/// <summary>
/// Saves the list of selected Standards.
/// </summary>
/// <param name="selectedStandards"></param>
/// <returns></returns>
public QuestionRequirementCounts PersistSelectedStandards(int assessmentId, List <string> selectedStandards)
{
using (var db = new CSET_Context())
{
var result = db.AVAILABLE_STANDARDS.Where(x => x.Assessment_Id == assessmentId);
db.AVAILABLE_STANDARDS.RemoveRange(result);
if (selectedStandards != null)
{
foreach (string std in selectedStandards)
{
db.AVAILABLE_STANDARDS.Add(new AVAILABLE_STANDARDS()
{
Assessment_Id = assessmentId,
Set_Name = std,
Selected = true
});
}
db.SaveChanges();
}
}
AssessmentUtil.TouchAssessment(assessmentId);
// Return the numbers of active Questions and Requirements
QuestionRequirementCounts counts = new QuestionRequirementCounts();
counts.QuestionCount = new QuestionsManager(assessmentId).NumberOfQuestions();
counts.RequirementCount = new RequirementsManager(assessmentId).NumberOfRequirements();
return(counts);
}
/// <summary>
/// Returns all known NIST answers for the assessment.
/// If there are no answers for the assessment,
/// a set of 'no' answers is created, saved and returned.
/// </summary>
/// <param name="assessmentId"></param>
/// <returns></returns>
public List <NistQuestionsAnswers> GetNistQuestions(int assessmentId)
{
using (CSET_Context db = new CSET_Context())
{
// if we don't have answers yet, clone them and default all answers to 'no'
var existingAnswers = db.NIST_SAL_QUESTION_ANSWERS.Where(x => x.Assessment_Id == assessmentId).ToList();
if (existingAnswers.Count() == 0)
{
// Create default answer rows based on the question set
foreach (var question in db.NIST_SAL_QUESTIONS.ToList())
{
var ans = new NIST_SAL_QUESTION_ANSWERS()
{
Assessment_Id = assessmentId,
Question_Id = question.Question_Id,
Question_Answer = "No"
};
db.NIST_SAL_QUESTION_ANSWERS.Add(ans);
}
db.SaveChanges();
}
var rlist = from a in db.NIST_SAL_QUESTIONS
join b in db.NIST_SAL_QUESTION_ANSWERS on a.Question_Id equals b.Question_Id
where b.Assessment_Id == assessmentId
orderby a.Question_Number
select new NistQuestionsAnswers()
{
Assessment_Id = b.Assessment_Id, Question_Id = b.Question_Id, Question_Answer = b.Question_Answer, Question_Number = a.Question_Number, Question_Text = a.Question_Text
};
return(rlist.ToList());
}
}
public void SaveACETFilters([FromBody] List <ACETFilter> filters)
{
int assessmentId = Auth.AssessmentForUser();
using (CSET_Context context = new CSET_Context())
{
Dictionary <string, int> domainIds = context.FINANCIAL_DOMAINS.ToDictionary(x => x.Domain, x => x.DomainId);
foreach (ACETFilter f in filters.Where(x => x.DomainName != null).ToList())
{
int domainId = domainIds[f.DomainName];
var filter = context.FINANCIAL_DOMAIN_FILTERS.Where(x => x.DomainId == domainId && x.Assessment_Id == assessmentId).FirstOrDefault();
if (filter == null)
{
context.FINANCIAL_DOMAIN_FILTERS.Add(new FINANCIAL_DOMAIN_FILTERS()
{
Assessment_Id = assessmentId, DomainId = domainId,
B = f.B,
E = f.E,
Int = f.Int,
A = f.A,
Inn = f.Inn
});
}
else
{
filter.B = f.B;
filter.E = f.E;
filter.Int = f.Int;
filter.A = f.A;
filter.Inn = f.Inn;
}
}
context.SaveChanges();
}
}
/// <summary>
/// Stores an answer.
