public async Task <IActionResult> GetManageCompanies(ManageCompanyViewModel model)
{
Config config = await _appDb.GetConfigAsync();
List <ManageCompany> manageCompanies = await _appDb.GetManageCompaniesAsync();
List <int> manageCompanyStatuses = new List <int>();
List <int> manageCompanyTypes = new List <int>();
foreach (var key in Request.Form["ManageCompanyStatuses"])
{
manageCompanyStatuses.Add(int.Parse(key));
}
foreach (var key in Request.Form["ManageCompanyTypes"])
{
manageCompanyTypes.Add(int.Parse(key));
}
model.ManageCompanyStatusIds = manageCompanyStatuses;
model.ManageCompanyTypeIds = manageCompanyTypes;
model.ManageCompanyStatuses = ManageAccess.GetCompanyStatuses(config);
model.ManageCompanyTypes = ManageAccess.GetCompanyTypes(config);
string manageCompanyFilterUrl = ManageAccess.CreateCompanyFilterUrl(manageCompanyStatuses, manageCompanyTypes);
ViewBag.ManageCompanies = ManageAccess.GetCompanies(config, manageCompanyFilterUrl);
return(View(model));
}
public async Task <IActionResult> ManageConfig()
{
Config config = await _appDb.GetConfigAsync();
ManageConfig manageConfig = await _appDb.GetManageConfigAsync();
List <ManageCompany> manageCompanies = await _appDb.GetManageCompaniesAsync();
List <ManageBoard> manageBoards = ManageAccess.GetBoards(config);
manageConfig.ManageBoard = ManageAccess.GetBoard(config, manageConfig.BoardId);
manageConfig.ManageBoards = manageBoards;
manageConfig.ManageBoardTypes = ManageAccess.GetBoardTypes(config, manageConfig.BoardId);
manageConfig.ManageBoardType = ManageAccess.GetBoardType(config, manageConfig.BoardId, manageConfig.TypeId);
manageConfig.ManageBoardSubTypes = ManageAccess.GetBoardSubTypes(config, manageConfig.BoardId);
manageConfig.ManageBoardSubType = ManageAccess.GetBoardSubType(config, manageConfig.BoardId, manageConfig.SubTypeId);
manageConfig.ManageBoardItems = ManageAccess.GetBoardItems(config, manageConfig.BoardId);
manageConfig.ManageBoardItem = ManageAccess.GetBoardItem(config, manageConfig.BoardId, manageConfig.ItemId);
manageConfig.ManageBoardPriorities = ManageAccess.GetBoardPriorities(config);
manageConfig.ManageBoardPriority = ManageAccess.GetBoardPriority(config, manageConfig.PriorityId);
manageConfig.ManageBoardStatuses = ManageAccess.GetBoardStatuses(config, manageConfig.BoardId);
manageConfig.ManageBoardStatus = ManageAccess.GetBoardStatus(config, manageConfig.BoardId, manageConfig.StatusId);
return(View(manageConfig));
}
public async Task <IActionResult> CompanyMappings()
{
CompanyMappingViewModel companyMappingViewModel = new CompanyMappingViewModel();
Config config = await _appDb.GetConfigAsync();
if (config.ManageClientId == "" || config.ManagePubKey == "")
{
companyMappingViewModel.DefaultOrganization = new ThreatLockerOrganization {
ManageCompanyId = 1, Name = " ", OrganizationId = " "
};
companyMappingViewModel.ManageCompanies = new List <ManageCompany> {
new ManageCompany {
Name = " ", Id = 1
}
};
companyMappingViewModel.ThreatLockerOrganizations = new List <ThreatLockerOrganization> {
new ThreatLockerOrganization {
ManageCompanyId = 1, Name = " ", OrganizationId = " "
}
};
ViewBag.ManageCompanyList = new List <ManageCompany> {
new ManageCompany {
Name = " ", Id = 1
}
};
return(View(companyMappingViewModel));
}
companyMappingViewModel.ThreatLockerOrganizations = await _appDb.GetThreatLockerOrganizationsAsync();
if (companyMappingViewModel.ThreatLockerOrganizations == null)
{
companyMappingViewModel.ThreatLockerOrganizations = ThreatLockerAccess.GetOrganizations(config);
}
companyMappingViewModel.DefaultOrganization = await _appDb.GetDefaultThreatLockerOrganization();
List <ManageCompany> manageCompanyList = new List <ManageCompany>();
manageCompanyList = await _appDb.GetManageCompaniesAsync();
if (manageCompanyList == null)
{
manageCompanyList = ManageAccess.GetCompanies(config, null);
}
ViewBag.ManageCompanyList = manageCompanyList;
