<a href="https://colab.research.google.com/github/brendanpshea/programming_problem_solving/blob/main/Java_09_FilesExceptions.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

## Working with Villainous Data: Simple File Handling

At the *Bank of Evil*, nothing is more important than records. These are not just boring spreadsheets—they are the paper trail of world domination: deposits from stolen artwork, withdrawals for henchman payroll, and payments for custom shark tanks. If you can’t **store** this data somewhere permanent, you can’t run a proper evil empire.

### **Files and Why We Use Them**

A **file** is a place on your computer’s storage where data can live even after the program ends. You can think of it like the Bank of Evil’s vault: you can put things inside (writing) and take them out (reading).

Two common file formats for simple data are:

* **CSV (Comma-Separated Values)** – Each line represents one record, and values in that record are separated by commas.
* **JSON (JavaScript Object Notation)** – Data is stored in a way that looks like Java objects, but as plain text.

For now, we’ll start with **CSV** because it’s easier to work with as a beginner. A CSV file for villain bank transactions might look like this:

```
Villain,Amount
Gru,5000000
Scarlet Overkill,250000
Vector,1250000
```

### **Writing to a File in Java**

To put data into a file, Java has a class called **`FileWriter`**.

* A **class** is a blueprint for creating objects (you learned this in the OOP chapters).
* To use a class, we often need to create an **object** of that class.
* An object is created with the `new` keyword:

  ```java
  FileWriter writer = new FileWriter("transactions.csv");
  ```

  This line means: “Make a new FileWriter object, and connect it to a file called `transactions.csv`.”

The `FileWriter` class has a **method** called `write()` that adds text to the file:

```java
writer.write("Villain,Amount\n");
```

The `\n` means “start a new line” in the file.

When we’re done writing, we call the **`close()`** method to shut the connection:

```java
writer.close();
```

If we don’t close it, the data might not be saved properly.

One important note: **file writing can fail**. For example, you might not have permission to write to the folder. When that happens, Java will throw an **exception**—we’ll talk about those in detail later, but for now, we’ll use a small shortcut: adding

```java
throws IOException
```

to our method’s header tells Java, “I know this code might have a problem; if it does, pass it along to someone else to handle.”

Here’s a complete, short example of writing our villain transactions file:

In [None]:
%%writefile BankFileWrite.java
import java.io.FileWriter;
import java.io.IOException;

public class BankFileWrite {
    public static void main(String[] args) throws IOException {
        FileWriter writer = new FileWriter("transactions.csv");
        writer.write("Villain,Amount\n");
        writer.write("Gru,5000000\n");
        writer.write("Scarlet Overkill,250000\n");
        writer.write("Vector,1250000\n");
        writer.close();
    }
}

Writing BankFileWrite.java


In [None]:
!javac BankFileWrite.java
!java BankFileWrite

### **Reading a File in Java**

To read a file, we can use the **`Scanner`** class (you’ve used it before for keyboard input) with a **`File`** object.

1. A `File` object tells Java *where* the file is:

   ```java
   File file = new File("transactions.csv");
   ```
2. A `Scanner` can read the file line by line:

   ```java
   Scanner scanner = new Scanner(file);
   ```
3. We use `hasNextLine()` to check if there’s another line, and `nextLine()` to read it:

   ```java
   while (scanner.hasNextLine()) {
       String line = scanner.nextLine();
       System.out.println(line);
   }
   ```

Like with writing, reading a file can fail if the file isn’t there—so here we say:

```java
throws FileNotFoundException
```

to let Java know we’re aware.

Here’s the full example:


In [None]:
%%writefile BankFileRead.java
import java.io.File;
import java.io.FileNotFoundException;
import java.util.Scanner;

public class BankFileRead {
    public static void main(String[] args) throws FileNotFoundException {
        File file = new File("transactions.csv");
        Scanner scanner = new Scanner(file);

        while (scanner.hasNextLine()) {
            String line = scanner.nextLine();
            System.out.println(line);
        }
        scanner.close();
    }
}


Writing BankFileRead.java


In [None]:
!javac BankFileRead.java
!java BankFileRead

Villain,Amount
Gru,5000000
Scarlet Overkill,250000
Vector,1250000



### What We've Learned
In this section you’ve learned:

* What files are and why we use them.
* How to write text to a CSV file with `FileWriter`.
* How to read text from a CSV file with `Scanner` and `File`.
* That file operations can fail, leading to **exceptions**, which we’ll dig into next.



## Expecting the Unexpected: What Are Exceptions?

At the Bank of Evil, the unexpected is part of daily life. Henchmen may forget to lock the vault. Sharks in the lair’s moat may refuse to eat the intruder. And sometimes, the “Deposit All Loot” button mysteriously wires funds to the *Bank of Goodness* instead. In programming, unexpected things happen too, and when they do, Java uses something called an **exception** to let us know.

