private void ValidateAuditEntry(AuditEntry auditEntry, AuditAction expectedAuditAction, string expectedAction, ResourceType?expectedResourceType, Uri expectedUri, HttpStatusCode?expectedStatusCode, string expectedCorrelationId, string expectedClaimValue, string expectedClaimKey)
{
Assert.NotNull(auditEntry);
Assert.Equal(expectedAuditAction, auditEntry.AuditAction);
Assert.Equal(expectedAction, auditEntry.Action);
Assert.Equal(expectedResourceType?.ToString(), auditEntry.ResourceType);
Assert.Equal(expectedUri, auditEntry.RequestUri);
Assert.Equal(expectedStatusCode, auditEntry.StatusCode);
Assert.Equal(expectedCorrelationId, auditEntry.CorrelationId);
// Unfortunately, we cannot test the caller IP because these tests only run in-process, which does not go through network.
if (expectedClaimValue != null)
{
Assert.Collection(
auditEntry.CallerClaims,
claim =>
{
Assert.Equal(expectedClaimKey, claim.Key);
Assert.Equal(expectedClaimValue, claim.Value);
});
}
else
{
Assert.Empty(auditEntry.CallerClaims);
}
}
public AuditLogBuilder Deleted(Type type, string target)
{
action = AuditAction.Delete;
this.target = target;
this.type = type.Name;
return(this);
}
/// <inheritdoc />
public void LogAudit(
AuditAction auditAction,
string action,
string resourceType,
Uri requestUri,
HttpStatusCode?statusCode,
string correlationId,
string callerIpAddress,
IReadOnlyCollection <KeyValuePair <string, string> > callerClaims)
{
string claimsInString = null;
if (callerClaims != null)
{
claimsInString = string.Join(";", callerClaims.Select(claim => $"{claim.Key}={claim.Value}"));
}
_logger.LogInformation(
AuditMessageFormat,
auditAction,
AuditEventType,
_securityConfiguration.Authentication?.Audience,
_securityConfiguration.Authentication?.Authority,
resourceType,
requestUri,
action,
statusCode,
correlationId,
claimsInString);
}
public async Task <ResponseModel> SaveActionAsync(AuditAction model)
{
ResponseModel response = new ResponseModel();
var newAuditAction = new AuditAction()
{
ActionName = model.ActionName
};
if (model.ActionName.Any())
{
dbContext.AuditAction.Add(newAuditAction);
try
{
dbContext.SaveChanges();
response.Message = "Saved Successfully";
response.Code = 200;
}
catch (Exception ex)
{
//Console.WriteLine($"Save Partner Status Error: {ex}");
response.Message = ex.Message;
response.Code = 404;
dbContext.AuditAction.Local.Clear();
ErrorLog log = new ErrorLog();
log.ErrorDate = DateTime.Now;
log.ErrorMessage = ex.Message;
log.ErrorSource = ex.Source;
log.ErrorStackTrace = ex.StackTrace;
dbContext.ErrorLogs.Add(log);
dbContext.SaveChanges();
}
}
return(response);
}
protected void OnConfirm(object sender, EventArgs e)
{
string operationResult = "Successo";
string optionSelected = null;
string description = Server.HtmlDecode(DescriptionInput.Text).Trim();
CleanMessage(MessagePanel, ErrorPanel);
try
{
optionSelected = btnConfirm.CommandName;
switch (optionSelected)
{
case "CRE": CreateRecord(description);
break;
case "DEL": DeleteRecord(int.Parse(IdInput.Text));
break;
case "UPD": UpdateRecord(int.Parse(IdInput.Text), description);
break;
case "QRY": break;
}
BindEntities(1);
}
catch (Exception exp)
{
ShowError(ErrorPanel, exp.Message);
operationResult = exp.Message;
}
finally
{
AuditAction.Create(Page.User.Identity.Name, "SMI.04.02", GetOperation(optionSelected), operationResult);
}
}
public static void TraceViewModel(AuditAction auditAction, IViewModel viewModel)
{
Action<AuditAction, IViewModel> handler = TraceViewModelHandler;
if (handler != null)
handler(auditAction, viewModel);
ServiceProvider.Tracer.TraceViewModel(auditAction, viewModel);
}
private void Log(AuditAction auditAction, HttpStatusCode?statusCode, HttpContext httpContext, IClaimsExtractor claimsExtractor)
{
IFhirRequestContext fhirRequestContext = _fhirRequestContextAccessor.RequestContext;
string auditEventType = fhirRequestContext.AuditEventType;
// We are retaining AuditEventType when CustomError occurs. Below check ensures that the audit log is not entered for the custom error request
httpContext.Request.RouteValues.TryGetValue("action", out object actionName);
if (!string.IsNullOrEmpty(actionName?.ToString()) && KnownRoutes.CustomError.Contains(actionName?.ToString(), StringComparison.OrdinalIgnoreCase))
{
return;
}
// Audit the call if an audit event type is associated with the action.
