/// <summary>
/// Format data for output
/// </summary>
/// <param name="readData"></param>
/// <returns></returns>
private dynamic FormatData(dynamic readData)
{
dynamic output = new ExpandoObject();
var itemDict = output as IDictionary <string, object>;
int limit = Configuration_BSO.GetCustomConfig("analytic.read-os-item-limit");
int counter = 1;
int otherSum = 0;
foreach (dynamic item in readData)
{
if (counter < limit)
{
itemDict.Add(item.LngIsoName, item.lngCount);
}
else
{
otherSum = otherSum + item.lngCount;
}
counter++;
}
if (otherSum > 0)
{
itemDict.Add("Others", otherSum);
}
return(output);
}
/// <summary>
/// If an update has taken place, we must flush the caches for all associated matrixes (because the contact details are part of the matrix)
/// </summary>
/// <param name="Ado"></param>
/// <param name="dto"></param>
private void FlushAssociatedMatrixes(ADO Ado, Group_DTO_Update dto)
{
Matrix_ADO mAdo = new Matrix_ADO(Ado);
//Get all the matrixes for Group
var readGroupAccess = mAdo.ReadByGroup(dto.GrpCodeOld, Configuration_BSO.GetCustomConfig(ConfigType.global, "language.iso.code"));
if (!readGroupAccess.hasData)
{
return;
}
//look maybe at ensuring there are no dupes (or maybe a switch to first return only live data..)
foreach (var matrix in readGroupAccess.data)
{
//if (matrix.IsLive)
//{
MemCacheD.CasRepositoryFlush(Resources.Constants.C_CAS_DATA_CUBE_READ_DATASET + matrix.MtrCode);
MemCacheD.CasRepositoryFlush(Resources.Constants.C_CAS_DATA_CUBE_READ_METADATA + matrix.MtrCode);
// }
}
//foreach (var matrix in readGroupAccess.data)
//{
// MemCacheD.CasRepositoryFlush(Resources.Constants.C_CAS_DATA_CUBE_READ_PRE_DATASET + matrix.RlsCode);
// MemCacheD.CasRepositoryFlush(Resources.Constants.C_CAS_DATA_CUBE_READ_PRE_METADATA + matrix.RlsCode);
//}
}
internal void SendResetEmail(Login_DTO_Create dto, string token)
{
Resources.BBCode bbc = new Resources.BBCode();
using (eMail email = new eMail())
{
string Body = "";
string Subject = "";
string InvitationUrl = "";
Body = Label.Get("email.body.account-reset", dto.LngIsoCode);
Subject = Label.Get("email.subject.account-reset", dto.LngIsoCode);
InvitationUrl = "[url=" + Configuration_BSO.GetCustomConfig(ConfigType.global, "url.application") + Utility.GetCustomConfig("APP_COOKIELINK_INVITATION_1FA") + '/' + dto.CcnUsername + '/' + token + "]" + "[/url]";
Body = Body + Environment.NewLine + InvitationUrl;
Body = bbc.Transform(Body, true);
email.Body = Body;
email.Subject = Subject;
email.To.Add(dto.CcnEmail);
email.Send();
}
}
/// <summary>
/// Formats the returned data
/// </summary>
/// <param name="readData"></param>
/// <returns></returns>
private dynamic FormatData(dynamic readData)
{
dynamic output = new ExpandoObject();
var itemDict = output as IDictionary <string, object>;
int limit = Configuration_BSO.GetCustomConfig(ConfigType.server, "analytic.read-environment-language-limit");
int counter = 1;
int otherSum = 0;
foreach (dynamic item in readData)
{
if (counter < limit)
{
itemDict.Add(item.NltLanguage == "-" ? Label.Get("analytic.unknown", DTO.LngIsoCode) : item.NltLanguage, item.LngCount);
}
else
{
otherSum = otherSum + item.LngCount;
}
counter++;
}
if (otherSum > 0)
{
itemDict.Add(Label.Get("analytic.others", DTO.LngIsoCode), otherSum);
}
return(output);
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="parameters"></param>
public Analytic_DTO_Read(dynamic parameters)
{
if (parameters.DateFrom != null)
{
DateFrom = parameters.DateFrom;
DateFrom = DateFrom.Date;
}
if (parameters.DateTo != null)
