public ActionResult Unlock(long id)
{
var rlc = new RequestLockManagementController();
// add AuditLog entry for lock remove
var upc = new UserManagementController();
var almc = new AuditLogManagementController();
almc.addEntry(id, upc.getUserProfile(User.Identity.Name).UserId,
Constants.AuditType.RequestUnlock);
rlc.removeLock(id);
return RedirectToAction("Index", "Home", new {
status = Constants.URLStatus.Unlocked
});
}
/// <summary>
/// Ability to Export a locked Request as a DOCX
/// </summary>
/// <param name="id">The Request ID to Export</param>
/// <returns>A DOCX file.</returns>
/// <request type="GET">/Request/Export</request>
public ActionResult Export(long id)
{
var wec = new WordExportController();
var db = new CAIRSDataContext();
Request request = db.Requests.FirstOrDefault(r => r.RequestID == id);
var markDate = new DateTime(2010, 01, 01, 00, 00, 00, 00);
TimeSpan dateStamp = DateTime.Now.Subtract(markDate);
string filePath =
Server.MapPath(Constants.Export.REPORT_TEMP_PATH +
dateStamp.TotalSeconds + ".docx");
string templatePath =
Server.MapPath(Constants.Export.REPORT_TEMPLATE_PATH);
IEnumerable<string> output = wec.requestToStrings(request);
wec.generateDocument(output, templatePath, filePath, id);
// add AuditLog entry for exporting
var upc = new UserManagementController();
var almc = new AuditLogManagementController();
almc.addEntry(id, upc.getUserProfile(User.Identity.Name).UserId,
Constants.AuditType.RequestExport);
return View("Details", new RequestContent(request));
}
public ActionResult Create(RequestContent reqContent)
{
var rmc = new RequestManagementController();
bool valid = ModelState.IsValid;
if (reqContent.parentRequestID != null &&
!rmc.requestExists((long) reqContent.parentRequestID)) {
ModelState.AddModelError("NonexistentParentRequest",
"Parent Request ID must correspond to an existing request.");
valid = false;
}
if (Request.Form["mark_as_complete"] != null) {
foreach (
QuestionResponseContent qrContent in
reqContent.questionResponseList) {
if (String.IsNullOrEmpty(qrContent.question) ||
removeNewLinesAndTabs(qrContent.question).Equals("<br />") ||
String.IsNullOrEmpty(qrContent.response) ||
removeNewLinesAndTabs(qrContent.response).Equals("<br />") ||
qrContent.questionTypeID == null ||
qrContent.tumourGroupID == null ||
qrContent.timeSpent == null ||
qrContent.severity == null ||
qrContent.consequence == null ||
qrContent.keywords.Count < 1) {
ModelState.AddModelError("IncompleteQuestion",
"Questions must be completed before marking request as complete.");
valid = false;
break;
}
if (qrContent.keywords.Any(keyword => keyword.Length > 128)) {
ModelState.AddModelError("KeywordTooLong",
"Keywords must be less than 128 characters.");
valid = false;
}
if (qrContent.referenceList.Any(refContent => String.IsNullOrEmpty(refContent.referenceString))) {
ModelState.AddModelError("IncompleteReference",
"References must be completed before marking request as complete.");
valid = false;
}
}
reqContent.timeClosed = DateTime.Now;
reqContent.requestStatus = Constants.RequestStatus.Completed;
}
// Encode HTML in question responses
// Replace null references with empty string
foreach (
QuestionResponseContent qrContent in
reqContent.questionResponseList) {
if (!String.IsNullOrEmpty(qrContent.question)) {
qrContent.question = HttpUtility.HtmlEncode(
removeNewLinesAndTabs(qrContent.question))
.Replace("'", "'");
}
if (!String.IsNullOrEmpty(qrContent.response)) {
qrContent.response = HttpUtility.HtmlEncode(
removeNewLinesAndTabs(qrContent.response))
.Replace("'", "'");
}
if (!String.IsNullOrEmpty(qrContent.specialNotes)) {
qrContent.specialNotes = HttpUtility.HtmlEncode(
removeNewLinesAndTabs(qrContent.specialNotes))
.Replace("'", "'");
}
foreach (
ReferenceContent refContent in qrContent.referenceList) {
refContent.referenceString =
refContent.referenceString == null ?