// Since AuditEventType holds value for both AuditEventType and FhirAnonymousOperationType ensure that we only log the AuditEventType
if (!string.IsNullOrEmpty(auditEventType) && !FhirAnonymousOperationTypeList.Contains(auditEventType, StringComparer.OrdinalIgnoreCase))
{
_auditLogger.LogAudit(
auditAction,
operation: auditEventType,
resourceType: fhirRequestContext.ResourceType,
requestUri: fhirRequestContext.Uri,
statusCode: statusCode,
correlationId: fhirRequestContext.CorrelationId,
callerIpAddress: httpContext.Connection?.RemoteIpAddress?.ToString(),
callerClaims: claimsExtractor.Extract(),
customHeaders: _auditHeaderReader.Read(httpContext));
}
}
private async Task AuditNoteActions(Note note, AuditAction action)
{
using (var ctx = new MyNoteContext())
{
var auditNote = new AuditEnrty()
{
Action = Enum.GetName(typeof(AuditAction), action),
NoteId = note.Id,
Actor = note.Owner,
Time = DateTime.Now
};
switch (action)
{
case AuditAction.CreateNote:
case AuditAction.UpdateNote:
auditNote.Details = $"Title:{note.Title}, Content:{note.Content}";
break;
case AuditAction.ShareNote:
auditNote.Details = $"ShareLink:{note.ShareLink}";
break;
}
ctx.AuditEntries.Add(auditNote);
await ctx.SaveChangesAsync();
}
}
private static void OnTraceViewModel(AuditAction auditAction, IViewModel viewModel)
{
if (auditAction != AuditAction.Disposed && auditAction != AuditAction.Finalized)
{
return;
}
Guid id;
if (!viewModel.Settings.State.TryGetData(IdViewModelConstant, out id))
{
return;
}
RestoredViewModel value;
lock (RestoredViewModels)
{
if (RestoredViewModels.TryGetValue(id, out value))
{
RestoredViewModels.Remove(id);
}
}
if (value != null && auditAction == AuditAction.Disposed)
{
value.Clear();
}
}
/// <summary>
/// Maps the audit and queue.
/// </summary>
/// <param name="auditLogBO">The audit log bo.</param>
/// <param name="auditAction">The audit action.</param>
/// <param name="newDataModel">The new data model.</param>
/// <param name="oldDataModel">The old data model.</param>
/// <param name="countOfItems">The count of items.</param>
/// <returns></returns>
public static async Task MapAuditAndQueue(AuditLogBO auditLogBO, AuditAction auditAction, object newDataModel, object oldDataModel = null, int?countOfItems = null)
{
auditLogBO.Action = auditAction;
auditLogBO.AuditDate = DateTime.UtcNow;
auditLogBO.NewValue = JsonConvert.SerializeObject(newDataModel);
if (oldDataModel != null)
{
auditLogBO.OldValue = JsonConvert.SerializeObject(oldDataModel);
}
if (string.IsNullOrEmpty(auditLogBO.Comments) && newDataModel != null)
{
Type type;
if (newDataModel.GetType().IsGenericType)
{
type = newDataModel.GetType().GetGenericArguments()[0];
auditLogBO.Comments = $"{Enum.GetName(typeof(AuditAction), auditAction)} action on a list of {type.Name}. {countOfItems} items have been selected.";
}
else
{
type = newDataModel.GetType();
auditLogBO.Comments = $"{Enum.GetName(typeof(AuditAction), auditAction)} action on {type.Name}";
}
}
var clonedAuditBO = new AuditLogBO();
clonedAuditBO = clonedAuditBO.Clone(auditLogBO);
await AuditLogHelper.QueueAudits(clonedAuditBO);
}
public AuditAttribute(AuditAction activity)
{
//AllowMultiple = false;
auditInterface = new AuditTrailImpl();
Activity = activity;
}
public AuditTrail(AuditAction type, string entityName, string key)
{
AuditType = type;
EntityName = entityName;
EntityKey = key;
Date = DateTime.Now;
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
SetPageDescription(Resources.Resource.lControlPanel);
BindCompanies(ddlCompany);
BindFormStates(ddlFormState);
User user = WebSecurity.GetUserInfo(Page.User.Identity.Name);
int? companyId = user.CompanyID;
ddlCompany.SelectedValue = companyId.ToString();
if (companyId != null && companyId != 0)
{
ddlCompany.Enabled = false;
ProcessUserProductionUnitsForms(user);
}
else
{
GetZEEFormsInQueue(user.FunctionalAreaID);
BindZEEUserForms(user);
}
AuditAction.Create(Page.User.Identity.Name, "ControlPanel", GetOperation("QRY"), "Successo");
}
}
private void ValidateAuditEntry(AuditEntry auditEntry, AuditAction expectedAuditAction, string expectedAction, Uri expectedUri, HttpStatusCode?expectedStatusCode)
{
Assert.NotNull(auditEntry);
Assert.Equal(expectedAuditAction, auditEntry.AuditAction);
Assert.Equal(expectedAction, auditEntry.Action);
Assert.Equal(expectedUri, auditEntry.RequestUri);
Assert.Equal(expectedStatusCode, auditEntry.StatusCode);
}
public int SaveAudit(int userId, string desc, AuditAction action)
{
context.Audit.Add(new Audit {
AuditTime = DateTime.Now, Action = $"{action.ToString()} : {desc}", UserId = userId
});
return(context.SaveChanges());
}
public AuditEntry(AuditAction auditAction, string action, string resourceType, Uri requestUri, HttpStatusCode?statusCode, string correlationId, IReadOnlyCollection <KeyValuePair <string, string> > claims)
{
AuditAction = auditAction;
Action = action;
ResourceType = resourceType;
RequestUri = requestUri;
StatusCode = statusCode;
CorrelationId = correlationId;
Claims = claims;
}
/// <summary>
/// Updates information about view-models.