/// </summary>
/// <param name="answer"></param>
public int StoreAnswer(Answer answer)
{
var db = new CSET_Context();
// Find the Question or Requirement
var question = db.NEW_QUESTION.Where(q => q.Question_Id == answer.QuestionId).FirstOrDefault();
var requirement = db.NEW_REQUIREMENT.Where(r => r.Requirement_Id == answer.QuestionId).FirstOrDefault();
if (question == null && requirement == null)
{
throw new Exception("Unknown question or requirement ID: " + answer.QuestionId);
}
// in case a null is passed, store 'unanswered'
if (string.IsNullOrEmpty(answer.AnswerText))
{
answer.AnswerText = "U";
}
ANSWER dbAnswer = null;
if (answer != null && answer.ComponentGuid != Guid.Empty)
{
dbAnswer = db.ANSWER.Where(x => x.Assessment_Id == _assessmentId &&
x.Question_Or_Requirement_Id == answer.QuestionId &&
x.Is_Requirement == answer.Is_Requirement && x.Component_Guid == answer.ComponentGuid).FirstOrDefault();
}
else if (answer != null)
{
dbAnswer = db.ANSWER.Where(x => x.Assessment_Id == _assessmentId &&
x.Question_Or_Requirement_Id == answer.QuestionId &&
x.Is_Requirement == answer.Is_Requirement).FirstOrDefault();
}
if (dbAnswer == null)
{
dbAnswer = new ANSWER();
}
dbAnswer.Assessment_Id = _assessmentId;
dbAnswer.Question_Or_Requirement_Id = answer.QuestionId;
dbAnswer.Question_Number = answer.QuestionNumber;
dbAnswer.Is_Requirement = answer.Is_Requirement;
dbAnswer.Answer_Text = answer.AnswerText;
dbAnswer.Alternate_Justification = answer.AltAnswerText;
dbAnswer.Comment = answer.Comment;
dbAnswer.Feedback = answer.Feedback;
dbAnswer.Mark_For_Review = answer.MarkForReview;
dbAnswer.Reviewed = answer.Reviewed;
dbAnswer.Component_Guid = answer.ComponentGuid;
dbAnswer.Is_Component = answer.Is_Component;
db.ANSWER.AddOrUpdate(dbAnswer, x => x.Answer_Id);
db.SaveChanges();
AssessmentUtil.TouchAssessment(_assessmentId);
return(dbAnswer.Answer_Id);
}
/// <summary>
/// Updates the contact's first and last name from their user record.
/// The purpose of this is to make sure that a user sees their preferred name
/// on any assessments that they are working with, and not what somebody typed
/// when they were added to an assessment.
/// </summary>
public void RefreshContactNameFromUserDetails()
{
TokenManager tm = new TokenManager();
int? userId = tm.PayloadInt(Constants.Token_UserId);
int? assessmentId = tm.PayloadInt(Constants.Token_AssessmentId);
if (assessmentId == null || userId == null)
{
// There's no assessment or userid on the token. Nothing to do.
return;
}
using (var db = new CSET_Context())
{
// we can expect to find this record for the current user and assessment.
var ac = db.ASSESSMENT_CONTACTS.Where(x => x.Assessment_Id == (int)assessmentId && x.UserId == userId).FirstOrDefault();
// The ASSESSMENT_CONTACT we want to work with is not there for some reason -- nothing to do
if (ac == null)
{
return;
}
// get the user record for the definitive name
var u = db.USERS.Where(x => x.UserId == ac.UserId).FirstOrDefault();
ac.FirstName = u.FirstName;
ac.LastName = u.LastName;
db.ASSESSMENT_CONTACTS.AddOrUpdate(ac, x => x.Assessment_Contact_Id);
db.SaveChanges();
}
}
/// <summary>
/// Removes a Contact/User from an Assessment.
/// Currently we actually delete the ASSESSMENT_CONTACTS record.
/// </summary>
public List <ContactDetail> RemoveContact(int userId, int assessmentId)
{
using (var db = new CSET_Context())
{
var ac = (from cc in db.ASSESSMENT_CONTACTS
where cc.UserId == userId && cc.Assessment_Id == assessmentId
select cc).FirstOrDefault();
if (ac == null)
{
throw new NoSuchUserException();
}
db.ASSESSMENT_CONTACTS.Remove(ac);
// Remove any related FINDING_CONTACT records
var fcList = (from fcc in db.FINDING_CONTACT
where fcc.Assessment_Contact_Id == ac.Assessment_Contact_Id
select fcc).ToList();
if (fcList.Count > 0)
{
db.FINDING_CONTACT.RemoveRange(fcList);
}
db.SaveChanges();
AssessmentUtil.TouchAssessment(assessmentId);
return(GetContacts(assessmentId));
}
}
/// <summary>
///
/// </summary>
/// <returns></returns>
public void UpdateContact(ContactDetail contact)
{
using (CSET_Context context = new CSET_Context())
{
var ac = context.ASSESSMENT_CONTACTS.Where(x => x.UserId == contact.UserId &&
x.Assessment_Id == contact.AssessmentId).FirstOrDefault();
string prevEmail = ac.PrimaryEmail;
ac.UserId = contact.UserId;
ac.FirstName = contact.FirstName;
ac.LastName = contact.LastName;
ac.PrimaryEmail = contact.PrimaryEmail;
ac.AssessmentRoleId = contact.AssessmentRoleId;
//// If the email was changed, reflect it into the USERS record as well.
//// Leave the name alone, as the USERS record contains the user's preferred name.