{
DateTo = parameters.DateTo;
DateTo = DateTo.Date;
}
if (parameters.SbjCode != null)
{
SbjCode = parameters.SbjCode;
}
if (parameters.PrcCode != null)
{
PrcCode = parameters.PrcCode;
}
if (parameters.ExcludeInternal != null)
{
ExcludeInternal = parameters.ExcludeInternal;
}
if (parameters.MtrCode != null)
{
MtrCode = parameters.MtrCode;
}
if (parameters.NltInternalNetworkMask != null)
{
NltInternalNetworkMask = parameters.NltInternalNetworkMask;
}
if (parameters.LngIsoCode != null)
{
if (new Language_BSO().Read((string)parameters.LngIsoCode) != null)
{
LngIsoCode = parameters.LngIsoCode;
}
else
{
LngIsoCode = Configuration_BSO.GetCustomConfig(ConfigType.global, "language.iso.code");
}
}
else
{
LngIsoCode = Configuration_BSO.GetCustomConfig(ConfigType.global, "language.iso.code");
}
if (parameters.FrmType != null)
{
FrmType = parameters.FrmType;
}
if (parameters.FrmVersion != null)
{
FrmVersion = parameters.FrmVersion;
}
}
internal Login_VLD_Update1FA()
{
string emailRegex = Utility.GetCustomConfig("APP_REGEX_EMAIL");
string passwordRegex = Configuration_BSO.GetCustomConfig(ConfigType.global, "regex.password");
RuleFor(f => f.Lgn1Fa).NotEmpty().MinimumLength(8).WithMessage("Invalid password").WithName("1FAValidation");
RuleFor(f => f.LgnToken1Fa).NotEmpty();
RuleFor(f => f.Lgn1Fa).Matches(passwordRegex);
RuleFor(x => x.CcnEmail).NotEmpty().Matches(emailRegex).WithMessage("Invalid email");
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="parameters"></param>
public Performance_DTO_Delete(dynamic parameters)
{
if (parameters.LngIsoCode != null)
{
this.LngIsoCode = parameters.LngIsoCode;
}
else
{
this.LngIsoCode = Configuration_BSO.GetCustomConfig(ConfigType.global, "language.iso.code");
}
}
/// <summary>
/// Execute
/// </summary>
/// <returns></returns>
protected override bool Execute()
{
var global = Configuration_BSO.GetCustomConfig(ConfigType.global);
var server = Configuration_BSO.GetCustomConfig(ConfigType.server);
dynamic configuration = new ExpandoObject();
configuration.global = global;
configuration.server = server;
Response.data = configuration;
return(true);
}
internal Login_VLD_Create1FA()
{
RuleFor(x => x.Captcha).NotEmpty();
string emailRegex = Utility.GetCustomConfig("APP_REGEX_EMAIL");
string passwordRegex = Configuration_BSO.GetCustomConfig(ConfigType.global, "regex.password");
RuleFor(x => x.CcnEmail).NotEmpty().Matches(emailRegex).WithMessage("Invalid email");
//RuleFor(f => f.Lgn1FA).NotEmpty().MinimumLength(8).WithMessage("Invalid password").WithName("1FAValidation");
RuleFor(f => f.LgnToken1Fa).NotEmpty();
RuleFor(f => f.Lgn1Fa).Matches(passwordRegex);
RuleFor(f => f.LngIsoCode.Length).Equal(2).When(f => !string.IsNullOrEmpty(f.LngIsoCode)).WithMessage("Invalid ISO code").WithName("LanguageIsoCodeValidation");
}
protected override bool Execute()
{
if (!ReCAPTCHA.Validate(DTO.Captcha))
{
Response.error = Label.Get("error.authentication");
return(false);
}
Login_BSO lBso = new Login_BSO(Ado);
Account_ADO aAdo = new Account_ADO();
ADO_readerOutput responseUser = aAdo.Read(Ado, DTO.CcnEmail);
//If this is an AD user using their email as an identifier then we must get their details from AD
if (!responseUser.hasData)
{
ActiveDirectory_ADO adAdo = new ActiveDirectory_ADO();
var adResult = adAdo.GetAdSpecificDataForEmail(DTO.CcnEmail);
if (adResult == null)
{
Response.error = Label.Get("error.authentication");
return(false);
}
//Check if AD local access is allowed
if (!Configuration_BSO.GetCustomConfig(ConfigType.global, "security.adOpenAccess") && adResult != null)
