public async Task <IActionResult> Edit(int id, [Bind("ID,FindingCategory,Material,Description,Color,Length_CM,Price_Point,Brand")] Finding finding)
{
if (id != finding.ID)
{
return(NotFound());
}
if (ModelState.IsValid)
{
try {
_context.Update(finding);
await _context.SaveChangesAsync();
} catch (DbUpdateConcurrencyException) {
if (!FindingExists(finding.ID))
{
return(NotFound());
}
else
{
throw;
}
}
return(RedirectToAction(nameof(Index)));
}
return(View(finding));
}
public JsonResult SaveFinding(Finding finding)
{
string message = "";
try
{
if (finding != null)
{
if (finding.FindingId > 0)
{
message = "Finding updated successfully";
FindingDbModel.UpdateFinding(finding);
}
else
{
message = "Finding created successfully";
FindingDbModel.SaveFinding(finding);
}
}
}
catch (Exception ex)
{
Elmah.ErrorSignal.FromCurrentContext().Raise(ex);
message = "Finding updation failed : " + ex.Message;
}
return(Json(new { UpdateMessage = message }));
}
public void GetFindingRequestObject()
{
moq::Mock <WebSecurityScanner.WebSecurityScannerClient> mockGrpcClient = new moq::Mock <WebSecurityScanner.WebSecurityScannerClient>(moq::MockBehavior.Strict);
GetFindingRequest request = new GetFindingRequest
{
Name = "name1c9368b0",
};
Finding expectedResponse = new Finding
{
FindingName = FindingName.FromProjectScanConfigScanRunFinding("[PROJECT]", "[SCAN_CONFIG]", "[SCAN_RUN]", "[FINDING]"),
FindingType = "finding_type0aa10781",
HttpMethod = "http_method901a5d34",
FuzzedUrl = "fuzzed_urlf49dd7ba",
Body = "body682d1a84",
Description = "description2cf9da67",
ReproductionUrl = "reproduction_url0e37b71f",
FrameUrl = "frame_urlbbc6a753",
FinalUrl = "final_url01c3df1e",
TrackingId = "tracking_idc631de68",
OutdatedLibrary = new OutdatedLibrary(),
ViolatingResource = new ViolatingResource(),
VulnerableParameters = new VulnerableParameters(),
Xss = new Xss(),
VulnerableHeaders = new VulnerableHeaders(),
Form = new Form(),
Severity = Finding.Types.Severity.Medium,
};
mockGrpcClient.Setup(x => x.GetFinding(request, moq::It.IsAny <grpccore::CallOptions>())).Returns(expectedResponse);
WebSecurityScannerClient client = new WebSecurityScannerClientImpl(mockGrpcClient.Object, null);
Finding response = client.GetFinding(request);
xunit::Assert.Same(expectedResponse, response);
mockGrpcClient.VerifyAll();
}
public JsonResult GetFindingDetail(int findingId)
{
Finding finding = FindingDbModel.GetFindingModel(findingId);
ProductFinding viewModelFinding = helper.GetViewModelProductFindingFromDbFinding(finding);
return(Json(viewModelFinding, JsonRequestBehavior.AllowGet));
}
public FindingRunner(Finding finding, Action reset, Action <int> reportProgress, Action <TimeSpan> complited)
{
this.finding = finding;
this.reset += reset;
this.reportProgress += reportProgress;
this.complited += complited;
}
public ProductFinding GetViewModelProductFindingFromDbFinding(Finding finding)
{
ProductFinding productFinding = new ProductFinding();
productFinding.FindingID = finding.FindingId;
productFinding.FindingName = finding.FindingName;
return(productFinding);
}
public ActionResult DeleteConfirmed(int id)
{
Finding finding = db.Findings.Find(id);
int companyId = finding.CompanyId.Value;
db.Findings.Remove(finding);
db.SaveChanges();
return(RedirectToAction("Index", new { companyId = companyId }));