companyMappingViewModel.DefaultOrganization = await _appDb.GetDefaultThreatLockerOrganization();
return(View(companyMappingViewModel));
}
public async Task <JsonResult> GetFilteredManageCompaniesJson(string FilterUrl)
{
Config config = await _appDb.GetConfigAsync();
List <ManageCompany> manageCompanies = new List <ManageCompany>();
manageCompanies = ManageAccess.GetCompanies(config, null);
return(Json(new SelectList(manageCompanies, "BoardStatusId", "BoardStatusName")));
}
public async Task <IActionResult> CompanyMappings(CompanyMappingViewModel model)
{
Config config = await _appDb.GetConfigAsync();
ViewBag.ManageCompanyList = ManageAccess.GetCompanies(config, null);
await _appDb.SaveThreatLockerOrganizations(model.ThreatLockerOrganizations);
await _appDb.SaveDefaultThreatLockerOrganization(model.DefaultOrganization);
return(View(model));
}
public async Task <IActionResult> Config(Config model)
{
await _appDb.SaveConfigAsync(model);
List <ManageCompany> manageCompanies = ManageAccess.GetCompanies(model, null);
List <ThreatLockerOrganization> threatLockerOrganizations = ThreatLockerAccess.GetOrganizations(model);
await _appDb.SaveManageCompanies(manageCompanies);
await _appDb.SaveThreatLockerOrganizations(threatLockerOrganizations);
return(View());
}
public async Task <JsonResult> GetBoardStatusesJson(int BoardId)
{
Config config = await _appDb.GetConfigAsync();
List <ManageBoardStatus> manageBoardStatuses = new List <ManageBoardStatus>();
manageBoardStatuses = ManageAccess.GetBoardStatuses(config, BoardId);
manageBoardStatuses.Insert(0, new ManageBoardStatus {
BoardStatusId = 0, BoardStatusName = "Select"
});
return(Json(new SelectList(manageBoardStatuses, "BoardStatusId", "BoardStatusName")));
}
public async Task <IActionResult> ManageConfig(ManageConfig model)
{
Config config = await _appDb.GetConfigAsync();
ManageConfig manageConfig = await _appDb.GetManageConfigAsync();
List <ManageBoard> manageBoards = ManageAccess.GetBoards(config);
int BoardId = int.Parse(HttpContext.Request.Form["BoardId"]);
int TypeId = int.Parse(HttpContext.Request.Form["BoardTypeId"]);
int SubTypeId = int.Parse(HttpContext.Request.Form["BoardSubTypeId"]);
int ItemId = int.Parse(HttpContext.Request.Form["BoardItemId"]);
int PriorityId = int.Parse(HttpContext.Request.Form["BoardPriorityId"]);
int StatusId = int.Parse(HttpContext.Request.Form["BoardStatusId"]);
string TicketSummary = (HttpContext.Request.Form["TicketSummary"]);
model.BoardId = BoardId;
model.TypeId = TypeId;
model.SubTypeId = SubTypeId;
model.ItemId = ItemId;
model.PriorityId = PriorityId;
model.StatusId = StatusId;
model.TicketSummary = TicketSummary;
model.ManageBoard = ManageAccess.GetBoard(config, manageConfig.BoardId);
model.ManageBoards = manageBoards;
model.ManageBoardTypes = ManageAccess.GetBoardTypes(config, manageConfig.BoardId);
model.ManageBoardType = ManageAccess.GetBoardType(config, manageConfig.BoardId, manageConfig.TypeId);
model.ManageBoardSubTypes = ManageAccess.GetBoardSubTypes(config, manageConfig.BoardId);
model.ManageBoardSubType = ManageAccess.GetBoardSubType(config, manageConfig.BoardId, manageConfig.SubTypeId);
model.ManageBoardItems = ManageAccess.GetBoardItems(config, manageConfig.BoardId);
model.ManageBoardItem = ManageAccess.GetBoardItem(config, manageConfig.BoardId, manageConfig.ItemId);
model.ManageBoardPriorities = ManageAccess.GetBoardPriorities(config);
model.ManageBoardPriority = ManageAccess.GetBoardPriority(config, manageConfig.PriorityId);
model.ManageBoardStatuses = ManageAccess.GetBoardStatuses(config, manageConfig.BoardId);
model.ManageBoardStatus = ManageAccess.GetBoardStatus(config, manageConfig.BoardId, manageConfig.StatusId);
List <ManageCompany> manageComapies = ManageAccess.GetCompanies(config, null);
ViewBag.ListOfBoards = manageBoards;
await _appDb.SaveManageConfigAsync(model);
return(View(model));
}
public async Task <IActionResult> GetManageCompanies()
{