//// ASSESSMENT_CONTACTS is allowed to have a different spelling.
//var user = context.USERS.Where(x => x.UserId == userBeingUpdated.UserId).FirstOrDefault();
//if (user != null)
//{
// user.PrimaryEmail = ac.PrimaryEmail;
//}
context.SaveChanges();
//// If the email was changed and is not empty, send an invitation
//if (!string.IsNullOrEmpty(contact.PrimaryEmail) && contact.PrimaryEmail != prevEmail)
//{
// NotificationManager nm = new NotificationManager();
// nm.SendInviteePassword(contact.PrimaryEmail, contact.FirstName, contact.LastName, resp.TemporaryPassword);
//}
}
}
public List <IDiagramAnalysisNodeMessage> PerformAnalysis(DiagramRequest req, int assessmentId)
{
try
{
var messages = new List <IDiagramAnalysisNodeMessage>();
if (!string.IsNullOrEmpty(req.DiagramXml))
{
using (var db = new CSET_Context())
{
// persist the analysis switch setting
var assessment = db.ASSESSMENTS.Where(x => x.Assessment_Id == assessmentId).First();
assessment.AnalyzeDiagram = req.AnalyzeDiagram;
db.SaveChanges();
XmlDocument xDoc = new XmlDocument();
xDoc.LoadXml(req.DiagramXml);
DiagramAnalysis analysis = new DiagramAnalysis(db, assessmentId);
messages = analysis.PerformAnalysis(xDoc);
}
}
return(messages);
}
catch (Exception e)
{
throw e;
}
}
/// <summary>
/// Creates or deletes an AGGREGATION_ASSESSMENT bridge record.
/// Returns the compatibility scores for the current set of assessments.
/// </summary>
/// <param name="aggregationId"></param>
/// <param name="assessmentId"></param>
/// <param name="selected"></param>
public Aggregation SaveAssessmentSelection(int aggregationId, int assessmentId, bool selected)
{
using (var db = new CSET_Context())
{
var aa = db.AGGREGATION_ASSESSMENT.Where(x => x.Aggregation_Id == aggregationId && x.Assessment_Id == assessmentId).FirstOrDefault();
if (selected)
{
if (aa == null)
{
aa = new AGGREGATION_ASSESSMENT()
{
Aggregation_Id = aggregationId,
Assessment_Id = assessmentId,
Alias = ""
};
db.AGGREGATION_ASSESSMENT.Add(aa);
db.SaveChanges();
}
}
else
{
if (aa != null)
{
db.AGGREGATION_ASSESSMENT.Remove(aa);
db.SaveChanges();
}
}
// Recalculate the compatibility scores and build the response
var agg = db.AGGREGATION_INFORMATION.Where(x => x.AggregationID == aggregationId).FirstOrDefault();
var assessmentIDs = db.AGGREGATION_ASSESSMENT.Where(x => x.Aggregation_Id == aggregationId).Select(x => x.Assessment_Id).ToList();
var resp = new Aggregation()
{
AggregationId = aggregationId,
AggregationName = agg.Aggregation_Name,
AggregationDate = agg.Aggregation_Date,
Mode = agg.Aggregation_Mode
};
resp.QuestionsCompatibility = CalcCompatibility("Q", assessmentIDs);
resp.RequirementsCompatibility = CalcCompatibility("R", assessmentIDs);
return(resp);
}
}
/// <summary>
/// Returns a list of assessments for the specified aggregation.
/// The list is in ascending order of assessment date.
/// </summary>
/// <param name="aggregationId"></param>
public AssessmentListResponse GetAssessmentsForAggregation(int aggregationId)
{
using (var db = new CSET_Context())
{
var ai = db.AGGREGATION_INFORMATION.Where(x => x.AggregationID == aggregationId).FirstOrDefault();
var resp = new AssessmentListResponse
{
Aggregation = new Aggregation()
{
AggregationId = ai.AggregationID,
AggregationName = ai.Aggregation_Name,
AggregationDate = ai.Aggregation_Date
}
};
var dbAaList = db.AGGREGATION_ASSESSMENT
.Where(x => x.Aggregation_Id == aggregationId)
.Include(x => x.Assessment_)
.ThenInclude(x => x.INFORMATION)
.OrderBy(x => x.Assessment_.Assessment_Date)
.ToList();
var l = new List <AggregAssessment>();
foreach (var dbAA in dbAaList)
{
var aa = new AggregAssessment()
{
AssessmentId = dbAA.Assessment_Id,
Alias = dbAA.Alias,
AssessmentName = dbAA.Assessment_.INFORMATION.Assessment_Name,
AssessmentDate = dbAA.Assessment_.Assessment_Date
};
l.Add(aa);
if (string.IsNullOrEmpty(aa.Alias))
{
aa.Alias = GetNextAvailableAlias(dbAaList.Select(x => x.Alias).ToList(), l.Select(x => x.Alias).ToList());
dbAA.Alias = aa.Alias;
}
}
// Make sure the aliases are persisted
db.SaveChanges();
resp.Assessments = l;
IncludeStandards(ref resp);
resp.Aggregation.QuestionsCompatibility = CalcCompatibility("Q", resp.Assessments.Select(x => x.AssessmentId).ToList());
resp.Aggregation.RequirementsCompatibility = CalcCompatibility("R", resp.Assessments.Select(x => x.AssessmentId).ToList());
return(resp);
}
}
/// <summary>
/// Persists a single answer to the SUB_CATEGORY_ANSWERS table for the 'block answer',
/// and flips all of the constituent questions' answers.