/// </summary>
public static void TraceViewModel(AuditAction auditAction, IViewModel viewModel)
{
var handler = TraceViewModelHandler;
if (handler != null)
{
handler(auditAction, viewModel);
}
ServiceProvider.Tracer.TraceViewModel(auditAction, viewModel);
}
public bool Validate(string token, string URL, AuditAction action)
{
try
{
var dataUsuario = new RepositoryUser().GetToken(token);
var dataPermiso = GetAll(dataUsuario.ProfileID);
var dataModulo = new RepositoryModule().GetURL(URL);
bool AllowAccess = false;
switch (action)
{
case AuditAction.Access:
AllowAccess = dataPermiso.Where(p => p.ModuleID == dataModulo.ModuleID).Single().Access;
break;
case AuditAction.Read:
AllowAccess = dataPermiso.Where(p => p.ModuleID == dataModulo.ModuleID).Single().Read;
break;
case AuditAction.Add:
AllowAccess = dataPermiso.Where(p => p.ModuleID == dataModulo.ModuleID).Single().Add;
break;
case AuditAction.Update:
AllowAccess = dataPermiso.Where(p => p.ModuleID == dataModulo.ModuleID).Single().Update;
break;
case AuditAction.Delete:
AllowAccess = dataPermiso.Where(p => p.ModuleID == dataModulo.ModuleID).Single().Delete;
break;
case AuditAction.Export:
AllowAccess = dataPermiso.Where(p => p.ModuleID == dataModulo.ModuleID).Single().Export;
break;
default:
AllowAccess = false;
break;
}
if (AllowAccess)
{
new BusinessAudit().Insert(new ModelViewAudit()
{
ModuleID = dataModulo.ModuleID, UserID = dataUsuario.UserID, Action = action.ToString()
});
}
return(AllowAccess);
}
catch
{
return(true);
}
}
protected void OnConfirm(object sender, EventArgs e)
{
string operationResult = "Successo";
string optionSelected = null;
string description = Server.HtmlDecode(DescriptionInput.Text).Trim();
string smallDescription = Server.HtmlDecode(SmallDescriptionInput.Text).Trim();
string isoCode = Server.HtmlDecode(IsoInput.Text).Trim();
CleanMessage(MessagePanel, ErrorPanel);
if (DescriptionInput.Text == "")
{
ShowError(ErrorPanel, Resources.Resource.mMandatoryCountryName);
return;
}
if (SmallDescriptionInput.Text == "")
{
ShowError(ErrorPanel, Resources.Resource.mMandatoryCountryLabelName);
return;
}
if (IsoInput.Text == "")
{
ShowError(ErrorPanel, Resources.Resource.mMandatoryCountryIsoCode);
return;
}
try
{
optionSelected = btnConfirm.CommandName;
switch (optionSelected)
{
case "CRE": CreateRecord(smallDescription, description, isoCode);
break;
case "DEL": DeleteRecord(int.Parse(IdInput.Text));
break;
case "UPD": UpdateRecord(int.Parse(IdInput.Text), smallDescription, description, isoCode);
break;
case "QRY": break;
}
BindEntities(1);
}
catch (Exception exp)
{
ShowError(ErrorPanel, exp.Message);
operationResult = exp.Message;
}
finally
{
AuditAction.Create(Page.User.Identity.Name, "SMI.02.02", GetOperation(optionSelected), operationResult);
}
}
private void VerifyAuditLoggerReceivedLogAudit(AuditAction auditAction, HttpStatusCode?httpStatusCode)
{
_auditLogger.Received(1).LogAudit(
Arg.Is(auditAction),
Arg.Is(Action),
Arg.Is <string>(x => x == null),
Arg.Any <Uri>(),
Arg.Is(httpStatusCode),
Arg.Is(_correlationId),
Arg.Any <IReadOnlyCollection <KeyValuePair <string, string> > >());
}
public AuditEntry(
AuditAction auditAction,
string action,
Uri requestUri,
HttpStatusCode?statusCode)
{
AuditAction = auditAction;
Action = action;
RequestUri = requestUri;
StatusCode = statusCode;
}
//public IEnumerable<AuditTrail> GetByAction(AuditAction action, DateTime fromDate, DateTime toDate)
//{
// using (SystemCoreContext entityContext = new SystemCoreContext())
// {
// var query = from a in entityContext.AuditTrailSet
// where a.RevisionStamp >= fromDate && a.RevisionStamp <= toDate && a.Actions == action
// select a;
// return query.ToFullyLoaded();
// }
//}
public IEnumerable <AuditTrail> GetAuditTrailByTab(AuditAction action)
{
using (SystemCoreContext entityContext = new SystemCoreContext())
{
var query = from a in entityContext.AuditTrailSet
where a.Actions == action
select a;
return(query.ToFullyLoaded());
}
}
/// <summary>
/// The create audit record.