}
public void SaveDiscovery([FromBody] Finding finding)
{
int assessmentId = Auth.AssessmentForUser();
using (CSET_Context context = new CSET_Context())
{
FindingViewModel fm = new FindingViewModel(finding, context);
fm.Save();
}
}
public void SaveFinding(Finding finding)
{
if (finding == null)
{
return;
}
DB.Findings.Add(finding);
DB.SaveChanges();
}
public async Task <IActionResult> Create([Bind("ID,FindingCategory,Material,Description,Color,Length_CM,Price_Point,Brand")] Finding finding)
{
if (ModelState.IsValid)
{
_context.Add(finding);
await _context.SaveChangesAsync();
return(RedirectToAction(nameof(Index)));
}
return(View(finding));
}
public void AddFinding(int sound_id, int finding_type)
{
using (MultimediaEntities db = new MultimediaEntities())
{
Finding finding = new Finding {
FileID = sound_id, FindingTypeID = finding_type
};
db.Findings.Add(finding);
db.SaveChanges();
}
}
public Finding GetFindingModel(int findingId)
{
if (findingId == 0)
{
return(null);
}
Finding finding = DB.Findings.FirstOrDefault(x => x.FindingId == findingId);
return(finding);
}
public ActionResult ShowCopy(Finding finding)
{
Finding newFinding = new Finding(finding);
ModelState.Clear();
newFinding.Name = "Copy of " + finding.Name;
newFinding.Qty = 0;
ViewBag.VendorId = new SelectList(db.Vendors.Where(v => v.CompanyId == finding.CompanyId && ((v.Type.Type & vendorTypeEnum.Finding) == vendorTypeEnum.Finding)), "Id", "Name", finding.VendorId);
ViewBag.CompanyName = db._Companies.Find(finding.CompanyId)?.Name;
return(View("Copy", newFinding));
}
/// <summary>Snippet for GetFinding</summary>
public void GetFindingRequestObject()
{
// Snippet: GetFinding(GetFindingRequest, CallSettings)
// Create client
WebSecurityScannerClient webSecurityScannerClient = WebSecurityScannerClient.Create();
// Initialize request argument(s)
GetFindingRequest request = new GetFindingRequest {
Name = "",
};
// Make the request
Finding response = webSecurityScannerClient.GetFinding(request);
// End snippet
}
public void DeleteFinding(int findingId)
{
if (findingId == 0)
{
return;
}
Finding finding = DB.Findings.FirstOrDefault(x => x.FindingId == findingId);
if (finding != null)
{
finding.IsActive = false;
DB.SaveChanges();
}
}
// GET: Findings/Details/5
public ActionResult Details(int?id)
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
Finding finding = db.Findings.Find(id);
if (finding == null)
{
return(HttpNotFound());
}
return(View(finding));
}
public async Task <IActionResult> OnGetAsync(int?id)
{
if (id == null)
{
return(NotFound());
}
Finding = await _context.Finding.FirstOrDefaultAsync(m => m.ID == id);
if (Finding == null)
{
return(NotFound());
}
return(Page());
}
public bool Update(Finding finding)
{
using (var scope = _serviceProvider.CreateScope())
{
var _mapper = scope.ServiceProvider.GetService(typeof(IMapper)) as IMapper;
var _ctx = scope.ServiceProvider.GetService(typeof(SQLHoshinCoreContext)) as SQLHoshinCoreContext;
var findingToUpdate = _mapper.Map <Finding, Findings>(finding);
_ctx.Update(findingToUpdate);
_ctx.SaveChanges();
return(true);
}
}
public async Task <IActionResult> OnPostAsync(int?id)
{
if (id == null)
{
return(NotFound());
}
Finding = await _context.Finding.FindAsync(id);
if (Finding != null)
{
_context.Finding.Remove(Finding);