/// </summary>
public void StoreSubcategoryAnswers(SubCategoryAnswers subCatAnswerBlock)
{
if (subCatAnswerBlock == null)
{
return;
}
// SUB_CATEGORY_ANSWERS
var db = new CSET_Context();
// Get the USCH so that we will know the Heading_Pair_Id
var usch = db.UNIVERSAL_SUB_CATEGORY_HEADINGS.Where(u => u.Question_Group_Heading_Id == subCatAnswerBlock.GroupHeadingId &&
u.Universal_Sub_Category_Id == subCatAnswerBlock.SubCategoryId).FirstOrDefault();
var subCatAnswer = db.SUB_CATEGORY_ANSWERS.Where(sca => sca.Assessement_Id == assessmentID &&
sca.Heading_Pair_Id == usch.Heading_Pair_Id).FirstOrDefault();
if (subCatAnswer == null)
{
subCatAnswer = new SUB_CATEGORY_ANSWERS();
}
subCatAnswer.Assessement_Id = assessmentID;
subCatAnswer.Heading_Pair_Id = usch.Heading_Pair_Id;
subCatAnswer.Answer_Text = subCatAnswerBlock.SubCategoryAnswer;
db.SUB_CATEGORY_ANSWERS.AddOrUpdate(subCatAnswer, x => x.Assessement_Id, x => x.Heading_Pair_Id);
db.SaveChanges();
AssessmentUtil.TouchAssessment(assessmentID);
// loop and store all of the subcategory's answers
foreach (Answer ans in subCatAnswerBlock.Answers)
{
if (String.IsNullOrWhiteSpace(ans.QuestionType))
{
if (ans.Is_Component)
{
ans.QuestionType = "Component";
}
if (ans.Is_Maturity)
{
ans.QuestionType = "Maturity";
}
if (ans.Is_Requirement)
{
ans.QuestionType = "Requirement";
}
if (!ans.Is_Requirement && !ans.Is_Maturity && !ans.Is_Component)
{
ans.QuestionType = "Question";
}
}
StoreAnswer(ans);
}
}
public string unlockFeature([FromBody] String unlock)
{
try
{
using (CSET_Context context = new CSET_Context())
{
ColumnSetEncryption columnencryptor = new ColumnSetEncryption(unlock, "451f0b54b51f");
var list = context.NEW_QUESTION.Where(x => x.Original_Set_Name == "FAA");
//* This fi.simple_questions check is looking to see if the question is encrypted or not
//* encrypted questions are base64 encoded where a space is not a valid character
//* so if we find a space then the question is not encrypted if we do not find a space
//* then the question must be in base64 encoding and therefor is encrypted
var fi = list.FirstOrDefault();
if (fi == null)
{
return("");
}
if (fi.Simple_Question.Contains(" "))
{
AddNewlyEnabledModule(context);
return("This module is already enabled");
}
foreach (NEW_QUESTION q in list)
{
if (!q.Simple_Question.Contains(" "))
{
q.Simple_Question = columnencryptor.Decrypt(q.Simple_Question);
}
}
var rlist = context.NEW_REQUIREMENT.Where(x => x.Original_Set_Name == "FAA").OrderBy(x => x.Requirement_Id);
foreach (NEW_REQUIREMENT r in rlist)
{
if (!r.Requirement_Text.Contains(" "))
{
r.Requirement_Text = columnencryptor.Decrypt(r.Requirement_Text);
}
if (!r.Supplemental_Info.Contains(" "))
{
r.Supplemental_Info = columnencryptor.Decrypt(r.Supplemental_Info);
}
}
AddNewlyEnabledModule(context);
context.SaveChanges();
return("FAA PED Questionnaire has been enabled.");
}
}
catch (Exception)
{
return("Sorry that unlock code was not recognized check the code and try again");
}
}
private List <IDiagramAnalysisNodeMessage> AnalyzeNetwork(SimplifiedNetwork network)
{
List <IRuleEvaluate> rules = new List <IRuleEvaluate>();
rules.Add(new Rule1(network));
rules.Add(new Rule2(network));
rules.Add(new Rule3and4(network));
rules.Add(new Rule5(network));
rules.Add(new Rule6(network));
rules.Add(new Rule7(network));
List <IDiagramAnalysisNodeMessage> msgs = new List <IDiagramAnalysisNodeMessage>();
foreach (IRuleEvaluate rule in rules)
{
msgs.AddRange(rule.Evaluate());
}
// number and persist warning messages
using (CSET_Context context = new CSET_Context())
{