/// </summary>
/// <param name="action">
/// The action.
/// </param>
/// <param name="recordData">
/// The record data.
/// </param>
/// <param name="entity">
/// The entity.
/// </param>
/// <returns>
/// The <see cref="EntityAudit"/>.
/// </returns>
protected virtual EntityAudit CreateAuditRecord(AuditAction action, string recordData, IAuditable entity)
{
return(new EntityAudit
{
Action = action,
Created = DateTime.UtcNow,
Data = recordData,
EntityGuid = entity.EntityGuid,
Model = entity.GetType().Name
});
}
private void UpdateEvent(int formState)
{
string operationResult = "Successo";
string optionSelected = "UPD";
int HumanResourceQualificationFormId = 0;
int?localWorkerWithLowQualification = GetIntValueFromInput(LocalWorkerWithLowQualificationInput.Text);
int?localWorkerWithMediumQualification = GetIntValueFromInput(LocalWorkerWithMediumQualificationInput.Text);
int?localWorkerWithHighQualification = GetIntValueFromInput(LocalWorkerWithHighQualificationInput.Text);
int?externalWorkerWithLowQualification = GetIntValueFromInput(ExternalWorkerWithLowQualificationInput.Text);
int?externalWorkerWithMediumQualification = GetIntValueFromInput(ExternalWorkerWithMediumQualificationInut.Text);
int?externalWorkerWithHighQualification = GetIntValueFromInput(ExternalWorkerWithHighQualificationInput.Text);
CleanMessage(MessagePanel, ErrorPanel);
try
{
HumanResourceQualificationFormId = int.Parse(CompanyFormID.Value);
UpdateRecord(HumanResourceQualificationFormId, formState, localWorkerWithLowQualification, localWorkerWithMediumQualification,
localWorkerWithHighQualification, externalWorkerWithLowQualification, externalWorkerWithMediumQualification,
externalWorkerWithHighQualification);
BackPanel.Visible = true;
ConfirmButtonPanel.Visible = false;
DetailPanel.Visible = true;
DetailPanel.Enabled = false;
ApprovePanel.Visible = false;
if (formState == 2)
{
ShowInfo(MessagePanel, Resources.Resource.mUpdateOK);
}
else if (formState == 3)
{
ShowInfo(MessagePanel, Resources.Resource.mSubmitedOK);
}
else if (formState == 4)
{
ShowInfo(MessagePanel, Resources.Resource.mApprovedOK);
}
else if (formState == 5)
{
ShowInfo(MessagePanel, Resources.Resource.mRejectedOK);
}
}
catch (Exception exp)
{
ShowError(ErrorPanel, exp.Message);
operationResult = exp.Message;
}
finally
{
AuditAction.Create(Page.User.Identity.Name, "SMI.03.06", GetOperation(optionSelected), operationResult);
}
}
public void LogAudit(
AuditAction auditAction,
string operation,
Uri requestUri,
HttpStatusCode?statusCode,
string correlationId,
string callerIpAddress,
IReadOnlyCollection <KeyValuePair <string, string> > callerClaims,
IReadOnlyDictionary <string, string> customHeaders = null)
{
_auditEntries.Add(new AuditEntry(auditAction, operation, requestUri, statusCode));
}
private void ValidateAuditEntry(AuditEntry auditEntry, AuditAction expectedAuditAction, string expectedAction, ResourceType?expectedResourceType, Uri expectedUri, HttpStatusCode?expectedStatusCode, string expectedCorrelationId)
{
Assert.NotNull(auditEntry);
Assert.Equal(expectedAuditAction, auditEntry.AuditAction);
Assert.Equal(expectedAction, auditEntry.Action);
Assert.Equal(expectedResourceType?.ToString(), auditEntry.ResourceType);
Assert.Equal(expectedUri, auditEntry.RequestUri);
Assert.Equal(expectedStatusCode, auditEntry.StatusCode);
Assert.Equal(expectedCorrelationId, auditEntry.CorrelationId);
// TODO: Currently, claims are not being generated in the integration test environment and therefore we are not testing it until we add support for custom claim in IdentityServer.