await _context.SaveChangesAsync();
}
return(RedirectToPage("./Index"));
}
public void UpdateFinding(Finding finding)
{
if (finding == null || finding.FindingId == 0)
{
return;
}
Finding findingFromDb = GetFindingModel(finding.FindingId);
if (findingFromDb != null)
{
findingFromDb.FindingName = finding.FindingName;
DB.SaveChanges();
}
}
public void SaveDiscovery([FromBody] Finding finding)
{
int assessmentId = Auth.AssessmentForUser();
using (CSET_Context context = new CSET_Context())
{
if (finding.IsFindingEmpty())
{
DeleteFinding(finding.Finding_Id);
return;
}
FindingViewModel fm = new FindingViewModel(finding, context);
fm.Save();
}
}
public bool UpdateExpirationDate(Finding finding)
{
using (var scope = _serviceProvider.CreateScope())
{
var _mapper = scope.ServiceProvider.GetService(typeof(IMapper)) as IMapper;
var _ctx = scope.ServiceProvider.GetService(typeof(SQLHoshinCoreContext)) as SQLHoshinCoreContext;
Findings f = _mapper.Map <Finding, Findings>(finding);
var updateOperation = _ctx.Findings.Attach(f);
updateOperation.Property(x => x.ExpirationDate).IsModified = true;
updateOperation.Property(x => x.FindingStateID).IsModified = true;
_ctx.SaveChanges();
return(true);
}
}
/// <summary>Snippet for GetFindingAsync</summary>
public async Task GetFindingRequestObjectAsync()
{
// Snippet: GetFindingAsync(GetFindingRequest, CallSettings)
// Additional: GetFindingAsync(GetFindingRequest, CancellationToken)
// Create client
WebSecurityScannerClient webSecurityScannerClient = await WebSecurityScannerClient.CreateAsync();
// Initialize request argument(s)
GetFindingRequest request = new GetFindingRequest {
Name = "",
};
// Make the request
Finding response = await webSecurityScannerClient.GetFindingAsync(request);
// End snippet
}
// GET: Findings/Edit/5
public ActionResult Edit(int?id)
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
Finding finding = db.Findings.Find(id);
if (finding == null)
{
return(HttpNotFound());
}
//ViewBag.MetalCodeId = new SelectList(db.MetalCodes, "Id", "Code", finding.MetalCodeId);
ViewBag.VendorId = new SelectList(db.Vendors.Where(v => v.CompanyId == finding.CompanyId && (v.Type.Type & vendorTypeEnum.Finding) == vendorTypeEnum.Finding), "Id", "Name", finding.VendorId);
ViewBag.CompanyName = db._Companies.Find(finding.CompanyId)?.Name;
return(View(finding));
}
public static bool CheckForPi()
{
Finding?.Invoke(null, EventArgs.Empty);
var found = PingHost(piIP.ToString(), Port);
if (PiFound && !found)
{
Offline?.Invoke(null, EventArgs.Empty);
}
if (!PiFound && found)
{
Online?.Invoke(null, EventArgs.Empty);
}
PiFound = found;
return(PiFound);
}
public ActionResult Copy(Finding finding)
{
Finding newFinding = new Finding(finding);
Finding existingFinding = db.Findings.Where(f => f.CompanyId == finding.CompanyId && f.Name == finding.Name).FirstOrDefault();
if (existingFinding != null)
{
ModelState.AddModelError("Name", $"A finding named '{finding.Name}' already exists. ");
}
if (ModelState.IsValid)
{
db.Findings.Add(finding);
db.SaveChanges();
return(RedirectToAction("Index", new { companyId = finding.CompanyId }));
}
ViewBag.VendorId = new SelectList(db.Vendors.Where(v => v.CompanyId == finding.CompanyId && ((v.Type.Type & vendorTypeEnum.Finding) == vendorTypeEnum.Finding)), "Id", "Name", finding.VendorId);