### What an exception is

An **exception** is a special object that represents a problem in your program. When something goes wrong—like trying to open a file that doesn’t exist—Java *throws* an exception. Throwing an exception means the program stops its normal flow and looks for someone who can handle the problem.

If no one handles the exception, the program will crash. In the real world, that’s like a bank teller running away screaming instead of helping you fix a transaction.

### Common examples

Here are a few things that can cause exceptions:

* Trying to read a file that isn’t there.
* Dividing by zero.
* Asking a program to convert `"banana"` into a number.
* Accessing an array at an index that doesn’t exist.

### Checked vs. unchecked exceptions

In Java, there are two main kinds:

* **Checked exceptions** – Problems Java makes you deal with at compile time. For example, reading a file can throw a `FileNotFoundException`. You either have to handle it with a `try…catch` block or declare it with `throws`.
* **Unchecked exceptions** – Problems that can happen while running your program (runtime errors) and that Java doesn’t force you to handle, like dividing by zero.

For beginners, the main thing to remember is: **checked exceptions require handling**.

### Throwing and catching exceptions

If something goes wrong, Java will “throw” an exception. If your code knows how to deal with it, you can “catch” it and respond, so the whole program doesn’t crash.

We’ll see how to do that with `try…catch` in the next section. For now, here’s a very small example that will deliberately cause a `FileNotFoundException`:

```java
import java.io.File;
import java.io.FileNotFoundException;
import java.util.Scanner;

public class MissingFileExample {
    public static void main(String[] args) throws FileNotFoundException {
        File file = new File("nonexistent.csv");
        Scanner scanner = new Scanner(file); // This will throw an exception
    }
}
```

In this code:

1. We create a `File` object pointing to a file that doesn’t exist.
2. When `new Scanner(file)` tries to read it, Java throws a `FileNotFoundException`.
3. Since we wrote `throws FileNotFoundException` in `main`, we told Java to pass the problem upward (to the program’s top level), which will crash and print an error message.

That error message might look something like this:

```
Exception in thread "main" java.io.FileNotFoundException: nonexistent.csv (No such file or directory)
    at java.base/java.util.Scanner.<init>(Scanner.java:639)
    ...
```

The message includes:

* The type of exception (`FileNotFoundException`).
* A description of what went wrong.
* A “stack trace” showing where in the code it happened.

### Why exceptions matter

Ignoring exceptions is like ignoring alarms in the bank vault. You might get away with it once, but sooner or later, disaster strikes. Exceptions let your program notice problems and recover from them, or at least fail in a controlled way.

In the next section, we’ll see how to actually **catch** exceptions with `try…catch` so that the Bank of Evil’s systems can keep running even when something goes wrong.


## Catching Trouble Before It Catches You: try–catch

In the Bank of Evil, you never want a single small problem to bring the whole operation to a halt. If the vault door jams, you don’t shut down the entire bank—you call the maintenance goblins to fix it while everyone else keeps working. In Java, the way to do this is with a **try–catch** block.

### What try–catch does

A **try–catch** block lets you run code that *might* throw an exception, and then handle that exception if it happens.

* **`try` block** – You put risky code here (like reading a file that might not exist).
* **`catch` block** – If an exception is thrown in the try block, the catch block runs instead of letting the program crash.

The general shape looks like this:

```java
try {
    // Code that might throw an exception
} catch (ExceptionType variableName) {
    // Code to handle the problem
}
```

* `ExceptionType` is the kind of exception you want to handle (e.g., `FileNotFoundException`).
* `variableName` is a name you choose for the exception object (often `e`).

### Why not just let the program crash?

If the vault jams during a heist, the whole plan doesn’t stop—you switch to Plan B. Similarly, catching exceptions lets you:

* Print a friendly error message.
* Try a backup plan (like loading a default file).
* Continue running the rest of the program.

### Example: reading a file safely

Let’s rewrite the `BankFileRead` program from earlier so it doesn’t crash if the file is missing:


In [None]:
%%writefile BankFileReadSafe.java
import java.io.File;
import java.io.FileNotFoundException;
import java.util.Scanner;

public class BankFileReadSafe {
    public static void main(String[] args) {
        try {
            File file = new File("transactions.csv");
            Scanner scanner = new Scanner(file);

            while (scanner.hasNextLine()) {
                String line = scanner.nextLine();
                System.out.println(line);
            }
            scanner.close();

        } catch (FileNotFoundException e) {
            System.out.println("Error: Could not find transactions file.");
            System.out.println("Please make sure 'transactions.csv' exists.");
        }
    }
}


Writing BankFileReadSafe.java


In [None]:
!javac BankFileReadSafe.java
!java BankFileReadSafe

Error: Could not find transactions file.
Please make sure 'transactions.csv' exists.