var oldWarnings = context.NETWORK_WARNINGS.Where(x => x.Assessment_Id == assessment_id).ToList();
context.NETWORK_WARNINGS.RemoveRange(oldWarnings);
context.SaveChanges();
int n = 0;
msgs.ForEach(m =>
{
m.SetMessages.ToList().ForEach(m2 =>
{
m.Number = ++n;
context.NETWORK_WARNINGS.Add(new NETWORK_WARNINGS
{
Assessment_Id = assessment_id,
Id = m.Number,
WarningText = m2
});
});
});
context.SaveChanges();
}
return(msgs);
}
public IRPResponse GetIRPList(int assessmentId)
{
IRPResponse response = new IRPResponse();
using (var db = new CSET_Context())
{
foreach (IRP_HEADER header in db.IRP_HEADER)
{
IRPHeader tempHeader = new IRPHeader()
{
header = header.Header
};
foreach (IRP irp in db.IRP.Where(x => x.Header_Id == header.IRP_Header_Id).ToList())
{
IRPModel tempIRP = new IRPModel()
{
IRP_Id = irp.IRP_ID,
Item_Number = irp.Item_Number ?? 0,
Description = irp.Description,
DescriptionComment = irp.DescriptionComment,
Risk_1_Description = irp.Risk_1_Description,
Risk_2_Description = irp.Risk_2_Description,
Risk_3_Description = irp.Risk_3_Description,
Risk_4_Description = irp.Risk_4_Description,
Risk_5_Description = irp.Risk_5_Description,
Validation_Approach = irp.Validation_Approach
};
// Get the existing answer or create a blank
ASSESSMENT_IRP answer = db.ASSESSMENT_IRP.FirstOrDefault(ans =>
ans.IRP_Id == irp.IRP_ID &&
ans.Assessment_.Assessment_Id == assessmentId);
if (answer == null)
{
answer = new ASSESSMENT_IRP()
{
Assessment_Id = assessmentId,
IRP_Id = irp.IRP_ID,
Response = 0,
Comment = ""
};
db.ASSESSMENT_IRP.Add(answer);
}
tempIRP.Response = answer.Response.Value;
tempIRP.Comment = answer.Comment;
tempHeader.irpList.Add(tempIRP);
}
response.headerList.Add(tempHeader);
}
db.SaveChanges();
}
return(response);
}
public void SetTargetBandOnly(int assessmentId, bool value)
{
using (var db = new CSET_Context())
{
var assessment = db.ASSESSMENTS.Where(x => x.Assessment_Id == assessmentId).FirstOrDefault();
assessment.MatDetail_targetBandOnly = value;
db.SaveChanges();
}
}
private void AddNewlyEnabledModule(CSET_Context context)
{
var sets2 = context.SETS.Where(x => x.Set_Name == "FAA");
foreach (SETS sts in sets2)
{
sts.IsEncryptedModuleOpen = true;
}
context.SaveChanges();
}
public AnalyticsAssessment GetAnalyticsAssessmentDetail(int assessmentId)
{
AnalyticsAssessment assessment = new AnalyticsAssessment();
TokenManager tm = new TokenManager();
string app_code = tm.Payload(Constants.Token_Scope);
using (var db = new CSET_Context())
{
var query = from aa in db.ASSESSMENTS
where aa.Assessment_Id == assessmentId
select aa;
int tmpUID = 0;
Guid tmpGuid = Guid.NewGuid();
if (int.TryParse(tm.Payload(Constants.Token_UserId), out tmpUID))
{
USERS user = db.USERS.Where(x => x.UserId == tmpUID).FirstOrDefault();
if (user != null)
{
if (user.Id != null)
{
user.Id = tmpGuid;
db.SaveChanges();
}
else
{
tmpGuid = user.Id ?? Guid.NewGuid();
}
}
}
var result = query.ToList().FirstOrDefault();
var modeResult = query.Join(db.STANDARD_SELECTION, x => x.Assessment_Id, y => y.Assessment_Id, (x, y) => y)
.FirstOrDefault();
if (result != null)
{
assessment = new AnalyticsAssessment()
{
Alias = result.Alias,
AssessmentCreatedDate = Utilities.UtcToLocal(result.AssessmentCreatedDate),
AssessmentCreatorId = tmpGuid.ToString(),
Assessment_Date = Utilities.UtcToLocal(result.Assessment_Date),
Assessment_GUID = result.Assessment_GUID.ToString(),
LastAccessedDate = Utilities.UtcToLocal((DateTime)result.LastAccessedDate),
Mode = modeResult?.Application_Mode
};
}
return(assessment);
}
}
/// <summary>
/// Imports a Module/Standard.