"" :
refContent.referenceString.Replace("\\", "\\\\");
}
}
if (!valid) {
var dc = new DropdownManagementController();
ViewBag.RequestorTypes = new SelectList(
dc.getEntries(Constants.DropdownTable.RequestorType),
"id", "text");
ViewBag.Regions = new SelectList(
dc.getEntries(Constants.DropdownTable.Region),
"id", "text");
ViewBag.GenderOptions = new SelectList(Constants.genderOptions);
return View(reqContent);
}
long reqId = rmc.create(reqContent);
var uc = new UserManagementController();
UserProfile up = uc.getUserProfile(User.Identity.Name);
var almc = new AuditLogManagementController();
almc.addEntry(reqId, up.UserId,
Constants.AuditType.RequestCreation,
reqContent.timeOpened);
if (reqContent.requestStatus == Constants.RequestStatus.Completed &&
reqContent.timeClosed != null) {
almc.addEntry(reqId, up.UserId,
Constants.AuditType.RequestCompletion,
(DateTime) reqContent.timeClosed);
}
if (Roles.IsUserInRole(Constants.Roles.VIEWER)) {
return RedirectToAction("Details", "Request",
new {
id = reqId
});
}
return RedirectToAction("Index", "Home",
new {
status =
Constants.URLStatus.SuccessfulCreate
});
}
private void addEntryWithSpecifiedDateTimeHelper(Constants.AuditType at,
DateTime
randomizedDateTime)
{
var almc = new AuditLogManagementController();
// run method
almc.addEntry(rq.RequestID, up.UserId, at, randomizedDateTime);
// checks
AuditLog alCreated =
_dc.AuditLogs.FirstOrDefault(r => r.RequestID == rq.RequestID);
Assert.IsNotNull(alCreated, "No audit log created.");
Assert.IsTrue(alCreated.UserID == up.UserId,
"Audit Log created with wrong user ID.");
Assert.IsTrue(
Enum.GetName(typeof (Constants.AuditType), alCreated.AuditType)
.Equals(Enum.GetName(typeof (Constants.AuditType), at)),
"Audit Log created with wrong audit type.");
Assert.That(alCreated.AuditDate,
Is.EqualTo(randomizedDateTime).Within(1).Seconds,
"Audit Log created with wrong date.");
_dc.AuditLogs.DeleteOnSubmit(alCreated);
_dc.SubmitChanges();
}
public ActionResult Details(long id)
{
var rmc = new RequestManagementController();
var rlc = new RequestLockManagementController();
var upc = new UserManagementController();
var db = new CAIRSDataContext();
int timeSpent = 0;
// Set up the Request Object
RequestContent request = rmc.getRequestDetails(id);
if (request == null) {
ViewBag.Title = Constants.UIString.TitleText.VIEW_REQUEST
+ " - "
+ Constants.UIString.TitleText.ERROR;
ViewBag.Error =
"The Request ID provided does not exist in the database.";
return View((object) null);
}
ViewBag.Title = Constants.UIString.TitleText.VIEW_REQUEST
+ " - "
+ Constants.UIString.TitleText.REQUEST_NUM
+ request.requestID;
// Show error if not editor/administrator and request isn't complete
if (!User.IsInRole(Constants.Roles.REQUEST_EDITOR)
&& !User.IsInRole(Constants.Roles.ADMINISTRATOR)
&& request.requestStatus != Constants.RequestStatus.Completed) {
ViewBag.Title = Constants.UIString.TitleText.VIEW_REQUEST
+ " - "
+ Constants.UIString.TitleText.ERROR;
ViewBag.Error =
"You do not have the necessary permissions to view this request.";
return View((object) null);
}
// Show error if not administrator and request is invalid (deleted)
if (!User.IsInRole(Constants.Roles.ADMINISTRATOR)
&& request.requestStatus == Constants.RequestStatus.Invalid) {
ViewBag.Title = Constants.UIString.TitleText.VIEW_REQUEST
+ " - "
+ Constants.UIString.TitleText.ERROR;
ViewBag.Error =
"You do not have the necessary permissions to view this request.";
return View((object) null);
}
// Show error if you can't view due to locked status
if (rlc.isLocked(id) &&
!User.IsInRole(Constants.Roles.ADMINISTRATOR)) {
// Check if it's not locked to you
if (!User.IsInRole(Constants.Roles.REQUEST_EDITOR) ||