{
Response.error = Label.Get("error.authentication");
return(false);
}
DTO.CcnUsername = adResult.CcnUsername;
}
else
{
DTO.CcnUsername = responseUser.data[0].CcnUsername;
}
var response = lBso.Update2FA(DTO);
if (response != null)
{
Response.data = response;
return(true);
}
Response.error = Label.Get("error.authentication");
return(false);
}
private void SendEmail(Login_DTO_Create lDto, string token, string nextMethod)
{
string url = Configuration_BSO.GetCustomConfig(ConfigType.global, "url.application") + "?method=" + nextMethod + "&email=" + lDto.CcnEmail + '&' + "name=" + Uri.EscapeUriString(lDto.CcnDisplayname) + '&' + "token=" + token;
string link = "<a href = " + url + ">" + Label.Get("email.body.header.anchor-text", lDto.LngIsoCode) + "</a>";
string subject = string.Format(Label.Get("email.subject.update-1fa", lDto.LngIsoCode), Configuration_BSO.GetCustomConfig(ConfigType.global, "title"));
string to = lDto.CcnEmail;
string header = string.Format(Label.Get("email.body.header.update-1fa", lDto.LngIsoCode), lDto.CcnDisplayname, Configuration_BSO.GetCustomConfig(ConfigType.global, "title"));
string subHeader = string.Format(Label.Get("email.body.sub-header.update-1fa"), link);
string footer = string.Format(Label.Get("email.body.footer", lDto.LngIsoCode), lDto.CcnDisplayname);
Email_BSO.SendLoginTemplateEmail(subject, new List <string>()
{
to
}, header, url, footer, subHeader, lDto.LngIsoCode);
}
internal static void ExtendSession(ADO extendAdo, string CcnUsername)
{
try
{
DateTime expiry = DateTime.Now.AddSeconds(Configuration_BSO.GetCustomConfig(ConfigType.global, "session.length"));
Login_ADO lAdo = new Login_ADO(extendAdo);
lAdo.ExtendSession(CcnUsername, expiry);
}
catch (Exception ex)
{
//Swallow the error but log the error message.
Log.Instance.Error("Failed to extend the user session - error message: " + ex.Message);
}
}
internal Group_VLD_Create()
{
string phoneRegex = Configuration_BSO.GetCustomConfig("regex.phone.pattern");
string emailRegex = Utility.GetCustomConfig("APP_REGEX_EMAIL");
string alphaNumericRegex = Utility.GetCustomConfig("APP_REGEX_ALPHA_NUMERIC");
//Mandatory - GrpCode
RuleFor(f => f.GrpCode).NotEmpty().Length(1, 32).WithMessage("Invalid Group Code").WithName("GroupCodeValidation");
RuleFor(f => f.GrpCode).Matches(alphaNumericRegex).WithMessage("Invalid Group Code").WithName("GroupCodeValidationAlphaNumeric");
//Mandatory - GrpName
RuleFor(f => f.GrpName).NotEmpty().Length(1, 256).WithMessage("Invalid Group Name").WithName("GroupNameValidation");
//Optional - GrpContactName
RuleFor(f => f.GrpContactName).Length(1, 256).When(f => !string.IsNullOrEmpty(f.GrpContactName)).WithMessage("Invalid Group Contact Name").WithName("GroupContactNameValidation");
//Optional - GrpContactPhone
RuleFor(f => f.GrpContactPhone).Matches(phoneRegex).When(f => !string.IsNullOrEmpty(f.GrpContactPhone)).WithMessage("Invalid Group Contact Phone Number").WithName("GrpContactPhoneValidation");
//Optional - GrpContactEmail
RuleFor(f => f.GrpContactEmail).Matches(emailRegex).WithMessage("Invalid Group Contact Email").WithName("GrpContactEmailValidation");
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="parameters"></param>
public Performance_DTO_Read(dynamic parameters)
{
if (parameters.PrfDatetimeStart != null)
{
PrfDatetimeStart = parameters.PrfDatetimeStart;
}
if (parameters.PrfDatetimeEnd != null)
{
PrfDatetimeEnd = parameters.PrfDatetimeEnd;
}
if (parameters.LngIsoCode != null)
{