/// </summary>
/// <param name="externalStandard"></param>
public static void ProcessStandard(IExternalStandard externalStandard)
{
log.Info("ModuleImporter.ProcessStandard - basic");
LogManager.Instance.LogDebugMessage("ModuleImporter.ProcessStandard");
SETS_CATEGORY category;
int? categoryOrder = 0;
var setname = Regex.Replace(externalStandard.ShortName, @"\W", "_");
var documentImporter = new DocumentImporter();
var set = new SETS();
var db = new CSET_Context();
var existingSet = db.SETS.FirstOrDefault(s => s.Set_Name == setname);
if (existingSet != null)
{
// result.LogError("Module already exists. If this is a new version, please change the ShortName field to reflect this.");
}
category = db.SETS_CATEGORY.FirstOrDefault(s => s.Set_Category_Name.Trim().ToLower() == externalStandard.Category.Trim().ToLower());
if (category == null)
{
// result.LogError("Module Category is invalid. Please check the spelling and try again.");
}
else
{
categoryOrder = category.SETS.Max(s => s.Order_In_Category);
}
set.Set_Category_Id = category?.Set_Category_Id;
set.Order_In_Category = categoryOrder;
set.Short_Name = externalStandard.ShortName;
set.Set_Name = setname;
set.Full_Name = externalStandard.Name;
set.Is_Custom = true;
set.Is_Question = true;
set.Is_Requirement = true;
set.Is_Displayed = true;
set.IsEncryptedModuleOpen = true;
set.IsEncryptedModule = false;
set.Is_Deprecated = false;
set.Standard_ToolTip = externalStandard.Summary;
db.SETS.Add(set);
db.SaveChanges();
ProcessRequirements(externalStandard, set);
}
public void ResetAllAcetFilters()
{
int assessmentID = Auth.AssessmentForUser();
using (CSET_Context context = new CSET_Context())
{
var filters = context.FINANCIAL_DOMAIN_FILTERS.Where(f => f.Assessment_Id == assessmentID).ToList();
context.FINANCIAL_DOMAIN_FILTERS.RemoveRange(filters);
context.SaveChanges();
}
}
/// <summary>
/// Removes a Contact/User from an Assessment.
/// Currently we actually delete the ASSESSMENT_CONTACTS record.
/// </summary>
public List <ContactDetail> RemoveContact(int assessmentContactId)
{
using (var db = new CSET_Context())
{
var ac = (from cc in db.ASSESSMENT_CONTACTS
where cc.Assessment_Contact_Id == assessmentContactId
select cc).FirstOrDefault();
if (ac == null)
{
throw new NoSuchUserException();
}
db.ASSESSMENT_CONTACTS.Remove(ac);
// Remove any related FINDING_CONTACT records
var fcList = (from fcc in db.FINDING_CONTACT
where fcc.Assessment_Contact_Id == ac.Assessment_Contact_Id
select fcc).ToList();
if (fcList.Count > 0)
{
db.FINDING_CONTACT.RemoveRange(fcList);
}
// Null out any related Facilitator or Point of Contact references
var demoList1 = (from x in db.DEMOGRAPHICS
where x.Facilitator == ac.Assessment_Contact_Id
select x).ToList();
foreach (var dd in demoList1)
{
dd.Facilitator = null;
}
var demoList2 = (from x in db.DEMOGRAPHICS
where x.PointOfContact == ac.Assessment_Contact_Id
select x).ToList();
foreach (var dd in demoList2)
{
dd.PointOfContact = null;
}
db.SaveChanges();
AssessmentUtil.TouchAssessment(ac.Assessment_Id);
return(GetContacts(ac.Assessment_Id));
}
}
/// <summary>
///
/// </summary>
/// <param name="answerId"></param>
/// <param name="answerText"></param>
public void SetMergeAnswer(int combinedAnswerId, string answerText)
{
using (var db = new CSET_Context())
{
var ca = db.COMBINED_ANSWER.Where(x => x.AnswerID == combinedAnswerId).FirstOrDefault();
if (ca != null)
{
ca.Answer_Text = answerText;
db.SaveChanges();
}
}
}
/// <summary>
/// Calculates the SAL based on the value of the sliders.
/// The new calculated level is saved to the database.