### How it works

1. We put all the risky file-reading code inside the `try` block.
2. If `new Scanner(file)` throws a `FileNotFoundException`, the program immediately jumps to the `catch` block.
3. In the `catch` block, we print a helpful message instead of letting Java display its scary red error output.

### Multiple catch blocks

You can also have more than one `catch` block to handle different types of exceptions differently. For example:

```java
try {
    // risky code
} catch (FileNotFoundException e) {
    // handle missing file
} catch (Exception e) {
    // handle anything else
}
```

For now, though, one `catch` is enough for most beginner programs.

---

In the next section, we’ll look at **finally**, a way to guarantee that certain cleanup code—like closing the vault—runs whether or not there was a problem. This is especially important for file handling at the Bank of Evil.



## The Clean-Up Crew: finally

At the Bank of Evil, some jobs must always be done—no matter what happens. If a heist goes wrong, you still close the vault. If the shark tank floods, you still turn off the security lasers before you leave. In Java, we can make sure important cleanup work always happens by using a **`finally`** block.

### What finally does

A `finally` block contains code that **always runs**, whether or not an exception was thrown.

* If the `try` block works with no problems, `finally` runs after it finishes.
* If an exception happens and the `catch` block runs, `finally` still runs afterward.

The general shape looks like this:

```java
try {
    // risky code
} catch (ExceptionType e) {
    // handle the problem
} finally {
    // cleanup code that should run no matter what
}
```

### Why it matters for files

When working with files, we almost always need to close them to make sure changes are saved and system resources are freed. If we forget to close a file—or skip it because an error happened—our program might lose data or even lock the file so it can’t be opened later.

`finally` is the perfect place to close files because it guarantees that closing happens even if something goes wrong.

### Example: reading and closing a file safely

Here’s an improved version of our safe file reader:


In [None]:
%%writefile BankFileReadFinally.java
import java.io.File;
import java.io.FileNotFoundException;
import java.util.Scanner;

public class BankFileReadFinally {
    public static void main(String[] args) {
        Scanner scanner = null;
        try {
            File file = new File("transactions.csv");
            scanner = new Scanner(file);

            while (scanner.hasNextLine()) {
                String line = scanner.nextLine();
                System.out.println(line);
            }

        } catch (FileNotFoundException e) {
            System.out.println("Error: Could not find transactions file.");
        } finally {
            if (scanner != null) {
                scanner.close();
                System.out.println("File closed.");
            }
        }
    }
}


Writing BankFileReadFinally.java


In [None]:
!javac BankFileReadFinally.java
!java BankFileReadFinally

Error: Could not find transactions file.


### How it works

1. We declare `scanner` outside the `try` block so it can be used in `finally`.
2. Inside `try`, we open the file and read it.
3. If a `FileNotFoundException` happens, the `catch` block prints a helpful message.
4. The `finally` block checks if `scanner` is not `null` (meaning the file was opened) and then closes it, no matter what.

### A note for the future

Java has a special feature called **try-with-resources** that makes this cleaner and avoids needing `finally` for many cases, but that’s something we’ll cover later, once you’re more comfortable with exceptions.

---

In the next section, we’ll look at **declaring exceptions with `throws`**—a way for a method to say, “I might have a problem; you deal with it.” This is a key part of designing classes in OOP, especially when working on a big project like the Bank of Evil’s account management system.


## Declaring Exceptions: throws

In the Bank of Evil, not every employee fixes problems themselves. If the vault door is stuck, the teller doesn’t grab a wrench—they call the maintenance goblins and let them deal with it. In Java, a method can take the same approach: instead of handling a problem directly, it can *declare* that the problem might happen and pass it along to whoever called the method.

We do this with the **`throws`** keyword.

### What throws means

When you write a method, you can add `throws` followed by one or more **checked exception types**. This tells Java:

> “This method might cause these exceptions. I’m not handling them here—if they happen, the caller must handle them.”

For example:

```java
public void loadTransactions() throws FileNotFoundException {
    // code that might throw FileNotFoundException
}
```

If a method you write declares `throws FileNotFoundException`, then any code that calls it has two options:

1. **Handle** the exception with `try…catch`.
2. **Also declare** that it throws the same exception.

### Why it matters in OOP

In object-oriented programming, you’ll often write **helper methods** inside your classes. Sometimes those methods will do risky things—like opening a file or connecting to a database. Declaring exceptions lets you keep your helper methods focused and let higher-level code decide what to do if something goes wrong.

It’s like the difference between:

* A security guard deciding exactly how to respond to a bank robbery (handle it directly).
* A security guard just calling the head of security and saying, “We have a problem” (declare it and pass it along).

