public IActionResult DownloadFile(string id)
{
try
{
string urlEnc = Encryption.SymmetricDecrypt(id);
Guid decId = Guid.Parse(urlEnc);
var subId = _submissionService.GetSubmission(decId);
string absolutePath = @"ValuableFiles\" + subId.file;
FileStream fs = new FileStream(absolutePath, FileMode.Open, FileAccess.Read);
MemoryStream ms = new MemoryStream();
fs.CopyTo(ms);
var member = _membersService.GetMember(subId.email);
MemoryStream downloadedFile = Encryption.HybridDecrypt(ms, member.PrivateKey);
return(File(downloadedFile, "application/ocet-stream", Guid.NewGuid() + ".pdf"));
}
catch (Exception ex)
{
_logger.LogError(ex.Message + " ip: " + GetIpAddress() + " | Timestamp: " + DateTime.Now + " | Email: " + User.Identity.Name);
return(RedirectToAction("Error"));
}
}
public IActionResult Download(string idEnc)
{
string idDec = Encryption.SymmetricDecrypt(idEnc);
Guid id = Guid.Parse(idDec);
IPHostEntry ipEntry = Dns.GetHostEntry(Dns.GetHostName());
IPAddress[] addr = ipEntry.AddressList;
var sub = _subService.GetSubmission(id);
string absolutePath = @"ValuableFiles\" + sub.File;
FileStream fs = new FileStream(absolutePath, FileMode.Open, FileAccess.Read);
MemoryStream toDownload = new MemoryStream();
fs.CopyTo(toDownload);
string email = sub.Email;
var member = _memService.GetMember(email);
bool pass = Encryption.VerifyData(toDownload, member.PublicKey, sub.Signature);
MemoryStream actualFile = Encryption.HybridDecrypt(toDownload, member.PrivateKey);
if (pass == true)
{
_logger.LogInformation("IP: " + addr[1].ToString() + "\nTime: " + DateTime.Now + "\nUser: "******"\nPDF downloaded");
return(File(actualFile, "application/octet-stream", Guid.NewGuid() + ".pdf"));
}
else
{
_logger.LogError("IP: " + addr[1].ToString() + "\nTime: " + DateTime.Now + "\nUser: "******"\nSomething went wrong");
ModelState.AddModelError("", "Something went wrong");
return(View());
}
}
public IActionResult Create(string idEnc, CommentViewModel data)
{
IPHostEntry ipEntry = Dns.GetHostEntry(Dns.GetHostName());
IPAddress[] addr = ipEntry.AddressList;
string idDec = Encryption.SymmetricDecrypt(idEnc);
Guid id = Guid.Parse(idDec);
data.Submission = _subService.GetSubmission(id);
data.Email = User.Identity.Name;
if (ModelState.IsValid)
{
_comService.AddComment(data);
_logger.LogInformation("IP: " + addr[1].ToString() + "\nTime: " + DateTime.Now + "\nUser: "******"\nComment was added successfully");
TempData["feedback"] = "Comment was added successfully";
ModelState.Clear();
}
else
{
_logger.LogError("IP: " + addr[1].ToString() + "\nTime: " + DateTime.Now + "\nUser: "******"\nError while adding product to Database");
TempData["warning"] = "Error while adding product to Database";
}
CommentViewModel myModel = new CommentViewModel();
myModel.SubmissionId = idEnc;
var comments = _comService.GetComments(id);
ViewBag.Comments = comments;
return(View(myModel));
}
public override void OnActionExecuting(ActionExecutingContext context)
{
try
{
string idDec = Encryption.SymmetricDecrypt(context.ActionArguments["idEnc"].ToString());
Guid id = Guid.Parse(idDec);
string email = context.HttpContext.User.Identity.Name;
ISubmissionsService subService = (ISubmissionsService)context.HttpContext.RequestServices.GetService(typeof(ISubmissionsService));
var sub = subService.GetSubmission(id);
if (sub.Email == email || sub.Task.Email == email)
{
}
else
{
context.Result = new UnauthorizedObjectResult("Access Denied");
}
}
catch (Exception ex)
{
context.Result = new BadRequestObjectResult("Bad Request");
}
}
public IActionResult Create(CommentViewModel data, string id)
{
try
{
string urlEnc = Encryption.SymmetricDecrypt(id);
Guid decId = Guid.Parse(urlEnc);
var comments = _commentService.GetComments(decId);
ViewBag.Comments = comments;
DateTime createdDate = DateTime.Now;
string commenterEmail = User.Identity.Name;
data.submission = _submissionService.GetSubmission(decId);
_commentService.AddComment(data, createdDate, commenterEmail);
TempData["Message"] = "Comment posted successfully";
return(View());
}
catch (Exception ex)
{
_logger.LogError(ex.Message + " ip: " + GetIpAddress() + " | Timestamp: " + DateTime.Now + " | Email: " + User.Identity.Name);
return(RedirectToAction("Error"));
}
}
public override void OnActionExecuting(ActionExecutingContext context)
{
try
{
string urlEnc = Encryption.SymmetricDecrypt(context.ActionArguments["id"].ToString());
Guid decId = Guid.Parse(urlEnc);
var currentLoggedInUser = context.HttpContext.User.Identity.Name;
ISubmissionsService subService = (ISubmissionsService)context.HttpContext.RequestServices.GetService(typeof(ISubmissionsService));
var submission = subService.GetSubmission(decId);
if (submission.email != currentLoggedInUser && submission.task.email != currentLoggedInUser)
{
context.Result = new UnauthorizedObjectResult("Access Denied");
}
}
catch (Exception ex)
{
context.Result = new BadRequestObjectResult("Bad Request");
}
}