/// </summary>
private string CalculateSAL(double weight)
{
string SALToReturn = Constants.SAL_LOW;
foreach (double thresholdValue in this.SALThresholdDictionary.Keys)
{
if (weight >= thresholdValue)
{
SALToReturn = SALThresholdDictionary[thresholdValue];
}
}
// Persist the overall SAL to the database
int assessmentId = Auth.AssessmentForUser();
STANDARD_SELECTION ss = db.STANDARD_SELECTION.Where(x => x.Assessment_Id == assessmentId).FirstOrDefault();
ss.Selected_Sal_Level = SALToReturn;
db.SaveChanges();
return(SALToReturn);
}
private Sals CalculateOveralls(int assessmentId, CSET_Context db)
{
Sals rval = CalculatedNist(assessmentId, db);
STANDARD_SELECTION sTANDARD_SELECTION = db.STANDARD_SELECTION.Where(x => x.Assessment_Id == assessmentId).FirstOrDefault();
sTANDARD_SELECTION.Selected_Sal_Level = rval.Selected_Sal_Level;
LevelManager lm = new LevelManager(assessmentId, db);
lm.SaveOtherLevels(assessmentId, rval);
db.SaveChanges();
return(rval);
}
public void SaveDataAttribute(int assessmentId, AttributePair att)
{
using (var db = new CSET_Context())
{
var item = db.FINANCIAL_ASSESSMENT_VALUES.Where(x => x.Assessment_Id == assessmentId && x.AttributeName == att.AttributeName).FirstOrDefault();
if (item == null)
{
db.FINANCIAL_ASSESSMENT_VALUES.Add(new FINANCIAL_ASSESSMENT_VALUES()
{
Assessment_Id = assessmentId,
AttributeName = att.AttributeName,
AttributeValue = att.AttributeValue
});
db.SaveChanges();
}
else
{
item.AttributeValue = att.AttributeValue;
db.SaveChanges();
}
}
}
public void SaveACETFilters([FromBody] List <ACETFilter> filters)
{
int assessmentId = Auth.AssessmentForUser();
using (CSET_Context context = new CSET_Context())
{
Dictionary <string, int> domainIds = context.FINANCIAL_DOMAINS.ToDictionary(x => x.Domain, x => x.DomainId);
foreach (ACETFilter f in filters.Where(x => x.DomainName != null).ToList())
{
int domainId = domainIds[f.DomainName];
var filter = context.FINANCIAL_DOMAIN_FILTERS.Where(x => x.DomainId == domainId && x.Assessment_Id == assessmentId).FirstOrDefault();
if (filter == null)
{
filter = new FINANCIAL_DOMAIN_FILTERS()
{
Assessment_Id = assessmentId,
DomainId = domainId
};
context.FINANCIAL_DOMAIN_FILTERS.Add(filter);
}
foreach (var s in f.Settings)
{
switch (s.Level)
{
case 1:
filter.B = s.Value;
break;
case 2:
filter.E = s.Value;
break;
case 3:
filter.Int = s.Value;
break;
case 4:
filter.A = s.Value;
break;
case 5:
filter.Inn = s.Value;
break;
}
}
}
context.SaveChanges();
}
}
/// <summary>
/// Saves the selected maturity models.
/// </summary>
/// <returns></returns>
public void PersistSelectedMaturityModel(int assessmentId, string modelName)
{
var model = dbb.MATURITY_MODELS.FirstOrDefault(x => x.Model_Name == modelName);
if (model == null)
{
return;
}
var amm = dbb.AVAILABLE_MATURITY_MODELS.FirstOrDefault(x => x.model_id == model.Maturity_Model_Id && x.Assessment_Id == assessmentId);
if (amm != null)
{
// we already have the model set; do nothing
return;
}
ClearMaturityModel(assessmentId);
var mm = dbb.MATURITY_MODELS.FirstOrDefault(x => x.Model_Name == modelName);
if (mm != null)
{
dbb.AVAILABLE_MATURITY_MODELS.Add(new AVAILABLE_MATURITY_MODELS()
{
Assessment_Id = assessmentId,
model_id = mm.Maturity_Model_Id,
Selected = true
});
}
dbb.SaveChanges();
AssessmentUtil.TouchAssessment(assessmentId);
}
public void SaveACETFilters([FromBody] bool value)
{
int assessment_id = Auth.AssessmentForUser();
using (var db = new CSET_Context())
{
var ar = db.INFORMATION.Where(x => x.Id == assessment_id).FirstOrDefault();
if (ar != null)
{
ar.IsAcetOnly = value;
db.SaveChanges();
}
}
}
public Finding GetFinding(int finding_id)
{
Finding webF;
if (finding_id != 0)
{
FINDING f = assessmentContext.FINDING
.Where(x => x.Finding_Id == finding_id)
