/// <summary>
/// Ověří, zda v DTO objektu uložený bezepčnostní řetězec (klíč) odpovídá klíči, který je uložen v nastavení serveru
/// </summary>
/// <param name="data"></param>
/// <returns></returns>
public static bool CheckAccessKey(StatusDTO data)
{
//pokud na serveru není nastavena hodnota bezpečnostního řetězce, tak vrať true
if (string.IsNullOrWhiteSpace(Settings.Default.AccessKey)) return true;
//pokud nepřišel bezepčnostní řetězec v datech, tak vrať false
if (string.IsNullOrWhiteSpace(data.k)) return false;
return data.k.Equals(GetMd5Hash(data.i + data.t?.ToString("yyyy-MM-dd'T'HH:mm:ss") + Settings.Default.AccessKey));
}
public void TestCheckStatusDto()
{
var dataDto = new StatusDTO() {i = "deviceA", l = null, o = null, t = null, k = ""};
//Assert.IsFalse(SecurityHelper.CheckAccessKey(dataDto));
dataDto.k = SecurityHelper.GetMd5Hash("deviceA" + "Trex1Security2String3");
//Assert.IsTrue(SecurityHelper.CheckAccessKey(dataDto));
var date = DateTime.Now;
dataDto.t = date;
dataDto.k = SecurityHelper.GetMd5Hash("deviceA" + date.ToString("yyyy-MM-dd'T'HH:mm:ss") + "Trex1Security2String3");
//Assert.IsTrue(SecurityHelper.CheckAccessKey(dataDto));
}
// GET api/status
public void Get(StatusDTO value)
{
string logText = "i: " + value.i + ", a: " + value.a + ", o: " + value.o + ", l: " + value.l + ", s: " +
value.s + ", b: " + value.b + ", g: " + value.g + ", t: " +
value.t?.ToString("yyyy-MM-dd'T'HH:mm:ss") + ", k: " + value.k;
if (SecurityHelper.CheckAccessKey(value))
{
var dtoFactory = new DtoFactory();
dtoFactory.InsertOrUpdateDatabase(value);
}
else
{
Logger.Warn("Pozice odmítnuta: " + logText);
}
}
public void InsertOrUpdateDatabase(StatusDTO data)
{
if (data != null)
{
var connections = new List<Connection>();
try
{
connections = JsonConvert.DeserializeObject<List<Connection>>(Settings.Default.Connections);
}
catch (Exception e)
{
Logger.Error("Deserialize configuration failed.");
Logger.Error(e);
}
var conString = GetConnectionString(data.i, connections);
var tableName = GetTableName(data.i,connections);
if (string.IsNullOrWhiteSpace(conString) && string.IsNullOrWhiteSpace(tableName))
{
var b = ExistDataInDatabase(data.i, conString, tableName);
switch (b)
{
case true:
UpdateDatabase(data, conString, tableName);
break;
case false:
InsertToDatabase(data, conString, tableName);
break;
case null:
Logger.Error("not connection to database");
break;
}
}
}
}
public void UpdateDatabase(StatusDTO data, string conString, string tableName)
{
{
try
{
using (var con = new OracleConnection(conString))
{
con.Open();
var cmd = new OracleCommand
{
Connection = con,
CommandText = string.Format(
"UPDATE {0} SET LONGITUDE = :a, LATITUDE = :o , AZIMUTH = :b, ACTION_STATE = :st, POSITION_UPDATE = TO_DATE(:t, 'YYYY-MM-DD HH24:MI:SS'), STATE_UPDATE = TO_DATE(:t, 'YYYY-MM-DD HH24:MI:SS') WHERE MU_NAME = '{1}'",
tableName, data.i)
};
// does not work
//cmd.Parameters.Add(new OracleParameter
//{
// Value = data.i,
// ParameterName = "i"
//});
cmd.Parameters.Add(new OracleParameter
{
Value = data.o,
ParameterName = "o"
});
cmd.Parameters.Add(new OracleParameter
{
Value = data.a,
ParameterName = "a"
});
// is not in table in database
//commmand.Parameters.Add(new OracleParameter
//{
// Value = value.l,
// ParameterName = "l"
//});
//commmand.Parameters.Add(new OracleParameter
//{
// Value = value.s,
// ParameterName = "s"
//});
cmd.Parameters.Add(new OracleParameter
{
Value = data.b,
ParameterName = "b"
});
cmd.Parameters.Add(new OracleParameter
{
Value = "SHUTDOWN",
ParameterName = "st"
});
cmd.Parameters.Add(new OracleParameter
{
Value = data.t?.ToString("yyyy-MM-dd HH:mm:ss"),
ParameterName = "t"
});
cmd.Parameters.Add(new OracleParameter
{
Value = data.t?.ToString("yyyy-MM-dd HH:mm:ss"),
ParameterName = "tt"
});
cmd.ExecuteNonQuery();
}
}
catch (Exception e)
{
Logger.Error(e);
}
}
}
private void InsertToDatabase(StatusDTO data, string conString, string tableName)
{
try
{
using (var con = new OracleConnection(conString))
{
con.Open();
var cmd = new OracleCommand
{
Connection = con,
CommandText =
string.Format(
"INSERT INTO {0} (MU_NAME, LONGITUDE, LATITUDE, AZIMUTH, ACTION_STATE, POSITION_UPDATE, STATE_UPDATE) VALUES (:i, :a, :o, :b, :st, TO_DATE(:t, 'YYYY-MM-DD HH24:MI:SS'), TO_DATE(:tt, 'YYYY-MM-DD HH24:MI:SS'))",
tableName)
};
cmd.Parameters.Add(new OracleParameter
{
Value = data.i,
ParameterName = "i"
});
cmd.Parameters.Add(new OracleParameter
{
Value = data.o,
ParameterName = "o"
});
cmd.Parameters.Add(new OracleParameter
{
Value = data.a,
ParameterName = "a"
});
// is not in table in database
//commmand.Parameters.Add(new OracleParameter
//{
// Value = value.l,
// ParameterName = "l"
//});
//commmand.Parameters.Add(new OracleParameter
//{
// Value = value.s,
// ParameterName = "s"
//});
cmd.Parameters.Add(new OracleParameter
{
Value = data.b,
ParameterName = "b"
});
cmd.Parameters.Add(new OracleParameter
{
Value = "SHUTDOWN",
ParameterName = "st"
});
cmd.Parameters.Add(new OracleParameter
{
Value = data.t?.ToString("yyyy-MM-dd HH:mm:ss"),
ParameterName = "t"
});
cmd.Parameters.Add(new OracleParameter
{
Value = data.t?.ToString("yyyy-MM-dd HH:mm:ss"),
ParameterName = "tt"
});
cmd.ExecuteNonQuery();
}
}
catch (Exception e)
{
Logger.Error(e);
}
}