}
private void SetUpAuditLog <T>(AuditAction action, T entity)
{
if (_isAuditLog)
{
_changeLog = new ChangeLog {
AuditAction = action
};
_originalEntityObject = action == AuditAction.Added ? Activator.CreateInstance <T>() : entity.DeepCopyByExpressionTree();
_newEntityObject = entity;
}
}
public void AuditChange <T>(ISession session, string itemId, T item, AuditAction action, string entityName, User user = null) where T : BaseClass
{
//return; // Globally disable auditing for now because it does not work properly.
if (AppSettings.EnableAuditing == false)
{
return;
}
if (user == null)
{
var userTask = BasicAuthentication.ControllerHelpers.Methods.GetLoggedInUserAsync(UserContext);
userTask.Wait();
user = userTask.Result as User;
}
if (user == null)
{
throw new Exception("Null user when trying to perform audit");
}
entityName = entityName.Split(".".ToCharArray(), StringSplitOptions.RemoveEmptyEntries).Last();
//if (existingItem == null)
//{
// existingItem = item;
//}
using (var auditSession = DataStore.OpenAuditSession())
using (var statelessSession = DataStore.OpenStatelessSession())
{
string originalObject = null;
if (!String.IsNullOrWhiteSpace(itemId))
{
var dbItem = statelessSession.Get <T>(itemId); // Get original/unmodified item
originalObject = SerializeObject(dbItem);
}
var auditEvent = new AuditEvent()
{
AuditAction = action,
AuditEventDateTimeUTC = DateTime.UtcNow,
UserId = user.Id,
UserName = user.UserName,
ObjectId = item.Id,
EntityName = entityName,
OriginalObject = originalObject,
NewObject = action != AuditAction.Delete ? SerializeObject(item) : String.Empty
};
auditSession.Save(auditEvent);
auditSession.Flush();
}
}
protected void OnConfirm(object sender, EventArgs e)
{
string operationResult = "Successo";
string optionSelected = null;
string email = Server.HtmlDecode(EmailInput.Text).Trim();
string userName = UserNameInput.Text;
string password = PasswordInput.Text;
string firstName = FirstNameInput.Text;
string lastName = LastNameInput.Text;
int companyID = int.Parse(ddlCompany.SelectedValue);
int functionalAreaID = int.Parse(ddlFunctionalArea.SelectedValue);
Boolean isManager = cbManager.Checked;
Boolean isExecutive = cbExecutive.Checked;
Boolean?isLockedOut = cbIsLockedOut.Checked;
CleanMessage(MessagePanel, ErrorPanel);
try
{
optionSelected = btnConfirm.CommandName;
switch (optionSelected)
{
case "CRE": if (!IsValidUser())
{
return;
}
CreateRecord(userName, password, email, firstName, lastName, companyID, functionalAreaID, isManager, isExecutive, isLockedOut);
break;
case "DEL": DeleteRecord(userName);
break;
case "UPD": UpdateRecord(userName, password, email, firstName, lastName, companyID, functionalAreaID, isManager, isExecutive, isLockedOut);
break;
case "QRY": break;
}
BindEntities(1);
}
catch (Exception exp)
{
ShowError(ErrorPanel, exp.Message);
operationResult = exp.Message;
}
finally
{
AuditAction.Create(Page.User.Identity.Name, "SMI.04.01", GetOperation(optionSelected), operationResult);
}
}
private void UpdateEvent(int formState)
{
string operationResult = "Successo";
string optionSelected = "UPD";
int HumanResourceFormId = 0;
int?nrTotalHorasFormacao = GetIntValueFromInput(NrTotalHorasFormacaoInput.Text);
int?nrDiasAusenciaTrabalho = GetIntValueFromInput(NrDiasAusenciaTrabalhoInput.Text);
int?nrDiasUteisPeriodo = GetIntValueFromInput(NrDiasUteisPeriodoInput.Text);
int?nrColaboradoresAdmitidos = GetIntValueFromInput(NrColaboradoresAdmitidosInput.Text);
int?nrSaidas = GetIntValueFromInput(NrSaidasInput.Text);
CleanMessage(MessagePanel, ErrorPanel);
try
{
HumanResourceFormId = int.Parse(CompanyFormID.Value);
UpdateRecord(HumanResourceFormId, formState, nrTotalHorasFormacao, nrDiasAusenciaTrabalho, nrDiasUteisPeriodo, nrColaboradoresAdmitidos, nrSaidas);
BackPanel.Visible = true;
ConfirmButtonPanel.Visible = false;
DetailPanel.Visible = true;
DetailPanel.Enabled = false;
ApprovePanel.Visible = false;
if (formState == 2)
{
ShowInfo(MessagePanel, Resources.Resource.mUpdateOK);
}
else if (formState == 3)
{
ShowInfo(MessagePanel, Resources.Resource.mSubmitedOK);
}
else if (formState == 4)
{
ShowInfo(MessagePanel, Resources.Resource.mApprovedOK);
}
else if (formState == 5)
{
ShowInfo(MessagePanel, Resources.Resource.mRejectedOK);
}
}
catch (Exception exp)
{
ShowError(ErrorPanel, exp.Message);
operationResult = exp.Message;
}
finally
{