this.LngIsoCode = parameters.LngIsoCode;
}
else
{
this.LngIsoCode = Configuration_BSO.GetCustomConfig(ConfigType.global, "language.iso.code");
}
}
/// <summary>
/// Execute
/// </summary>
/// <returns></returns>
protected override bool Execute()
{
Stopwatch sw = new Stopwatch();
sw.Start();
if (!ReCAPTCHA.Validate(DTO.Captcha))
{
Response.error = Label.Get("error.authentication");
return(false);
}
ActiveDirectory_ADO adAdo = new ActiveDirectory_ADO();
dynamic adUser = adAdo.GetAdSpecificDataForEmail(DTO.CcnEmail);
//Check if local access is available for AD users
if (!Configuration_BSO.GetCustomConfig(ConfigType.global, "security.adOpenAccess") && adUser != null)
{
Response.error = Label.Get("error.authentication");
return(false);
}
DTO.CcnUsername = DTO.CcnEmail;
Login_BSO lBso = new Login_BSO(Ado);
Account_ADO aAdo = new Account_ADO();
ADO_readerOutput response = aAdo.Read(Ado, DTO.CcnEmail);
string user;
if (!response.hasData)
{
//Email address not in the login table, try to get the username from the email address via AD
var adResult = adAdo.GetAdSpecificDataForEmail(DTO.CcnEmail);
Log.Instance.Debug("AD user found from email - time ms: " + sw.ElapsedMilliseconds);
if (adResult == null)
{
Response.error = Label.Get("error.authentication");
return(false);
}
user = adResult.CcnUsername;
//Now get the user details from the table
response = aAdo.Read(Ado, user);
if (!response.hasData)
{
Response.error = Label.Get("error.authentication");
return(false);
}
if (response.data[0].CcnLockedFlag)
{
Response.error = Label.Get("error.account.locked");
return(false);
}
}
else
{
user = response.data[0].CcnUsername;
}
if (response.data[0].Lgn2Fa.Equals(DBNull.Value))
{
Response.error = Label.Get("error.authentication");
return(false);
}
if (response.data[0].CcnLockedFlag)
{
Response.error = Label.Get("error.authentication");
return(false);
}
int ccnId = response.data[0].CcnId;
string login2Fa = response.data[0].Lgn2Fa;
if (!API.TwoFA.Validate2fa(DTO.Totp, login2Fa))
{
Response.error = Label.Get("error.authentication");
return(false);
}
response = lBso.Validate1Fa(DTO.Lgn1Fa, user);
if (!response.hasData)
{
//No validation available via the Login table, try Active Directory
long lValidatePassword = sw.ElapsedMilliseconds;
if (!ActiveDirectory.IsPasswordValid(user, DTO.Lgn1Fa))
{
Response.error = Label.Get("error.authentication");
return(false);
}
Log.Instance.Debug("Elaspsed time ValidatePassword: "******"AD validation time ms: " + sw.ElapsedMilliseconds);
//Get the remaining details from the database
response = aAdo.Read(Ado, user);
if (!response.hasData)
{
Response.error = Label.Get("error.authentication");
return(false);
}
}
//If we have found an account, credentials are ok, but the account is locked, then we return an account locked error
//could be AD too
//IsUserAuthenticated needs to check if the user is locked too
if (response.data[0].CcnLockedFlag)
{
Response.error = Label.Get("error.account.locked");
return(false);
}
string sessionToken = Utility.GetRandomSHA256(ccnId.ToString());
DateTime expiry = DateTime.Now.AddSeconds(Configuration_BSO.GetCustomConfig(ConfigType.global, "session.length"));
if (!lBso.CreateSession(sessionToken, expiry, user))
{
Response.error = Label.Get("error.create");
return(false);
}
Response.sessionCookie = new HttpCookie(API.Common.SessionCookieName)
{
Value = sessionToken
};
Response.data = API.JSONRPC.success;
long l = sw.ElapsedMilliseconds;
return(true);
}
//Should we allow FirebaseId to be set by a DTO parameter? -would make things easier here....