rlc.getRequestLock(id).UserID !=
upc.getUserProfile(User.Identity.Name).UserId) {
request = null;
ViewBag.Title = Constants.UIString.TitleText.VIEW_REQUEST
+ " - "
+ Constants.UIString.TitleText.ERROR;
ViewBag.Error =
"This request has been locked to another person and cannot be viewed until unlocked.";
return View((object) null);
}
}
// Set up Time Spent (Question-Dependent)
foreach (QuestionResponseContent qr in request.questionResponseList) {
timeSpent += qr.timeSpent.GetValueOrDefault(0);
}
ViewBag.TimeSpent = timeSpent;
ViewBag.DataContext = new CAIRSDataContext();
// Created By
AuditLog auditLog = (from al in db.AuditLogs
where
(int) al.AuditType ==
(int) Constants.AuditType.RequestCreation &&
al.RequestID == request.requestID
select al).FirstOrDefault();
if (auditLog != null && auditLog.UserProfile != null) {
ViewBag.CreatedBy = auditLog.UserProfile.UserFullName;
} else {
ViewBag.CreatedBy = "";
}
// Closed By
auditLog = (from al in db.AuditLogs
where
(int) al.AuditType ==
(int) Constants.AuditType.RequestCompletion &&
al.RequestID == request.requestID
select al).FirstOrDefault();
if (auditLog != null && auditLog.UserProfile != null) {
ViewBag.CompletedBy = auditLog.UserProfile.UserFullName;
} else {
ViewBag.CompletedBy = "";
}
// add AuditLog entry for viewing
var almc = new AuditLogManagementController();
almc.addEntry(id, upc.getUserProfile(User.Identity.Name).UserId,
Constants.AuditType.RequestView);
ViewBag.IsLocked = rlc.isLocked(id);
if (ViewBag.IsLocked) {
ViewBag.IsLockedToMe = rlc.getRequestLock(id).UserID ==
upc.getUserProfile(User.Identity.Name)
.UserId;
} else {
ViewBag.IsLockedToMe = false;
}
return View(request);
}
public void Test_createReportForUserWithSingleAuditLog()
{
var almc = new AuditLogManagementController();
// create AuditLog by up
_dc.AuditLogs.InsertOnSubmit(new AuditLog {
RequestID = rq.RequestID,
UserID = up.UserId,
AuditType = (byte) Constants.AuditType.RequestView,
AuditDate = DateTime.Now
});
_dc.SubmitChanges();
bool returnValue = almc.createReportForUser(up.UserId,
DateTime.Now.Subtract(
TimeSpan.FromHours(1)),
DateTime.Now);
}
private void addEntryHelper(Constants.AuditType at)
{
var almc = new AuditLogManagementController();
// run method
almc.addEntry(rq.RequestID, up.UserId, at);
//// checks
AuditLog alCreated =
_dc.AuditLogs.FirstOrDefault(r => r.RequestID == rq.RequestID);
Assert.IsNotNull(alCreated, "No audit log created.");
Assert.IsTrue(alCreated.UserID == up.UserId,
"Audit Log created with wrong user ID.");
Assert.IsTrue(
Enum.GetName(typeof (Constants.AuditType), alCreated.AuditType)
.Equals(Enum.GetName(typeof (Constants.AuditType), at)),
"Audit Log created with wrong audit type.");
Assert.IsTrue(
((DateTime.Now.Subtract(TimeSpan.FromSeconds(5))) <
alCreated.AuditDate),
"Audit Log created with incorrect date and time (too early).");
Assert.IsTrue(DateTime.Now > alCreated.AuditDate,
"Audit Log created with incorrect date and time (too late).");
_dc.AuditLogs.DeleteOnSubmit(alCreated);
_dc.SubmitChanges();
}
public void Test_createReportForUserInvalidDate()
{
var almc = new AuditLogManagementController();
bool returnValue = almc.createReportForUser(up.UserId, DateTime.Now,
DateTime.Now.Subtract(
TimeSpan.FromHours(1)));
}
public void Test_createReportForUserNoData()
{
var almc = new AuditLogManagementController();
int randomUserIntNew = _random.Next(1, 100000000);
_dc.UserProfiles.InsertOnSubmit(new UserProfile {
UserName =
"******" +
randomUserIntNew.ToString(CultureInfo.InvariantCulture)
});
_dc.SubmitChanges();
UserProfile upNew =
_dc.UserProfiles.FirstOrDefault(
userProfile =>
userProfile.UserName ==
("TALM" +
randomUserIntNew.ToString(CultureInfo.InvariantCulture)));