.Include(fc => fc.FINDING_CONTACT)
.FirstOrDefault();
var q = assessmentContext.ANSWER.Where(x => x.Answer_Id == this.answer_id).FirstOrDefault();
webF = TinyMapper.Map <Finding>(f);
webF.Question_Id = q != null ? q.Question_Or_Requirement_Id : 0;
webF.Finding_Contacts = new List <FindingContact>();
foreach (var contact in assessmentContext.ASSESSMENT_CONTACTS.Where(x => x.Assessment_Id == assessment_id))
{
FindingContact webContact = TinyMapper.Map <FindingContact>(contact);
webContact.Name = contact.PrimaryEmail + " -- " + contact.FirstName + " " + contact.LastName;
webContact.Selected = (f.FINDING_CONTACT.Where(x => x.Assessment_Contact_Id == contact.Assessment_Contact_Id).FirstOrDefault() != null);
webF.Finding_Contacts.Add(webContact);
}
}
else
{
var q = assessmentContext.ANSWER.Where(x => x.Answer_Id == this.answer_id).FirstOrDefault();
FINDING f = new FINDING()
{
Answer_Id = answer_id
};
assessmentContext.FINDING.Add(f);
assessmentContext.SaveChanges();
webF = TinyMapper.Map <Finding>(f);
webF.Finding_Contacts = new List <FindingContact>();
foreach (var contact in assessmentContext.ASSESSMENT_CONTACTS.Where(x => x.Assessment_Id == assessment_id))
{
FindingContact webContact = TinyMapper.Map <FindingContact>(contact);
webContact.Finding_Id = f.Finding_Id;
webContact.Name = contact.PrimaryEmail + " -- " + contact.FirstName + " " + contact.LastName;
webContact.Selected = false;
webF.Finding_Contacts.Add(webContact);
}
}
return(webF);
}
/// <summary>
/// Returns a list of all available required documentation with the answers provided for the specified assessment.
/// </summary>
/// <param name="assessmentId">id of the assessment being looked up.</param>
/// <returns>all required documentation and a Y/N/NA answer for each, defaulting to N</returns>
public RequiredDocumentationResponse GetRequiredDocuments(int assessmentId)
{
RequiredDocumentationResponse response = new RequiredDocumentationResponse();
using (var db = new CSET_Context())
{
foreach (REQUIRED_DOCUMENTATION_HEADERS header in db.REQUIRED_DOCUMENTATION_HEADERS.OrderBy(h => h.Header_Order))
{
RequiredDocumentHeader tempHeader = new RequiredDocumentHeader()
{
documents = new List <RequiredDocument>(),
Header = header.Requirement_Documentation_Header
};
foreach (REQUIRED_DOCUMENTATION doc in db.REQUIRED_DOCUMENTATION
.Where(d => d.RDH_.RDH_Id == header.RDH_Id)
.OrderBy(d => d.Document_Order))
{
RequiredDocument tempDoc = new RequiredDocument()
{
DocId = doc.Documentation_Id,
Number = doc.Number,
Document_Description = doc.Document_Description
};
ASSESSMENTS_REQUIRED_DOCUMENTATION answer = db.ASSESSMENTS_REQUIRED_DOCUMENTATION.FirstOrDefault(ard => ard.Assessment_Id == assessmentId && ard.Documentation_Id == doc.Documentation_Id);
if (answer == null)
{
tempDoc.Answer = "N";
db.ASSESSMENTS_REQUIRED_DOCUMENTATION.Add(new ASSESSMENTS_REQUIRED_DOCUMENTATION()
{
Answer = "N",
Assessment_Id = assessmentId,
Documentation_Id = doc.Documentation_Id,
Comment = ""
});
}
else
{
tempDoc.Answer = answer.Answer;
tempDoc.Comment = answer.Comment;
}
tempHeader.documents.Add(tempDoc);
}
response.headerList.Add(tempHeader);
}
db.SaveChanges();
}
return(response);
}
public Sals SaveNistQuestions(int assessmentid, NistQuestionsAnswers answer)
{
using (CSET_Context db = new CSET_Context())
{
var dbAnswer = db.NIST_SAL_QUESTION_ANSWERS.Where(x => x.Assessment_Id == assessmentid && x.Question_Id == answer.Question_Id).FirstOrDefault();
if (dbAnswer == null)
{
throw new ApplicationException(String.Format("Question {0} could not be found for assessment {1}!", answer.Question_Number, assessmentid));
}
TinyMapper.Map <NistQuestionsAnswers, NIST_SAL_QUESTION_ANSWERS>(answer, dbAnswer);
db.SaveChanges();
return(CalculateOveralls(assessmentid, db));
}
}