List <ManageCompany> manageCompanies = new List <ManageCompany>();
Config config = await _appDb.GetConfigAsync();
if (ViewBag.ManageCompanies == null)
{
manageCompanies = await _appDb.GetManageCompaniesAsync();
}
else
{
manageCompanies = ViewBag.ManageCompanies;
}
ManageCompanyViewModel manageCompanyViewModel = new ManageCompanyViewModel();
manageCompanyViewModel.ManageCompanies = manageCompanies;
manageCompanyViewModel.ManageCompanyStatuses = ManageAccess.GetCompanyStatuses(config);
manageCompanyViewModel.ManageCompanyTypes = ManageAccess.GetCompanyTypes(config);
return(View(manageCompanyViewModel));
}
protected override async Task ExecuteAsync(CancellationToken stoppingToken)
{
while (!stoppingToken.IsCancellationRequested)
{
Config config = await _appDb.GetConfigAsync();
if (string.IsNullOrEmpty(config.ThreatlockerAuth) || string.IsNullOrEmpty(config.ManagePubKey))
{
return;
}
ManageConfig manageConfig = await _appDb.GetManageConfigAsync();
ManageTicket manageTicket = new ManageTicket();
manageTicket.Company = new ManageCompany()
{
Name = "", Id = 0
};
List <ThreatLockerOrganization> threatLockerOrganizations = await _appDb.GetThreatLockerOrganizationsAsync();
_logger.LogInformation($"Checking for requests.");
List <ThreatLockerRequest> threatLockerRequests = ThreatLockerAccess.GetRequests(config);
if (threatLockerRequests != null)
{
_logger.LogInformation($"{threatLockerRequests.Count} requests found.");
foreach (var request in threatLockerRequests)
{
_logger.LogInformation($"Matching Companies");
foreach (var org in threatLockerOrganizations)
{
if (org.OrganizationId == request.OrganizationId)
{
manageTicket.Company = new ManageCompany {
Id = org.ManageCompanyId
};
_logger.LogInformation($"{manageTicket.Company.Name} matched {org.Name}");
}
}
if (manageTicket.Company.Id <= 0)
{
var defaultThreatLockerOrganization = await _appDb.GetDefaultThreatLockerOrganization();
manageTicket.Company.Id = defaultThreatLockerOrganization.ManageCompanyId;
}
var threatLockerAction = ThreatLockerAccess.ProcessJson(request);
string approvalLink = config.ThreatLockerUrl;
if (threatLockerAction.ActionType == "execute")
{
approvalLink += "/applicationcontrolapproval.aspx?popup=true&approvalrequestid=" + request.ApprovalRequestId;
}
else
{
approvalLink += "/storagecontrolapproval.aspx?popup=true&approvalrequestid=" + request.ApprovalRequestId;
}
threatLockerAction.ApprovalLink = approvalLink;
StringBuilder initialDescription = new StringBuilder($"{threatLockerAction.Username} has requested access to {threatLockerAction.FullPath}\n");
initialDescription.Append($"Organization: {request.OrganizationName}\n");
initialDescription.Append($"Hostname: {threatLockerAction.Username.Split('\\')[0]}\n");
initialDescription.Append($"Hash: {threatLockerAction.Hash}");
foreach (var cert in threatLockerAction.Certs)
{
initialDescription.Append($"Cert: {cert.Subject} SHA: {cert.Sha}\n");
}
StringBuilder initialInternalAnalysis = new StringBuilder($"{approvalLink}");
manageTicket.Summary = manageConfig.TicketSummary;
manageTicket.InitialDescription = initialDescription.ToString();
manageTicket.InitialInternalAnalysis = initialInternalAnalysis.ToString();
manageTicket.Board = new ManageBoard {
Id = manageConfig.BoardId
};
manageTicket.Type = new ManageBoardType {
BoardTypeId = manageConfig.TypeId
};
manageTicket.SubType = new ManageBoardSubType {
BoardSubTypeId = manageConfig.SubTypeId
};
manageTicket.Item = new ManageBoardItem {
BoardItemId = manageConfig.ItemId
};
manageTicket.Priority = new ManageBoardPriority {
BoardPriorityId = manageConfig.PriorityId
};
manageTicket.Status = new ManageBoardStatus {
BoardStatusId = manageConfig.StatusId
};
ManageAccess.PostTicket(config, manageTicket);
config.LastSuccessRequestSent = DateTime.UtcNow;
await _appDb.UpdateLastSuccessSent(config);
_logger.LogInformation($"Ticket Created");
}
}
await Task.Delay(config.RequestCheckDelay * 1000, stoppingToken);
}
}
