public ActionResult New([Bind(Include = "ProcessName, ClassroomID")] Blacklist blacklist)
{
if (Session["UserID"] == null)
{
return(RedirectToAction("", "Home"));
}
if (CheckUserPermission())
{
blacklist.CreatedOn = DateTime.Now;
blacklist.CreatorID = (int)Session["UserID"];
db.Blacklists.Add(blacklist);
db.SaveChanges();
return(RedirectToAction("", "Blacklist"));
}
return(RedirectToAction("", "Home"));
}
public ActionResult New([Bind(Include = "Login, FirstName, LastName, IsAdmin, Password")] User user)
{
if (Session["UserID"] == null)
{
return(RedirectToAction("", "Home"));
}
if (CheckUserPermission())
{
user.CreatedOn = DateTime.Now;
user.CreatorID = (int)Session["UserID"];
user.Password = HashPassword(user.Password);
db.Users.Add(user);
db.SaveChanges();
return(RedirectToAction("", "User"));
}
return(RedirectToAction("", "Home"));
}
public ActionResult Login(string login, string password)
{
byte[] pass = Encoding.Default.GetBytes(password); //employee pass in bytes
using (var sha256 = SHA256.Create())
{
byte[] hashPass = sha256.ComputeHash(pass); //256-bits employee pass
string hashPassHex = BitConverter.ToString(hashPass).Replace("-", string.Empty); //64 chars hash pass
//get login and pass from DB
var user = db.Users.Where(e => e.Login == login).FirstOrDefault();
if (user != null)
{
if (user.Password == hashPassHex) //user typed proper data
{
if (user.LoginAttempts < FAILED_LOGINS_LIMIT)
{
Session["UserID"] = user.UserID;
Session["Administrator"] = user.IsAdmin;
Session["Name"] = user.FirstName + " " + user.LastName;
user.LastLogin = DateTime.Now;
user.LoginAttempts = 0; // 0 the counter
}
else
{
return(RedirectToAction("", "Home"));
}
}
else //user typed incorrect password
{
if (user.LoginAttempts < FAILED_LOGINS_LIMIT)
{
user.LoginAttempts += 1;//add one because of failed login attempt
}
else
{
return(RedirectToAction("", "Home"));
}
}
db.Entry(user).State = EntityState.Modified;
db.SaveChanges();
}
}
return(RedirectToAction("", "Home"));
}
public ActionResult Create([Bind(Include = "ID,Name,Location")] Classroom classroom)
{
if (Session["UserID"] == null)
{
return(RedirectToAction("", "Home"));
}
if (CheckUserPermission())
{
if (ModelState.IsValid)
{
classroom.CreatorID = (int)Session["UserID"];
classroom.CreatedOn = DateTime.Now;
db.Classrooms.Add(classroom);
db.SaveChanges();
return(RedirectToAction("Index"));
}
return(View(classroom));
}
return(RedirectToAction("", "Home"));
}
public ActionResult Create([Bind(Include = "ID,ClassroomID,IPAddress,StationDiscriminant")] Computer computer)
{
if (Session["UserID"] == null)
{
return(RedirectToAction("", "Home"));
}
if (CheckUserPermission())
{
if (ModelState.IsValid)
{
computer.CreatorID = (int)Session["UserID"];
computer.CreatedOn = DateTime.Now;
db.Computers.Add(computer);
db.SaveChanges();
return(RedirectToAction("Index"));
}
ViewBag.ClassroomID = new SelectList(db.Classrooms, "ClassroomID", "Name", computer.ClassroomID);
return(View(computer));
}
return(RedirectToAction("", "Home"));
}
public void Disconnect(string stationDiscr)
{
using (var ctx = new CompSpyContext())
{
var comp = ctx.Computers.Where(c => c.StationDiscriminant == stationDiscr).FirstOrDefault();
if (comp != null)
{
comp.ConnectionID = null;
ctx.Entry(comp).State = EntityState.Modified;
ctx.SaveChanges();
Groups.Remove(Context.ConnectionId, comp.Classroom.Name);
var groupsToInform = new List <string> {
comp.Classroom.Name, Context.ConnectionId
};
suirvelanceHub.Clients.Groups(groupsToInform).ComputerDisconnected(stationDiscr);
}
}
}
public void ReceiveData(string data)
{
var json = new JavaScriptSerializer().Deserialize <Message>(data);
using (var ctx = new CompSpyContext())
{
var comp = ctx.Computers.Where(c => c.ConnectionID == Context.ConnectionId).FirstOrDefault();
if (comp != null)
{
var black = ctx.Blacklists.Where(b => b.ClassroomID == comp.ClassroomID);
json.listaProcesow = json.listaProcesow.Where(x => black.Any(y => y.ProcessName == x)).ToList();
var jsonSerialized = new JavaScriptSerializer().Serialize(json);
if (json.listaProcesow.Count != 0)
{
var abuse = new Models.Abuse()
{
AbuserID = comp.ComputerID,
DetectedOn = DateTime.Now,
Read = false,
ScreenPath = json.image
};
ctx.Abuses.Add(abuse);
ctx.SaveChanges();
}
if (json.hq)
{
suirvelanceHub.Clients.Group(Context.ConnectionId).ComputerDataReceived(jsonSerialized);
}
else
{
suirvelanceHub.Clients.Group(comp.Classroom.Name).ComputerDataReceived(jsonSerialized);
}
}
}
}