Ejemplo n.º 1
0
        public ActionResult Delete(int id)
        {
            try
            {
                Track t = new TracksBL().GetTrack(id);


                string absolutePath = Server.MapPath(t.TrackUrl);

                if (System.IO.File.Exists(absolutePath))
                {
                    //namel admin role awek habba Task5
                    new TracksBL().RemoveTrack(id);

                    System.IO.File.Delete(absolutePath);

                    Logger.Log(User.Identity.Name, Request.Path, "Track " + t.Title + " was deleted");
                    TempData["message"] = "Track deleted successfully";
                }
            }
            catch (Exception ex)
            {
                Logger.Log(User.Identity.Name, Request.Path, "Error: " + ex.Message);
                TempData["errormessage"] = "Track was not deleted";
            }

            return(RedirectToAction("Index"));
        }
Ejemplo n.º 2
0
        public ActionResult Download(int id)
        {
            try
            {
                //check if user has permission to download the file (Not yet done)


                //Add admin role task5
                Track track       = new TracksBL().GetTrack(id);
                User  currentUser = new UsersBL().GetUser(User.Identity.Name);

                if (track.TrackUrl != null)
                {
                    string absolutePath = Server.MapPath(track.TrackUrl);

                    if (System.IO.File.Exists(absolutePath))
                    {
                        byte[] data = System.IO.File.ReadAllBytes(absolutePath); //track as an array of bytes

                        //Decryption of (hybrid encryption)
                        MemoryStream msIn = new MemoryStream(data); //track as a memoryStream
                        msIn.Position = 0;



                        //Digital signing verifying

                        Encryption e          = new Encryption();
                        User       trackOwner = new UsersBL().GetUserById(track.userId);

                        //true if not altered, false otherwise.
                        //params : the file, public key of who uploaded the track, the track ds
                        bool secureTrack = e.VerifyData(msIn.ToArray(), trackOwner.PublicKey, track.digitalSignature);

                        if (secureTrack)
                        {
                            MemoryStream msDecrypted = Encryption.HybridDecrypt(msIn, currentUser.PrivateKey);

                            Logger.Log(User.Identity.Name, Request.Path, "Downloaded " + track.Title);

                            return(File(msDecrypted.ToArray(), System.Net.Mime.MediaTypeNames.Application.Octet,
                                        Path.GetFileName(track.TrackUrl)));
                        }
                        else
                        {
                            throw new CustomException("Download failed: File compromised");
                        }
                    }

                    return(RedirectToAction("Index"));
                }
            }
            catch (Exception ex)
            {
                Logger.Log(User.Identity.Name, Request.Path, "Error: " + ex.Message);
                TempData["errormessage"] = ex.Message;
            }

            return(RedirectToAction("Index"));
        }
Ejemplo n.º 3
0
        public ActionResult Index()
        {
            TracksBL      tbl    = new TracksBL();
            IList <Track> tracks = tbl.GetTracks().ToList();

            return(View(tracks));
        }
Ejemplo n.º 4
0
        public ActionResult Details(string id)
        {
            try
            {
                TracksBL tbl         = new TracksBL();
                string   decryptedId = Encryption.DecryptQueryString(id);

                Track t = tbl.GetTrack(Convert.ToInt32(decryptedId));
                return(View(t));
            }
            catch (Exception e) {
                Logger.Log(User.Identity.Name, Request.Path, "Access Denied!", e.Message);
                TempData["errormessage"] = "Access Denied!";
                return(RedirectToAction("Index"));
            }
        }