AuditAction.Create(Page.User.Identity.Name, "SMI.03.05", GetOperation(optionSelected), operationResult);
}
}
public AuditedEntity(object entity, AuditAction action, Action <AuditedEntity> updateKeys)
{
if (entity == null)
{
throw new ArgumentNullException("entity");
}
if (updateKeys == null)
{
throw new ArgumentNullException("updateKeys");
}
Entity = entity;
Action = action;
UpdateKeys = updateKeys;
}
private static void InsertAudit(IPreDatabaseOperationEventArgs @event, AuditAction action)
{
var metadata = @event.Persister.ClassMetadata as SingleTableEntityPersister;
if (metadata != null && metadata.TableName.EndsWith(AuditConstants.TABLE_SUFFIX,
StringComparison.OrdinalIgnoreCase)) {
return;
}
var auditable = @event.Entity as IAuditable;
if (auditable == null) {
return;
}
auditable.CreateAudit(action);
}
public void Log(string auditSection, string auditAction, string details, string otherRefId = null, Person userInfo = null)
{
var username = (HttpContext.Current.User == null) ? null : HttpContext.Current.User.Identity.Name;
if (username == null && userInfo == null) return;
//if (this._webUser.GetCurrentUserName == null) return;
if (string.IsNullOrEmpty(auditSection) || string.IsNullOrEmpty(auditAction) ||
string.IsNullOrEmpty(details)) return;
var user = userInfo ?? (_personRepo.Table.FirstOrDefault(x => x.Email == username) ?? new Person());
//var user = Membership.GetUser(this._webUser.GetCurrentUserName.UserName);
auditSection = auditSection.Trim();
auditAction = auditAction.Trim();
details = details.Trim();
//1. get or insert into Section
var section =
this._section.Table.FirstOrDefault(x => x.Name.ToLower() == auditSection.ToLower());
if (section == null)
{
section = new AuditSection { Name = auditSection };
this._section.Add(section);
}
//get or insert into action
var action =
this._action.Table.FirstOrDefault(x => x.AuditSectionId == section.Id && x.Name.ToLower() == auditAction.ToLower());
if (action == null)
{
action = new AuditAction { Name = auditAction, AuditSectionId = section.Id };
this._action.Add(action);
}
//finally save it
var trail = new AuditTrail
{
Details = details,
//Source = _webUser.GetCurrentUserName.Source,
Source = user.FullName,
PersonalInfoId = user.Id,
//UserId = new Guid(user.ProviderUserKey.ToString()),
UserId = new Guid(user.UserId),
AuditActionId = action.Id,
TimeStamp = this._dateTime.ConvertToUserTime(DateTime.Now),
UserIP = CommonHelper.RemoteIP,
OtherRefId = otherRefId,
BrowserName = CommonHelper.UserBrowser,
IsMobile = CommonHelper.IsMobileBrowser
};
//set the medium and browserName here . . .
this._trail.Add(trail);
// throw new NotImplementedException();
}
protected virtual void InnerHandIn(AuditOperation auditOperation, AuditAction action)
{
string op = auditOperation.ToString();
string tmpnextStateCode = IsEndAudit ? "EndFlow" : NextStateCode; //EndFlow
SubmitFlag AuditSubmitFlag = op.ToUpper() == "ADD" ? SubmitFlag.New : SubmitFlag.Approval;
#region beyond
switch (auditOperation)
{
case AuditOperation.Add:
AuditSubmitFlag = SubmitFlag.New;
break;
case AuditOperation.Update:
AuditSubmitFlag = SubmitFlag.Approval;
break;
case AuditOperation.Cancel:
AuditSubmitFlag = SubmitFlag.Cancel;
break;
default:
break;
}
AuditSubmitData.DictCounterUser = this.DictCounterUser;
if (AuditSubmitFlag == SubmitFlag.New)
{
AuditSubmitData.XML = XmlObject;
}
#endregion
AuditSubmitData.FormID = AuditEntity.FormID;
AuditSubmitData.ModelCode = AuditEntity.ModelCode;
AuditSubmitData.ApprovalUser = new UserInfo();
AuditSubmitData.ApprovalUser.CompanyID = AuditEntity.CreateCompanyID;
AuditSubmitData.ApprovalUser.DepartmentID = AuditEntity.CreateDepartmentID;
AuditSubmitData.ApprovalUser.PostID = AuditEntity.CreatePostID;
AuditSubmitData.ApprovalUser.UserID = AuditEntity.CreateUserID;
AuditSubmitData.ApprovalUser.UserName = AuditEntity.CreateUserName;
AuditSubmitData.ApprovalContent = AuditRemark;
AuditSubmitData.NextStateCode = tmpnextStateCode;
AuditSubmitData.NextApprovalUser = new UserInfo();
AuditSubmitData.NextApprovalUser.CompanyID = NextCompanyID;
AuditSubmitData.NextApprovalUser.DepartmentID = NextDepartmentID;
AuditSubmitData.NextApprovalUser.PostID = NextPostID;
AuditSubmitData.NextApprovalUser.UserID = NextUserID;
AuditSubmitData.NextApprovalUser.UserName = NextUserName;
AuditSubmitData.SubmitFlag = AuditSubmitFlag;
//AuditSubmitData.XML = XmlObject;