bool returnValue = almc.createReportForUser(upNew.UserId,
DateTime.Now.Subtract(
TimeSpan.FromHours(1)),
DateTime.Now);
Assert.IsFalse(returnValue,
"Data in audit report for requests with no AuditLogs.");
_dc.UserProfiles.DeleteOnSubmit(upNew);
_dc.SubmitChanges();
}
public void Test_createReportForRequestWithSingleRequest()
{
var almc = new AuditLogManagementController();
// create AuditLogs for rq
_dc.AuditLogs.InsertOnSubmit(new AuditLog {
RequestID = rq.RequestID,
UserID = up.UserId,
AuditType = (byte) Constants.AuditType.RequestView,
AuditDate = DateTime.Now
});
_dc.SubmitChanges();
var auditRequests = new List<Request> {
rq
};
bool returnValue = almc.createReportForRequest(auditRequests);
// delete AuditLog created
AuditLog alCreated =
_dc.AuditLogs.FirstOrDefault(r => r.RequestID == rq.RequestID);
_dc.AuditLogs.DeleteOnSubmit(alCreated);
_dc.SubmitChanges();
}
public void Test_createReportForUserInvalid()
{
var almc = new AuditLogManagementController();
bool returnValue = almc.createReportForUser(0, DateTime.MinValue,
DateTime.MaxValue);
}
public void Test_createReportForRequestWithMultipleRequests()
{
// Create an extra test request to test list with multiple
long randomRequestInt = _random.Next(1, 100000000);
var rmc = new RequestManagementController();
// Create new Request Directly in DB
rmc.create(new RequestContent {
patientLName =
"TALM" +
randomRequestInt.ToString(CultureInfo.InvariantCulture)
});
_dc.SubmitChanges();
rq2 = _dc.Requests.FirstOrDefault(
request =>
request.PatientLName ==
("TALM" +
randomRequestInt.ToString(CultureInfo.InvariantCulture)));
var almc = new AuditLogManagementController();
// create AuditLogs for rq
_dc.AuditLogs.InsertOnSubmit(new AuditLog {
RequestID = rq.RequestID,
UserID = up.UserId,
AuditType = (byte) Constants.AuditType.RequestView,
AuditDate = DateTime.Now
});
_dc.SubmitChanges();
// create AuditLogs for rq2
_dc.AuditLogs.InsertOnSubmit(new AuditLog {
RequestID = rq2.RequestID,
UserID = up.UserId,
AuditType = (byte) Constants.AuditType.RequestView,
AuditDate = DateTime.Now
});
_dc.SubmitChanges();
var auditRequests = new List<Request> {
rq,
rq2
};
bool returnValue = almc.createReportForRequest(auditRequests);
// delete both AuditLogs created
AuditLog alCreated =
_dc.AuditLogs.FirstOrDefault(r => r.RequestID == rq.RequestID);
_dc.AuditLogs.DeleteOnSubmit(alCreated);
AuditLog alCreated2 =
_dc.AuditLogs.FirstOrDefault(r => r.RequestID == rq2.RequestID);
_dc.AuditLogs.DeleteOnSubmit(alCreated2);
_dc.SubmitChanges();
}
public void Test_createReportForRequestNull()
{
var almc = new AuditLogManagementController();
bool returnValue = almc.createReportForRequest(null);
}
public void Test_createReportForRequestNoData()
{
var almc = new AuditLogManagementController();
var auditRequests = new List<Request> {
rq
};
bool returnValue = almc.createReportForRequest(auditRequests);
Assert.IsFalse(returnValue,
"Data in audit report for requests with no AuditLogs.");
}
public void Test_addEntryWithSpecifiedIncorrectUser()
{
var almc = new AuditLogManagementController();
// run method
almc.addEntry(rq.RequestID, 0, Constants.AuditType.RequestView,
DateTime.Now);
//// checks
AuditLog alCreated =
_dc.AuditLogs.FirstOrDefault(r => r.RequestID == rq.RequestID);
Assert.IsNull(alCreated,
"Audit log created despite invalid user ID.");
}
public void Test_addEntryIncorrectRequest()
{
var almc = new AuditLogManagementController();
// run method
almc.addEntry(0, up.UserId, Constants.AuditType.RequestView);
//// checks
AuditLog alCreated =
_dc.AuditLogs.FirstOrDefault(r => r.RequestID == rq.RequestID);
Assert.IsNull(alCreated,
"Audit log created despite invalid request ID.");
}
