the authors?
A: Our contacts are given in the About Us and Contact Us page; drop by as we’d love to get to know you!

Q: Can I use your source code?
A: This work is under the MIT license. So Feel free to fork the repo and develop it on your own while adhearing to the license constraints. Check out the Developer Guide for getting started.

Upcoming Features

  1. More robust data security and integrity by incorporating a Database system

  2. Minimalistic User Accounts for all users, including guest accounts.

  3. Point system for frequent members and friendly people helping others print.

  4. Team accounts, for coordinating projects easily.

  5. Online MakerManager, so you can do all these from the comfort of your home.

  6. Integration with OctoPrint, so that prints can be started remotely!

  7. Automatically calculate duration of print from different Printer APIs.

  8. Hide Passwords when signing-up or logging-in

We’re excited! Are you?

Contributions to the Developer Guide

Given below are a few sections I contributed to the Developer Guide. They showcase my ability to write technical documentation and the technical depth of my contributions to the project.

Administrator Mode

This section describes how MakerManager builds a layer of security around critical data and restricts manipulation of such sensitive information to respective administrators/managers of individual makerspaces.

Current Implementation

The implementation of the administrator mode spans mainly the Logic and Model components, but also relies on the Storage component. For better User-Experience, we also make small changes to Events and UI components in the architecture.

The following commands are directly related to admins: login, logout, addAdmin, removeAdmin and updatePassword

Our admin mode accommodates multiple admins, and ensures that there is at least one admin present. The admins are stored in a UniqueAdminList() in versionedAddressBook, with their usernames and passwords being securely stored in-Memory and in-file (for persistence).

See File Storage section for relevant storage part, Model Component for Admin class model and the Password Encryption section for the discussion pertaining to the encryption.

The two different access types are implemented with the help of an AdminSession object inside versionedAddressBook. This Object keeps track of whether someone is logged in, and if so, who is. The AdminSession object has the following methods for us to use:

  • setLogin() - gives admin privileges to the current user

  • clearLogin() - strips admin privileges of the current user

  • isAdminLoggedIn() - returns a boolean saying whether we are in admin mode

  • getLoggedInAdmin() - returns reference to the admin currently logged in

The diagram below shows the admin-related section of the Model.

width:800

The following sequence diagram for login also applies to logout. We include this because it demonstrates how AdminSessions is used as well.

The diagram below illustrates the sequence diagram for login.

width:800

We can then use AdminSession to know whether an admin is logged in, before authorizing use of a command.

The simple activity diagram below demonstrates a common use case.

width:800

Design Consideration

The team debated on whether we should use a Singleton or not. We later decided not to use a Singleton since: . Singletons increase coupling . The system and the tests were already implemented without a singleton, and changing did not give any major pros.

Password Encryption

This section describes how MakerManager makes sure the administrator passwords are kept secure.

Current Implementation

The password is encrypted using salting and hashing. The low-level implementation of this is handled by the popular open source library jBcrypt. The library was chosen for having a fairly simple API for generating hashes and comparing passwords to stored hashes. The only two static methods used from the API were:

  1. Bcrypt.hashPW() - generates an encrypted string from the raw text password

  2. Bcrypt.checkPW() - verifies given password with stored hash

Other than this, we also enforce password validation to make sure a moderately strong password is chosen by the admin when signing up. The implementation restricts itself to the Logic component of the architecture.

Design Considerations

Aspect: Where to encrypt

  • Alternative 1 (current choice): Encrypt it as it is being added to in-Memory address book.

    • Pros: Hashing needs to be done only once, after going through ModelManager. Storage Manager does not change. Able to do password validation and prevent unnecessary computations.

    • Cons: The password information is unprotected as it passes through UI and Logic.

  • Alternative 2: Encrypt it in UI

    • Pros: More secure transfer of passwords through the pipeline.

    • Cons: UI is heavy, and may become slower if hashing is too taxing on the system.