AuditSubmitData.FlowSelectType = IsFixedFlow ? FlowSelectType.FixedFlow : FlowSelectType.FreeFlow;
if (!IsFixedFlow && ckbIsEndAudit.IsChecked.Value != true && action != AuditAction.Fail)
{
if (string.IsNullOrEmpty(this.txtAuditId.Text))
{
//ComfirmWindow.ConfirmationBox("","请选择下一审核人" , Utility.GetResourceStr("CONFIRMBUTTON"));
DataResult dataResult = new DataResult();
dataResult.FlowResult = FlowResult.FAIL;
dataResult.Err = "请选择下一审核人";
//AuditEventArgs args = new AuditEventArgs(AuditEventArgs.AuditResult.Error, dataResult);
//args.StartDate = this.AuditEntity.StartDate;
//args.EndDate = System.DateTime.Now;
this.DoAuditResult(dataResult);
//this.CloseProcess();
return;
}
else if (this.txtAuditId.Text == SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.EmployeeID)
{
DataResult dataResult = new DataResult();
dataResult.FlowResult = FlowResult.FAIL;
dataResult.Err = "不能提交给自己";
//AuditEventArgs args = new AuditEventArgs(AuditEventArgs.AuditResult.Error, dataResult);
//args.StartDate = this.AuditEntity.StartDate;
//args.EndDate = System.DateTime.Now;
this.DoAuditResult(dataResult);
//this.CloseProcess();
return;
}
}
if (AuditSubmitData.FlowType == null)
AuditSubmitData.FlowType = FlowType.Approval;
if (AuditSubmitFlag == SubmitFlag.Approval)
{
AuditSubmitData.ApprovalUser.CompanyID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.UserPosts[0].CompanyID;
AuditSubmitData.ApprovalUser.DepartmentID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.UserPosts[0].DepartmentID;
AuditSubmitData.ApprovalUser.PostID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.UserPosts[0].PostID;
AuditSubmitData.ApprovalUser.UserID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.EmployeeID;
AuditSubmitData.ApprovalUser.UserName = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.EmployeeName;
}
//提交人(只帮别人提单的时候起作用,区分单据所属人)
AuditSubmitData.SumbitCompanyID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.UserPosts[0].CompanyID;
AuditSubmitData.SumbitDeparmentID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.UserPosts[0].DepartmentID;
AuditSubmitData.SumbitPostID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.UserPosts[0].PostID;
AuditSubmitData.SumbitUserID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.EmployeeID;
AuditSubmitData.SumbitUserName = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.EmployeeName;
//end /提交人(只帮别人提单的时候起作用,区分单据所属人)
AuditSubmitData.ApprovalResult = (ApprovalResult)((int)action);// SMTWFTest.WcfFlowService.ApprovalResult.Pass;
AuditService.SubimtFlowAsync(AuditSubmitData);
RetSubmit = false;
// beyond 记录日志
//submitStartTime = DateTime.Now;
}
protected virtual void InnerHandInOld(AuditOperation auditOperation, AuditAction action)
{
string op = auditOperation.ToString();
string tmpnextStateCode = IsEndAudit ? "EndFlow" : NextStateCode; //EndFlow
SubmitFlag AuditSubmitFlag = op.ToUpper() == "ADD" ? SubmitFlag.New : SubmitFlag.Approval;
AuditSubmitData.FormID = AuditEntity.FormID;
AuditSubmitData.ModelCode = AuditEntity.ModelCode;
AuditSubmitData.ApprovalUser = new UserInfo();
AuditSubmitData.ApprovalUser.CompanyID = AuditEntity.CreateCompanyID;
AuditSubmitData.ApprovalUser.DepartmentID = AuditEntity.CreateDepartmentID;
AuditSubmitData.ApprovalUser.PostID = AuditEntity.CreatePostID;
AuditSubmitData.ApprovalUser.UserID = AuditEntity.CreateUserID;
AuditSubmitData.ApprovalUser.UserName = AuditEntity.CreateUserName;
AuditSubmitData.ApprovalContent = AuditRemark;
AuditSubmitData.NextStateCode = tmpnextStateCode;
AuditSubmitData.NextApprovalUser = new UserInfo();
AuditSubmitData.NextApprovalUser.CompanyID = NextCompanyID;
AuditSubmitData.NextApprovalUser.DepartmentID = NextDepartmentID;
AuditSubmitData.NextApprovalUser.PostID = NextPostID;
AuditSubmitData.NextApprovalUser.UserID = NextUserID;
AuditSubmitData.NextApprovalUser.UserName = NextUserName;
AuditSubmitData.SubmitFlag = AuditSubmitFlag;
AuditSubmitData.XML = XmlObject;
AuditSubmitData.FlowSelectType = IsFixedFlow ? FlowSelectType.FixedFlow : FlowSelectType.FreeFlow;
if (AuditSubmitData.FlowType == null)
AuditSubmitData.FlowType = FlowType.Approval;
if (AuditSubmitFlag == SubmitFlag.Approval)
{
AuditSubmitData.ApprovalUser.CompanyID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.UserPosts[0].CompanyID;