//or maybe better idea, set it at the template level
//also, maybe see about reading subscriptions from the cache rather than from a db read request
internal static bool IsThrottled(ADO Ado, HttpRequest hRequest, JSONRPC_API request, string samAccountName = null)
{
//We need MemcacheD to use this
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["API_MEMCACHED_ENABLED"]))
{
return(false);
}
int window;
int cutoff;
string user = null;
bool subscribed = false;
//Did the user send a SubscriberKey in the header of the request?
if (hRequest.Headers.AllKeys.Contains("SubscriberKey"))
{
//They send a SubscriberKey, but is it in our list of valid tokens?
var keyListCache = MemCacheD.Get_BSO("PxStat.Subscription", "Subscriber_BSO", "RefreshSubscriberKeyCache", "RefreshSubscriberKeyCache");
if (!keyListCache.hasData)
{
//No cache - try creating one
new Subscriber_BSO().RefreshSubscriberKeyCache(Ado);
keyListCache = MemCacheD.Get_BSO("PxStat.Subscription", "Subscriber_BSO", "RefreshSubscriberKeyCache", "RefreshSubscriberKeyCache");
}
if (keyListCache.hasData)
{
//Does the request contain a valid subscription token?
var keyValues = keyListCache.data.ToObject <List <string> >();
if (keyValues.Contains(hRequest.Headers.GetValues("SubscriberKey").FirstOrDefault()))
{
user = hRequest.Headers.GetValues("SubscriberKey").FirstOrDefault();
subscribed = true;
}
}
}
//An AD or Local user is deemed to be already subscribed
if (samAccountName != null)
{
user = samAccountName;
subscribed = true;
}
//Different limits apply depending on whether the user is subscribed or not
if (subscribed)
{
window = Configuration_BSO.GetCustomConfig(ConfigType.global, "throttle.subscribedWindowSeconds");
cutoff = Configuration_BSO.GetCustomConfig(ConfigType.global, "throttle.subscribedCallLimit");
}
else
{
window = Configuration_BSO.GetCustomConfig(ConfigType.global, "throttle.nonSubscribedWindowSeconds");
cutoff = Configuration_BSO.GetCustomConfig(ConfigType.global, "throttle.nonSubscribedCallLimit");
user = request.userAgent + request.ipAddress;
}
//Now we check the usage for the current requester
List <DateTime> workingList = new List <DateTime>();
var cache = MemCacheD.Get_BSO("PxStat.Security", "Throttle", "Read", user);
if (cache.hasData)
{
List <DateTime> userHistory = JsonConvert.DeserializeObject <List <DateTime> >(cache.data.ToString());
//We only count the entries inside the current window
workingList = userHistory.Where(x => x > DateTime.Now.AddSeconds(window * -1)).ToList();
if (workingList.Count() > cutoff + 1)
{
Log.Instance.Info(String.Format("Throttle event for user {0}, {1} requests in {2} seconds", user, workingList.Count, window));
return(true);
}
}
workingList.Add(DateTime.Now);
MemCacheD.Store_BSO("PxStat.Security", "Throttle", "Read", user, workingList, default(DateTime));
return(false);
}
/// <summary>
/// Execute
/// </summary>
/// <returns></returns>
protected override bool Execute()
{
//A power user may not create an Administrator
if (IsPowerUser() && DTO.PrvCode.Equals(Resources.Constants.C_SECURITY_PRIVILEGE_ADMINISTRATOR))
{
Log.Instance.Debug("A power user may not create an Administrator");
Response.error = Label.Get("error.privilege");
return(false);
}
//We need to check if the requested user is in Active Directory, otherwise we refuse the request.