### Example: declaring an exception in a helper method

Let’s make a `BankUtils` class with a method to load our CSV file. This method will declare that it throws `FileNotFoundException` so the caller can decide how to handle it.


In [None]:
%%writefile BankUtils.java
import java.io.File;
import java.io.FileNotFoundException;
import java.util.Scanner;

public class BankUtils {
    public static void loadTransactions(String filename) throws FileNotFoundException {
        File file = new File(filename);
        Scanner scanner = new Scanner(file);

        while (scanner.hasNextLine()) {
            String line = scanner.nextLine();
            System.out.println(line);
        }
        scanner.close();
    }
}


Writing BankUtils.java


Now here’s a program that calls it:


In [None]:
%%writefile BankApp.java

import java.io.File;
import java.io.FileNotFoundException;

public class BankApp {
    public static void main(String[] args) {
        try {
            BankUtils.loadTransactions("transactions.csv");
        } catch (FileNotFoundException e) {
            System.out.println("Transactions file missing! Cannot proceed.");
        }
    }
}


Overwriting BankApp.java


In [None]:
!javac BankApp.java
!java BankApp

Transactions file missing! Cannot proceed.


### How this works

1. `BankUtils.loadTransactions()` does not handle the possible `FileNotFoundException`.
2. Instead, it declares `throws FileNotFoundException`.
3. In `BankApp.main()`, we call it inside a `try…catch` to deal with the problem if it happens.

This separation of responsibilities makes your code cleaner and easier to maintain—especially as programs grow beyond a single file.

---

In the next section, we’ll make our *own* exceptions—custom error types for special situations, like catching villains trying to withdraw more than their allowed “Evil Credit Limit.”


## Custom Exceptions: The Evil Way

The Bank of Evil has rules, even for villains. One of the most important: no one may withdraw more than their **Evil Credit Limit** in a single transaction. If someone tries, it’s not just a mistake—it’s a *special kind* of problem that deserves its own name.

In Java, we can create a **custom exception** for special situations like this. This builds directly on your OOP skills from the last chapter: remember, an **exception** is just an **object**, and like any object, it’s created from a **class**.

### Why make your own exception?

* **Clarity** – The name tells other programmers exactly what kind of problem happened.
* **Precision** – You can handle this type of error differently from others.
* **OOP practice** – You’re extending existing Java classes to make something new.

### How exceptions fit into the class hierarchy

In Java, all exceptions are classes that come from the built-in class **`Throwable`**. Most of the time, custom exceptions extend either:

* **`Exception`** – for checked exceptions that must be handled or declared.
* **`RuntimeException`** – for unchecked exceptions that don’t require handling.

For now, we’ll extend `Exception` so our custom exception behaves like the checked ones you’ve been working with.

### Creating a custom exception class

Here’s one for villains who try to overdraw their account:

```java
public class OverdrawnByVillainException extends Exception {
    public OverdrawnByVillainException(String message) {
        super(message); // Call the constructor in Exception
    }
}
```

This is a normal class definition:

* `public class OverdrawnByVillainException extends Exception` means our class *is-a* type of `Exception`.
* The constructor takes a message and sends it to the parent `Exception` class using `super(message)`.

### Using a custom exception in a method

Let’s imagine a `SecureAccount` class that throws this exception if a villain tries to take too much:

```java
public class SecureAccount {
    private double balance;

    public SecureAccount(double startingBalance) {
        balance = startingBalance;
    }

    public void withdraw(double amount) throws OverdrawnByVillainException {
        if (amount > balance) {
            throw new OverdrawnByVillainException("Attempted withdrawal of " + amount +
                " exceeds available balance of " + balance);
        }
        balance -= amount;
    }
}
```

Here’s a program that uses it:

```java
public class BankTest {
    public static void main(String[] args) {
        SecureAccount account = new SecureAccount(5000);

        try {
            account.withdraw(10000);
        } catch (OverdrawnByVillainException e) {
            System.out.println("Security alert: " + e.getMessage());
        }
    }
}
```

### How this works

1. We define a new exception type with a clear name.
2. In `withdraw`, if the villain asks for too much, we **throw** our new exception.
3. In `BankTest`, we **catch** that exact exception and print a security alert.

With custom exceptions, you can make your error messages meaningful and your code easier to read. The Bank of Evil’s programmers now instantly know *exactly* what kind of villainous mischief caused the problem.

---

In the next section, we’ll zoom out from specific exceptions and talk about **defensive programming**—writing code that assumes other people (and villains) will try to break it, and stopping problems before they start.


## Summary: Common Exceptions in Java

Now that you’ve seen how exceptions work—and even created your own—it’s useful to know some of the exceptions you’ll run into most often. Java has many, but here are some of the most common for beginners.