AuditSubmitData.ApprovalUser.DepartmentID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.UserPosts[0].DepartmentID;
AuditSubmitData.ApprovalUser.PostID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.UserPosts[0].PostID;
AuditSubmitData.ApprovalUser.UserID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.EmployeeID;
AuditSubmitData.ApprovalUser.UserName = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.EmployeeName;
}
//提交人(只帮别人提单的时候起作用,区分单据所属人)
AuditSubmitData.SumbitCompanyID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.UserPosts[0].CompanyID;
AuditSubmitData.SumbitDeparmentID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.UserPosts[0].DepartmentID;
AuditSubmitData.SumbitPostID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.UserPosts[0].PostID;
AuditSubmitData.SumbitUserID = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.EmployeeID;
AuditSubmitData.SumbitUserName = SMT.SAAS.Main.CurrentContext.Common.CurrentLoginUserInfo.EmployeeName;
//end /提交人(只帮别人提单的时候起作用,区分单据所属人)
AuditSubmitData.ApprovalResult = (ApprovalResult)((int)action);// SMTWFTest.WcfFlowService.ApprovalResult.Pass;
AuditService.SubimtFlowAsync(AuditSubmitData);
}
protected void HandIn(AuditOperation auditOperation, AuditAction action)
{
try
{
CanAudit(false);
#region 参数信息
/*
FormID string 业务表单ID 必填
FlowGUID string 待审批流程GUID Status为Add时不填, Status为Update时必填
ModelCode string 模块代码 必填
CompanyID string 公司代码 必填
PostID string 岗位ID 必填
CreateUserID string 创建用户ID 必填
CreateUserName string 创建用户名称 必填
NextStateCode string 自定义流程代码 可选
AppUserId string 下一步骤人ID 必填
AppUserName string 下一步骤人名称 必填
Content string 审批意见内容 Status为Add时不填
Status为Update时必填
AppOpt string 审批意见(0-不同意,1-同意) Status为Add时不填
Status为Update时必填 Status string 操作标志:Add-增加,Update-审批] 必填
*/
#endregion
currAuditOperation = auditOperation;
curAuditAction = action;
currentAction = action;
AuditRemark = this.txRemark.Text;
string op = auditOperation.ToString();
if (string.IsNullOrEmpty(AuditRemark))
{
if (auditOperation == AuditOperation.Update)
{
AuditRemark = action == AuditAction.Fail ? Utility.GetResourceStr("AUDITNOPASS") : Utility.GetResourceStr("AUDITPASS");
}
else
{
AuditRemark = Utility.GetResourceStr("SUBMITAUDIT");
}
}
// 审核前的事件
if (!OnAuditing(auditOperation, action))
{
return;
}
if (!AuditCheck())
{
return;
}
this.AuditEntity.StartDate = System.DateTime.Now;
InnerHandIn(auditOperation, action);
// ShowKPI(auditOperation, action);
}
catch
{
CanAudit(true);
}
}
private bool OnAuditing(AuditOperation auditOperation, AuditAction action)
{
if (Auditing != null)
{
AuditEventArgs.AuditResult result = AuditEventArgs.AuditResult.Auditing;
if (auditOperation == AuditOperation.Update)
{
result = action == AuditAction.Fail ? AuditEventArgs.AuditResult.Fail : AuditEventArgs.AuditResult.Successful;
}
AuditEventArgs args = new AuditEventArgs(result, null);
Auditing(this, args);
return args.Result != AuditEventArgs.AuditResult.Cancel;
}
return true;
}
/// <summary>
/// 审核单据, 审核前,AuditEntity需要被赋值
/// </summary>
/// <param name="auditAction">Pass : 审核通过, Fail : 审核不通过</param>
public void Submit(AuditAction auditAction)
{
HandIn(AuditOperation.Update, auditAction);
}
void ITracer.TraceViewModel(AuditAction auditAction, IViewModel viewModel)
{
TraceLevel traceLevel = auditAction == AuditAction.Finalized ? TraceLevel.Warning : TraceLevel.Information;
if (!CanTrace(traceLevel))
return;
var displayName = viewModel as IHasDisplayName;
if (displayName == null)
Trace(traceLevel, "{0} ({1}) - {2};", viewModel.GetType(),
viewModel.GetHashCode().ToString(CultureInfo.InvariantCulture), auditAction);
else
Trace(traceLevel, "{0} (Hash - {1}; DisplayName - {2};) - {3}", viewModel.GetType(),
viewModel.GetHashCode().ToString(CultureInfo.InvariantCulture), displayName.DisplayName, auditAction);
}
public void TraceViewModel(AuditAction auditAction, IViewModel viewModel)
{
Debug.WriteLine("{0}: {1}", auditAction, viewModel);
}
private static void OnTraceViewModel(AuditAction auditAction, IViewModel viewModel)
{
if (auditAction != AuditAction.Disposed && auditAction != AuditAction.Finalized)
return;
Guid id;
if (!viewModel.Settings.State.TryGetData(IdViewModelConstant, out id))
return;
RestoredViewModel value;
lock (RestoredViewModels)
{
if (RestoredViewModels.TryGetValue(id, out value))
RestoredViewModels.Remove(id);
}
if (value != null && auditAction == AuditAction.Disposed)
value.Clear();
}
