/// <summary> /// Overrides the web filter. /// </summary> /// <returns></returns> public ActionResult Do() { // Get the block request object from session state. BlockRequestModel model = (BlockRequestModel)Session[MvcApplication.SESSION_BLOCK_REQUEST_NAME]; // Get the User ID of the currently logged in user. model.UserId = User.Identity.Name; if (!string.IsNullOrWhiteSpace(MvcApplication.overridePayloadTemplate)) { try { StringBuilder payload = new StringBuilder(MvcApplication.overridePayloadTemplate); payload.Replace("%IP%", model.SourceIP); // Ignore certificate checking for this connection. (Self-signed certs. Note: this is global to the application.) RemoteCertificateValidationCallback previousCallback = ServicePointManager.ServerCertificateValidationCallback; ServicePointManager.ServerCertificateValidationCallback = delegate { return(true); }; // Make a GET request to the firewall with the override XML payload. string url = "https://" + MvcApplication.FIREWALL_HOSTNAME + "/api/?type=user-id&key=" + MvcApplication.PAN_API_KEY + "&cmd=" + Url.Encode(payload.ToString()); WebRequest request = WebRequest.Create(url); WebResponse response = request.GetResponse(); // Reinstate certificate checking. ServicePointManager.ServerCertificateValidationCallback = previousCallback; // Add the override to the list of active overrides in the database. MSStoredProcedure upsert = new MSStoredProcedure(MvcApplication.databaseConnectionString, MvcApplication.STORED_PROCEDURE_UPSERT_OVERRIDE, MvcApplication.eventLog); upsert.AddNVarCharParameter(MvcApplication.STORED_PROCEDURE_PARAM_IP, model.SourceIP, MvcApplication.STORED_PROCEDURE_PARAM_IP_LENGTH, StoredProcedure.ParameterType.In); upsert.AddNVarCharParameter(MvcApplication.STORED_PROCEDURE_PARAM_USERNAME, model.UserId, MvcApplication.STORED_PROCEDURE_PARAM_USERNAME_LENGTH, StoredProcedure.ParameterType.In); if (upsert.ExecuteNonQuery() > 0) { // Log the override in the event log. MvcApplication.Log(new Galactic.EventLog.Event(MvcApplication.EVENT_LOG_SOURCE_NAME, DateTime.Now, Galactic.EventLog.Event.SeverityLevels.Information, MvcApplication.EVENT_LOG_CATEGORY_OVERRIDE, "User: "******" IP: " + model.SourceIP + " URL: " + model.Url)); } else { // Log an error in the event log. MvcApplication.Log(new Galactic.EventLog.Event(MvcApplication.EVENT_LOG_SOURCE_NAME, DateTime.Now, Galactic.EventLog.Event.SeverityLevels.Error, MvcApplication.EVENT_LOG_CATEGORY_OVERRIDE, "Unable to save override to database. User: "******" IP: " + model.SourceIP + " URL: " + model.Url)); } } catch (Exception e) { // Catch any exceptions here. // Redirect to an error page, where they can try again. MvcApplication.Log(new Galactic.EventLog.Event(MvcApplication.EVENT_LOG_SOURCE_NAME, DateTime.Now, Galactic.EventLog.Event.SeverityLevels.Error, MvcApplication.EVENT_LOG_CATEGORY_OVERRIDE, "Unhandled exception.\nMessage: " + e.Message + "\nInner Exception: " + e.InnerException + "\nStack Trace: " + e.StackTrace)); return(null); } } // Redirect the user to the site they initially requested. TempData[BLOCK_MODEL_TEMPDATA_KEY] = model; return(RedirectToAction("SiteRedirect")); }
/// <summary> /// Expires overrides that are older than the allowed override duration. Run on an interval. /// </summary> protected void ExpireOverrides(object sender, ElapsedEventArgs elapsedEventArgs) { try { // Get the list of overrides that need to be expired. MSStoredProcedure getExpiredOverrides = new MSStoredProcedure(databaseConnectionString, STORED_PROCEDURE_GET_EXPIRED_OVERRIDES, eventLog); getExpiredOverrides.AddInt32Parameter(STORED_PROCEDURE_PARAM_OVERRIDE_DURATION, OVERRIDE_DURATION, StoredProcedure.ParameterType.In); List <SqlRow> expiredOverrides = getExpiredOverrides.Execute(); // Expire each override found. foreach (SqlRow expiredOverride in expiredOverrides) { string ip = (string)expiredOverride[SQL_FIELD_IP]; string userName = (string)expiredOverride[SQL_FIELD_USERNAME]; StringBuilder payload = new StringBuilder(unregisterPayloadTemplate); payload.Replace("%IP%", ip); // Ignore certificate checking for this connection. (Self-signed certs. Note: this is global to the application.) RemoteCertificateValidationCallback previousCallback = ServicePointManager.ServerCertificateValidationCallback; ServicePointManager.ServerCertificateValidationCallback = delegate { return(true); }; // Make a GET request to the firewall with the unregister XML payload. string url = "https://" + FIREWALL_HOSTNAME + "/api/?type=user-id&key=" + PAN_API_KEY + "&cmd=" + WebUtility.UrlEncode(payload.ToString()); WebRequest request = WebRequest.Create(url); using (WebResponse response = request.GetResponse()) { // Disposes of the response once complete. } // Reinstate certificate checking. ServicePointManager.ServerCertificateValidationCallback = previousCallback; // Delete the override from the list of active overrides in the database. MSStoredProcedure deleteOverride = new MSStoredProcedure(databaseConnectionString, STORED_PROCEDURE_DELETE_OVERRIDE, eventLog); deleteOverride.AddNVarCharParameter(STORED_PROCEDURE_PARAM_IP, ip, STORED_PROCEDURE_PARAM_IP_LENGTH, StoredProcedure.ParameterType.In); if (deleteOverride.ExecuteNonQuery() > 0) { // Log the override in the event log. eventLog.Log(new Event(EVENT_LOG_SOURCE_NAME, DateTime.Now, Event.SeverityLevels.Information, EVENT_LOG_CATEGORY_OVERRIDE, "Expire - User: "******" IP: " + ip)); } else { // Log an error in the event log. eventLog.Log(new Event(EVENT_LOG_SOURCE_NAME, DateTime.Now, Event.SeverityLevels.Error, EVENT_LOG_CATEGORY_OVERRIDE, "Unable to expire IP in database. IP: " + ip)); } } } catch (Exception e) { // Log any exceptions. eventLog.Log(new Event(EVENT_LOG_SOURCE_NAME, DateTime.Now, Event.SeverityLevels.Error, EVENT_LOG_CATEGORY_GENERAL, "Service - Unhandled exception.\nMessage: " + e.Message + "\nInner Exception: " + e.InnerException + "\nStack Trace: " + e.StackTrace)); } }