### Checked Exceptions

Checked exceptions are problems Java forces you to deal with at compile time (either with `try…catch` or `throws`).

| Exception Name           | When It Happens                                   | Example Scenario (Bank of Evil)                                       |
| ------------------------ | ------------------------------------------------- | --------------------------------------------------------------------- |
| `IOException`            | Input/output error when reading or writing files. | File server loses connection mid-transfer.                            |
| `FileNotFoundException`  | File you try to open doesn’t exist.               | Villain tries to open `heist.csv` but it’s gone.                      |
| `SQLException`           | Problem accessing a database.                     | Database of henchman payroll is offline.                              |
| `ClassNotFoundException` | Program can’t find a required class.              | A missing “SecurityRobot” class when loading the lair defense system. |

---

### Unchecked Exceptions

Unchecked exceptions (also called runtime exceptions) happen during program execution. Java doesn’t force you to handle them, but they can still crash your program.

| Exception Name                   | When It Happens                                                  | Example Scenario (Bank of Evil)                                        |
| -------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------------- |
| `NullPointerException`           | You try to use an object reference that is `null`.               | Accessing a vault object that hasn’t been initialized.                 |
| `ArithmeticException`            | Illegal math operation, like divide by zero.                     | Dividing total loot by number of henchmen when henchmen count is zero. |
| `ArrayIndexOutOfBoundsException` | Index is outside the valid range for an array.                   | Accessing transaction\[10] when only 5 transactions exist.             |
| `NumberFormatException`          | Trying to convert text into a number but the text isn’t numeric. | Parsing “bananas” as an account balance.                               |

---

### Exception Hierarchy (Simplified)

All exception classes in Java inherit from the base class `Throwable`.

| Class              | Description                                   | Examples                                      |
| ------------------ | --------------------------------------------- | --------------------------------------------- |
| `Throwable`        | Base class for all errors and exceptions.     | —                                             |
| `Error`            | Serious problems usually not handled in code. | `OutOfMemoryError`                            |
| `Exception`        | Things that can be handled in code.           | `IOException`, `SQLException`                 |
| `RuntimeException` | Unchecked exceptions.                         | `NullPointerException`, `ArithmeticException` |

---

**Key takeaway:**

* **Checked exceptions** must be handled or declared.
* **Unchecked exceptions** don’t require handling but can still crash your program.
* **Custom exceptions** let you make error types that match your program’s specific rules.


## Defensive Programming: Never Trust Another Villain

At the Bank of Evil, it’s not enough to respond to problems—you want to **stop them before they happen**. If you know that some villains will try to enter “banana” as their account balance or withdraw more than they have, you can write code that blocks those actions early. This approach is called **defensive programming**.

### What defensive programming is

Defensive programming is the practice of writing code that:

* Anticipates mistakes or malicious behavior.
* Validates data before using it.
* Protects important resources from misuse.

Think of it like the lair’s security system:

* Don’t just have guards (exceptions).
* Also have locked doors, keycards, and tripwires (preventative checks).

### Input validation

The most common defensive technique is **validating input**—checking that data is reasonable before using it.

Example: Preventing negative deposits or non-numeric amounts.

```java
public void deposit(double amount) {
    if (amount <= 0) {
        System.out.println("Error: Deposit amount must be positive.");
        return;
    }
    balance += amount;
}
```

Here:

1. We check `amount <= 0` before adding it to `balance`.
2. If the data is bad, we print an error and stop.

### Null checks

Another source of trouble is using a variable that doesn’t point to any object (`null`). You can prevent this with **null checks**.

```java
if (account != null) {
    account.withdraw(100);
} else {
    System.out.println("Error: No account found.");
}
```

This stops a `NullPointerException` before it happens.

### Assertions

An **assertion** is a statement you put in code to check that something you believe is true really is true at that point in the program.
You write them using the `assert` keyword:

```java
assert balance >= 0 : "Balance should never be negative!";
```

If assertions are enabled and the condition is false, the program will stop and print the message. Assertions are mainly for testing and debugging, not for handling user mistakes.

### Encapsulation as defense

From your last chapter on OOP: **encapsulation** (keeping fields private and controlling access through methods) is also a defensive technique.
If you make `balance` private and only allow changes through methods like `deposit` and `withdraw`, you can enforce rules in those methods and prevent direct, unsafe changes.

### Defensive mindset

When writing code for the Bank of Evil, ask yourself:

* “What could go wrong here?”
* “What would a careless or mischievous user do?”
* “How can I stop that before it causes trouble?”

This mindset not only reduces bugs but also makes your code more secure.

---

In the next section, we’ll look at **Guarding the Bank: Security Basics in Code**—simple practices you can use to keep your programs safer from both accidents and intentional attacks. This will take our defensive approach one step further, into the realm of basic secure coding.