ViewBag.CompanyName = db._Companies.Find(finding.CompanyId)?.Name;
return(View(finding));
}
public ActionResult Create([Bind(Include = "Id,CompanyId,VendorId,Name,Desc,Price,Weight,Qty,Note")] Finding finding)
{
Finding existingFinding = db.Findings.Where(f => f.CompanyId == finding.CompanyId && f.Name == finding.Name).FirstOrDefault();
if (existingFinding != null)
{
ModelState.AddModelError("Name", $"A finding named '{finding.Name}' already exists. ");
}
if (ModelState.IsValid)
{
db.Findings.Add(finding);
db.SaveChanges();
return(RedirectToAction("Edit", new { id = finding.Id }));
}
ViewBag.VendorId = new SelectList(db.Vendors.Where(v => v.CompanyId == finding.CompanyId && (v.Type.Type & vendorTypeEnum.Finding) == vendorTypeEnum.Finding), "Id", "Name", finding.VendorId);
ViewBag.CompanyName = db._Companies.Find(finding.CompanyId)?.Name;
return(View(finding));
}
private void LoadPolicyFindings(Policy policy)
{
try
{
// Open connection to repository and query permissions.
using (SqlConnection connection = new SqlConnection(m_connectionString))
{
// Open the connection.
connection.Open();
// Setup parameters for all queries
SqlParameter paramPolicyId = new SqlParameter(ParamPolicyId, policy.PolicyId);
SqlParameter paramAssessmentId = new SqlParameter(ParamAssessmentId, policy.AssessmentId);
SqlParameter paramRegisteredServerId = new SqlParameter(ParamRegisteredServerId, m_SQLServerId);
paramRegisteredServerId.IsNullable = true;
SqlParameter paramAlertsOnly = new SqlParameter(ParamAlertsOnly, SqlDbType.Bit, 0);
paramAlertsOnly.Value = 0;
SqlParameter paramBaselineOnly = new SqlParameter(ParamBaselineOnly, SqlDbType.Bit, 0);
paramBaselineOnly.Value = false;
SqlParameter paramRunDate = new SqlParameter(ParamRunDate, DateTime.Now.ToUniversalTime());
using (SqlDataReader rdr = Sql.SqlHelper.ExecuteReader(connection, null, CommandType.StoredProcedure,
QueryGetAssessment,
new SqlParameter[] { paramPolicyId, paramAssessmentId,
paramRegisteredServerId,
paramAlertsOnly, paramBaselineOnly,
paramRunDate }))
{
while (rdr.Read())
{
Finding f = new Finding(policy.PolicyName, rdr);
policy.Findings.Add(f);
}
}
}
}
catch (Exception ex)
{
logX.loggerX.Error(string.Format("Error loading Policy Findings: {0}", ex.Message));
}
}
// GET: Findings/Create
public ActionResult Create(int?companyId)
{
if (companyId == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
Company company = db.FindCompany(companyId);
if (company == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
ViewBag.VendorId = new SelectList(db.Vendors.Where(v => v.CompanyId == companyId && ((v.Type.Type & vendorTypeEnum.Finding) == vendorTypeEnum.Finding)), "Id", "Name");
Finding finding = new Finding
{
CompanyId = companyId
};
ViewBag.CompanyName = db._Companies.Find(companyId)?.Name;
return(View(finding));
}
public bool CreateFinding(FindingCreate model)
{
var entity = new Finding()
{
Category = model.Category,
SubType = model.SubType,
Size = model.Size,
Color = model.Color,
Association = model.Association,
Quantity = model.Quantity,
Cost = model.Cost,
LocationId = model.LocationId,
SourceId = model.SourceId,
Description = model.Description,
File = _FileService.ConvertToBytes(model.File),
};
using (var ctx = new ApplicationDbContext())
{
ctx.Findings.Add(entity);
return(ctx.SaveChanges() == 1);
}
}
