public IActionResult DownloadFile(string id)
        {
            try
            {
                string urlEnc = Encryption.SymmetricDecrypt(id);
                Guid   decId  = Guid.Parse(urlEnc);

                var    subId        = _submissionService.GetSubmission(decId);
                string absolutePath = @"ValuableFiles\" + subId.file;

                FileStream   fs = new FileStream(absolutePath, FileMode.Open, FileAccess.Read);
                MemoryStream ms = new MemoryStream();

                fs.CopyTo(ms);

                var          member         = _membersService.GetMember(subId.email);
                MemoryStream downloadedFile = Encryption.HybridDecrypt(ms, member.PrivateKey);

                return(File(downloadedFile, "application/ocet-stream", Guid.NewGuid() + ".pdf"));
            }
            catch (Exception ex)
            {
                _logger.LogError(ex.Message + " ip: " + GetIpAddress() + " | Timestamp: " + DateTime.Now + " | Email: " + User.Identity.Name);
                return(RedirectToAction("Error"));
            }
        }
        public IActionResult Download(string idEnc)
        {
            string idDec = Encryption.SymmetricDecrypt(idEnc);
            Guid   id    = Guid.Parse(idDec);

            IPHostEntry ipEntry = Dns.GetHostEntry(Dns.GetHostName());

            IPAddress[] addr = ipEntry.AddressList;

            var    sub          = _subService.GetSubmission(id);
            string absolutePath = @"ValuableFiles\" + sub.File;

            FileStream   fs         = new FileStream(absolutePath, FileMode.Open, FileAccess.Read);
            MemoryStream toDownload = new MemoryStream();

            fs.CopyTo(toDownload);
            string email  = sub.Email;
            var    member = _memService.GetMember(email);

            bool         pass       = Encryption.VerifyData(toDownload, member.PublicKey, sub.Signature);
            MemoryStream actualFile = Encryption.HybridDecrypt(toDownload, member.PrivateKey);


            if (pass == true)
            {
                _logger.LogInformation("IP: " + addr[1].ToString() + "\nTime: " + DateTime.Now + "\nUser: "******"\nPDF downloaded");
                return(File(actualFile, "application/octet-stream", Guid.NewGuid() + ".pdf"));
            }
            else
            {
                _logger.LogError("IP: " + addr[1].ToString() + "\nTime: " + DateTime.Now + "\nUser: "******"\nSomething went wrong");
                ModelState.AddModelError("", "Something went wrong");
                return(View());
            }
        }
Exemple #3
0
        public IActionResult Create(string idEnc, CommentViewModel data)
        {
            IPHostEntry ipEntry = Dns.GetHostEntry(Dns.GetHostName());

            IPAddress[] addr = ipEntry.AddressList;

            string idDec = Encryption.SymmetricDecrypt(idEnc);
            Guid   id    = Guid.Parse(idDec);

            data.Submission = _subService.GetSubmission(id);
            data.Email      = User.Identity.Name;

            if (ModelState.IsValid)
            {
                _comService.AddComment(data);
                _logger.LogInformation("IP: " + addr[1].ToString() + "\nTime: " + DateTime.Now + "\nUser: "******"\nComment was added successfully");
                TempData["feedback"] = "Comment was added successfully";
                ModelState.Clear();
            }
            else
            {
                _logger.LogError("IP: " + addr[1].ToString() + "\nTime: " + DateTime.Now + "\nUser: "******"\nError while adding product to Database");
                TempData["warning"] = "Error while adding product to Database";
            }

            CommentViewModel myModel = new CommentViewModel();

            myModel.SubmissionId = idEnc;

            var comments = _comService.GetComments(id);

            ViewBag.Comments = comments;

            return(View(myModel));
        }
Exemple #4
0
        public override void OnActionExecuting(ActionExecutingContext context)
        {
            try
            {
                string idDec = Encryption.SymmetricDecrypt(context.ActionArguments["idEnc"].ToString());
                Guid   id    = Guid.Parse(idDec);

                string email = context.HttpContext.User.Identity.Name;

                ISubmissionsService subService = (ISubmissionsService)context.HttpContext.RequestServices.GetService(typeof(ISubmissionsService));
                var sub = subService.GetSubmission(id);

                if (sub.Email == email || sub.Task.Email == email)
                {
                }
                else
                {
                    context.Result = new UnauthorizedObjectResult("Access Denied");
                }
            }
            catch (Exception ex)
            {
                context.Result = new BadRequestObjectResult("Bad Request");
            }
        }
        public IActionResult Create(CommentViewModel data, string id)
        {
            try
            {
                string urlEnc = Encryption.SymmetricDecrypt(id);
                Guid   decId  = Guid.Parse(urlEnc);

                var comments = _commentService.GetComments(decId);
                ViewBag.Comments = comments;

                DateTime createdDate = DateTime.Now;

                string commenterEmail = User.Identity.Name;

                data.submission = _submissionService.GetSubmission(decId);

                _commentService.AddComment(data, createdDate, commenterEmail);

                TempData["Message"] = "Comment posted successfully";
                return(View());
            }
            catch (Exception ex)
            {
                _logger.LogError(ex.Message + " ip: " + GetIpAddress() + " | Timestamp: " + DateTime.Now + " | Email: " + User.Identity.Name);
                return(RedirectToAction("Error"));
            }
        }
Exemple #6
0
        public override void OnActionExecuting(ActionExecutingContext context)
        {
            try
            {
                string urlEnc = Encryption.SymmetricDecrypt(context.ActionArguments["id"].ToString());
                Guid   decId  = Guid.Parse(urlEnc);

                var currentLoggedInUser = context.HttpContext.User.Identity.Name;

                ISubmissionsService subService = (ISubmissionsService)context.HttpContext.RequestServices.GetService(typeof(ISubmissionsService));
                var submission = subService.GetSubmission(decId);
                if (submission.email != currentLoggedInUser && submission.task.email != currentLoggedInUser)
                {
                    context.Result = new UnauthorizedObjectResult("Access Denied");
                }
            }
            catch (Exception ex)
            {
                context.Result = new BadRequestObjectResult("Bad Request");
            }
        }