Here’s a short, **compilable** Java example that shows how `assert` statements work and how beginners can use them to check their assumptions while programming.
I’ll also show how to run it with assertions **enabled**, since by default Java ignores them.

---

### Example: Using Assertions in a Bank of Evil Program


In [1]:
%%writefile EvilBankAssertions.java
public class EvilBankAssertions {
    public static void main(String[] args) {
        double balance = 5000;

        // A normal withdrawal
        balance = withdraw(balance, 1000);

        // This will break our assumption that balance >= 0
        balance = withdraw(balance, 6000);

        System.out.println("Final balance: " + balance);
    }

    public static double withdraw(double currentBalance, double amount) {
        double newBalance = currentBalance - amount;

        // Assertion: balance should never be negative
        assert newBalance >= 0 : "Balance went negative! Current: " + newBalance;

        return newBalance;
    }
}


Writing EvilBankAssertions.java


### How it works

1. We start with a `balance` of 5000.
2. We withdraw 1000—no problem.
3. We try to withdraw 6000—this makes the balance negative.
4. The **assert** checks that `newBalance >= 0`.

   * If the condition is true, the program continues normally.
   * If it’s false (like here), Java throws an `AssertionError` with our message.

---

### Running with assertions enabled

By default, Java ignores `assert` statements.
To see them in action, you must run the program with the `-ea` (**enable assertions**) flag:

In [2]:
!javac EvilBankAssertions.java
!java -ea EvilBankAssertions

Exception in thread "main" java.lang.AssertionError: Balance went negative! Current: -2000.0
	at EvilBankAssertions.withdraw(EvilBankAssertions.java:18)
	at EvilBankAssertions.main(EvilBankAssertions.java:9)


**Beginner tip:**

* Use assertions to check *your own assumptions* during development (e.g., “balance should never be negative”).
* Assertions are **not** for handling user input—they are for catching mistakes in your own logic.
* Remove or leave them disabled in production programs, but they are a powerful learning and debugging tool.


## Guarding the Bank: Security Basics in Code

At the Bank of Evil, money isn’t the only thing at risk—villains will also try to steal passwords, tamper with records, or even trick the system into deleting every account. A secure bank needs more than a big vault door; it needs **secure code**.

Security in programming isn’t just about protecting against hackers. Even small programs can leak data or behave dangerously if they aren’t written carefully. As a beginner, you can already take steps to write safer code.

### Never hardcode secrets

**Hardcoding** means putting sensitive data—like passwords or secret keys—directly into your source code. That’s like engraving the vault combination on the outside of the vault door.

Bad example:

```java
String adminPassword = "1234"; // Anyone who sees this code now knows the password
```

Better:

* Store passwords in a separate configuration file **outside** your main code.
* Ask the user to type it in at runtime.
* Use environment variables for secret values.

### Validate all user input

We saw in defensive programming that villains might try to deposit `"banana"` as money. This isn’t just silly—it’s a security problem. If bad input is used without checking, it might crash the program or cause unexpected behavior.

Example:

```java
Scanner scanner = new Scanner(System.in);
System.out.print("Enter amount: ");
if (scanner.hasNextDouble()) {
    double amount = scanner.nextDouble();
    System.out.println("Depositing " + amount);
} else {
    System.out.println("Invalid amount!");
}
```

### Avoid trusting file paths

If your program reads files based on user input, check that the file is safe to open.
For example, a villain might try to access `"../../secrets.txt"` to escape the intended folder.

You can:

* Limit file access to a known “safe” directory.
* Check the file’s name against a whitelist.

### Keep error messages clean

Detailed error messages can give away secrets about your system.
For example, showing a full stack trace to a villain might reveal the exact folder structure of the bank’s server. In a real system, you’d log detailed errors for developers but show simple messages to users.

```java
try {
    // risky code
} catch (Exception e) {
    System.out.println("An error occurred. Please contact support.");
    // Log e for internal review, but don't show it to the user
}
```

### Why start security early?

Security is much easier to add when you think about it from the start. Adding it later is like trying to install a vault door after the gold is already stolen.

As a beginner, your goal isn’t to master all security topics. Instead, start forming good habits now:

* Don’t store secrets in code.
* Always check inputs.
* Avoid exposing too much information in error messages.
* Keep file access controlled.

---

In the next section, we’ll step back and look at **general principles of program design**—ideas that make code not just safe, but easy to read, reuse, and maintain for years to come.


Got it — here’s an **expanded** version of **Section 10 – General Principles of Program Design (The Evil Architect’s Handbook)** with more explanations, examples, and links back to earlier OOP concepts.

