public void ProcessRequest(GDPRMessage message)
{
this.Request = message;
GDPRSubject s = new GDPRSubject(message.Subject);
switch (message.GetType().Name)
{
case "DeleteMessage":
this.RecordDeleteIn(message.Subject);
break;
case "DataRequestMessage":
List <GDPRSubject> customers = this.RecordSearch(s);
foreach (GDPRSubject c in customers)
{
string storageLocation = this.ExportData(c.ApplicationSubjectId);
//send a export message...
ExportMessage em = new ExportMessage();
em.ApplicationId = Request.ApplicationId;
em.ApplicationSubjectId = c.ApplicationSubjectId;
em.SubjectRequestId = Request.SubjectRequestId;
em.Subject = Request.Subject;
em.BlobUrl = storageLocation;
this.Response = em;
MasterGDPRHelper.SendMessage(em);
}
break;
}
}
public string SubjectHold([FromUri] string applicationId, [FromUri] string subjectId, [FromUri] string emailAddress)
{
try
{
GDPRMessage msg = new GDPRMessage();
HoldMessage dm = new HoldMessage();
dm.ApplicationId = applicationId;
dm.ApplicationSubjectId = subjectId;
dm.Direction = "in";
msg = dm;
GDPRSubject s = new GDPRSubject();
s.Email = emailAddress;
msg.Subject = s;
MasterGDPRHelper.SendMessage(msg);
}
catch
{
return("Failure");
}
return("Success");
}
void RecordCreateIn(GDPRSubject subject)
{
/*
* CreateMessage cm = new CreateMessage();
* cm.ApplicationSubjectId = c.CustomerId.ToString();
* cm.ApplicationId = this.ApplicationId.ToString();
* MasterGDPRHelper.SendMessage(cm);
*/
}
public override RecordCollection SubjectDeleteIn(GDPRSubject subject)
{
List <Record> records = new List <Record>();
foreach (GDPRSubjectEmail se in subject.EmailAddresses)
{
string sql = string.Format("Delete from Customer where email = '{0}'", se.EmailAddress);
e.Database.ExecuteSqlCommand(sql);
}
return(new RecordCollection(records));
}
public override List <Record> GetAllRecords(GDPRSubject search)
{
List <Record> records = new List <Record>();
SPSecurity.RunWithElevatedPrivileges(delegate()
{
//do search
records.AddRange(DoSharePointSearch(search));
//do profile
records.AddRange(DoProfileSearch(search));
});
return(records);
}
public ActionResult Consents()
{
GDPRDatabaseEntities e = Util.GetGDPRDBContext(Util.GDPRSQLConnectionString);
SetupViewBag(ViewBag);
GDPRSubject s = new GDPRSubject();
s.Email = this.User.Identity.Name;
string subjectId = MasterGDPRHelper.FindSubject(s).SubjectId.ToString();
List <GDPRSubjectRequestApplication> requests = e.Database.SqlQuery <GDPRSubjectRequestApplication>("select sar.* from SubjectRequest sr, SubjectRequestApplication sar where sr.subjectrequestid = sar.subjectrequestid and sr.subjectid = '" + subjectId + "'").ToList();
ViewBag.Requests = requests;
return(View());
}
public List <Record> DoProfileSearch(GDPRSubject search)
{
GDPRCore.Current.Log("Starting Profile Search");
List <Record> records = new List <Record>();
UserProfileManager mgr = GetUserProfileManager();
//do userprofile
foreach (GDPRSubjectEmail se in search.EmailAddresses)
{
Record r = new Record();
string loginName = se.EmailAddress;
//loginName = Utility.UrlEncode(loginName);
//UserProfile up = mgr.GetUserProfile(Guid.Parse("82712b6f-bfe0-4353-905e-0539d7dcc027"));
try
{
UserProfile up = mgr.GetUserProfile(loginName);
if (up != null)
{
string data = Utility.SerializeObject(up.Properties, 1);
//r.AdminLinkUrl = up.PersonalUrl.ToString();
//r.LinkUrl = up.PersonalUrl.ToString();
r.ApplicationId = this.ApplicationId;
r.Object = data;
r.Type = "UserProfile";
r.RecordId = up.ID.ToString();
r.RecordDate = up.PersonalSiteLastCreationTime;
ValidateRecord(r);
records.Add(r);
}
}
catch (Exception ex)
{
GDPRCore.Current.Log(ex, Common.Enums.LogLevel.Error);
}
}
return(records);
}
public override List <GDPRSubject> RecordSearch(GDPRSubject search)
{
List <GDPRSubject> subjects = new List <GDPRSubject>();
List <GDPRMessage> messages = new List <GDPRMessage>();
string sql = string.Format("select * from customer where email ='{0}'", search.Email);
//find all customers that are new...
List <Customer> searchResults = e.Customers.SqlQuery(sql).ToList();
foreach (Customer c in searchResults)
{
GDPRSubject s = new GDPRSubject();
s.ApplicationSubjectId = c.CustomerId.ToString();
subjects.Add(s);
}
return(subjects);
}
public override List <BaseGDPRMessage> GetChanges(DateTime changeDate)
{
List <BaseGDPRMessage> messages = new List <BaseGDPRMessage>();
string sql = string.Format("select * from customer where createdate >= '{0}'", changeDate);
//find all customers that are new...