ActiveDirectory_ADO adAdo = new ActiveDirectory_ADO();
ActiveDirectory_DTO adDto = adAdo.GetUser(Ado, DTO);
if (adDto.CcnUsername == null)
{
Log.Instance.Debug("AD user not found");
Response.error = Label.Get("error.create");
return(false);
}
//Validation of parameters and user have been successful. We may now proceed to read from the database
var adoAccount = new Account_ADO();
//First we must check if the Account exists already (we can't have duplicates)
if (adoAccount.Exists(Ado, DTO.CcnUsername))
{
//This Account exists already, we can't proceed
Log.Instance.Debug("Account exists already");
Response.error = Label.Get("error.duplicate");
return(false);
}
//Create the Account - and retrieve the newly created Id
int newId = adoAccount.Create(Ado, DTO, SamAccountName, true);
if (newId == 0)
{
Log.Instance.Debug("adoAccount.Create - can't create Account");
Response.error = Label.Get("error.create");
return(false);
}
string token = Utility.GetRandomSHA256(newId.ToString());
Login_BSO lBso = new Login_BSO(Ado);
lBso.CreateLogin(new Login_DTO_Create()
{
CcnUsername = DTO.CcnUsername
}, SamAccountName, null);
//Check if local access is available for AD users
if (Configuration_BSO.GetCustomConfig(ConfigType.global, "security.adOpenAccess"))
{
lBso.UpdateInvitationToken2Fa(DTO.CcnUsername, token);
SendEmail(new Login_DTO_Create()
{
CcnDisplayname = adDto.CcnDisplayName, CcnEmail = adDto.CcnEmail, CcnUsername = DTO.CcnUsername, LngIsoCode = DTO.LngIsoCode
}, token, "PxStat.Security.Login_API.Create2FA");
}
Response.data = JSONRPC.success;
return(true);
}
/// <summary>
/// Create an analytic entry
/// </summary>
/// <param name="dto"></param>
/// <returns></returns>
internal int Create(Analytic_DTO dto)
{
List <ADO_inputParams> inputParamList = new List <ADO_inputParams>()
{
new ADO_inputParams()
{
name = "@matrix", value = dto.matrix
},
new ADO_inputParams()
{
name = "@NltMaskedIp", value = dto.NltMaskedIp
},
new ADO_inputParams()
{
name = "@NltBotFlag", value = dto.NltBotFlag
},
new ADO_inputParams()
{
name = "@NltM2m", value = dto.NltM2m
},
new ADO_inputParams()
{
name = "@NltDate", value = dto.NltDate
},
new ADO_inputParams()
{
name = "@LngIsoCode", value = Configuration_BSO.GetCustomConfig("language.iso.code")
}
};
if (dto.NltOs != null)
{
inputParamList.Add(new ADO_inputParams()
{
name = "@NltOs", value = dto.NltOs
});
}
if (dto.NltBrowser != null)
{
inputParamList.Add(new ADO_inputParams()
{
name = "@NltBrowser", value = dto.NltBrowser
});
}
if (dto.NltReferer != null)
{
inputParamList.Add(new ADO_inputParams()
{
name = "@NltReferer", value = dto.NltReferer
});
}
if (dto.FrmType != null && dto.FrmVersion != null)
{
inputParamList.Add(new ADO_inputParams()
{
name = "@FrmType", value = dto.FrmType
});
inputParamList.Add(new ADO_inputParams()
{
name = "@FrmVersion", value = dto.FrmVersion
});
}
var retParam = new ADO_returnParam()
{
name = "return", value = 0
};
Ado.ExecuteNonQueryProcedure("Security_Analytic_Create", inputParamList, ref retParam);
return(retParam.value);
}
internal static void Create(HttpRequest hRequest, string method, string userAgent, string ipaddress, string matrixCode, bool m2m, Format_DTO_Read format)
{
ADO Ado = new ADO("defaultConnection");
try
{
Analytic_DTO aDto = new Analytic_DTO()
{
NltMaskedIp = ipaddress, matrix = matrixCode, NltM2m = m2m, NltDate = DateTime.Now, FrmType = format.FrmType, FrmVersion = format.FrmVersion
};
// Get the Referer
aDto.NltReferer = hRequest.UrlReferrer == null || String.IsNullOrEmpty(hRequest.UrlReferrer.Host) ? Configuration_BSO.GetCustomConfig("analytic.referrer-not-applicable") : hRequest.UrlReferrer.Host;