---

## 10. General Principles of Program Design (The Evil Architect’s Handbook)

When you build a program, you’re designing a kind of structure. Sometimes it’s a small storage shed; sometimes it’s the *Bank of Evil’s* main headquarters with shark tanks, laser grids, and underground lairs. Whatever you build, it’s easier to construct, protect, and improve if it’s well designed.

Good program design isn’t just about making things work—it’s about making them **work well** for a long time. The goal is to write code that is:

* Clear enough for someone else (or you, six months later) to understand.
* Flexible enough to change without breaking everything.
* Strong enough to handle unexpected problems.

Let’s walk through some key principles.

---

### Modularity – Breaking the Bank into Rooms

**Definition:** Modularity means dividing your program into small, self-contained parts (methods, classes, or packages) that each do one specific job.

Why it matters:

* Smaller parts are easier to understand and test.
* You can fix or replace one part without changing the others.

Analogy: In the Bank of Evil, the vault, the laser system, and the shark tank are separate systems. If the sharks go on strike, the vault still works.

Example:

```java
public class SecureAccount {
    private double balance;

    public void deposit(double amount) {
        if (amount > 0) balance += amount;
    }

    public void withdraw(double amount) {
        if (amount > 0 && amount <= balance) balance -= amount;
    }
}
```

Here, the `SecureAccount` class only handles account operations—it doesn’t print menus, save files, or control lasers.

---

### Encapsulation – Keep the Vault Locked

**Definition:** Encapsulation means hiding the internal details of a class and only exposing what’s necessary through controlled methods.

Why it matters:

* Protects the internal state of an object from accidental or malicious changes.
* Makes it easier to enforce rules and validation.

Analogy: The vault combination is kept inside the vault system—it’s not written on a sticky note for everyone to see.

Example:

```java
public class EvilVault {
    private String combination = "1234"; // Private field

    public boolean unlock(String attempt) {
        return combination.equals(attempt);
    }
}
```

Here, no one outside `EvilVault` can directly change `combination`. They have to use `unlock()`, which can enforce rules (like logging failed attempts).

---

### Reusability – The Laser Grid in Every Room

**Definition:** Reusability means writing code so that it can be used in multiple places without rewriting it.

Why it matters:

* Saves time.
* Reduces the number of bugs, since you maintain one copy instead of many.

Analogy: If the Bank of Evil installs a laser defense system in the vault, they can reuse the same design in the trophy room and the lobby.

Example:

```java
public class SecurityUtils {
    public static boolean isValidAmount(double amount) {
        return amount > 0;
    }
}
```

Now, any class that deals with money can call `SecurityUtils.isValidAmount()` instead of writing its own amount-checking code.

---

### Readability – Blueprints for Other Villains

**Definition:** Code readability means that someone else can read your code and understand what it does without guessing.

Why it matters:

* Other programmers (or future you) can maintain the code more easily.
* Reduces misunderstandings that cause bugs.

Tips:

* Use descriptive variable and method names (`withdraw` instead of `doThing`).
* Keep methods short—ideally visible on one screen.
* Write comments for non-obvious decisions, not for “this line adds 1 to x.”

Readable example:

```java
public void withdraw(double amount) {
    if (!SecurityUtils.isValidAmount(amount)) {
        System.out.println("Invalid withdrawal amount.");
        return;
    }
    // Ensure balance never goes below zero
    if (amount <= balance) {
        balance -= amount;
    } else {
        System.out.println("Insufficient funds.");
    }
}
```

---

### Maintainability – Room for More Shark Tanks

**Definition:** Maintainability is how easily your code can be updated or fixed over time.

Why it matters:

* Programs evolve—new features, new requirements, bug fixes.
* Well-structured code can adapt without breaking existing functionality.

Analogy: A well-designed lair has room to add more shark tanks without rebuilding the whole base.

Example:

* If you hardcode every fee amount in your code, changing the fee later means editing multiple places.
* If you store it in one constant:

```java
public static final double WITHDRAWAL_FEE = 2.50;
```

you only need to update it once.

---

### DRY – Don’t Repeat Yourself

**Definition:** Avoid duplicating code—put it in one place and reuse it.

Why it matters:

* Reduces mistakes.
* Makes updates easier.

Bad (repeated logic):

```java
if (amount > 0 && amount <= balance) balance -= amount;
// This same check appears in multiple methods.
```

Better (single method):

```java
private boolean canWithdraw(double amount) {
    return amount > 0 && amount <= balance;
}
```

Now all withdrawal checks use `canWithdraw()`.

---

### Putting it together

The best-designed programs follow several principles at once:

* A `SecureAccount` class that’s **modular** (does one job),
* **encapsulates** its data (private fields),
* has **reusable** helper methods,
* is **readable** with clear names and comments,
* is **maintainable** (constants for easy updates),
* and follows **DRY** to avoid repetition.

