public static string GetApiLog(RestCommand command, int apiLogID) { ApiLog apiLog = ApiLogs.GetApiLog(command.LoginUser, apiLogID); if (apiLog.OrganizationID != command.Organization.OrganizationID) { throw new RestException(HttpStatusCode.Unauthorized); } return(apiLog.GetXml("ApiLog", true)); }
public static void Logla(string message, string messagedetail) { NorthwindEntities db = new NorthwindEntities(); ApiLogs log = new ApiLogs(); log.LogDate = DateTime.Now; log.Exception = message; log.StackTrace = messagedetail; db.ApiLogs.Add(log); db.SaveChanges(); }
public static string GetApiLogs(RestCommand command) { ApiLogs apiLogs = new ApiLogs(command.LoginUser); apiLogs.LoadByOrganizationID(command.Organization.OrganizationID); if (command.Format == RestFormat.XML) { return(apiLogs.GetXml("ApiLogs", "ApiLog", true, command.Filters)); } else { throw new RestException(HttpStatusCode.BadRequest, "Invalid data format"); } }
public void ProcessRequest(HttpContext context) { int organizationID = int.Parse(context.Request.Headers["OrganizationID"]); try { _loginUser = new LoginUser(System.Web.Configuration.WebConfigurationManager.ConnectionStrings["MainConnection"].ConnectionString, (int)SystemUser.API, organizationID, null); _organization = Organizations.GetOrganization(_loginUser, organizationID); } catch (Exception ex) { ExceptionLogs.LogException(_loginUser, ex, "OrgID: " + organizationID.ToString()); throw new RestException(HttpStatusCode.Unauthorized); } ApiLog log = new ApiLogs(_loginUser).AddNewApiLog(); DateTime timeStart = DateTime.Now; context.Response.StatusCode = (int)HttpStatusCode.OK; context.Response.ContentType = "text/plain"; try { try { RestCommand command = new RestCommand(_loginUser, _organization, context); log.OrganizationID = _organization.OrganizationID; log.RequestBody = command.Data; log.Verb = context.Request.HttpMethod.ToUpper(); log.Url = context.Request.Url.OriginalString; log.IPAddress = context.Request.UserHostAddress; RestProcessor processor = new RestProcessor(command); int companyId = command.IsCustomerOnly ? (int)command.Organization.ParentID : _loginUser.OrganizationID; int apiRequestLimit = command.IsCustomerOnly ? Organizations.GetOrganization(_loginUser, companyId).APIRequestLimit : _organization.APIRequestLimit; int apiRequestCount = ApiLogs.GetDailyRequestCount(_loginUser, companyId); if (ApiLogs.IsUrlBlackListed(_loginUser, _organization.OrganizationID, log.Url) || SystemSettings.GetIsApiDisabled()) { string blacklistError = "{ \"Error\": \"This resource is not accessible at this time.\"}"; if (command.Format == RestFormat.XML) { System.Xml.XmlDocument xmlDoc = Newtonsoft.Json.JsonConvert.DeserializeXmlNode(blacklistError); xmlDoc.XmlResolver = null; blacklistError = xmlDoc.InnerXml; } throw new RestException(HttpStatusCode.BadRequest, blacklistError); } if (apiRequestCount >= apiRequestLimit) { string requestLimitError = "{ \"Error\": \"You have exceeded your 24 hour API request limit of " + _organization.APIRequestLimit.ToString() + ".\"}"; if (command.Format == RestFormat.XML) { System.Xml.XmlDocument xmlDoc = Newtonsoft.Json.JsonConvert.DeserializeXmlNode(requestLimitError); xmlDoc.XmlResolver = null; requestLimitError = xmlDoc.InnerXml; } throw new RestException(HttpStatusCode.Forbidden, requestLimitError); } else { int apiRequestMinuteLimit = command.IsCustomerOnly ? Organizations.GetOrganization(_loginUser, companyId).APIRequestMinuteLimit : _organization.APIRequestMinuteLimit; int apiRequestLastMinuteCount = ApiLogs.GetLastMinuteRequestCount(_loginUser, companyId); if (apiRequestLastMinuteCount > apiRequestMinuteLimit) { string requestLimitErrorPerMinute = "{ \"Error\": \"You have exceeded your minute API request limit of " + apiRequestMinuteLimit.ToString() + ".\"}"; if (command.Format == RestFormat.XML) { System.Xml.XmlDocument xmlDoc = Newtonsoft.Json.JsonConvert.DeserializeXmlNode(requestLimitErrorPerMinute); xmlDoc.XmlResolver = null; requestLimitErrorPerMinute = xmlDoc.InnerXml; } throw new RestException(HttpStatusCode.Forbidden, requestLimitErrorPerMinute); } } processor.Process(); } catch (Exception ex) { ExceptionLogs.LogException(_loginUser, ex, "API", string.Format("OrgID: {0}{1}Verb: {2}{1}Url: {3}{1}Body: {4}", log.OrganizationID, Environment.NewLine, log.Verb, log.Url, log.RequestBody)); if (ex is System.Data.SqlClient.SqlException && ex.Message.ToLower().Contains("variable names must be unique within a query batch or stored procedure")) { throw new RestException(HttpStatusCode.Unused, "{ Error: 'Filters can't be duplicated' }", ex); } else if (!(ex is RestException)) { throw new RestException(HttpStatusCode.InternalServerError, "Internal Server Error: " + ex.Message + ex.StackTrace, ex); } else { throw ex; } } } catch (RestException rex) { context.Response.ContentType = "text/plain"; context.Response.StatusCode = (int)rex.HttpStatusCode; log.TimeToComplete = (int)(DateTime.Now - timeStart).TotalSeconds; log.StatusCode = context.Response.StatusCode; log.Collection.Save(); context.Response.ClearContent(); context.Response.Write(rex.Message); context.Response.End(); } log.TimeToComplete = (int)(DateTime.Now - timeStart).TotalSeconds; log.StatusCode = context.Response.StatusCode; log.Collection.Save(); context.Response.End(); }