//Get the device detector and populate the dto attributes
DeviceDetector deviceDetector = GetDeviceDetector(hRequest.UserAgent);
aDto.NltBotFlag = deviceDetector.IsBot();
if (deviceDetector.GetBrowserClient().Match != null)
{
aDto.NltBrowser = deviceDetector.GetBrowserClient().Match.Name;
}
if (deviceDetector.GetOs().Match != null)
{
aDto.NltOs = deviceDetector.GetOs().Match.Name;
}
var valids = new Analytic_VLD().Validate(aDto);
//validate whatever has been returned
if (!valids.IsValid)
{
foreach (var fail in valids.Errors)
{
Log.Instance.Debug("Analytic method failed validation:" + method + " :" + fail.ErrorMessage);
}
return;
}
//Create the analytic entry
Analytic_ADO ado = new Analytic_ADO(Ado);
if (ado.Create(aDto) == 0)
{
Log.Instance.Debug("Failed to create Analytic:" + method);
return;
}
return;
}
catch (Exception ex)
{
throw ex;
}
finally
{
Ado.Dispose();
}
}
/// <summary>
/// Creates the analytic entry if one is deemed to be necessary
/// This method relies on DeviceDetector.NET. Details at https://github.com/totpero/DeviceDetector.NET
/// It is advisable to frequently check for updates, especially to the regexes folder (situated in the Resources folder of this project)
/// </summary>
/// <param name="Ado"></param>
/// <param name="requestDTO"></param>
/// <param name="hRequest"></param>
/// <param name="request"></param>
internal static void Create(ADO Ado, dynamic requestDTO, HttpRequest hRequest, JSONRPC_API request)
{
//If this method doesn't require analytic logging then exit the function here
if (!MethodReader.MethodHasAttribute(request.method, "Analytic"))
{
return;
}
Analytic_DTO aDto = new Analytic_DTO();
//Get a masked version of the ip address
aDto.NltMaskedIp = getMaskedIp(request.ipAddress);
//Get the matrix field from the calling DTO
if (MethodReader.DynamicHasProperty(requestDTO, "jStatQueryExtension"))
{
aDto.matrix = requestDTO.jStatQueryExtension.extension.Matrix;
}
// Get the Referer
aDto.NltReferer = hRequest.UrlReferrer == null || String.IsNullOrEmpty(hRequest.UrlReferrer.Host) ? Configuration_BSO.GetCustomConfig("analytic.referrer-not-applicable") : hRequest.UrlReferrer.Host;
//The m2m parameter will not be translated into a DTO property so we just read it from the request parameters if it exists
if (MethodReader.DynamicHasProperty(requestDTO, "m2m"))
{
aDto.NltM2m = requestDTO.m2m;
}
else
{
aDto.NltM2m = true;
}
// Get the DateTime
aDto.NltDate = DateTime.Now;
//Get Format information
if (MethodReader.DynamicHasProperty(requestDTO, "jStatQueryExtension"))
{
if (MethodReader.DynamicHasProperty(requestDTO.jStatQueryExtension.extension.Format, "Type") && MethodReader.DynamicHasProperty(requestDTO.jStatQueryExtension.extension.Format, "Version"))
{
aDto.FrmType = requestDTO.jStatQueryExtension.extension.Format.Type;
aDto.FrmVersion = requestDTO.jStatQueryExtension.extension.Format.Version;
}
}
//Get the device detector and populate the dto attributes
DeviceDetector deviceDetector = GetDeviceDetector(request.userAgent);
aDto.NltBotFlag = deviceDetector.IsBot();
if (deviceDetector.GetBrowserClient().Match != null)
{
aDto.NltBrowser = deviceDetector.GetBrowserClient().Match.Name;
}
if (deviceDetector.GetOs().Match != null)
{
aDto.NltOs = deviceDetector.GetOs().Match.Name;
}
var valids = new Analytic_VLD().Validate(aDto);
//validate whatever has been returned
if (!valids.IsValid)
{
foreach (var fail in valids.Errors)
{
Log.Instance.Debug("Analytic method failed validation:" + request.method + " :" + fail.ErrorMessage);