If you keep these principles in mind, your code will be easier to write now and easier to improve later—just like a well-constructed Bank of Evil headquarters.

---

In the next section, we’ll **combine everything** from this chapter—file handling, exceptions, defensive programming, and design principles—into one `SecureAccount` program. This will be your chance to see how all the pieces fit together in a real, runnable example.


Here’s **Section 11 – Bringing It All Together: The SecureAccount Class**, where we integrate file handling, exceptions, defensive programming, and the design principles from Section 10 into a short, runnable *Bank of Evil* program.

---

## 11. Bringing It All Together: The SecureAccount Class

You’ve now learned how to:

* Read and write files.
* Handle exceptions.
* Write defensive code.
* Follow basic program design principles.

In this section, we’ll combine those skills to create a **`SecureAccount`** class for the Bank of Evil.
This class will:

* Keep track of a villain’s account balance.
* Prevent invalid deposits and withdrawals.
* Throw a custom exception if a withdrawal exceeds the balance.
* Save account data to a CSV file and load it again.
* Use encapsulation and DRY principles.

---

### Step 1: Our custom exception

We’ll reuse the `OverdrawnByVillainException` from earlier:


In [5]:
%%writefile OverdrawnByVillainException.java
public class OverdrawnByVillainException extends Exception {
    public OverdrawnByVillainException(String message) {
        super(message);
    }
}


Writing OverdrawnByVillainException.java



### Step 2: The SecureAccount class

This class demonstrates encapsulation, validation, and exception handling.


In [4]:
%%writefile SecureAccount.java
import java.io.FileWriter;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.Scanner;

public class SecureAccount {
    private String villainName;
    private double balance;

    public SecureAccount(String villainName, double startingBalance) {
        this.villainName = villainName;
        this.balance = startingBalance;
    }

    public void deposit(double amount) {
        if (amount <= 0) {
            System.out.println("Deposit must be positive.");
            return;
        }
        balance += amount;
    }

    public void withdraw(double amount) throws OverdrawnByVillainException {
        if (amount <= 0) {
            System.out.println("Withdrawal must be positive.");
            return;
        }
        if (amount > balance) {
            throw new OverdrawnByVillainException(villainName +
                " attempted to withdraw " + amount + " with only " + balance + " available!");
        }
        balance -= amount;
    }

    public double getBalance() {
        return balance;
    }

    public void saveToFile(String filename) throws IOException {
        FileWriter writer = new FileWriter(filename);
        writer.write(villainName + "," + balance + "\n");
        writer.close();
    }

    public static SecureAccount loadFromFile(String filename) throws FileNotFoundException {
        File file = new File(filename);
        Scanner scanner = new Scanner(file);
        String line = scanner.nextLine();
        scanner.close();

        String[] parts = line.split(",");
        String name = parts[0];
        double bal = Double.parseDouble(parts[1]);
        return new SecureAccount(name, bal);
    }
}


Writing SecureAccount.java



### Step 3: A test harness (main program)

Here’s a small program to test it:


In [8]:
%%writefile BankApp.java
import java.io.FileWriter;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.Scanner;

public class BankApp {
    public static void main(String[] args) {
        SecureAccount account = new SecureAccount("Gru", 5000);

        account.deposit(2500);

        try {
            account.withdraw(8000); // This will throw our custom exception
        } catch (OverdrawnByVillainException e) {
            System.out.println("Security alert: " + e.getMessage());
        }

        try {
            account.saveToFile("account.csv");
            System.out.println("Account saved.");
        } catch (IOException e) {
            System.out.println("Error saving account: " + e.getMessage());
        }

        try {
            SecureAccount loaded = SecureAccount.loadFromFile("account.csv");
            System.out.println("Loaded account for " + loaded.getBalance() + " gold coins.");
        } catch (FileNotFoundException e) {
            System.out.println("Error loading account: file not found.");
        }
    }
}


Overwriting BankApp.java


In [9]:
!javac BankApp.java
!java BankApp

Security alert: Gru attempted to withdraw 8000.0 with only 7500.0 available!
Account saved.
Loaded account for 7500.0 gold coins.


### What this program demonstrates

* **Encapsulation:** `balance` is private and only changed through methods.
* **Defensive programming:** Methods validate input amounts.
* **Custom exceptions:** Special error for overdrawing.
* **Checked exceptions:** File I/O uses `throws` and `try–catch`.
* **File handling:** Save and load account data in CSV format.
* **Design principles:** DRY (validation in one place), maintainability (easy to change CSV format), readability.

---

In the final section, we’ll wrap up the chapter, reviewing what you’ve learned and how these skills fit into your journey as a Java programmer—and, of course, a junior developer at the Bank of Evil.