List <Customer> newcustomers = e.Customers.SqlQuery(sql).ToList();
foreach (Customer c in newcustomers)
{
BaseCreateMessage cm = new BaseCreateMessage();
cm.ApplicationSubjectId = c.CustomerId.ToString();
cm.Direction = MessageDirection.TowardsPlatform;
cm.ApplicationId = this.ApplicationId;
GDPRSubject s = new GDPRSubject();
s.EmailAddresses.Add(new GDPRSubjectEmail {
EmailAddress = c.Email
});
cm.Subject = s;
messages.Add(cm);
}
sql = string.Format("select * from customer where modifydate >= '{0}' and createdate < modifydate", changeDate);
//find all customers that have been modified...
List <Customer> modifiedcustomers = e.Customers.SqlQuery(sql).ToList();
foreach (Customer c in modifiedcustomers)
{
BaseUpdateMessage cm = new BaseUpdateMessage();
cm.ApplicationSubjectId = c.CustomerId.ToString();
cm.Direction = MessageDirection.TowardsPlatform;
cm.ApplicationId = this.ApplicationId;
GDPRSubject s = new GDPRSubject();
s.EmailAddresses.Add(new GDPRSubjectEmail {
EmailAddress = c.Email
});
cm.Subject = s;
messages.Add(cm);
}
return(messages);
}
public override List <Record> GetAllRecords(GDPRSubject search)
{
List <Record> subjects = new List <Record>();
foreach (GDPRSubjectEmail se in search.EmailAddresses)
{
string sql = string.Format("select * from customer where email ='{0}'", se.EmailAddress);
//find all customers that are new...
List <Customer> searchResults = e.Customers.SqlQuery(sql).ToList();
foreach (Customer c in searchResults)
{
Record r = new Record();
r.RecordId = c.CustomerId.ToString();
r.Type = "Customer";
subjects.Add(r);
}
}
return(subjects);
}
public override ExportInfo ExportData(string applicationSubjectId, GDPRSubject s)
{
//package the customer record as a json file...
string fileName = string.Format("CRM_{0}.json", applicationSubjectId);
string sql = string.Format("select * from customer where customerid = '{0}'", applicationSubjectId);
//find all customers that have been modified...
Customer subject = e.Customers.SqlQuery("exec GetCustomer @p0", Guid.Parse(applicationSubjectId)).FirstOrDefault();
string json = JsonConvert.SerializeObject(subject);
string filePath = string.Format("c:\\temp\\{0}", fileName);
System.IO.File.AppendAllText(filePath, json);
//Copy the file to the storage account
string blobUrl = GDPRCore.Current.UploadBlob(this.ApplicationId, filePath);
ExportInfo ei = new ExportInfo();
ei.Urls.Add(blobUrl);
ei.FileType = "json";
return(ei);
}
static void Main(string[] args)
{
//create the user in the system...
Setup();
//Check for new additions (non http outgoing trigger based system like Azure SQL)
CheckForChanges();
//send a notify message...
NotifyMessage nm = new NotifyMessage();
nm.Direction = "out";
GDPRSubject s = new GDPRSubject();
s.Email = "*****@*****.**";
nm.Subject = s;
nm.Title = "CRM Compromised";
nm.ShortMessage = "CRM Compromised";
nm.LongMessage = "As of this morning we have noticed abnormal activity in our system that looks hacker related. We will notify you of future updates.";
MasterGDPRHelper.SendMessage(nm);
//send me my data request...
DataSubjectQueryMessage dsqm = new DataSubjectQueryMessage();
s = new GDPRSubject();
s.Email = "*****@*****.**";
dsqm.Subject = s;
MasterGDPRHelper.SendMessage(dsqm);
//delete request...
DataSubjectDeleteMessage dsdm = new DataSubjectDeleteMessage();
s = new GDPRSubject();
s.Email = "*****@*****.**";
dsdm.Subject = s;
MasterGDPRHelper.SendMessage(dsdm);
}
void RecordSearch(GDPRSubject search, List <GDPRSubject> results)
{
throw new NotImplementedException();
}
void RecordDeleteIn(GDPRSubject subject)
{
throw new NotImplementedException();
}
void RecordNotify(GDPRSubject subject)
{
throw new NotImplementedException();
}
virtual public void RecordCreateIn(GDPRSubject subject)
{
throw new NotImplementedException();
}
public void RecordHold(GDPRSubject subject)
{
throw new NotImplementedException();
}
public ExportInfo ExportData(GDPRSubject subject)
{
return(app.ExportData("", subject));
}
public void AnonymizeSubject(GDPRSubject subject)
{
app.AnonymizeSubject(subject);
}
public RecordCollection SubjectDeleteIn(GDPRSubject subject)
{
return(app.SubjectDeleteIn(subject));
}
public bool SubjectCreateIn(GDPRSubject subject)
{
return(app.SubjectCreateIn(subject));
}
public bool SubjectHoldOut(GDPRSubject subject)
{
return(app.SubjectHoldOut(subject));
}
public bool SubjectUpdateOut(GDPRSubject subject)
{
return(app.SubjectUpdateOut(subject));
}
public void SubjectNotify(GDPRSubject subject)
{
app.SubjectNotify(subject);
}
public List <Record> GetAllRecords(GDPRSubject search)
{
List <Record> msgs = app.GetAllRecords(search);
return(msgs);
}
public void ValidateSubject(GDPRSubject subject)
{
((IGDPRDataSubjectActions)app).ValidateSubject(subject);
}
void RecordUpdateOut(GDPRSubject subject)
{
throw new NotImplementedException();
}
virtual public List <GDPRSubject> RecordSearch(GDPRSubject search)
{
List <GDPRSubject> results = new List <GDPRSubject>();
return(results);
}
void ValidateSubject(GDPRSubject subject)
{
throw new NotImplementedException();
}
public List <GDPRSubject> RecordSearch(GDPRSubject search)
{
List <GDPRSubject> results = app.SubjectSearch(search);
return(results);
}