}
return;
}
//Create the analytic entry
Analytic_ADO ado = new Analytic_ADO(Ado);
if (ado.Create(aDto) == 0)
{
Log.Instance.Debug("Failed to create Analytic:" + request.method);
return;
}
return;
}
/// <summary>
/// Execute
/// </summary>
/// <returns></returns>
protected override bool Execute()
{
Login_BSO lBso = new Login_BSO(Ado);
ADO_readerOutput user;
string displayName = null;
string email = null;
string ccnUsername = null;
if (SamAccountName != null)
{
ActiveDirectory_ADO adAdo = new ActiveDirectory_ADO();
ActiveDirectory_DTO adDto = adAdo.GetUser(Ado, new Account_DTO_Create()
{
CcnUsername = SamAccountName
});
displayName = adDto.CcnDisplayName;
email = adDto.CcnEmail;
ccnUsername = adDto.CcnUsername;
}
//Check if local access is available for AD users
if (!Configuration_BSO.GetCustomConfig(ConfigType.global, "security.adOpenAccess") && ccnUsername != null)
{
Response.error = Label.Get("error.authentication");
return(false);
}
if (ccnUsername == null)
{
if (Request.sessionCookie == null)
{
Response.error = Label.Get("error.authentication");
return(false);
}
user = lBso.ReadBySession(Request.sessionCookie.Value);
if (user.hasData)
{
if (user.data[0].CcnEmail.Equals(DBNull.Value) || user.data[0].CcnDisplayName.Equals(DBNull.Value))
{
Response.data = JSONRPC.success;
return(true);
}
displayName = user.data[0].CcnDisplayName;
email = user.data[0].CcnEmail;
ccnUsername = user.data[0].CcnUsername;
}
}
if (ccnUsername == null)
{
Response.error = Label.Get("error.authentication");
return(false);
}
string token = Utility.GetRandomSHA256(ccnUsername);
lBso.UpdateInvitationToken2Fa(ccnUsername, token);
if (token != null)
{
SendEmail(new Login_DTO_Create()
{
CcnUsername = ccnUsername, LngIsoCode = DTO.LngIsoCode, CcnEmail = email, CcnDisplayname = displayName
}, token, "PxStat.Security.Login_API.Update2FA");
Response.data = JSONRPC.success;
return(true);
}
Response.error = Label.Get("error.create");
return(false);
}
/// <summary>
/// Execute
/// </summary>
/// <returns></returns>
protected override bool Execute()
{
bool success = false;
ActiveDirectory_ADO adAdo = new ActiveDirectory_ADO();
ActiveDirectory_DTO adDto = adAdo.GetUser(Ado, DTO);
dynamic adUser = adAdo.GetAdSpecificDataForEmail(DTO.CcnEmail);
if (adUser?.CcnEmail != null)
{
//Check if local access is available for AD users
if (!Configuration_BSO.GetCustomConfig(ConfigType.global, "security.adOpenAccess"))
{
Response.error = Label.Get("error.authentication");
return(false);
}
DTO.CcnEmail = adUser.CcnEmail;
DTO.CcnDisplayname = adUser.CcnDisplayName;
DTO.CcnUsername = adUser.CcnUsername;
}
else
{
Account_ADO aAdo = new Account_ADO();
var user = aAdo.Read(Ado, new Account_DTO_Read()
{
CcnUsername = DTO.CcnEmail
});
if (!user.hasData)
{
Response.data = JSONRPC.success;
return(success);
}
if (user.data[0].CcnEmail.Equals(DBNull.Value) || user.data[0].CcnDisplayName.Equals(DBNull.Value))
{
Response.data = JSONRPC.success;
return(true);
}
DTO.CcnDisplayname = user.data[0].CcnDisplayName;
DTO.CcnEmail = user.data[0].CcnEmail;
DTO.CcnUsername = DTO.CcnEmail;
}
Login_BSO lBso = new Login_BSO(Ado);
string token = Utility.GetRandomSHA256(DTO.CcnUsername);
lBso.UpdateInvitationToken2Fa(DTO.CcnUsername, token);
if (token != null)
{
SendEmail(new Login_DTO_Create()
{
CcnUsername = DTO.CcnUsername, CcnEmail = DTO.CcnEmail, LngIsoCode = DTO.LngIsoCode, CcnDisplayname = DTO.CcnDisplayname
}, token, "PxStat.Security.Login_API.Update2FA");
Response.data = JSONRPC.success;
success = true;
}
Response.data = JSONRPC.success;
return(success);
}